Ijcna 2022 o 04
Ijcna 2022 o 04
Ijcna 2022 o 04
net/publication/358903901
CITATIONS READS
9 3,357
2 authors, including:
Dr A Arul Anitha
Jayaraj Annapacikam College for Women (Autonomous) Periyakulam
9 PUBLICATIONS 60 CITATIONS
SEE PROFILE
Some of the authors of this publication are also working on these related projects:
All content following this page was uploaded by Dr A Arul Anitha on 28 February 2022.
L. Arockiam
Department of Computer Science, St. Joseph’s College (Autonomous) (Affiliated to Bharathidasan University),
Tiruchirappalli, Tamil Nadu, India
[email protected]
Received: 23 November 2021 / Revised: 08 January 2022 / Accepted: 13 January 2022 / Published: 28 February 2022
Abstract – The Internet of Things (IoT) and its rapid been developed without considering the fundamental security
advancements will lead to everything being connected in the near requirements [3].
future. The number of devices connected to the global network is
increasing every day. IoT security challenges arise as a result of The tools and techniques available for securing the IoT are
the large-scale incorporation of smart devices. Security issues on inadequate because of the large number of interconnected
the Internet of Things have been the most focused area of devices. Moreover, the security mechanisms based on
research over the last decade. As IoT devices have less memory, cryptography are mainly used to prevent external attacks such
processing capacity, and power consumption, the traditional as eavesdropping and message alternation. When the
security mechanisms are not suitable for IoT. A security cryptographic techniques hold the valid key and are
mechanism called an Intrusion Detection System (IDS) has a
crucial role in protecting the IoT nodes and networks. The
compromised by the attack, they cannot detect the vulnerable
lightweight nature of IoT nodes should be considered while nodes. Intruders can easily access the security details from the
designing IDS for the IoT. In this paper, the types of IDS, the compromised nodes and immediately launch several internal
major attacks on IoT, the recent research, and contributions to attacks. Hence, to offer an extra level of security to the IoT,
IDS in IoT networks are discussed, and an analytical survey is the Intrusion Detection System (IDS) acts as a tool [4].
given based on the study. Though it is a promising area for
research, IDS still needs further refinement to ensure high Anthea Mayzaud et al. [5] categorized the Routing Protocol
security for IoT networks and devices. Hence, further research, for Low Power Lossy Networks (RPL) attacks into three
development, and lightweight mechanisms are required for IDS types: attacks targeting the topology, attacks on network
to provide a higher level of security to the resource-limited IoT resources, and attacks targeting the network traffic. Attacks
network. on resources require more of the restricted devices' resources
Index Terms – Attack, IoT, Intrusion, IDS, RPL, Security. like processing requirements, power, and memory; attacks on
topology induce isolation and sub-optimization in the
1. INTRODUCTION topology, and attacks on traffic create security risks from the
The Internet of Things (IoT) is a robustly evolving trend that network's traffic. All these types of attacks have negative
incorporates technical, scientific, social, and economic impacts on the RPL based IoT network. These attacks have to
implications. It is essential to all facets of human life [1]. be detected and mitigated to ensure the security constraints of
Healthcare, logistics, smart-cities, smart-homes, and the IoT networks.
agriculture are just a few of the applications for IoT. Due to Intrusion Detection is an act of monitoring and possibly
its resource-constrained characteristics, the IoT tends to have preventing the malicious activities of the intruders. Intrusion
more vulnerability that can be easily exploited by an attacker. Detection System is a network security tool that consists of
The number of connected unsecured IoT devices on the global software or a combination of hardware and software to protect
network is rapidly increasing [2]. Researchers are mainly the traditional networks. It can be used to monitor all sorts of
focusing on various encryption and authentication activities in the network. If there is any attack or unwanted
mechanisms to ensure data confidentiality, authentication, and activity in the network, the IDS detects the intrusions, alerts
privacy among users and things. Most of the IoT devices have the administrator, logs the attacks for forensic activities,
External attacks are initiated from outside of the networks. By The classifications of IDS used in this review are illustrated
acting as insiders, the external attackers inject malicious code using Figure 4.
during data communication. The attackers access the smart The first category is based on where the Intrusion Detection
devices of the IoT devices remotely and attempt various types System is located in the IoT network. The second category of
of attacks against the IoT networks. classification is based on the techniques used for
3.2. Internal Attacks implementing the IDS. Each type is explained in detail.
Jan et al. [26] Centralized SVM classifier DDoS attacks Single attribute only used
Eskandari et al. [27] Centralized Passban IDS, iForest Port Scanning, Brute Not considered the
force, flooding attack attacks in the training
phase, flooding attack
reduces the detection rate
Alkadi et al. [28] Distributed Blockchain, DoS, DDoS, Port Need further refinement
Bidirectional Long Scanning, OS Scan for real-time
Short-Term Memory etc. implementation
(BiLSTM)
Cheema et al. [29] Distributed Blockchain, Spectral Routing attacks and Real-world conditions
Partitioning Botnet should be addressed
Parra et al.[30] Distributed Deep Learning Phishing, DDoS, More training time
Botnet
Kumar et al. [32] Distributed Ensemble Backdoor, Real-time deployment
Reconnaissance, DoS requires lightweight
mechanisms for IoT
nodes
Oh et al. [35] Distributed auxiliary shifting, Conventional attacks Single device only
using signatures
early decision
Lee et al. [36] Distributed Energy consumption Routing attacks, DoS Single device only
models
Mehmood et al. [37] Distributed Naïve Bayes DDoS Attack Low capacity systems are
Algorithm, Multi-agent not considered
Cervantes et al. [38] Hierarchical - INTI Sinkhole attacks Low capacity systems are
Distributed not considered
Sforzin and Conti [39] Distributed Snort tool Conventional Attacks Single Node is
considered
Midi et al. [40] Centralized KALIS DoS, Routing attacks Complex functionalities
Wani and Revathi [41] Centralized Software-Defined Flooding attacks Only flooding attack is
Networking (SDN) considered
Amaral et al. [42] Hybrid Watchdogs Routing attacks based Requires optimization in
on a different set of enforcing and storing
rules new security rules