Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection
| Autor(a) principal: | |
|---|---|
| Data de Publicação: | 2018 |
| Outros Autores: | , |
| Tipo de documento: | Artigo |
| Idioma: | eng |
| Título da fonte: | Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| Texto Completo: | http://hdl.handle.net/10316/108058 https://doi.org/10.3390/s18082445 |
Resumo: | It is well recognized that security will play a major role in enabling most of the applications envisioned for the Internet of Things (IoT). We must also note that most of such applications will employ sensing and actuating devices integrated with the Internet communications infrastructure and, from the minute such devices start to support end-to-end communications with external (Internet) hosts, they will be exposed to all kinds of threats and attacks. With this in mind, we propose an IDS framework for the detection and prevention of attacks in the context of Internet-integrated CoAP communication environments and, in the context of this framework, we implement and experimentally evaluate the effectiveness of anomaly-based intrusion detection, with the goal of detecting Denial of Service (DoS) attacks and attacks against the 6LoWPAN and CoAP communication protocols. From the results obtained in our experimental evaluation we observe that the proposed approach may viably protect devices against the considered attacks. We are able to achieve an accuracy of 93% considering the multi-class problem, thus when the pattern of specific intrusions is known. Considering the binary class problem, which allows us to recognize compromised devices, and though a lower accuracy of 92% is observed, a recall and an F_Measure of 98% were achieved. As far as our knowledge goes, ours is the first proposal targeting the usage of anomaly detection and prevention approaches to deal with application-layer and DoS attacks in 6LoWPAN and CoAP communication environments. |
| id |
RCAP_9ed396b6899f75345d1949fa2de34bd1 |
|---|---|
| oai_identifier_str |
oai:estudogeral.uc.pt:10316/108058 |
| network_acronym_str |
RCAP |
| network_name_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| repository_id_str |
7160 |
| spelling |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detectionintrusion detectionanomaly detection6LoWPANCoAPinternet-integrated sensor networksIt is well recognized that security will play a major role in enabling most of the applications envisioned for the Internet of Things (IoT). We must also note that most of such applications will employ sensing and actuating devices integrated with the Internet communications infrastructure and, from the minute such devices start to support end-to-end communications with external (Internet) hosts, they will be exposed to all kinds of threats and attacks. With this in mind, we propose an IDS framework for the detection and prevention of attacks in the context of Internet-integrated CoAP communication environments and, in the context of this framework, we implement and experimentally evaluate the effectiveness of anomaly-based intrusion detection, with the goal of detecting Denial of Service (DoS) attacks and attacks against the 6LoWPAN and CoAP communication protocols. From the results obtained in our experimental evaluation we observe that the proposed approach may viably protect devices against the considered attacks. We are able to achieve an accuracy of 93% considering the multi-class problem, thus when the pattern of specific intrusions is known. Considering the binary class problem, which allows us to recognize compromised devices, and though a lower accuracy of 92% is observed, a recall and an F_Measure of 98% were achieved. As far as our knowledge goes, ours is the first proposal targeting the usage of anomaly detection and prevention approaches to deal with application-layer and DoS attacks in 6LoWPAN and CoAP communication environments.MDPI2018-07-27info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articlehttp://hdl.handle.net/10316/108058http://hdl.handle.net/10316/108058https://doi.org/10.3390/s18082445eng1424-8220Granjal, JorgeSilva, João M.Lourenço, Nuno António Marquesinfo:eu-repo/semantics/openAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-08-09T08:07:06Zoai:estudogeral.uc.pt:10316/108058Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T21:24:19.713425Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse |
| dc.title.none.fl_str_mv |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection |
| title |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection |
| spellingShingle |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection Granjal, Jorge intrusion detection anomaly detection 6LoWPAN CoAP internet-integrated sensor networks |
| title_short |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection |
| title_full |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection |
| title_fullStr |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection |
| title_full_unstemmed |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection |
| title_sort |
Intrusion Detection and Prevention in CoAP Wireless Sensor Networks Using Anomaly Detection |
| author |
Granjal, Jorge |
| author_facet |
Granjal, Jorge Silva, João M. Lourenço, Nuno António Marques |
| author_role |
author |
| author2 |
Silva, João M. Lourenço, Nuno António Marques |
| author2_role |
author author |
| dc.contributor.author.fl_str_mv |
Granjal, Jorge Silva, João M. Lourenço, Nuno António Marques |
| dc.subject.por.fl_str_mv |
intrusion detection anomaly detection 6LoWPAN CoAP internet-integrated sensor networks |
| topic |
intrusion detection anomaly detection 6LoWPAN CoAP internet-integrated sensor networks |
| description |
It is well recognized that security will play a major role in enabling most of the applications envisioned for the Internet of Things (IoT). We must also note that most of such applications will employ sensing and actuating devices integrated with the Internet communications infrastructure and, from the minute such devices start to support end-to-end communications with external (Internet) hosts, they will be exposed to all kinds of threats and attacks. With this in mind, we propose an IDS framework for the detection and prevention of attacks in the context of Internet-integrated CoAP communication environments and, in the context of this framework, we implement and experimentally evaluate the effectiveness of anomaly-based intrusion detection, with the goal of detecting Denial of Service (DoS) attacks and attacks against the 6LoWPAN and CoAP communication protocols. From the results obtained in our experimental evaluation we observe that the proposed approach may viably protect devices against the considered attacks. We are able to achieve an accuracy of 93% considering the multi-class problem, thus when the pattern of specific intrusions is known. Considering the binary class problem, which allows us to recognize compromised devices, and though a lower accuracy of 92% is observed, a recall and an F_Measure of 98% were achieved. As far as our knowledge goes, ours is the first proposal targeting the usage of anomaly detection and prevention approaches to deal with application-layer and DoS attacks in 6LoWPAN and CoAP communication environments. |
| publishDate |
2018 |
| dc.date.none.fl_str_mv |
2018-07-27 |
| dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.driver.fl_str_mv |
info:eu-repo/semantics/article |
| format |
article |
| status_str |
publishedVersion |
| dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/10316/108058 http://hdl.handle.net/10316/108058 https://doi.org/10.3390/s18082445 |
| url |
http://hdl.handle.net/10316/108058 https://doi.org/10.3390/s18082445 |
| dc.language.iso.fl_str_mv |
eng |
| language |
eng |
| dc.relation.none.fl_str_mv |
1424-8220 |
| dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
| eu_rights_str_mv |
openAccess |
| dc.publisher.none.fl_str_mv |
MDPI |
| publisher.none.fl_str_mv |
MDPI |
| dc.source.none.fl_str_mv |
reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação instacron:RCAAP |
| instname_str |
Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
| instacron_str |
RCAAP |
| institution |
RCAAP |
| reponame_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| collection |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
| repository.name.fl_str_mv |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
| repository.mail.fl_str_mv |
|
| _version_ |
1799134128495394816 |