Journal of Information Processing Systems

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

A Comprehensive Analyses of Intrusion Detection System for IoT Environment

  • Sicato, Jose Costa Sapalo (Dept. of Computer Science and Engineering, Seoul National University of Science & Technology (SeoulTech)) ;
  • Singh, Sushil Kumar (Dept. of Computer Science and Engineering, Seoul National University of Science & Technology (SeoulTech)) ;
  • Rathore, Shailendra (Dept. of Computer Science and Engineering, Seoul National University of Science & Technology (SeoulTech)) ;
  • Park, Jong Hyuk (Dept. of Computer Science and Engineering, Seoul National University of Science & Technology (SeoulTech))
  • Received : 2020.05.05
  • Accepted : 2020.07.01
  • Published : 2020.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

Nowadays, the Internet of Things (IoT) network, is increasingly becoming a ubiquitous connectivity between different advanced applications such as smart cities, smart homes, smart grids, and many others. The emerging network of smart devices and objects enables people to make smart decisions through machine to machine (M2M) communication. Most real-world security and IoT-related challenges are vulnerable to various attacks that pose numerous security and privacy challenges. Therefore, IoT offers efficient and effective solutions. intrusion detection system (IDS) is a solution to address security and privacy challenges with detecting different IoT attacks. To develop an attack detection and a stable network, this paper's main objective is to provide a comprehensive overview of existing intrusion detections system for IoT environment, cyber-security threats challenges, and transparent problems and concerns are analyzed and discussed. In this paper, we propose software-defined IDS based distributed cloud architecture, that provides a secure IoT environment. Experimental evaluation of proposed architecture shows that it has better detection and accuracy than traditional methods.

