A Novel Insider Attack and Machine Learning Based Detection for the Internet of Things

IF 3.5 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS
Morshed U. Chowdhury, B. Ray, Sujan Chowdhury, S. Rajasegarar
{"title":"A Novel Insider Attack and Machine Learning Based Detection for the Internet of Things","authors":"Morshed U. Chowdhury, B. Ray, Sujan Chowdhury, S. Rajasegarar","doi":"10.1145/3466721","DOIUrl":null,"url":null,"abstract":"Due to the widespread functional benefits, such as supporting internet connectivity, having high visibility and enabling easy connectivity between sensors, the Internet of Things (IoT) has become popular and used in many applications, such as for smart city, smart health, smart home, and smart vehicle realizations. These IoT-based systems contribute to both daily life and business, including sensitive and emergency situations. In general, the devices or sensors used in the IoT have very limited computational power, storage capacity, and communication capabilities, but they help to collect a large amount of data as well as maintain communication with the other devices in the network. Since most of the IoT devices have no physical security, and often are open to everyone via radio communication and via the internet, they are highly vulnerable to existing and emerging novel security attacks. Further, the IoT devices are usually integrated with the corporate networks; in this case, the impact of attacks will be much more significant than operating in isolation. Due to the constraints of the IoT devices, and the nature of their operation, existing security mechanisms are less effective for countering the attacks that are specific to the IoT-based systems. This article presents a new insider attack, named loophole attack, that exploits the vulnerabilities present in a widely used IPv6 routing protocol in IoT-based systems, called RPL (Routing over Low Power and Lossy Networks). To protect the IoT system from this insider attack, a machine learning based security mechanism is presented. The proposed attack has been implemented using a Contiki IoT operating system that runs on the Cooja simulator, and the impacts of the attack are analyzed. Evaluation on the collected network traffic data demonstrates that the machine learning based approaches, along with the proposed features, help to accurately detect the insider attack from the network traffic data.","PeriodicalId":29764,"journal":{"name":"ACM Transactions on Internet of Things","volume":null,"pages":null},"PeriodicalIF":3.5000,"publicationDate":"2021-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Internet of Things","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3466721","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 10

Abstract

Due to the widespread functional benefits, such as supporting internet connectivity, having high visibility and enabling easy connectivity between sensors, the Internet of Things (IoT) has become popular and used in many applications, such as for smart city, smart health, smart home, and smart vehicle realizations. These IoT-based systems contribute to both daily life and business, including sensitive and emergency situations. In general, the devices or sensors used in the IoT have very limited computational power, storage capacity, and communication capabilities, but they help to collect a large amount of data as well as maintain communication with the other devices in the network. Since most of the IoT devices have no physical security, and often are open to everyone via radio communication and via the internet, they are highly vulnerable to existing and emerging novel security attacks. Further, the IoT devices are usually integrated with the corporate networks; in this case, the impact of attacks will be much more significant than operating in isolation. Due to the constraints of the IoT devices, and the nature of their operation, existing security mechanisms are less effective for countering the attacks that are specific to the IoT-based systems. This article presents a new insider attack, named loophole attack, that exploits the vulnerabilities present in a widely used IPv6 routing protocol in IoT-based systems, called RPL (Routing over Low Power and Lossy Networks). To protect the IoT system from this insider attack, a machine learning based security mechanism is presented. The proposed attack has been implemented using a Contiki IoT operating system that runs on the Cooja simulator, and the impacts of the attack are analyzed. Evaluation on the collected network traffic data demonstrates that the machine learning based approaches, along with the proposed features, help to accurately detect the insider attack from the network traffic data.
一种新的内部攻击和基于机器学习的物联网检测
由于物联网(IoT)具有广泛的功能优势,例如支持互联网连接,具有高可视性和实现传感器之间的轻松连接,因此物联网(IoT)已变得流行并用于许多应用,例如智能城市,智能健康,智能家居和智能车辆实现。这些基于物联网的系统有助于日常生活和业务,包括敏感和紧急情况。一般来说,物联网中使用的设备或传感器的计算能力、存储容量和通信能力非常有限,但它们有助于收集大量数据并保持与网络中其他设备的通信。由于大多数物联网设备没有物理安全性,并且通常通过无线电通信和互联网向所有人开放,因此它们极易受到现有和新兴的新型安全攻击。此外,物联网设备通常与企业网络集成;在这种情况下,攻击的影响将比孤立运作严重得多。由于物联网设备的限制及其操作的性质,现有的安全机制对于对抗针对基于物联网的系统的攻击不太有效。本文提出了一种新的内部攻击,称为漏洞攻击,它利用了在基于物联网的系统中广泛使用的IPv6路由协议中存在的漏洞,称为RPL(低功耗和有损网络路由)。为了保护物联网系统免受这种内部攻击,提出了一种基于机器学习的安全机制。采用运行在Cooja模拟器上的Contiki IoT操作系统实施了该攻击,并分析了攻击的影响。对收集的网络流量数据的评估表明,基于机器学习的方法以及所提出的功能有助于从网络流量数据中准确检测内部攻击。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
5.20
自引率
3.70%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信