4.7 Article

A Softwarized Intrusion Detection System for the RPL-based Internet of Things networks

Publisher

ELSEVIER
DOI: 10.1016/j.future.2021.07.013

Keywords

Internet of Things; RPL protocol; RPL attacks; IoT security; Intrusion Detection System

Ask authors/readers for more resources

The IoT plays a pivotal role in Industry 4.0 but security issues arise due to vulnerabilities in the RPL protocol. ASSET, a novel IDS system, can mitigate at least 13 attacks and offers advantages in terms of overhead and accuracy compared to other solutions.
Internet of Things (IoT) constitutes a pivotal contributor to the Industry 4.0 (I 4.0) vision, technologically transforming production and societies. It enables novel services through the seamless integration of devices, such as motes carrying sensors, with the Internet. However, the broad adoption of IoT technologies is facing security issues due to the direct access to the devices from the Internet, the broadcasting nature of the wireless media, and the potential unattended operation of relevant deployments. In particular, the Routing over Low Power and Lossy Networks (RPL) protocol, a prominent IoT solution, is vulnerable to a large number of attacks, both of general-purpose and RPL-specific nature, while the resource-constraints of the corresponding devices are making attack mitigation even more challenging, e.g., in terms of involved control overhead and detection accuracy. In this paper, we introduce ASSET, a novel Intrusion Detection System (IDS) for RPL with diverse profiles to tackle the above issues that mitigate at least 13 attacks. At the same time, other solutions go up to eight. ASSET, inspired by the network softwarization paradigm, supports a novel, extendable workflow, bringing together three anomaly-detection and four RPL specification-based mechanisms, a novel attacker identification process, as well as multiple attack mitigation strategies. Our IDS also supports an adaptable control & monitoring protocol, trading overhead for accuracy, depending on the network conditions. The proof-of-concept experiments show that ASSET entails a low overhead for the different modes of operation it supports (i.e., 6.28 percent on average) compared to other solutions reaching up to 30 percent. At the same time, it also keeps the power consumption at acceptable levels (from 0.18 up to 1.54 percent more). Moreover, it provides 100 percent accuracy for specific attacks and can identify the attacker in far more attacks than any other similar solution. (C) 2021 Elsevier B.V. All rights reserved.

Authors

I am an author on this paper
Click your name to claim this paper and add it to your profile.

Reviews

Primary Rating

4.7
Not enough ratings

Secondary Ratings

Novelty
-
Significance
-
Scientific rigor
-
Rate this paper

Recommended

No Data Available
No Data Available