Abstract

We study efficient and lightweight Intrusion Detection Systems (IDS) for ad-hoc networks via the prism of IPv6-enabled Wireless Sensor Actuator Networks. These networks consist of highly constrained devices able to communicate wirelessly in an ad-hoc fashion, thus following mesh networks. Current state-of-the-art (IDS) have been developed taking into consideration regular computer networks, and as such they do not efficiently addresses the paradigm of ad-hoc networks. In this work we firstly identify a trade-off between the communication and energy overheads of an IDS (as captured by the number of active IDS agents in the network) and the performance of the system in terms of successfully identifying attacks. In order to fine tune this trade-off, we model such networks as Random Geometric Graphs; a rigorous approach that allows us to capture underlying structural properties of the network. We then introduce a novel IDS architectural approach by having only a subset of the nodes acting as IDS agents. These nodes are able to efficiently detect attacks at the networking layer in a collaborative manner by monitoring locally available network information provided by IoT routing protocols such as RPL. Our detailed experimental evaluation demonstrates significant performance gains in terms of communication overhead and energy dissipation while maintaining high detection rates. We also show that the performance of our IDS in ad-hoc networks does not rely on the size of the network but on fundamental underling network properties, such as the network topology and the average degree of the nodes.

Highlights

  • Internet of Things represents the major networking paradigm shift both in qualitative and quantitative terms

  • In this work we study efficient and lightweight Intrusion Detection Systems for ad-hoc networks via the prism of IPv6-enabled Wireless Actuator Sensor Networks

  • We first provide a formal model for WSNs with the use of Random Geometric Graphs, a graph-theoretical model to capture the spatial characteristics of WSNs such as interdependencies on the existence of wireless links among neighbouring nodes

Read more

Summary

INTRODUCTION

Internet of Things represents the major networking paradigm shift both in qualitative and quantitative terms. Motivated by how IoT networking protocols, such as RPL, manage and operate the network, we identify inherent trade-offs between the communication overhead introduced by an IDS and its detection rate of attacks such as the sinkhole attack We investigate this trade-off via extended emulations and show there exists an underlying threshold behaviour in the efficiency of the IDS that is related to the connectivity threshold of the RGG model. This allows us to conjure that for peer-to-peer IoT networks, the number of IDS agents that need to be deployed in order to achieve a high detection rate is constant and a function of the ratio between the network area size and the communication range of the nodes.

RELATED WORK
THE NETWORK MODEL
THE PROPOSED IDS ARCHITECTURE
Simulation Set-Up
Evaluation Metrics
Simulation Findings
CONCLUSIONS AND FUTURE WORK
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.