Detecting Sinkhole Attack in RPL-based Internet of Things Routing Protocol

  • سال انتشار: 1400
  • محل انتشار: مجله هوش مصنوعی و داده کاوی، دوره: 9، شماره: 1
  • کد COI اختصاصی: JR_JADM-9-1_008
  • زبان مقاله: انگلیسی
  • تعداد مشاهده: 341
دانلود فایل این مقاله

نویسندگان

M. Yadollahzadeh Tabari

Department of Computer Engineering, Babol Branch, Islamic Azad University, Babol, Iran.

Z. Mataji

Department of Computer Engineering, Mazandaran Institute of Technology, Babol, Iran.

چکیده

The Internet of Things (IoT) is a novel paradigm in computer networks which is capable to connect things to the internet via a wide range of technologies. Due to the features of the sensors used in IoT networks and the unsecured nature of the internet, IoT is vulnerable to many internal routing attacks. Using traditional IDS in these networks has its own challenges due to the resource constraint of the nodes, and the characteristics of the IoT network. A sinkhole attacker node, in this network, attempts to attract traffic through incorrect information advertisement. In this research, a distributed IDS architecture is proposed to detect sinkhole routing attack in RPL-based IoT networks, which is aimed to improve true detection rate and reduce the false alarms. For the latter we used one type of post processing mechanism in which a threshold is defined for separating suspicious alarms for further verifications. Also, the implemented IDS modules distributed via client and router border nodes that makes it energy efficient. The required data for interpretation of network’s behavior gathered from scenarios implemented in Cooja environment with the aim of Rapidminer for mining the produces patterns. The produced dataset optimized using Genetic algorithm by selecting appropriate features. We investigate three different classification algorithms which in its best case Decision Tree could reaches to ۹۹.۳۵ rate of accuracy.

کلیدواژه ها

Internet of Thing, intrusion detection system, routing security, RPL’s attacks

اطلاعات بیشتر در مورد COI

COI مخفف عبارت CIVILICA Object Identifier به معنی شناسه سیویلیکا برای اسناد است. COI کدی است که مطابق محل انتشار، به مقالات کنفرانسها و ژورنالهای داخل کشور به هنگام نمایه سازی بر روی پایگاه استنادی سیویلیکا اختصاص می یابد.

کد COI به مفهوم کد ملی اسناد نمایه شده در سیویلیکا است و کدی یکتا و ثابت است و به همین دلیل همواره قابلیت استناد و پیگیری دارد.