• English
  • Deutsch
  • Log In
    Password Login
    Research Outputs
    Fundings & Projects
    Researchers
    Institutes
    Statistics
Repository logo
Fraunhofer-Gesellschaft
  1. Home
  2. Fraunhofer-Gesellschaft
  3. Konferenzschrift
  4. Distributed anomaly detection of single mote attacks in RPL networks
 
  • Details
  • Full
Options
2019
Conference Paper
Title

Distributed anomaly detection of single mote attacks in RPL networks

Abstract
RPL, a protocol for IP packet routing in wireless sensor networks, is known to be susceptible to a wide range of attacks. Especially effective are 'single mote attacks', where the attacker only needs to control a single sensor node. These attacks work by initiating a 'delayed denial of service', which depletes the motes' batteries while maintaining otherwise normal network operation. While active, this is not detectable on the application layer, and thus requires detection on the network layer. Further requirements for detection algorithms are extreme computational and resource efficiency (e.g. avoiding communication overhead) and the use of machine learning (if the drawbacks of signature based detection are not acceptable). In this paper, we present a system for anomaly detection of these kinds of attacks and constraints, implement a prototype in C, and evaluate it on different network topologies against three 'single mote attacks'. We make our system highly resource and energy effic ient by deploying pre-trained models to the motes and approximating our choice of ML algorithm (KDE) via parameterized cubic splines. We achieve on average 84.91 percent true-positives and less than 0.5 percent false-positives. We publish all data sets and source code for full reproducibility.
Author(s)
Müller, N.M.
Debus, P.
Kowatsch, D.
Böttinger, K.
Mainwork
ICETE 2019, 16th International Joint Conference on e-Business and Telecommunications. Proceedings. Vol.2: SECRYPT  
Conference
International Joint Conference on e-Business and Telecommunications (ICETE) 2019  
International Conference on Security and Cryptography (SECRYPT) 2019  
DOI
10.5220/0007836003780385
Language
English
Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC  
  • Cookie settings
  • Imprint
  • Privacy policy
  • Api
  • Contact
© 2024