CYENS Centre of Excellence
Published December 31, 2018 | Version Accepted pre-print
Conference paper Open

An Intrusion Detection System for Constrained WSN and IoT Nodes Based on Binary Logistic Regression

Creators

  • 1. Department of Computer Science, University of Cyprus Nicosia, Cyprus

Description

In this paper we evaluate the feasibility of running a lightweight Intrusion Detection System within a constrained sensor or IoT
node. We propose mIDS, which monitors and detects attacks using a statistical analysis tool based on Binary Logistic Regression (BLR). mIDS takes as input only local node parameters for both benign and malicious behavior and derives a normal behavior model that detects abnormalities within the constrained node.We offer a proof of correct operation by testing mIDS in a setting where network-layer attacks are present. In such a system, critical data from the routing layer is obtained and used as a basis for profiling sensor behavior. Our results show that, despite the lightweight implementation, the proposed solution achieves attack detection accuracy levels within the range of 96% - 100%.

Notes

This work has received funding from the European Union's Horizon 2020 Research and Innovation Programme under Grant Agreement No 739578 and the Government of the Republic of Cyprus through the Directorate General for European Programmes, Coordination and Development. © ACM 2018. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in Proceedings of MSWiM 2018, DOI: https://doi.org/10.1145/3242102.3242145, Christiana Ioannou and Vasos Vassiliou. 2018. An Intrusion Detection System for Constrained WSN and IoT. In the Proceedings of the 21st ACM International Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems Montreal(MSWIM '18), QC, Canada — October 28 - November 02, 2018. ACM, New York, NY, USA, 259-263. DOI: https://doi.org/10.1145/3242102. https://www.acm.org/publications/policies/copyright-policy .

Files

mswim2018-AuthorVersion (1).pdf

Files (288.7 kB)

Name Size Download all
md5:f74ad33eb69fcef5e1e947a55576030e
288.7 kB Preview Download

Additional details

Funding

RISE – Research Center on Interactive Media, Smart System and Emerging Technologies 739578
European Commission

References

  • Felix Büsching, Ulf Kulau, and Lars Wolf. 2011. Demo: INGA - An Inexpensive Node for General Applications. In Proceedings of the 9th ACM Conference on Embedded Networked Sensor Systems (SenSys '11). ACM, Seattle, WA, USA, 2.
  • A. P. R. da Silva, M. H. T. Martins, B. P. S. Rocha, A. A. F. Loureiro, L. B. Ruiz, and H. C. Wong. 2005. Decentralized Intrusion Detection in Wireless Sensor Networks. In Proceedings of the 1st ACM International Workshop on Quality of Service &Amp; Security in Wireless and Mobile Networks (Q2SWinet '05). ACM, New York, NY, USA, 16–23.
  • A. Dunkels, J. Eriksson, N. Finne, and N. Tsiftes. 2011. Powertrace: Network-Level Power Profiling for Low-power Wireless Networks. Technical Report. Swedish Institute of Computer Science.
  • C. Ioannou and V. Vassiliou. 2016. The Impact of Network Layer Attacks in Wireless Sensor Networks. In International Workshop on Secure Internet of Things (SIoT 2016). Crete, Greece.
  • C. Ioannou, V. Vassiliou, and C. Sergiou. 2016. RMT: A Wireless Sensor Network Monitoring Tool. In Proceedings of the 13th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks (PE-WASUN '16). ACM, New York, NY, USA.
  • C. Ioannou, V. Vassiliou, and C. Sergiou. 2017. An Intrusion Detection System for Wireless Sensor Networks. In 2017 24rd International Conference on Telecommunications (ICT).
  • MAXFOR Technology Inc 2011. Sensor Network Makes Sensational World. MAXFOR Technology Inc.
  • Moteiv Corporation 2006. Tmote Sky Ultra Low Power IEEE 802.15.4 compliant wireless sensor module. Moteiv Corporation
  • Fredrik Österlind. 2011. Improving Low-Power Wireless Protocols With Timing- Accurate Simulation. (2011).
  • S. Raza, L. Wallgren, and T. Voigt. 2013. SVELTE: Real-time Intrusion Detection in the Internet of Things. Ad hoc networks 11, 8 (2013), 2661–2674.
  • US-CERT. 2016. Alert (TA16-288A) Heightened DDoS Threat Posed by Mirai and Other Botnets. https://www.us-cert.gov/ncas/alerts/TA16-288A
  • J. Zhou, Z. Cao, X. Dong, and A. V. Vasilakos. 2017. Security and Privacy for Cloud-Based IoT: Challenges. IEEE Communications Magazine 55 (2017).