SVELTE: Real-time intrusion detection in the Internet of Things

In the Internet of Things (IoT), resource-constrained things are connected to the unreliable and untrusted Internet via IPv6 and 6LoWPAN networks. Even when they are secured with encryption and authentication, these things are exposed both to wireless attacks from inside the 6LoWPAN network and from...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Ad hoc networks Ročník 11; číslo 8; s. 2661 - 2674
Hlavní autoři: Raza, Shahid, Wallgren, Linus, Voigt, Thiemo
Médium: Journal Article
Jazyk:angličtina
Vydáno: Elsevier B.V 01.11.2013
Témata:
6LoWPAN
Computer information security
Computer Science
Computer Science with specialization in Computer Communication
Customizing
datavetenskap
Datavetenskap med inriktning mot datorkommunikation
Internet
Internet of Things
Intrusion
Intrusion Detection
IPv6
Networks
Remote sensors
RPL
Security
Sensor Networks
Wireless communication
Wireless networks
IPv6
Intrusion detection
Sensor networks
6LoWPAN
Internet of Things
Security
RPL
ISSN:1570-8705, 1570-8713, 1570-8713
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:In the Internet of Things (IoT), resource-constrained things are connected to the unreliable and untrusted Internet via IPv6 and 6LoWPAN networks. Even when they are secured with encryption and authentication, these things are exposed both to wireless attacks from inside the 6LoWPAN network and from the Internet. Since these attacks may succeed, Intrusion Detection Systems (IDS) are necessary. Currently, there are no IDSs that meet the requirements of the IPv6-connected IoT since the available approaches are either customized for Wireless Sensor Networks (WSN) or for the conventional Internet. In this paper we design, implement, and evaluate a novel intrusion detection system for the IoT that we call SVELTE. In our implementation and evaluation we primarily target routing attacks such as spoofed or altered information, sinkhole, and selective-forwarding. However, our approach can be extended to detect other attacks. We implement SVELTE in the Contiki OS and thoroughly evaluate it. Our evaluation shows that in the simulated scenarios, SVELTE detects all malicious nodes that launch our implemented sinkhole and/or selective forwarding attacks. However, the true positive rate is not 100%, i.e., we have some false alarms during the detection of malicious nodes. Also, SVELTE’s overhead is small enough to deploy it on constrained nodes with limited energy and memory capacity.
Bibliografie:ObjectType-Article-2
SourceType-Scholarly Journals-1
ObjectType-Feature-1
content type line 23
ISSN:1570-8705
1570-8713
1570-8713
DOI:10.1016/j.adhoc.2013.04.014