research-article

Anomaly Behavior Analysis for IoT Network Nodes

Authors:

Victor Benitez,

Luis FélixAuthors Info & Claims

ICFNDS '19: Proceedings of the 3rd International Conference on Future Networks and Distributed Systems

Article No.: 18, Pages 1 - 6

https://doi.org/10.1145/3341325.3342008

Published: 01 July 2019 Publication History

Abstract

The Internet of Things (IoT) will connect not only computers and mobile devices, but it will also interconnect smart buildings, homes, and cities. The integration of IoT with Fog and Cloud Computing can bring not only the computational requirements, but they also enable IoT services to be pervasive, cost-effective, and can be accessed from anywhere and at any time. In any IoT application, communications are crucial to deliver the required information, for instance to take actions during crisis events. However, IoT components such as Gateways, usually referred as IoT nodes, will introduce major security challenges as they contribute to increase the attack surface, preventing the IoT to deliver accurate information to final users. In this paper, we present a methodology to develop an Intrusion Detection System based on Anomaly Behavior Analysis to detect when an IoT network node is being compromised. Our preliminary experimental results show that our approach accurately detects known and unknown anomalies due to misuses or cyber-attacks, with high detection rate and low false alarms.

References

[1]

M. Al-Bahri, A. Yankovsky, A. Borodin, R. Kirichek, R. 2018. Testbed for Identify IoT-Devices Based on Digital Object Architecture. In Proceedings of the Internet of Things, Smart Spaces, and Next Generation Networks and Systems; Galinina, O., Andreev, S., Balandin, S., Koucheryavy, Y., Eds.; Springer International Publishing, 2018; pp. 129--137.

[2]

A. Zanella, N. Bui, A. Castellani, L. Vangelista, M. Zorzi. 2014. Internet of Things for Smart Cities. IEEE Internet of Things Journal 2014, 1, 22--32.

[3]

D. Kushner. 2013. The real story of stuxnet. IEEE Spectrum 2013, 50, 48--53.

[4]

J. Pacheco, S. Hariri. 2016. IoT Security Framework for Smart Cyber Infrastructures. In Proceedings of the 2016 IEEE 1st International Workshops on Foundations and Applications of Self* Systems (FAS*W); 2016; pp. 242--247.

[5]

J.L. Pérez, A. Gutierrez-Torre, J.L. Berral, D. Carrera. 2018. A resilient and distributed near real-time traffic forecasting application for Fog computing environments. Future Generation Computer Systems 2018, 87, 198--212.

[6]

A.S. Sohal, R. Sandhu, S.K. Sood, V. Chang. 2018. A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments. Computers & Security 2018, 74, 340--354.

Digital Library

[7]

J. Pacheco, S. Hariri. 2018. Anomaly behavior analysis for IoT sensors. Transactions on Emerging Telecommunications Technologies 2018, 29, e3188.

Digital Library

[8]

G. Orsini, D. Bade, W. Lamersdorf. 2016. CloudAware: A Context-Adaptive Middleware for Mobile Edge and Cloud Computing Applications. In Proceedings of the 2016 IEEE 1st International Workshops on Foundations and Applications of Self* Systems (FAS*W); 2016; pp. 216--221.

[9]

A. Hegyi, H. Flinck, I. Ketyko, P. Kuure, C. Nemes, L. Pinter. 2016. Application Orchestration in Mobile Edge Cloud: Placing of IoT Applications to the Edge. In Proceedings of the 2016 IEEE 1st International Workshops on Foundations and Applications of Self* Systems (FAS*W); IEEE: Augsburg, Germany, 2016; pp. 230--235.

[10]

F. Bonomi, R.A. Milito, J. Zhu, S. Addepalli. Fog computing and its role in the internet of things. In Proceedings of the MCC@SIGCOMM; 2012.

Digital Library

[11]

C.A. Garcia-Perez, P. Merino. Enabling Low Latency Services on LTE Networks. In Proceedings of the 2016 IEEE 1st International Workshops on Foundations and Applications of Self* Systems (FAS*W); 2016; pp. 248--255.

[12]

J. Xu, K. Ota, M. Dong, A. Liu, Q. Li. SIoTFog: Byzantine-resilient IoT fog networking. Frontiers Inf Technol Electronic Eng 2018, 19, 1546--1557.

[13]

Q. Yaseen, F. AlBalas, Y. Jararweh, M. Al-Ayyoub. A Fog Computing Based System for Selective Forwarding Detection in Mobile Wireless Sensor Networks. In Proceedings of the 2016 IEEE 1st International Workshops on Foundations and Applications of Self* Systems (FAS*W); 2016; pp. 256--262.