Keywords

References

  1. S. C. Mukhopadhyay and N. K. Suryadevara, "Internet of things: challenges and opportunities," in Internet of Things: Challenges and Opportunities. Cham, Switzerland: Springer International Publishing, 2014, pp. 1-17.
  2. O. Vermesan and P. Friess, Internet of Things-from Research and Innovation to Market Deployment. Aalborg, Denmark: River Publishers, 2014.
  3. S. P. Anilbhai and C. Parekh, "Intrusion Detection and Prevention System for IoT," International Journal of Scientific Research in Computer Science, Engineering and Information Technology, vol. 2, no. 6, pp. 771-776, 2017.
  4. S. Tanwar, S. Tyagi, and S. Kumar, "The role of internet of things and smart grid for the development of a smart city," in Intelligent Communication and Computational Technologies. Singapore: Springer, Singapore, 2018, pp. 23-33.
  5. M. Anirudh, S. A. Thileeban, and D. J. Nallathambi, "Use of honeypots for mitigating DoS attacks targeted on IoT networks," in Proceedings of 2017 International Conference on Computer, Communication and Signal Processing (ICCCSP), Chennai, India, 2017, pp. 1-4.
  6. W. Meng, "Intrusion detection in the era of IoT: building trust via traffic filtering and sampling," Computer, vol. 51, no. 7, pp. 36-43, 2018. https://doi.org/10.1109/mc.2018.3011034
  7. A. Mehmood, M. Mukherjee, S. H. Ahmed, H. Song, and K. M. Malik, "NBC-MAIDS: Naive Bayesian classification technique in multi-agent system-enriched IDS for securing IoT against DDoS attacks," The Journal of Supercomputing, vol. 74, no. 10, pp. 5156-5170, 2018. https://doi.org/10.1007/s11227-018-2413-7
  8. R. Roman, J. Lopez, and M. Mambo, "Mobile edge computing, Fog et al.: a survey and analysis of security threats and challenges," Future Generation Computer Systems, vol. 78, pp. 680-698, 2018. https://doi.org/10.1016/j.future.2016.11.009
  9. S. G. Kene and D. P. Theng, "A review on intrusion detection techniques for cloud computing and security challenges," in Proceedings of 2015 2nd International Conference on Electronics and Communication Systems (ICECS), Coimbatore, India, 2015, pp. 227-232.
  10. A. A. Gendreau and M. Moorman, "Survey of intrusion detection systems towards an end to end secure internet of things," in Proceedings of 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), Vienna, Austria, 2016, pp. 84-90.
  11. C. Jun and C. Chi, "Design of complex event-processing IDS in internet of things," in Proceedings of 2014 Sixth International Conference on Measuring Technology and Mechatronics Automation, Zhangjiajie, China, 2014, pp. 226-229.
  12. A. Patel, Q. Qassim, Z. Shukor, J. Nogueira, J. Junior, and C. Wills, "Autonomic agent-based self-managed intrusion detection and prevention system," in Proceedings of the South African Information Security Multi-Conference (SAISMC 2010), Port Elizabeth, South Africa, 2011, pp. 223-234.
  13. J. H. Lee, M. W. Park, J. H. Eom, and T. M. Chung, "Multi-level Intrusion Detection System and log management in Cloud Computing," in Proceedings of 13th International Conference on Advanced Communication Technology (ICACT2011), Seoul, Korea, 2011, pp. 552-555.
  14. M. F. Elrawy, A. I. Awad, and H. F. A. Hamed, "Intrusion detection systems for IoT-based smart environments: a survey," Journal of Cloud Computing, vol. 7, article no. 21, 2018.
  15. P. S. Kenkre, A. Pai, and L. Colaco, "Real-time intrusion detection and prevention system," in Proceedings of the 3rd International Conference on Frontiers of Intelligent Computing: Theory and Applications (FICTA). Cham: Springer, 2014, pp. 405-411.
  16. B. B. Zarpelao, R. S. Miani, C. T. Kawakani, and S. C. de Alvarenga, "A survey of intrusion detection in Internet of Things," Journal of Network and Computer Applications, vol. 84, pp. 25-37, 2017. https://doi.org/10.1016/j.jnca.2017.02.009
  17. S. Notra, M. Siddiqi, H. Habibi Gharakheili, V. Sivaraman, and R. Boreli, "An experimental study of security and privacy risks with emerging household appliances," in Proceedings of 2014 IEEE Conference on Communications and Network Security, San Francisco, CA, 2014, pp. 79-84.
  18. C. Kolias, A. Stavrou, J. Voas, I. Bojanova, and R. Kuhn, "Learning Internet-of-Things security 'Hands-On'," IEEE Security & Privacy, vol. 14, no. 1, pp. 37-46, 2016. https://doi.org/10.1109/MSP.2016.4
  19. O. Garcia-Morchon, S. Kumar, S. Keoh, R. Hummen, and R. Struik, "Security considerations in the IP-based Internet of Things: draft-garcia-core-security-06," Internet-Draft, Internet Engineering Task Force, 2013.
  20. E. Benkhelifa, T. Welsh, and W. Hamouda, "A critical review of practices and challenges in intrusion detection systems for IoT: toward universal and resilient systems," IEEE Communications Surveys & Tutorials, vol. 20, no. 4, pp. 3496-3509, 2018. https://doi.org/10.1109/COMST.2018.2844742
