Conference paper Open Access

An Intrusion Detection System for Constrained WSN and IoT Nodes Based on Binary Logistic Regression

Christiana Ioannou; Vasos Vassiliou

In this paper we evaluate the feasibility of running a lightweight Intrusion Detection System within a constrained sensor or IoT
node. We propose mIDS, which monitors and detects attacks using a statistical analysis tool based on Binary Logistic Regression (BLR). mIDS takes as input only local node parameters for both benign and malicious behavior and derives a normal behavior model that detects abnormalities within the constrained node.We offer a proof of correct operation by testing mIDS in a setting where network-layer attacks are present. In such a system, critical data from the routing layer is obtained and used as a basis for profiling sensor behavior. Our results show that, despite the lightweight implementation, the proposed solution achieves attack detection accuracy levels within the range of 96% - 100%.

This work has been partly supported by the project that has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No 739578 (RISE – Call: H2020-WIDESPREAD-01-2016-2017-TeamingPhase2) and the Government of the Republic of Cyprus through the Directorate General for European Programmes, Coordination and Development. © ACM 2018. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in Proceedings of MSWiM 2018, DOI: https://doi.org/10.1145/3242102.3242145, Christiana Ioannou and Vasos Vassiliou. 2018. An Intrusion Detection System for Constrained WSN and IoT. In the Proceedings of the 21st ACM International Conference on Modeling, Analysis and Simulation of Wireless and Mobile Systems Montreal(MSWIM '18), QC, Canada — October 28 - November 02, 2018. ACM, New York, NY, USA, 259-263. DOI: https://doi.org/10.1145/3242102. https://www.acm.org/publications/policies/copyright-policy .
Files (288.7 kB)
Name Size
mswim2018-AuthorVersion (1).pdf
md5:f74ad33eb69fcef5e1e947a55576030e
288.7 kB Download
  • A. Dunkels, J. Eriksson, N. Finne, and N. Tsiftes. 2011. Powertrace: Network-Level Power Profiling for Low-power Wireless Networks. Technical Report. Swedish Institute of Computer Science.

  • A. P. R. da Silva, M. H. T. Martins, B. P. S. Rocha, A. A. F. Loureiro, L. B. Ruiz, and H. C. Wong. 2005. Decentralized Intrusion Detection in Wireless Sensor Networks. In Proceedings of the 1st ACM International Workshop on Quality of Service &Amp; Security in Wireless and Mobile Networks (Q2SWinet '05). ACM, New York, NY, USA, 16–23.

  • C. Ioannou and V. Vassiliou. 2016. The Impact of Network Layer Attacks in Wireless Sensor Networks. In International Workshop on Secure Internet of Things (SIoT 2016). Crete, Greece.

  • C. Ioannou, V. Vassiliou, and C. Sergiou. 2016. RMT: A Wireless Sensor Network Monitoring Tool. In Proceedings of the 13th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous Networks (PE-WASUN '16). ACM, New York, NY, USA.

  • C. Ioannou, V. Vassiliou, and C. Sergiou. 2017. An Intrusion Detection System for Wireless Sensor Networks. In 2017 24rd International Conference on Telecommunications (ICT).

  • Felix Büsching, Ulf Kulau, and Lars Wolf. 2011. Demo: INGA - An Inexpensive Node for General Applications. In Proceedings of the 9th ACM Conference on Embedded Networked Sensor Systems (SenSys '11). ACM, Seattle, WA, USA, 2.

  • Fredrik Österlind. 2011. Improving Low-Power Wireless Protocols With Timing- Accurate Simulation. (2011).

  • J. Zhou, Z. Cao, X. Dong, and A. V. Vasilakos. 2017. Security and Privacy for Cloud-Based IoT: Challenges. IEEE Communications Magazine 55 (2017).

  • MAXFOR Technology Inc 2011. Sensor Network Makes Sensational World. MAXFOR Technology Inc.

  • Moteiv Corporation 2006. Tmote Sky Ultra Low Power IEEE 802.15.4 compliant wireless sensor module. Moteiv Corporation

  • S. Raza, L. Wallgren, and T. Voigt. 2013. SVELTE: Real-time Intrusion Detection in the Internet of Things. Ad hoc networks 11, 8 (2013), 2661–2674.

  • US-CERT. 2016. Alert (TA16-288A) Heightened DDoS Threat Posed by Mirai and Other Botnets. https://www.us-cert.gov/ncas/alerts/TA16-288A

10
6
views
downloads
Views 10
Downloads 6
Data volume 1.7 MB
Unique views 5
Unique downloads 5

Share

Cite as