A survey of intrusion detection in Internet of Things

Internet of Things (IoT) is a new paradigm that integrates the Internet and physical objects belonging to different domains such as home automation, industrial process, human health and environmental monitoring. It deepens the presence of Internet-connected devices in our daily activities, bringing, in addition to many benefits, challenges related to security issues. For more than two decades, Intrusion Detection Systems (IDS) have been an important tool for the protection of networks and information systems. However, applying traditional IDS techniques to IoT is difficult due to its particular characteristics such as constrained-resource devices, specific protocol stacks, and standards. In this paper, we present a survey of IDS research efforts for IoT. Our objective is to identify leading trends, open issues, and future research possibilities. We classified the IDSs proposed in the literature according to the following attributes: detection method, IDS placement strategy, security threat and validation strategy. We also discussed the different possibilities for each attribute, detailing aspects of works that either propose specific IDS schemes for IoT or develop attack detection strategies for IoT threats that might be embedded in IDSs.

[1]  Sokratis K. Katsikas,et al.  Methods for post-processing of alerts in intrusion detection: A survey , 2013 .

[2]  Imrich Chlamtac,et al.  Internet of things: Vision, applications and research challenges , 2012, Ad Hoc Networks.

[3]  Muttukrishnan Rajarajan,et al.  Intrusion alert prioritisation and attack detection using post-correlation analysis , 2015, Comput. Secur..

[4]  Philip K. Chan,et al.  An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection , 2003, RAID.

[5]  Moshe Y. Vardi,et al.  Verification , 1917, Handbook of Automata Theory.

[6]  Francisco Falcone,et al.  An Easy to Deploy Street Light Control System Based on Wireless Communication and LED Technology , 2013, Sensors.

[7]  Osman Balci,et al.  Verification, validation, and accreditation , 1998, 1998 Winter Simulation Conference. Proceedings (Cat. No.98CH36274).

[8]  Song Han,et al.  WirelessHART: Applying Wireless Technology in Real-Time Industrial Process Control , 2008, 2008 IEEE Real-Time and Embedded Technology and Applications Symposium.

[9]  Sokratis K. Katsikas,et al.  Enhancing IDS performance through comprehensive alert post-processing , 2013, Comput. Secur..

[10]  Anna N. Kim,et al.  When HART goes wireless: Understanding and implementing the WirelessHART standard , 2008, 2008 IEEE International Conference on Emerging Technologies and Factory Automation.

[11]  Jeffrey M. Voas,et al.  Learning Internet-of-Things Security "Hands-On" , 2016, IEEE Security & Privacy.

[12]  Fernando Ramos,et al.  LEARNING WITH THE INTERNET OF THINGS , 2019, INTED2019 Proceedings.

[13]  Alexander Gluhak,et al.  A survey on facilities for experimental internet of things research , 2011, IEEE Communications Magazine.

[14]  Samuel Kounev,et al.  Evaluating Computer Intrusion Detection Systems , 2015, ACM Comput. Surv..

[15]  Thiemo Voigt,et al.  Routing Attacks and Countermeasures in the RPL-Based Internet of Things , 2013, Int. J. Distributed Sens. Networks.

[16]  Ahmed Patel,et al.  A survey of intrusion detection and prevention systems , 2010, Inf. Manag. Comput. Secur..

[17]  Jonathan Loo,et al.  Specification-based IDS for securing RPL from topology attacks , 2011, 2011 IFIP Wireless Days (WD).

[18]  Yu Chen,et al.  Ultra-lightweight deep packet anomaly detection for Internet of Things devices , 2015, 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC).

[19]  D. Skiba The Internet of Things (IoT). , 2013, Nursing education perspectives.

[20]  Siarhei Kuryla,et al.  RPL: IPv6 Routing Protocol for Low power and Lossy Networks , 2010 .

[21]  Jinquan Zeng,et al.  Research on immunity-based intrusion detection technology for the Internet of Things , 2011, 2011 Seventh International Conference on Natural Computation.

[22]  Oscar Garcia-Morchon,et al.  Security Considerations in the IP-based Internet of Things , 2013 .

[23]  Sarmad Ullah Khan,et al.  Future Internet: The Internet of Things Architecture, Possible Applications and Key Challenges , 2012, 2012 10th International Conference on Frontiers of Information Technology.

[24]  Luming Tan,et al.  Future internet: The Internet of Things , 2010, 2010 3rd International Conference on Advanced Computer Theory and Engineering(ICACTE).