  21. P. Kasinathan, C. Pastrone, M. A. Spirito, and M. Vinkovits, "Denial-of-service detection in 6LoWPAN based Internet of Things," in Proceedings of 2013 IEEE 9th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), Lyon, France, 2013, pp. 600-607.
  22. A. L. Buczak and E. Guven, "A survey of data mining and machine learning methods for cyber security intrusion detection," IEEE Communications Surveys & Tutorials, vol. 18, no. 2, pp. 1153-1176, 2016. https://doi.org/10.1109/COMST.2015.2494502
  23. A. Abduvaliyev, A. K. Pathan, J. Zhou, R. Roman, and W. Wong, "On the vital areas of intrusion detection systems in wireless sensor networks," IEEE Communications Surveys & Tutorials, vol. 15, no. 3, pp. 1223-1237, 2013. https://doi.org/10.1109/SURV.2012.121912.00006
  24. A. Gupta, O. J. Pandey, M. Shukla, A. Dadhich, S. Mathur, and A. Ingle, "Computational intelligence based intrusion detection systems for wireless communication and pervasive computing networks," in Proceedings of 2013 IEEE International Conference on Computational Intelligence and Computing Research, Enathi, India, 2013, pp. 1-7.
  25. H. A. Arolkar, S. P. Sheth, and V. P. Tamhane, "Ant colony based approach for intrusion detection on cluster heads in WSN," in Proceedings of the 2011 International Conference on Communication, Computing & Security, Rourkela, India, 2011, pp. 523-526.
  26. D. Shreenivas, S. Raza, and T. Voigt, "Intrusion detection in the RPL-connected 6LoWPAN networks," in Proceedings of the 3rd ACM International Workshop on IoT Privacy, Trust, and Security, Abu Dhabi, United Arab Emirates, 2017, pp. 31-38.
  27. T. Jiang, G. Wang, and H. Yu, "A dynamic intrusion detection scheme for cluster-based wireless sensor networks," in World Automation Congress 2012, Puerto Vallarta, Mexico, 2012, pp. 259-261.
  28. G. Padmavathi and D. Shanmugapriya, "A survey of attacks, security mechanisms and challenges in wireless sensor networks," International Journal of Computer Science and Information Security, vol. 4, no. 1 & 2, pp. 1-9, 2009.
  29. A. Milenkoski, M. Vieira, S. Kounev, A. Avritzer, and B. D. Payne, "Evaluating computer intrusion detection systems: a survey of common practices," ACM Computing Surveys, vol. 48, no. 1, Article no. 12, 2015.
  30. N. K. Thanigaivelan, E. Nigussie, R. K. Kanth, S. Virtanen, and J. Isoaho, "Distributed internal anomaly detection system for Internet-of-Things," in Proceedings of 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC), Las Vegas, NV, 2016, pp. 319-320.
  31. G. Han, J. Jiang, W. Shen, L. Shu, and J. Rodrigues, "IDSEP: a novel intrusion detection scheme based on energy prediction in cluster-based wireless sensor networks," IET Information Security, vol. 7, no. 2, pp. 97-105, 2013. https://doi.org/10.1049/iet-ifs.2012.0052
  32. T. Sherasiya, H. Upadhyay, and H. B. Patel, "A survey: intrusion detection system for Internet of Things," International Journal of Computer Science and Engineering, vol. 5, no. 2, pp. 91-98, 2016.
  33. I. Alqassem and D. Svetinovic, "A taxonomy of security and privacy requirements for the Internet of Things (IoT)," in Proceedings of 2014 IEEE International Conference on Industrial Engineering and Engineering Management, Bandar Sunway, Malaysia, 2014, pp. 1244-1248.
  34. H. A. Abdul-Ghani and D. Konstantas, "A comprehensive study of security and privacy guidelines, threats, and countermeasures: an IoT perspective," Journal of Sensor and Actuator Networks, vol. 8, no. 2, p. 22, 2019. https://doi.org/10.3390/jsan8020022
  35. B. Halak, M. Zwolinski, and M. S. Mispan, "Overview of PUF-based hardware security solutions for the internet of things," in Proceedings of 2016 IEEE 59th International Midwest Symposium on Circuits and Systems (MWSCAS), Abu Dhabi, United Arab Emirates, 2016, pp. 1-4.
  36. P. Sethi and S. R. Sarangi, "Internet of Things: architectures, protocols, and applications," Journal of Electrical and Computer Engineering, vol. 2017, article no. 9324035, 2017.
  37. D. M. Mendez, I. Papapanagiotou, and B. Yang, "Internet of Things: survey on security and privacy," 2017 [Online]. Available: https://arxiv.org/abs/1707.01879.
  38. B. B. Zarpelao, R. S. Miani, C. T. Kawakani, and S. C. de Alvarenga, "A survey of intrusion detection in Internet of Things," Journal of Network and Computer Applications, vol. 84, pp. 25-37, 2017. https://doi.org/10.1016/j.jnca.2017.02.009
  39. K. Xing, F. Liu, X. Cheng, and D. H. C. Du, "Real-time detection of clone attacks in wireless sensor networks," in Proceedings of 2008 The 28th International Conference on Distributed Computing Systems, Beijing, China, 2008, pp. 3-10.
  40. R. P. Kurbah and B. Sharma, "Survey on issues in wireless sensor networks: attacks and countermeasures," International Journal of Computer Science and Information Security, vol. 14, no. 4, pp. 262-269, 2016.
  41. S. Fosso Wamba, A. Anand, and L. Carter, "A literature review of RFID-enabled healthcare applications and issues," International Journal of Information Management, vol. 33, no. 5, pp. 875-891, 2013. https://doi.org/10.1016/j.ijinfomgt.2013.07.005
  42. M. S. Van Devender, W. B. Glisson, M. Campbell, and M. A. Finan, "Identifying opportunities to compromise medical environments," in Proceedings of Twenty-second Americas Conference on Information Systems, San Diego, CA, 2016, pp. 1-9.
  43. J. Deogirikar and A. Vidhate, "Security attacks in IoT: a survey," in Proceedings of 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), Palladam, India, 2017, pp. 32-37.
  44. M. Nawir, A. Amir, N. Yaakob, and O. B. Lynn, "Internet of Things (IoT): taxonomy of security attacks," in Proceedings of 2016 3rd International Conference on Electronic Design (ICED), Phuket, Thailand, 2016, pp. 321-326.
  45. J. Singh, T. Pasquier, J. Bacon, H. Ko, and D. Eyers, "Twenty security considerations for cloud-supported Internet of Things," IEEE Internet of Things Journal, vol. 3, no. 3, pp. 269-284, 2016. https://doi.org/10.1109/JIOT.2015.2460333
  46. A. Patel, S. Jain, and S. K. Shandilya, "Data of semantic web as unit of knowledge," Journal of Web Engineering, vol. 17, no. 8, pp. 647-674, 2018.
  47. D. Jankowski and M. Amanowicz, "Intrusion detection in Software Defined Networks with self-organized maps," Journal of Telecommunications and Information Technology, vol. 4, pp. 3-9, 2015. https://doi.org/10.26636/jtit.2019.131819
  48. D. Jankowski and M. Amanowicz, "On efficiency of selected machine learning algorithms for intrusion detection in Software Defined Networks," International Journal of Electronics and Telecommunications, vol. 62, no. 3, pp. 247-252, 2016. https://doi.org/10.1515/eletel-2016-0033
  49. S. Rathore, P. K. Sharma, V. Loia, Y. S. Jeong, and J. H. Park, "Social network security: issues, challenges, threats, and solutions," Information Sciences, vol. 421, pp. 43-69, 2017. https://doi.org/10.1016/j.ins.2017.08.063
  50. S. Hameed, F. I. Khan, and B. Hameed, "Understanding security requirements and challenges in Internet of Things (IoT): a review," Journal of Computer Networks and Communications, vol. 2019, article no. 9629381, 2019.
  51. S. Hameed, U. M. Jamali, and A. Samad, "Integrity protection of NDEF message with flexible and enhanced NFC signature records," in Proceedings of 2015 IEEE Trustcom/BigDataSE/ISPA, Helsinki, Finland, 2015, pp. 368-375.
  52. C. Liu, C. Yang, X. Zhang, and J. Chen, "External integrity verification for outsourced big data in cloud and IoT: a big picture," Future Generation Computer Systems, vol. 49, pp. 58-67, 2015. https://doi.org/10.1016/j.future.2014.08.007
  53. Q. Gou, L. Yan, Y. Liu, and Y. Li, "Construction and strategies in IoT security system," in Proceedings of 2013 IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing, Beijing, China, 2013, pp. 1129-1132.
  54. S. K. Singh, S. Rathore, and J. H. Park, "BlockIoTIntelligence: a blockchain-enabled intelligent IoT architecture with artificial intelligence," Future Generation Computer Systems, vol. 110, pp. 721-743, 2020. https://doi.org/10.1016/j.future.2019.09.002
  55. I. R. Chen, J. Guo, D. C. Wang, J. J. P. Tsai, H. Al-Hamadi, and I. You, "Trust-based service management for mobile cloud IoT systems," IEEE Transactions on Network and Service Management, vol. 16, no. 1, pp. 246-263, 2019. https://doi.org/10.1109/tnsm.2018.2886379
  56. Z. Zhang, J. Jing, X. Wang, K. K. R. Choo, and B. B. Gupta, "A crowdsourcing method for online social networks security assessment based on human-centric computing," Human-centric Computing and Information Sciences, vol. 10, Article no. 23, 2020.
  57. L. Megouache, A. Zitouni, and M. Djoudi, "Ensuring user authentication and data integrity in multi-cloud environment," Human-centric Computing and Information Sciences, vol. 10, Article no, 15, 2020.
  58. A. Abubakar and B. Pranggono, "Machine learning based intrusion detection system for software defined networks," in Proceedings of 2017 7th International Conference on Emerging Security Technologies (EST), Canterbury, UK, 2017, pp. 138-143.
  59. S. K. Singh, Y. S. Jeong, and J. H. Park, "A deep learning-based IoT-oriented infrastructure for secure smart city," Sustainable Cities and Society, vol. 60, article no. 102252, 2020.
  60. Y. S. Jeong and J. H. Park, "Security, privacy, and efficiency of sustainable computing for future smart cities," Journal of Information Processing Systems, vol. 16, no. 1, pp. 1-5, 2020. https://doi.org/10.3745/JIPS.03.0133
  61. S. Kumar, T. Kumar, G. Singh, and M. S. Nehra, "Open flow switch with intrusion detection system," International Journal of Scientific Research Engineering & Technology, vol. 1, no. 7, pp. 1-4, 2012.