Routing attack induced anomaly detection in IoT network using RBM-LSTM

IF 4.1 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

ICT Express Pub Date : 2024-06-01 DOI:10.1016/j.icte.2024.04.012

Rashmi Sahay , Anand Nayyar , Rajesh Kumar Shrivastava , Muhammad Bilal , Simar Preet Singh , Sangheon Pack

{"title":"Routing attack induced anomaly detection in IoT network using RBM-LSTM","authors":"Rashmi Sahay , Anand Nayyar , Rajesh Kumar Shrivastava , Muhammad Bilal , Simar Preet Singh , Sangheon Pack","doi":"10.1016/j.icte.2024.04.012","DOIUrl":null,"url":null,"abstract":"<div><p>The network of resource constraint devices, also known as the Low power and Lossy Networks (LLNs), constitutes the edge tire of the Internet of Things applications like smart homes, smart cities, and connected vehicles. The IPv6 Routing Protocol over Low power and lossy networks (RPL) ensures efficient routing in the edge tire of the IoT environment. However, RPL has inherent vulnerabilities that allow malicious insider entities to instigate several security attacks in the IoT network. As a result, the IoT networks suffer from resource depletion, performance degradation, and traffic disruption. Recent literature discusses several machine learning algorithms to detect one or more routing attacks. However, IoT infrastructures are expanding, and so are the attack surfaces. Therefore, it is essential to have a solution that can adapt to this change. This paper introduces a comprehensive framework to detect routing attacks within Low Power and Lossy Networks (LLNs). The proposed solution leverages deep learning by combining Restricted Boltzmann Machine (RBM) and Long Short-Term Memory (LSTM). The framework is trained on 11 network parameters to understand and predict normal network behavior. Anomalies, identified as deviations from the forecast trends, serve as indicators of potential routing attacks and thus address vulnerabilities in the RPL.</p></div>","PeriodicalId":48526,"journal":{"name":"ICT Express","volume":"10 3","pages":"Pages 459-464"},"PeriodicalIF":4.1000,"publicationDate":"2024-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2405959524000493/pdfft?md5=49d65ad955ce303fd98e4af529009f98&pid=1-s2.0-S2405959524000493-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ICT Express","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2405959524000493","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The network of resource constraint devices, also known as the Low power and Lossy Networks (LLNs), constitutes the edge tire of the Internet of Things applications like smart homes, smart cities, and connected vehicles. The IPv6 Routing Protocol over Low power and lossy networks (RPL) ensures efficient routing in the edge tire of the IoT environment. However, RPL has inherent vulnerabilities that allow malicious insider entities to instigate several security attacks in the IoT network. As a result, the IoT networks suffer from resource depletion, performance degradation, and traffic disruption. Recent literature discusses several machine learning algorithms to detect one or more routing attacks. However, IoT infrastructures are expanding, and so are the attack surfaces. Therefore, it is essential to have a solution that can adapt to this change. This paper introduces a comprehensive framework to detect routing attacks within Low Power and Lossy Networks (LLNs). The proposed solution leverages deep learning by combining Restricted Boltzmann Machine (RBM) and Long Short-Term Memory (LSTM). The framework is trained on 11 network parameters to understand and predict normal network behavior. Anomalies, identified as deviations from the forecast trends, serve as indicators of potential routing attacks and thus address vulnerabilities in the RPL.

查看原文本刊更多论文

利用 RBM-LSTM 在物联网网络中进行路由攻击诱导异常检测

资源受限设备网络，也称为低功耗和有损网络（LLN），构成了智能家居、智能城市和联网汽车等物联网应用的边缘网络。低功耗和有损网络 IPv6 路由协议（RPL）可确保在物联网环境的边缘网络中实现高效路由。然而，RPL 存在固有漏洞，允许内部恶意实体在物联网网络中发起多种安全攻击。因此，物联网网络会出现资源枯竭、性能下降和流量中断等问题。最近的文献讨论了几种机器学习算法来检测一种或多种路由攻击。然而，物联网基础设施在不断扩展，攻击面也在不断扩大。因此，必须有一个能适应这种变化的解决方案。本文介绍了在低功耗和低损耗网络（LLN）中检测路由攻击的综合框架。所提出的解决方案通过结合受限玻尔兹曼机（RBM）和长短期记忆（LSTM）利用深度学习。该框架根据 11 个网络参数进行训练，以了解和预测正常的网络行为。异常情况被识别为偏离预测趋势，可作为潜在路由攻击的指标，从而解决 RPL 中的漏洞。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ICT Express Multiple-

CiteScore

10.20

自引率

1.90%

发文量

167

审稿时长

35 weeks

期刊介绍： The ICT Express journal published by the Korean Institute of Communications and Information Sciences (KICS) is an international, peer-reviewed research publication covering all aspects of information and communication technology. The journal aims to publish research that helps advance the theoretical and practical understanding of ICT convergence, platform technologies, communication networks, and device technologies. The technology advancement in information and communication technology (ICT) sector enables portable devices to be always connected while supporting high data rate, resulting in the recent popularity of smartphones that have a considerable impact in economic and social development.