DEEM: A Decentralized and Energy Efficient Method for detecting sinkhole attacks on the internet of things

2019 9th International Conference on Computer and Knowledge Engineering (ICCKE) Pub Date : 2019-10-01 DOI:10.1109/ICCKE48569.2019.8965177

Saeid Rafiei Taghanaki, K. Jamshidi, Ali Bohlooli

{"title":"DEEM: A Decentralized and Energy Efficient Method for detecting sinkhole attacks on the internet of things","authors":"Saeid Rafiei Taghanaki, K. Jamshidi, Ali Bohlooli","doi":"10.1109/ICCKE48569.2019.8965177","DOIUrl":null,"url":null,"abstract":"The RPL protocol was provided for routing in the Internet of Things (IoT) network. This protocol may be under attack. One of the attacks in the RPL protocol is the sinkhole attack that, an attacker tries to attract nearby nodes and, as a result, it causes that many nodes pass their traffic through the attacker node. In the previous methods for detecting a sinkhole attack in the RPL protocol, the accuracy of the detection parameter has been important. In the present study, by providing a local detection method called DEEM and improving the overhead in terms of energy consumption associated with the detection method, also a proper detection accuracy was obtained. DEEM has two phases in each node called Information Gathering and Detection Phases. We implemented DEEM on Contiki OS and evaluated it using the Cooja simulator. Our assessment shows that, in simulated scenarios, DEEM has a low overhead in term of energy consumption, a high true positive rate, and a good detection speed, and this is a scalable method. The cost of DEEM overhead is small enough to be deployed in resource-constrained nodes.","PeriodicalId":6685,"journal":{"name":"2019 9th International Conference on Computer and Knowledge Engineering (ICCKE)","volume":"2 1","pages":"325-330"},"PeriodicalIF":0.0000,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 9th International Conference on Computer and Knowledge Engineering (ICCKE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCKE48569.2019.8965177","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

Abstract

The RPL protocol was provided for routing in the Internet of Things (IoT) network. This protocol may be under attack. One of the attacks in the RPL protocol is the sinkhole attack that, an attacker tries to attract nearby nodes and, as a result, it causes that many nodes pass their traffic through the attacker node. In the previous methods for detecting a sinkhole attack in the RPL protocol, the accuracy of the detection parameter has been important. In the present study, by providing a local detection method called DEEM and improving the overhead in terms of energy consumption associated with the detection method, also a proper detection accuracy was obtained. DEEM has two phases in each node called Information Gathering and Detection Phases. We implemented DEEM on Contiki OS and evaluated it using the Cooja simulator. Our assessment shows that, in simulated scenarios, DEEM has a low overhead in term of energy consumption, a high true positive rate, and a good detection speed, and this is a scalable method. The cost of DEEM overhead is small enough to be deployed in resource-constrained nodes.

查看原文本刊更多论文

DEEM:一种用于检测物联网天坑攻击的分散节能方法

RPL协议是为物联网(IoT)网络中的路由提供的协议。该协议可能受到攻击。RPL协议中的一种攻击是天坑攻击，攻击者试图吸引附近的节点，结果导致许多节点将其流量通过攻击者节点。在之前的检测RPL协议中天坑攻击的方法中，检测参数的准确性一直是很重要的。在本研究中，通过提供一种称为DEEM的局部检测方法，并提高该检测方法在能耗方面的开销，也获得了适当的检测精度。DEEM在每个节点中有两个阶段，称为信息收集阶段和检测阶段。我们在Contiki OS上实现了DEEM，并使用Cooja模拟器对其进行了评估。我们的评估表明，在模拟场景中，DEEM在能耗方面开销低，真阳性率高，检测速度快，是一种可扩展的方法。DEEM开销的成本足够小，可以部署在资源受限的节点中。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2019 9th International Conference on Computer and Knowledge Engineering (ICCKE)

自引率

0.00%

发文量