[14]

M. Conti, A. Dehghantanha, K. Franke, S. Watson. Internet of Things security and forensics: Challenges and opportunities. Future Generation Computer Systems 2018, 78, 544--546.

[15]

M. Ammar, G. Russello, B. Crispo. Internet of Things: A survey on the security of IoT frameworks. Journal of Information Security and Applications 2018, 38, 8--27.

[16]

S. Ali, T. Al Balushi, Z. Nadir, O.K. Hussain. Risk Management for CPS Security. In Cyber Security for Cyber Physical Systems; Ali, S., Al Balushi, T., Nadir, Z., Hussain, O.K., Eds.; Studies in Computational Intelligence; Springer International Publishing: Cham, 2018; pp. 11--33 ISBN 978-3-319-75880-0.

[17]

O. Can, O.K. Sahingoz. A survey of intrusion detection systems in wireless sensor networks. In Proceedings of the 2015 6th International Conference on Modeling, Simulation, and Applied Optimization (ICMSAO); 2015; pp. 1--6.

[18]

S. Fayssal, S. Hariri, Y. Al-Nashif. Anomaly-Based Behavior Analysis of Wireless Network Security. In Proceedings of the 2007 Fourth Annual International Conference on Mobile and Ubiquitous Systems: Networking Services (MobiQuitous); 2007; pp. 1--8.

Digital Library

[19]

E. Hodo, X. Bellekens, A. Hamilton, P. Dubouilh, E. Iorkyase, C. Tachtatzis, R. Atkinson. Threat analysis of IoT networks using artificial neural network intrusion detection system. In Proceedings of the 2016 International Symposium on Networks, Computers and Communications (ISNCC); 2016; pp. 1--6.

[20]

R. Schlegel, S. Obermeier, J. Schneider. Structured system threat modeling and mitigation analysis for industrial automation systems. In Proceedings of the 2015 IEEE 13th International Conference on Industrial Informatics (INDIN); 2015; pp. 197--203.

[21]

H. Tran-Dang, D. Kim. An Information Framework for Internet of Things Services in Physical Internet. IEEE Access 2018, 6, 43967--43977.

[22]

J. Guth, U. Breitenbücher, M. Falkenthal, F. Leymann, L. Reinfurt. Comparison of IoT platform architectures: A field study based on a reference architecture. In Proceedings of the 2016 Cloudification of the Internet of Things (CIoT); 2016; pp. 1--6.

[23]

V.V. Gadde, H. Awano, Ikeda, M. An Encryption-Authentication Unified A/D Conversion Scheme for IoT Sensor Nodes. In Proceedings of the 2018 IEEE Asian Solid-State Circuits Conference (A-SSCC); 2018; pp. 123--126.

[24]

B. Daddala, H. Wang, A.Y. Javaid. Design and implementation of a customized encryption algorithm for authentication and secure communication between devices. In Proceedings of the 2017 IEEE National Aerospace and Electronics Conference (NAECON); 2017; pp. 258--262.

[25]

J. Pacheco, C. Tunc, S. Hariri. Design and evaluation of resilient infrastructures systems for smart cities. In Proceedings of the 2016 IEEE International Smart Cities Conference (ISC2); 2016; pp. 1--6.

[26]

J. Pacheco, D. Ibarra, A. Vijay, S. Hariri. IoT Security Framework for Smart Water System. In Proceedings of the 2017 IEEE/ACS 14th International Conference on Computer Systems and Applications (AICCSA); 2017; pp. 1285--1292.

[27]

Y. Mahmoodi, S. Reiter, Viehl, O. Bringmann, W. Rosenstiel. Attack Surface Modeling and Assessment for Penetration Testing of IoT System Designs. In Proceedings of the 2018 21st Euromicro Conference on Digital System Design (DSD); 2018; pp. 177--181.

[28]

L. Welling, L. Thomson. PHP and MySQL Web development. Sams Publishing, 2003.

Digital Library

[29]

Weka (consulted on March 25th 2019), retrieved form: http://weka.sourceforge.net/doc.dev/weka/classifiers/rules/JRip.html.

[30]

I. Witten, E. Frank, M. Hall. Data Mining: Practical Machine Learning Tools and Techniques. 3rd Edition. Morgan Kaufmann Publishers (ISBN: 978-0-12-374856-0), 2011

Digital Library

[31]

H. Chauhan, V. Kumar, S. Pundir, S. Pilli. A Comparative Study of Classification Techniques for Intrusion Detection. IEEE International Symposium on Computational and Business Intelligence, New Delhi, India, 2013.

