Final published version
Licence: CC BY-NC-ND: Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License
Research output: Contribution to Journal/Magazine › Journal article › peer-review
Research output: Contribution to Journal/Magazine › Journal article › peer-review
}
TY - JOUR
T1 - Routing attack induced anomaly detection in IoT network using RBM-LSTM
AU - Sahay, Rashmi
AU - Nayyar, Anand
AU - Shrivastava, Rajesh Kumar
AU - Bilal, Muhammad
AU - Singh, Simar Preet
AU - Pack, Sangheon
PY - 2024/6/22
Y1 - 2024/6/22
N2 - The network of resource constraint devices, also known as the Low power and Lossy Networks (LLNs), constitutes the edge tire of the Internet of Things applications like smart homes, smart cities, and connected vehicles. The IPv6 Routing Protocol over Low power and lossy networks (RPL) ensures efficient routing in the edge tire of the IoT environment. However, RPL has inherent vulnerabilities that allow malicious insider entities to instigate several security attacks in the IoT network. As a result, the IoT networks suffer from resource depletion, performance degradation, and traffic disruption. Recent literature discusses several machine learning algorithms to detect one or more routing attacks. However, IoT infrastructures are expanding, and so are the attack surfaces. Therefore, it is essential to have a solution that can adapt to this change. This paper introduces a comprehensive framework to detect routing attacks within Low Power and Lossy Networks (LLNs). The proposed solution leverages deep learning by combining Restricted Boltzmann Machine (RBM) and Long Short-Term Memory (LSTM). The framework is trained on 11 network parameters to understand and predict normal network behavior. Anomalies, identified as deviations from the forecast trends, serve as indicators of potential routing attacks and thus address vulnerabilities in the RPL.
AB - The network of resource constraint devices, also known as the Low power and Lossy Networks (LLNs), constitutes the edge tire of the Internet of Things applications like smart homes, smart cities, and connected vehicles. The IPv6 Routing Protocol over Low power and lossy networks (RPL) ensures efficient routing in the edge tire of the IoT environment. However, RPL has inherent vulnerabilities that allow malicious insider entities to instigate several security attacks in the IoT network. As a result, the IoT networks suffer from resource depletion, performance degradation, and traffic disruption. Recent literature discusses several machine learning algorithms to detect one or more routing attacks. However, IoT infrastructures are expanding, and so are the attack surfaces. Therefore, it is essential to have a solution that can adapt to this change. This paper introduces a comprehensive framework to detect routing attacks within Low Power and Lossy Networks (LLNs). The proposed solution leverages deep learning by combining Restricted Boltzmann Machine (RBM) and Long Short-Term Memory (LSTM). The framework is trained on 11 network parameters to understand and predict normal network behavior. Anomalies, identified as deviations from the forecast trends, serve as indicators of potential routing attacks and thus address vulnerabilities in the RPL.
U2 - 10.1016/j.icte.2024.04.012
DO - 10.1016/j.icte.2024.04.012
M3 - Journal article
SP - 459
EP - 464
JO - ICT Express
JF - ICT Express
SN - 2405-9595
ER -