An Intrusion Detection System for Constrained WSN and IoT Nodes Based on Binary Logistic Regression

Abstract

In this paper we evaluate the feasibility of running a lightweight Intrusion Detection System within a constrained sensor or IoT node. We propose mIDS, which monitors and detects attacks using a statistical analysis tool based on Binary Logistic Regression (BLR). mIDS takes as input only local node parameters for both benign and malicious behavior and derives a normal behavior model that detects abnormalities within the constrained node.We offer a proof of correct operation by testing mIDS in a setting where network-layer attacks are present. In such a system, critical data from the routing layer is obtained and used as a basis for profiling sensor behavior. Our results show that, despite the lightweight implementation, the proposed solution achieves attack detection accuracy levels within the range of 96% - 100%.