[25]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[26]  Saad Harous,et al.  Internet of things: Applications and challenges , 2016, 2016 12th International Conference on Innovations in Information Technology (IIT).

[27]  John R. Vacca Computer and Information Security Handbook , 2009 .

[28]  John R. Vacca Computer and Information Security Handbook, Second Edition , 2013 .

[29]  Chun-Hung Richard Lin,et al.  Intrusion detection system: A comprehensive review , 2013, J. Netw. Comput. Appl..

[30]  Vilhelm Verendel,et al.  Quantified security is a weak hypothesis: a critical survey of results and assumptions , 2009, NSPW '09.

[31]  Arbab Waheed Ahmad,et al.  Energy-Efficient Intelligent Street Lighting System Using Traffic-Adaptive Control , 2016, IEEE Sensors Journal.

[32]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[33]  Roksana Boreli,et al.  An experimental study of security and privacy risks with emerging household appliances , 2014, 2014 IEEE Conference on Communications and Network Security.

[34]  Athanasios V. Vasilakos,et al.  A survey on trust management for Internet of Things , 2014, J. Netw. Comput. Appl..

[35]  Eleonora Borgia,et al.  The Internet of Things vision: Key features, applications and open issues , 2014, Comput. Commun..

[36]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[37]  Aref Meddeb,et al.  Internet of things standards: who stands out from the crowd? , 2016, IEEE Communications Magazine.

[38]  R SonikaH,et al.  A Survey on Intrusion Detection Systems in Mobile Ad-hoc Networks , 2017 .

[39]  Maurizio A. Spirito,et al.  Denial-of-Service detection in 6LoWPAN based Internet of Things , 2013, 2013 IEEE 9th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[40]  Rituparna Chaki,et al.  Intrusion Detection in Wireless Ad-Hoc Networks , 2014 .

[41]  In Lee,et al.  The Internet of Things (IoT): Applications, investments, and challenges for enterprises , 2015 .

[42]  Joshua Ojo Nehinbe,et al.  A critical evaluation of datasets for investigating IDSs and IPSs researches , 2011, 2011 IEEE 10th International Conference on Cybernetic Intelligent Systems (CIS).

[43]  John McHugh,et al.  Testing Intrusion detection systems: a critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln Laboratory , 2000, TSEC.

[44]  P. Venkata Krishna,et al.  A Learning Automata Based Solution for Preventing Distributed Denial of Service in Internet of Things , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[45]  Carsten Bormann,et al.  The Constrained Application Protocol (CoAP) , 2014, RFC.

[46]  Jorge Sá Silva,et al.  On the Effectiveness of End-to-End Security for Internet-Integrated Sensing Applications , 2012, 2012 IEEE International Conference on Green Computing and Communications.

[47]  Deokho Kim,et al.  A Malicious Pattern Detection Engine for Embedded Security Systems in the Internet of Things , 2014, Sensors.

[48]  Jong-Bae Kim,et al.  A Study on the Internet of Things (IoT) Applications , 2015 .

[49]  Dennis Brandão,et al.  Street Lighting System Based on Wireless Sensor Networks , 2012 .

[50]  Jonathan Loo,et al.  A Specification-Based IDS for Detecting Attacks on RPL-Based Network Topology , 2016, Inf..

[51]  Michele Nogueira Lima,et al.  Detection of sinkhole attacks for supporting secure routing on 6LoWPAN for Internet of Things , 2015, 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM).

[52]  Dhananjay Singh,et al.  A survey of Internet-of-Things: Future vision, architecture, challenges and services , 2014, 2014 IEEE World Forum on Internet of Things (WF-IoT).

[53]  Sunil Kumar,et al.  Intrusion detection in mobile ad hoc networks: techniques, systems, and future challenges , 2016, Secur. Commun. Networks.

[54]  Ian F. Akyildiz,et al.  A cross-layer communication module for the Internet of Things , 2013, Comput. Networks.

[55]  Deepak Choudhary,et al.  Internet of things: A survey on enabling technologies, application and standardization , 2018 .

[56]  Danielle Chrun,et al.  Model-Based Support for Information Technology Security Decision Making , 2011 .

[57]  Guangjie Han,et al.  Policy and network-based intrusion detection system for IPv6-enabled wireless sensor networks , 2014, 2014 IEEE International Conference on Communications (ICC).

