Detecting FDI Attack on Dense IoT Network with Distributed Filtering Collaboration and Consensus

The rise of IoT has made possible the development of personalized services, like industrial services that often deal with massive amounts of data. However, as IoT grows, its threats are even greater. The false data injection (FDI) attack stands out as being one of the most harmful to data networks like IoT. The majority of current systems to handle this attack do not take into account the data validation, especially on the data clustering service. This work introduces CONFINIT, an intrusion detection system against FDI attacks on the data dissemination service into dense IoT. It combines watchdog surveillance and collaborative consensus among IoT devices for getting the swift detection of attackers. CONFINIT was evaluated in the NS-3 simulator into a dense industrial IoT and it has gotten detection rates of 99%, 3.2% of false negative and 3.6% of false positive rates, adding up to 35% in clustering without FDI attackers.

[1]  Meng Wu,et al.  Robust detection of false data injection attacks for data aggregation in an Internet of Things-based environmental surveillance , 2017, Comput. Networks.

[2]  Beibei Li,et al.  Distributed host-based collaborative detection for false data injection attacks in smart grid cyber-physical system , 2017, J. Parallel Distributed Comput..

[3]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[4]  Yong Guan,et al.  A Dynamic En-route Filtering Scheme for Data Reporting in Wireless Sensor Networks , 2010, IEEE/ACM Transactions on Networking.

[5]  Marco Conti,et al.  Data Management in Networked Industrial Environments: State of the Art and Open Challenges , 2019, ArXiv.

[6]  Burak Kantarci,et al.  Clustering and reliability-driven mitigation of routing attacks in massive IoT systems , 2019, Journal of Internet Services and Applications.

[7]  Pramod K. Varshney,et al.  Consensus based Detection in the Presence of Data Falsification Attacks , 2015, ArXiv.

[8]  Michel Toulouse,et al.  A Consensus Based Network Intrusion Detection System , 2015, 2015 5th International Conference on IT Convergence and Security (ICITCS).

[9]  Kazem Sohraby,et al.  IoT Considerations, Requirements, and Architectures for Smart Buildings—Energy Optimization and Next-Generation Building Management Systems , 2017, IEEE Internet of Things Journal.

[10]  Luigi Atzori,et al.  Task allocation in group of nodes in the IoT: A consensus approach , 2014, 2014 IEEE International Conference on Communications (ICC).

[11]  Xiaohui Liang,et al.  BECAN: A Bandwidth-Efficient Cooperative Authentication Scheme for Filtering Injected False Data in Wireless Sensor Networks , 2012, IEEE Transactions on Parallel and Distributed Systems.

[12]  Baijian Yang,et al.  Internet of things: Survey on security , 2017, Inf. Secur. J. A Glob. Perspect..

[13]  Shahid Mumtaz,et al.  Massive Internet of Things for Industrial Applications: Addressing Wireless IIoT Connectivity Challenges and Ecosystem Fragmentation , 2017, IEEE Industrial Electronics Magazine.

[14]  Michele Nogueira Lima,et al.  Data similarity aware dynamic node clustering in wireless sensor networks , 2015, Ad Hoc Networks.

[15]  Mohsen Guizani,et al.  The rise of ransomware and emerging security challenges in the Internet of Things , 2017, Comput. Networks.

[16]  Athanasios V. Vasilakos,et al.  False Data Injection on State Estimation in Power Systems—Attacks, Impacts, and Defense: A Survey , 2017, IEEE Transactions on Industrial Informatics.