Affiliation:
1. Centre for Cyber Security Research and Innovation (CSRI), School of Information Technology, Deakin University, Geelong, Australia
2. Centre for Intelligent Systems (CIS), School of Engineering and Technology, Central Queensland University, Australia
3. Tech-Connect Pty Ltd., Australia
4. Centre for Cyber Security Research and Innovation (CSRI), School of Information Technology, Deakin University, Australia
Abstract
Due to the widespread functional benefits, such as supporting internet connectivity, having high visibility and enabling easy connectivity between sensors, the Internet of Things (IoT) has become popular and used in many applications, such as for smart city, smart health, smart home, and smart vehicle realizations. These IoT-based systems contribute to both daily life and business, including sensitive and emergency situations. In general, the devices or sensors used in the IoT have very limited computational power, storage capacity, and communication capabilities, but they help to collect a large amount of data as well as maintain communication with the other devices in the network. Since most of the IoT devices have no physical security, and often are open to everyone via radio communication and via the internet, they are highly vulnerable to existing and emerging novel security attacks. Further, the IoT devices are usually integrated with the corporate networks; in this case, the impact of attacks will be much more significant than operating in isolation. Due to the constraints of the IoT devices, and the nature of their operation, existing security mechanisms are less effective for countering the attacks that are specific to the IoT-based systems. This article presents a new insider attack, named
loophole attack
, that exploits the vulnerabilities present in a widely used IPv6 routing protocol in IoT-based systems, called
RPL
(Routing over Low Power and Lossy Networks). To protect the IoT system from this insider attack, a machine learning based security mechanism is presented. The proposed attack has been implemented using a Contiki IoT operating system that runs on the Cooja simulator, and the impacts of the attack are analyzed. Evaluation on the collected network traffic data demonstrates that the machine learning based approaches, along with the proposed features, help to accurately detect the insider attack from the network traffic data.
Publisher
Association for Computing Machinery (ACM)
Reference52 articles.
1. Peltarion. 2020. Categorical Crossentropy. Retrieved May 4 2020 from https://peltarion.com/knowledge-center/documentation/modeling-view/build-an-ai-model/loss-functions/categorical-crossentropy. Peltarion. 2020. Categorical Crossentropy. Retrieved May 4 2020 from https://peltarion.com/knowledge-center/documentation/modeling-view/build-an-ai-model/loss-functions/categorical-crossentropy.
2. Machine Learning to Ensure Data Integrity in Power System Topological Network Database
3. Anomaly Detection in Environmental Monitoring Networks [Application Notes]
Cited by
16 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献