[58]  Aurobindo Sundaram,et al.  An introduction to intrusion detection , 1996, CROS.

[59]  Hervé Debar An Introduction to Intrusion-Detection Systems , 2000 .

[60]  J. Pissolato Filho,et al.  The adequacy of LoRaWAN on smart grids: A comparison with RF mesh technology , 2016, 2016 IEEE International Smart Cities Conference (ISC2).

[61]  Tsung-Han Lee,et al.  A Lightweight Intrusion Detection Scheme Based on Energy Consumption Analysis in 6LowPAN , 2013, EMC/HumanCom.

[62]  Anil Somayaji,et al.  Analysis of the 1999 DARPA/Lincoln Laboratory IDS evaluation data with NetADHICT , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[63]  Alexander Gluhak,et al.  SmartSantander: The meeting point between Future Internet research and experimentation and the smart cities , 2011, 2011 Future Network & Mobile Summit.

[64]  Thiemo Voigt,et al.  SVELTE: Real-time intrusion detection in the Internet of Things , 2013, Ad Hoc Networks.

[65]  Abhishek Gupta,et al.  Computational intelligence based intrusion detection systems for wireless communication and pervasive computing networks , 2013, 2013 IEEE International Conference on Computational Intelligence and Computing Research.

[66]  Ing-Ray Chen,et al.  A survey of intrusion detection techniques for cyber-physical systems , 2014, ACM Comput. Surv..

[67]  Rodrigo Roman,et al.  On the Vital Areas of Intrusion Detection Systems in Wireless Sensor Networks , 2013, IEEE Communications Surveys & Tutorials.

[68]  Neminath Hubballi,et al.  False alarm minimization techniques in signature-based intrusion detection systems: A survey , 2014, Comput. Commun..

[69]  Carles Gomez,et al.  Wireless home automation networks: A survey of architectures and technologies , 2010, IEEE Communications Magazine.

[70]  Carles Gomez,et al.  Overview and Evaluation of Bluetooth Low Energy: An Emerging Low-Power Wireless Technology , 2012, Sensors.

[71]  Jana Krimmling,et al.  Integration and evaluation of intrusion detection for CoAP in smart city applications , 2014, 2014 IEEE Conference on Communications and Network Security.

[72]  Hon Sun Chiu,et al.  Real Time Intrusion and Wormhole Attack Detection in Internet of Things , 2015 .

[73]  Ali A. Ghorbani,et al.  Toward developing a systematic approach to generate benchmark datasets for intrusion detection , 2012, Comput. Secur..

[74]  Jaydip Sen,et al.  Internet of Things - Applications and Challenges in Technology and Standardization , 2011 .

[75]  Wenke Lee,et al.  Intrusion detection in wireless ad-hoc networks , 2000, MobiCom '00.

[76]  Rajeev Kumar Kanth,et al.  Distributed internal anomaly detection system for Internet-of-Things , 2016, 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[77]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[78]  Maurizio A. Spirito,et al.  DEMO: An IDS framework for internet of things empowered by 6LoWPAN , 2013, CCS.

[79]  Ravi Sankar,et al.  A Survey of Intrusion Detection Systems in Wireless Sensor Networks , 2014, IEEE Communications Surveys & Tutorials.

[80]  H. Hashim,et al.  A lightweight and secure TFTP protocol for smart environment , 2012, 2012 International Symposium on Computer Applications and Industrial Electronics (ISCAIE).

[81]  Pascal Thubert,et al.  Compression Format for IPv6 Datagrams over IEEE 802.15.4-Based Networks , 2011, RFC.

[82]  Farrukh Aslam Khan,et al.  Intrusion Detection Systems for Wireless Sensor Networks: A Survey , 2009, FGIT-FGCN.

[83]  Nik Bessis,et al.  A Survey of Intrusion Detection Systems for Mobile Ad Hoc Networks , 2014, 2014 International Conference on Intelligent Networking and Collaborative Systems.

[84]  Qazi Mamoon Ashraf,et al.  Autonomic schemes for threat mitigation in Internet of Things , 2015, J. Netw. Comput. Appl..

[85]  Choong Seon Hong,et al.  Attack Model and Detection Scheme for Botnet on 6LoWPAN , 2009, APNOMS.

[86]  Luigi Alfredo Grieco,et al.  Security, privacy and trust in Internet of Things: The road ahead , 2015, Comput. Networks.