A ZigBee Intrusion Detection System for IoT using Secure and Efficient Data Collection

Abstract

The market for Internet of Things (IoT) products and services has grown rapidly. It has been predicted that the deployment of these IoT applications will grow exponentially in the near future. However, the rapid growth of the IoT brings new security risks and potentially opens systems and networks to new attacks. This paper outlines various techniques to detect known attacks and new types of attacks particularly on ZigBee-based IoT systems. We introduce a novel hybrid Intrusion Detection System (IDS) by merging rule-based intrusion detection and machine learning-based anomaly detection. The rule-based attack detection technique is used to provide an accurate detection method for known attacks. However, specifying accurate and precise detection rules require significant human effort. It is tedious and error prone and may lead to false alarms if done incorrectly. Hence, to mitigate this potential problem, the system is enhanced by combining it with machine learning-based anomaly detection. This paper discusses our IDS implementation that covers various types of detection techniques both to detect known attacks, as well as potential new types of attack in ZigBee-based IoT systems. Furthermore, this paper introduces a secure and efficient method for large-scale IDS data collection. Thus, it provides a trusted reporting mechanism that can operate under the strict resource requirements imposed by current IoT systems.