Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection
| Main Author: | |
|---|---|
| Publication Date: | 2018 |
| Other Authors: | , |
| Format: | Article |
| Language: | eng |
| Source: | Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| Download full: | https://hdl.handle.net/10316/108058 https://doi.org/10.3390/s18082445 |
Summary: | It is well recognized that security will play a major role in enabling most of the applications envisioned for the Internet of Things (IoT). We must also note that most of such applications will employ sensing and actuating devices integrated with the Internet communications infrastructure and, from the minute such devices start to support end-to-end communications with external (Internet) hosts, they will be exposed to all kinds of threats and attacks. With this in mind, we propose an IDS framework for the detection and prevention of attacks in the context of Internet-integrated CoAP communication environments and, in the context of this framework, we implement and experimentally evaluate the effectiveness of anomaly-based intrusion detection, with the goal of detecting Denial of Service (DoS) attacks and attacks against the 6LoWPAN and CoAP communication protocols. From the results obtained in our experimental evaluation we observe that the proposed approach may viably protect devices against the considered attacks. We are able to achieve an accuracy of 93% considering the multi-class problem, thus when the pattern of specific intrusions is known. Considering the binary class problem, which allows us to recognize compromised devices, and though a lower accuracy of 92% is observed, a recall and an F_Measure of 98% were achieved. As far as our knowledge goes, ours is the first proposal targeting the usage of anomaly detection and prevention approaches to deal with application-layer and DoS attacks in 6LoWPAN and CoAP communication environments. |
| id |
RCAP_9ed396b6899f75345d1949fa2de34bd1 |
|---|---|
| oai_identifier_str |
oai:estudogeral.uc.pt:10316/108058 |
| network_acronym_str |
RCAP |
| network_name_str |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| repository_id_str |
https://opendoar.ac.uk/repository/7160 |
| spelling |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detectionintrusion detectionanomaly detection6LoWPANCoAPinternet-integrated sensor networksIt is well recognized that security will play a major role in enabling most of the applications envisioned for the Internet of Things (IoT). We must also note that most of such applications will employ sensing and actuating devices integrated with the Internet communications infrastructure and, from the minute such devices start to support end-to-end communications with external (Internet) hosts, they will be exposed to all kinds of threats and attacks. With this in mind, we propose an IDS framework for the detection and prevention of attacks in the context of Internet-integrated CoAP communication environments and, in the context of this framework, we implement and experimentally evaluate the effectiveness of anomaly-based intrusion detection, with the goal of detecting Denial of Service (DoS) attacks and attacks against the 6LoWPAN and CoAP communication protocols. From the results obtained in our experimental evaluation we observe that the proposed approach may viably protect devices against the considered attacks. We are able to achieve an accuracy of 93% considering the multi-class problem, thus when the pattern of specific intrusions is known. Considering the binary class problem, which allows us to recognize compromised devices, and though a lower accuracy of 92% is observed, a recall and an F_Measure of 98% were achieved. As far as our knowledge goes, ours is the first proposal targeting the usage of anomaly detection and prevention approaches to deal with application-layer and DoS attacks in 6LoWPAN and CoAP communication environments.MDPI2018-07-27info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articlehttps://hdl.handle.net/10316/108058https://hdl.handle.net/10316/108058https://doi.org/10.3390/s18082445eng1424-8220Granjal, JorgeSilva, João M.Lourenço, Nuno António Marquesinfo:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2023-08-09T08:07:06Zoai:estudogeral.uc.pt:10316/108058Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-29T05:59:04.227783Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse |
| dc.title.none.fl_str_mv |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection |
| title |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection |
| spellingShingle |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection Granjal, Jorge intrusion detection anomaly detection 6LoWPAN CoAP internet-integrated sensor networks |
| title_short |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection |
| title_full |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection |
| title_fullStr |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection |
| title_full_unstemmed |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection |
| title_sort |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection |
| author |
Granjal, Jorge |
| author_facet |
Granjal, Jorge Silva, João M. Lourenço, Nuno António Marques |
| author_role |
author |
| author2 |
Silva, João M. Lourenço, Nuno António Marques |
| author2_role |
author author |
| dc.contributor.author.fl_str_mv |
Granjal, Jorge Silva, João M. Lourenço, Nuno António Marques |
| dc.subject.por.fl_str_mv |
intrusion detection anomaly detection 6LoWPAN CoAP internet-integrated sensor networks |
| topic |
intrusion detection anomaly detection 6LoWPAN CoAP internet-integrated sensor networks |
| description |
It is well recognized that security will play a major role in enabling most of the applications envisioned for the Internet of Things (IoT). We must also note that most of such applications will employ sensing and actuating devices integrated with the Internet communications infrastructure and, from the minute such devices start to support end-to-end communications with external (Internet) hosts, they will be exposed to all kinds of threats and attacks. With this in mind, we propose an IDS framework for the detection and prevention of attacks in the context of Internet-integrated CoAP communication environments and, in the context of this framework, we implement and experimentally evaluate the effectiveness of anomaly-based intrusion detection, with the goal of detecting Denial of Service (DoS) attacks and attacks against the 6LoWPAN and CoAP communication protocols. From the results obtained in our experimental evaluation we observe that the proposed approach may viably protect devices against the considered attacks. We are able to achieve an accuracy of 93% considering the multi-class problem, thus when the pattern of specific intrusions is known. Considering the binary class problem, which allows us to recognize compromised devices, and though a lower accuracy of 92% is observed, a recall and an F_Measure of 98% were achieved. As far as our knowledge goes, ours is the first proposal targeting the usage of anomaly detection and prevention approaches to deal with application-layer and DoS attacks in 6LoWPAN and CoAP communication environments. |
| publishDate |
2018 |
| dc.date.none.fl_str_mv |
2018-07-27 |
| dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.driver.fl_str_mv |
info:eu-repo/semantics/article |
| format |
article |
| status_str |
publishedVersion |
| dc.identifier.uri.fl_str_mv |
https://hdl.handle.net/10316/108058 https://hdl.handle.net/10316/108058 https://doi.org/10.3390/s18082445 |
| url |
https://hdl.handle.net/10316/108058 https://doi.org/10.3390/s18082445 |
| dc.language.iso.fl_str_mv |
eng |
| language |
eng |
| dc.relation.none.fl_str_mv |
1424-8220 |
| dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
| eu_rights_str_mv |
openAccess |
| dc.publisher.none.fl_str_mv |
MDPI |
| publisher.none.fl_str_mv |
MDPI |
| dc.source.none.fl_str_mv |
reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia instacron:RCAAP |
| instname_str |
FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia |
| instacron_str |
RCAAP |
| institution |
RCAAP |
| reponame_str |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| collection |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| repository.name.fl_str_mv |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia |
| repository.mail.fl_str_mv |
info@rcaap.pt |
| _version_ |
1833602539408326656 |