loading
Papers

Research.Publish.Connect.

Paper

Authors: Nicolas Müller ; Pascal Debus ; Daniel Kowatsch and Konstantin Böttinger

Affiliation: Cognitive Security Technologies, Fraunhofer AISEC, Garching near Munich and Germany

ISBN: 978-989-758-378-0

Keyword(s): Intrusion Detection, IoT, Machine Learning, RPL.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Intrusion Detection & Prevention ; Network Security ; Sensor and Mobile Ad Hoc Network Security ; Wireless Network Security

Abstract: RPL, a protocol for IP packet routing in wireless sensor networks, is known to be susceptible to a wide range of attacks. Especially effective are ’single mote attacks’, where the attacker only needs to control a single sensor node. These attacks work by initiating a ’delayed denial of service’, which depletes the motes’ batteries while maintaining otherwise normal network operation. While active, this is not detectable on the application layer, and thus requires detection on the network layer. Further requirements for detection algorithms are extreme computational and resource efficiency (e.g. avoiding communication overhead) and the use of machine learning (if the drawbacks of signature based detection are not acceptable). In this paper, we present a system for anomaly detection of these kinds of attacks and constraints, implement a prototype in C, and evaluate it on different network topologies against three ’single mote attacks’. We make our system highly resource and energy effic ient by deploying pre-trained models to the motes and approximating our choice of ML algorithm (KDE) via parameterized cubic splines. We achieve on average 84.91 percent true-positives and less than 0.5 percent false-positives. We publish all data sets and source code for full reproducibility. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.231.226.211

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Müller, N.; Debus, P.; Kowatsch, D. and Böttinger, K. (2019). Distributed Anomaly Detection of Single Mote Attacks in RPL Networks.In Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - Volume 2: SECRYPT, ISBN 978-989-758-378-0, pages 378-385. DOI: 10.5220/0007836003780385

@conference{secrypt19,
author={Nicolas M. Müller. and Pascal Debus. and Daniel Kowatsch. and Konstantin Böttinger.},
title={Distributed Anomaly Detection of Single Mote Attacks in RPL Networks},
booktitle={Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - Volume 2: SECRYPT,},
year={2019},
pages={378-385},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007836003780385},
isbn={978-989-758-378-0},
}

TY - CONF

JO - Proceedings of the 16th International Joint Conference on e-Business and Telecommunications - Volume 2: SECRYPT,
TI - Distributed Anomaly Detection of Single Mote Attacks in RPL Networks
SN - 978-989-758-378-0
AU - Müller, N.
AU - Debus, P.
AU - Kowatsch, D.
AU - Böttinger, K.
PY - 2019
SP - 378
EP - 385
DO - 10.5220/0007836003780385

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.