loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Nicolas M. Müller ; Pascal Debus ; Daniel Kowatsch and Konstantin Böttinger

Affiliation: Cognitive Security Technologies, Fraunhofer AISEC, Garching near Munich and Germany

Keyword(s): Intrusion Detection, IoT, Machine Learning, RPL.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Intrusion Detection & Prevention ; Network Security ; Sensor and Mobile Ad Hoc Network Security ; Wireless Network Security

Abstract: RPL, a protocol for IP packet routing in wireless sensor networks, is known to be susceptible to a wide range of attacks. Especially effective are ’single mote attacks’, where the attacker only needs to control a single sensor node. These attacks work by initiating a ’delayed denial of service’, which depletes the motes’ batteries while maintaining otherwise normal network operation. While active, this is not detectable on the application layer, and thus requires detection on the network layer. Further requirements for detection algorithms are extreme computational and resource efficiency (e.g. avoiding communication overhead) and the use of machine learning (if the drawbacks of signature based detection are not acceptable). In this paper, we present a system for anomaly detection of these kinds of attacks and constraints, implement a prototype in C, and evaluate it on different network topologies against three ’single mote attacks’. We make our system highly resource and energy effi cient by deploying pre-trained models to the motes and approximating our choice of ML algorithm (KDE) via parameterized cubic splines. We achieve on average 84.91 percent true-positives and less than 0.5 percent false-positives. We publish all data sets and source code for full reproducibility. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 216.73.216.134

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Müller, N. M., Debus, P., Kowatsch, D. and Böttinger, K. (2019). Distributed Anomaly Detection of Single Mote Attacks in RPL Networks. In Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - SECRYPT; ISBN 978-989-758-378-0; ISSN 2184-3236, SciTePress, pages 378-385. DOI: 10.5220/0007836003780385

@conference{secrypt19,
author={Nicolas M. Müller and Pascal Debus and Daniel Kowatsch and Konstantin Böttinger},
title={Distributed Anomaly Detection of Single Mote Attacks in RPL Networks},
booktitle={Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - SECRYPT},
year={2019},
pages={378-385},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007836003780385},
isbn={978-989-758-378-0},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - SECRYPT
TI - Distributed Anomaly Detection of Single Mote Attacks in RPL Networks
SN - 978-989-758-378-0
IS - 2184-3236
AU - Müller, N.
AU - Debus, P.
AU - Kowatsch, D.
AU - Böttinger, K.
PY - 2019
SP - 378
EP - 385
DO - 10.5220/0007836003780385
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

COPE

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic