Abstract
Internet of Things (IoT) is a concept that aims to make the real world more intelligent but susceptible to various attacks. In this paper, we focus on wireless sensor networks (WSNs), as a founding block in the IoT presenting the vulnerability of routing attacks against Routing Protocol for Low power and Lossy Network (RPL). Besides, we discuss some existing research proposals to detect intrusions, and we develop a technique for detecting three types of attacks against RPL. We simulate using Contiki-Cooja four network scenarios one normal and three malicious presenting different attacks, to be able to generate the training and the test sets that are used in the machine learning phase, in which we used WEKA, to decide according to the database whether the behavior is normal or malicious. For this phase, we use different classification algorithms, which enable us to obtain a high precision value that is superior to 96% in all cases.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Data Availability
Our data set is obtained from simulated scenarios, by capturing the network traffic considering observation windows of duration t = 5 seconds. “Radio messages” tool of COOJA enables us to generate PCAP files that are analyzed using Wireshark. The datasets generated during and/or analysed during the current study are available from the corresponding author on reasonable request.
References
Granjal, J., Monteiro, E., & Silva, J. S. (2015). Security for the internet of things: a survey of existing protocols and open research issues. IEEE Communications Surveys & Tutorials., 17(3), 1294–1312.
Kfoury, E., Saab, J., Younes, P., & Achkar, R. (2019). A self organizing map intrusion detection system for RPL protocol attacks. International Journal of Interdisciplinary Telecommunications and Networking (IJITN)., 11(1), 30–43.
Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, R., & Levis, P., et al. (2012). RPL: IPv6 routing protocol for low-power and lossy networks;
Wallgren, L., Raza, S., & Voigt, T. (2013). Routing attacks and countermeasures in the RPL-based internet of things. International Journal of Distributed Sensor Networks., 9(8), 794326.
Pongle, P., Chavan, G. A., & survey: Attacks on RPL and 6LoWPAN in IoT. In,. (2015). International conference on pervasive computing (ICPC). IEEE, 2015, 1–6.
Anderson, J. P. (1980). Computer security threat monitoring and surveillance. James P Anderson Company: Technical Report.
Heberlein, LT., Dias, GV., Levitt, KN., Mukherjee, B., Wood, J., & Wolber, D. (1989). A network security monitor. Lawrence Livermore National Lab., CA (USA); California Univ., Davis, CA (USA ...;
Gupta, A., Pandey, OJ., Shukla, M., Dadhich, A., Mathur, S., & Ingle, A. (2013). Computational intelligence based intrusion detection systems for wireless communication and pervasive computing networks. In: 2013 IEEE International Conference on Computational Intelligence and Computing Research. IEEE; p. 1–7.
Kavitha, P., & Usha, M. (2014). Cluster based anomaly detection in wireless LAN. International Journal of Computer Trends and Technology (IJCTT)., 12(5), 227–230.
Yavuz, F. Y., Devrim, Ü., & Ensar, G. (2018). Deep learning for detection of routing attacks in the internet of things. International Journal of Computational Intelligence Systems., 12(1), 39.
Yuan, Y., Li, S., Zhang, X., & Sun, J. (2018). A comparative analysis of svm, naive bayes and gbdt for data faults detection in wsns. In: 2018 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C). IEEE; pp. 394–399.
Napiah, M. N., Idris, M. Y. I. B., Ramli, R., & Ahmedy, I. (2018). Compression header analyzer intrusion detection system (CHA-IDS) for 6LoWPAN communication protocol. IEEE Access., 6, 16623–16638.
Ioulianou, P., Vasilakis, V., Moscholios, I., & Logothetis, M. (2018) A signature-based intrusion detection system for the internet of things. Information and Communication Technology Form. .
Shafique, U., Khan, A., Rehman, A., Bashir, F., & Alam, M. (2018). Detection of rank attack in routing protocol for Low Power and Lossy Networks. Annals of Telecommunications., 73(7), 429–438.
Verma, A., Ranga, V., & ELNIDS: Ensemble learning based network intrusion detection system for RPL based Internet of Things. In,. (2019). 4th International conference on Internet of Things: Smart innovation and usages (IoT-SIU). IEEE, 2019, 1–6.
Kumar, V., Das, A. K., & Sinha, D. (2021). UIDS: a unified intrusion detection system for IoT environment. Evolutionary intelligence., 14(1), 47–59.
Parra, G. D. L. T., Rad, P., Choo, K. K. R., & Beebe, N. (2020). Detecting Internet of Things attacks using distributed deep learning. Journal of Network and Computer Applications., 163, 102662.
Ullah, I., & Mahmoud, Q. H. (2021). Design and development of a deep learning-based model for anomaly detection in IoT networks. IEEE Access., 9, 103906–103926.
Jan, S. U., Ahmed, S., Shakhov, V., & Koo, I. (2019). Toward a lightweight intrusion detection system for the internet of things. IEEE Access., 7, 42450–42471.
Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., & Witten, I. H. (2009). The WEKA data mining software: an update. ACM SIGKDD explorations newsletter., 11(1), 10–18.
Kulkarni, S. R., Lugosi, G., & Venkatesh, S. S. (1998). Learning pattern classification-a survey. IEEE Transactions on Information Theory., 44(6), 2178–2206.
Safavian, S. R., & Landgrebe, D. (1991). A survey of decision tree classifier methodology. IEEE transactions on systems, man, and cybernetics., 21(3), 660–674.
Funding
No funding was received to assist with the preparation of this manuscript.
Author information
Authors and Affiliations
Contributions
Authors contributed equally to this work.
Corresponding author
Ethics declarations
Conflict of interest/Competing interests
The authors have no competing interests to declare that are relevant to the content of this article.
Ethics approval
Not applicable.
Code Availability
Not applicable.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Rabhi, S., Abbes, T. & Zarai, F. IoT Routing Attacks Detection Using Machine Learning Algorithms. Wireless Pers Commun 128, 1839–1857 (2023). https://doi.org/10.1007/s11277-022-10022-7
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-022-10022-7