Complex Event Processing for Object Tracking and Intrusion Detection in Internet of Things Environments

Abstract

With the development of Internet of Things (IoT), there have been more and more services and applicationsdeployed in physical spaces and information systems. The massive number of sensors anddevices are embedded in IoT environments, which produce huge amounts of data continuously forthe IoT systems and platforms. Processing these data stream generated by the IoT networks with differentpatterns has raised new challenges for the real-time performance of intrusion detection system(IDS) in IoT environments, which has to react quickly to the hacking attacks and malicious activitiesto IoT. In this paper, a complex event processing (CEP) based IDS model for object detectiontracking and intrusion detection in the IoT environments is proposed. Esper, an open source complexevent processing engine is used to develop the model. In this model, the cincoming streams of dataare detected by Esper engine according to the predefined EPL rules. And then, trigger correspondinglisteners, the normal events are sent to the higher layer application as an new event through theadapter. In the alert event processor, the abnormal events are divided into the attack events and theother causes of abnormal events, such as sensor fault, transmission delay, etc.