Al Qurashi, M, Angelopoulos, C.M. and Katos, V., 2020. An Architecture for Resilient Intrusion Detection in Ad-hoc Networks. Journal of Information Security and Applications, 53 (August), 102530.
Full text available as:
|
PDF
2020_JISA.pdf - Accepted Version Available under License Creative Commons Attribution Non-commercial No Derivatives. 1MB | |
Copyright to original material in this document is with the original owner(s). Access to this content through BURO is granted on condition that you use it only for research, scholarly or other non-commercial purposes. If you wish to use it for any other purposes, you must contact BU via BURO@bournemouth.ac.uk. Any third party copyright material in this document remains the property of its respective owner(s). BU grants no licence for further use of that third party material. |
DOI: 10.1016/j.jisa.2020.102530
Abstract
We study efficient and lightweight Intrusion Detection Systems (IDS) for ad-hoc networks via the prism of IPv6-enabled Wireless Sensor Actuator Networks. These networks consist of highly constrained devices able to communicate wirelessly in an ad-hoc fashion, thus following the architecture of ad-hoc networks. Current state-of-the-art (IDS) has been developed taking into consideration the architecture of conventional computer networks, and as such they do not efficiently address the paradigm of ad-hoc networks, that is highly relevant in emergent networks, such as the Internet of Things (IoT). In this context, the network properties of resilience and redundancy have not been studied yet. In this work, we firstly identify a trade-off between the communication overhead and energy consumption of an IDS (as captured by the number of active IDS agents in the network) and the performance of the system in terms of successfully identifying attacks. In order to fine tune this trade-off, we model such networks as Random Geometric Graphs; a rigorous approach that allows us to capture underlying structural properties of the network. We then introduce a novel IDS architectural approach that consists of a central IDS agent a set of distributed IDS agents deployed uniformly at random over the network area. These nodes are able to efficiently detect attacks at the networking layer in a collaborative manner by monitoring locally available network information provided by IoT routing protocols such as RPL. Our detailed experimental evaluation demonstrates significant performance gains in terms of communication overhead and energy consumption while maintaining high detection rates. We also show that the performance of our IDS in ad-hoc networks does not rely on the size of the network but on fundamental underling network properties, such as the network topology and the average degree of the nodes. Conducted experiments show that our proposed IDS architecture is resilient against frequent topology changes due to nodes failures.
Item Type: | Article |
---|---|
ISSN: | 2214-2126 |
Additional Information: | IDS; IoT; Wireless Sensor Networks; RPL protocol; sinkhole attack |
Group: | Faculty of Science & Technology |
ID Code: | 33938 |
Deposited By: | Symplectic RT2 |
Deposited On: | 01 May 2020 13:54 |
Last Modified: | 14 Mar 2022 14:21 |
Downloads
Downloads per month over past year
Repository Staff Only - |