Digital Library

Cited By

Shiroky A(2024)Risk Management in the Design of Computer Network TopologyDistributed Computer and Communication Networks: Control, Computation, Communications10.1007/978-3-031-50482-2_29(375-386)Online publication date: 24-Mar-2024
https://doi.org/10.1007/978-3-031-50482-2_29
Hasan MMohd Hanapi Z(2023)Efficient and Secured Mechanisms for Data Link in IoT WSNs: A Literature ReviewElectronics10.3390/electronics1202045812:2(458)Online publication date: 16-Jan-2023
https://doi.org/10.3390/electronics12020458
Rasmus KKokkonen T(2023)Modelling Breach Risk in a Network of Interconnected Devices2023 Eighth International Conference On Mobile And Secure Services (MobiSecServ)10.1109/MobiSecServ58080.2023.10328996(1-9)Online publication date: 4-Nov-2023
https://doi.org/10.1109/MobiSecServ58080.2023.10328996
Show More Cited By

Index Terms

Anomaly Behavior Analysis for IoT Network Nodes

Recommendations

Intrusion detection systems for IoT-based smart environments: a survey

One of the goals of smart environments is to improve the quality of human life in terms of comfort and efficiency. The Internet of Things (IoT) paradigm has recently evolved into a technology for building smart environments. Security and privacy are ...
A Review on Intrusion Detection System for IoT based Systems
Abstract
One of the key objectives of intelligent Internet of Things-based systems is to improve people's quality of life in terms of simplicity and efficiency. The paradigm for the Internet of Things (IoT) has surfaced recently as a technology to ...
A User-friendly Approach to Write and Enforce Rules for Detecting Anomalous Network Traffic in IoT Environments
ICSEW'20: Proceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops

Enforcing security on IoT devices is not an easy task, due to several vulnerabilities in many products that reach consumer shelves. With the rapid growth of the IoT market in the recent past there are specific network attacks targeting IoT devices, thus ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ICFNDS '19: Proceedings of the 3rd International Conference on Future Networks and Distributed Systems

July 2019

346 pages

ISBN:9781450371636

DOI:10.1145/3341325

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

CNAM: Conservatoire des Arts et Métiers

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 July 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

PRODEP
Consejo Nacional de Ciencia y Tecnología

Conference

ICFNDS '19

ICFNDS '19: 3rd International Conference on Future Networks and Distributed Systems

July 1 - 2, 2019

Paris, France

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
270
Total Downloads

Downloads (Last 12 months)12
Downloads (Last 6 weeks)2

Reflects downloads up to 10 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Shiroky A(2024)Risk Management in the Design of Computer Network TopologyDistributed Computer and Communication Networks: Control, Computation, Communications10.1007/978-3-031-50482-2_29(375-386)Online publication date: 24-Mar-2024
https://doi.org/10.1007/978-3-031-50482-2_29
Hasan MMohd Hanapi Z(2023)Efficient and Secured Mechanisms for Data Link in IoT WSNs: A Literature ReviewElectronics10.3390/electronics1202045812:2(458)Online publication date: 16-Jan-2023
https://doi.org/10.3390/electronics12020458
Rasmus KKokkonen T(2023)Modelling Breach Risk in a Network of Interconnected Devices2023 Eighth International Conference On Mobile And Secure Services (MobiSecServ)10.1109/MobiSecServ58080.2023.10328996(1-9)Online publication date: 4-Nov-2023
https://doi.org/10.1109/MobiSecServ58080.2023.10328996
Saad AAbdulaziz A(2023)Blockchain Technology in IoT and IIoT Environments2023 Fifth International Conference on Blockchain Computing and Applications (BCCA)10.1109/BCCA58897.2023.10338859(617-626)Online publication date: 24-Oct-2023
https://doi.org/10.1109/BCCA58897.2023.10338859
Dave M(2022)Internet of Things Security and Forensics: Concern and Challenges for Inspecting Cyber Attacks2022 Second International Conference on Next Generation Intelligent Systems (ICNGIS)10.1109/ICNGIS54955.2022.10079829(1-6)Online publication date: 29-Jul-2022
https://doi.org/10.1109/ICNGIS54955.2022.10079829
de Souza CWestphall CMachado RLoffi LWestphall CGeronimo G(2022)Intrusion detection and prevention in fog based IoT environmentsComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2022.109154214:COnline publication date: 4-Sep-2022
https://dl.acm.org/doi/10.1016/j.comnet.2022.109154
Ozkan-Okay MSamet RAslan OGupta D(2021)A Comprehensive Systematic Literature Review on Intrusion Detection SystemsIEEE Access10.1109/ACCESS.2021.31293369(157727-157760)Online publication date: 2021
https://doi.org/10.1109/ACCESS.2021.3129336
Lee I(2020)Internet of Things (IoT) Cybersecurity: Literature Review and IoT Cyber Risk ManagementFuture Internet10.3390/fi1209015712:9(157)Online publication date: 18-Sep-2020
https://doi.org/10.3390/fi12090157

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten