Please use this identifier to cite or link to this item:
Title: A Softwarized Intrusion Detection System for the RPL-based Internet of Things networks
Authors: Violettas, George E.
Simoglou, George
Petridou, Sophia
Mamatas, Lefteris
Type: Article
Subjects: FRASCATI::Engineering and technology
FRASCATI::Natural sciences::Computer and information sciences
Keywords: Internet of Things
RPL protocol
RPL attacks
IoT security
Intrusion Detection System
Issue Date: Dec-2021
Source: Future Generation Computer Systems
Volume: 125
First Page: 698
Last Page: 714
Abstract: Internet of Things (IoT) constitutes a pivotal contributor to the Industry 4.0 (I 4.0) vision, technologically transforming production and societies. It enables novel services through the seamless integration of devices, such as motes carrying sensors, with the Internet. However, the broad adoption of IoT technologies is facing security issues due to the direct access to the devices from the Internet, the broadcasting nature of the wireless media, and the potential unattended operation of relevant deployments. In particular, the Routing over Low Power and Lossy Networks (RPL) protocol, a prominent IoT solution, is vulnerable to a large number of attacks, both of general-purpose and RPL-specific nature, while the resource-constraints of the corresponding devices are making attack mitigation even more challenging, e.g., in terms of involved control overhead and detection accuracy. In this paper, we introduce ASSET, a novel Intrusion Detection System (IDS) for RPL with diverse profiles to tackle the above issues that mitigate at least 13 attacks. At the same time, other solutions go up to eight. ASSET, inspired by the network softwarization paradigm, supports a novel, extendable workflow, bringing together three anomaly-detection and four RPL specification-based mechanisms, a novel attacker identification process, as well as multiple attack mitigation strategies. Our IDS also supports an adaptable control & monitoring protocol, trading overhead for accuracy, depending on the network conditions. The proof-of-concept experiments show that ASSET entails a low overhead for the different modes of operation it supports (i.e., 6.28 percent on average) compared to other solutions reaching up to 30 percent. At the same time, it also keeps the power consumption at acceptable levels (from 0.18 up to 1.54 percent more). Moreover, it provides 100 percent accuracy for specific attacks and can identify the attacker in far more attacks than any other similar solution.
ISSN: 0167-739X
Other Identifiers: 10.1016/j.future.2021.07.013
Appears in Collections:Department of Applied Informatics

Files in This Item:
File Description SizeFormat 
ASSET_preprint_version (1).pdf10,58 MBAdobe PDFThumbnail

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.