Abstract
Security and privacy of data are one of the prime concerns in today’s Internet of Things (IoT). Conventional security techniques like signature-based detection of malware and regular updates of a signature database are not feasible solutions as they cannot secure such systems effectively, having limited resources. Programming languages permitting immediate memory accesses through pointers often result in applications having memory-related errors, which may lead to unpredictable failures and security vulnerabilities. Furthermore, energy efficient IoT devices running on batteries cannot afford the implementation of cryptography algorithms as such techniques have significant impact on the system power consumption. Therefore, in order to operate IoT in a secure manner, the system must be able to detect and prevent any kind of intrusions before the network (i.e., sensor nodes and base station) is destabilised by the attackers. In this article, we have presented an intrusion detection and prevention mechanism by implementing an intelligent security architecture using random neural networks (RNNs). The application’s source code is also instrumented at compile time in order to detect out-of-bound memory accesses. It is based on creating tags, to be coupled with each memory allocation and then placing additional tag checking instructions for each access made to the memory. To validate the feasibility of the proposed security solution, it is implemented for an existing IoT system and its functionality is practically demonstrated by successfully detecting the presence of any suspicious sensor node within the system operating range and anomalous activity in the base station with an accuracy of 97.23%. Overall, the proposed security solution has presented a minimal performance overhead.
- Hossam Abdelbaki, Erol Gelenbe, and Said E. El-Khamy. 2000. Analog hardware implementation of the random neural network model. In Proceedings of the IEEE-INNS-ENNS International Joint Conference on Neural Networks (IJCNN’00), Vol. 4. IEEE, 197--201. Google ScholarDigital Library
- J. Aguilar and A. Colmenares. 1998. Resolution of pattern recognition problems using a hybrid genetic/random neural network learning algorithm. Pattern Analysis and Applications 1, 1 (1998), 52--61. Google ScholarDigital Library
- Periklis Akritidis, Manuel Costa, Miguel Castro, and Steven Hand. 2009. Baggy bounds checking: An efficient and backwards-compatible defense against out-of-bounds errors. In Proceedings of the USENIX Security Symposium. 51--66. Google ScholarDigital Library
- Vicente Alarcon-Aquino, Javier Barria, and others. 2006. Multiresolution FIR neural-network-based learning algorithm applied to network traffic prediction. IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews 36, 2 (2006), 208--220. Google ScholarDigital Library
- Syed Obaid Amin, Muhammad Shoaib Siddiqui, Choong Seon Hong, and Sungwon Lee. 2009. RIDES: Robust intrusion detection system for IP-based ubiquitous sensor networks. Sensors 9, 5 (2009), 3447--3468.Google ScholarCross Ref
- Kumar Avijit and Prateek Gupta. 2006. Binary rewriting and call interception for efficient runtime protection against buffer overflows. Software: Practice and Experience 36, 9 (2006), 971--998. Google ScholarDigital Library
- Kumar Avijit, Prateek Gupta, and Deepak Gupta. 2004. TIED, LibsafePlus: Tools for runtime buffer overflow protection. In Proceedings of the USENIX Security Symposium. 45--56. Google ScholarDigital Library
- M. H. Bhuyan, D. K. Bhattacharyya, and J. K. Kalita. 2014. Network anomaly detection: Methods, systems and tools. IEEE Communications Surveys Tutorials 16, 1 (First Quarter 2014), 303--336.Google ScholarCross Ref
- I. Butun, S. D. Morgera, and R. Sankar. 2014. A survey of intrusion detection systems in wireless sensor networks. IEEE Communications Surveys Tutorials 16, 1 (First Quarter 2014), 266--282.Google ScholarCross Ref
- C. Callegari, S. Giordano, and M. Pagano. 2014. Neural network based anomaly detection. In Proceedings of the 2014 IEEE 19th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD’14). 310--314.Google Scholar
- Dinakar Dhurjati, Sumant Kowshik, and Vikram Adve. 2006. SAFECode: Enforcing alias analysis for weakly typed languages. In Proceedings of the 27th ACM SIGPLAN Conference on Programming Language Design and Implementation. ACM, New York, NY, 144--157. Google ScholarDigital Library
- Ioannis Doudalis, James Clause, Guru Venkataramani, Milos Prvulovic, and Alessandro Orso. 2012. Effective and efficient memory protection using dynamic tainting. IEEE Transactions on Computers 61, 1 (2012), 87--100. Google ScholarDigital Library
- Erol Gelenbe. 1989. Random neural networks with negative and positive signals and product form solution. Neural Computation 1, 4 (1989), 502--510. Google ScholarDigital Library
- Erol Gelenbe. 1990. Stability of the random neural network model. Neural Computation 2, 2 (1990), 239--247. Google ScholarDigital Library
- Erol Gelenbe. 1991. Product-form queueing networks with negative and positive customers. Journal of Applied Probability (1991), 656--663.Google Scholar
- Erol Gelenbe. 1993. Learning in the recurrent random neural network. Neural Computation 5, 1 (1993), 154--164. Google ScholarDigital Library
- E. Gelenbe and K. F. Hussain. 2002. Learning in the multiple class random neural network. IEEE Transactions on Neural Networks 13, 6 (Nov. 2002), 1257--1267. Google ScholarDigital Library
- Michael Georgiopoulos, Cong Li, and Taskin Kocak. 2011. Learning in the feed-forward random neural network: A critical review. Performance Evaluation 68, 4 (2011), 361--384. Google ScholarDigital Library
- J. Granjal, E. Monteiro, and J. Sa Silva. 2015. Security for the internet of things: A survey of existing protocols and open research issues. IEEE Communications Surveys Tutorials 17, 3, 1294--1312.Google ScholarDigital Library
- Sang-Jun Han and Sung-Bae Cho. 2005. Evolutionary neural networks for anomaly detection based on the behavior of a program. IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics 36, 3 (2005), 559--570. Google ScholarDigital Library
- Niranjan Hasabnis, Ashish Misra, and R. Sekar. 2012. Light-weight bounds checking. In Proceedings of the 10th International Symposium on CGO (CGO’12). ACM, New York, NY, 135--144. Google ScholarDigital Library
- HOPERF. Accessed: 15-9-2015. RFM69 ISM Transceiver Module. Retrieved from http://www.hoperf.cn/upload/rf/RFM69-V1.3.pdf.Google Scholar
- A. Javed, H. Larijani, A. Ahmadinia, R. Emmanuel, D. Gibson, and C. Clark. 2015. Experimental testing of a random neural network smart controller using a single zone test chamber. Networks, IET 4, 6 (2015), 350--358.Google ScholarCross Ref
- A. Javed, H. Larijani, A. Ahmadinia, and D. Gibson. 2016. Smart random neural network controller for HVAC using cloud computing technology. IEEE Transactions on Industrial Informatics PP, 99 (2016), 1--1.Google Scholar
- Richard W. M. Jones and Paul H. J. Kelly. 1997. Backwards-compatible bounds checking for arrays and pointers in C programs. In Proceedings of the 3rd International Workshop on Automatic Debugging. Citeseer, 13--26.Google Scholar
- Georgios Kornaros and Dionisios Pnevmatikatos. 2013. A survey and taxonomy of on-chip monitoring of multicore systems-on-chip. ACM Transactions on Design Automation of Electronic Systems 18, 2, Article 17 (2013), 38 pages. Google ScholarDigital Library
- Sandeep Kumar and Eugene H. Spafford. 1994. An Application of Pattern Matching in Intrusion Detection. Technical Report. Department of Computer Sciences, Purdue University.Google Scholar
- Wenchao Li, Ping Yi, Yue Wu, Li Pan, and Jianhua Li. 2014. A new intrusion detection system based on KNN classification algorithm in wireless sensor network. Journal of Electrical and Computing Engineering (2014).Google Scholar
- Aristidis Likas and Andreas Stafylopatis. 2000. Training the random neural network using quasi-Newton methods. European Journal of Operational Research 126, 2 (2000), 331--339.Google ScholarCross Ref
- Shan Lu, Zhenmin Li, Feng Qin, Lin Tan, Pin Zhou, and Yuanyuan Zhou. 2005. Bugbench: Benchmarks for evaluating bug detection tools. In Proceedings of the Workshop on the Evaluation of Software Defect Detection Tools. 1--5.Google Scholar
- Shufu Mao and T. Wolf. 2010. Hardware support for secure processing in embedded systems. IEEE Transactions on Computers 59, 6 (2010), 847--854. Google ScholarDigital Library
- Daniele Miorandi, Sabrina Sicari, Francesco De Pellegrini, and Imrich Chlamtac. 2012. Internet of things: Vision, applications and research challenges. Ad Hoc Networks 10, 7 (2012), 1497--1516. Google ScholarDigital Library
- Samir Mohamed and Gerardo Rubino. 2002. A study of real-time packet video quality using random neural networks. IEEE Transactions on Circuits and Systems for Video Technology 12, 12 (2002), 1071--1083. Google ScholarDigital Library
- Santosh Nagarakatte, Jianzhou Zhao, Milo M. K. Martin, and Steve Zdancewic. 2009. SoftBound: Highly compatible and complete spatial memory safety for C. In ACM Sigplan Notices, Vol. 44. ACM, 245--258.Google ScholarDigital Library
- George C. Necula, Jeremy Condit, Matthew Harren, Scott McPeak, and Westley Weimer. 2005. CCured: Type-safe retrofitting of legacy software. ACM Transactions on Programming Languages and Systems 27, 3 (2005), 477--526. Google ScholarDigital Library
- NIST. 2001. Advanced Encryption Standard: U.S. National Institute of Standards and Technology (NIST): Federal Information Processing Standards Publication (FIPS PUBS) 197. Retrievevd from http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf.Google Scholar
- Aleph One. 1996. Smashing the stack for fun and profit. Phrack Magazine 7, 49 (1996), 14--16.Google Scholar
- M. Rahmatian, H. Kooti, I. G. Harris, and E. Bozorgzadeh. 2012. Hardware-assisted detection of malicious software in embedded systems. Embedded Systems Letters, IEEE 4, 4 (2012), 94--97. Google ScholarDigital Library
- Shahid Raza, Linus Wallgren, and Thiemo Voigt. 2013. SVELTE: Real-time intrusion detection in the internet of things. Ad Hoc Networks 11, 8 (2013), 2661--2674. Google ScholarDigital Library
- RSA. 2003. Public-Key Cryptography Standards (PKCS): RSA Cryptography Specifications Version 2.1. Retrieved from https://tools.ietf.org/html/rfc3447.Google Scholar
- Olatunji Ruwase and Monica S. Lam. 2004. A practical dynamic buffer overflow detector. In Proceedings of the 11th Annual Network and Distributed System Security Symposium.Google Scholar
- Edward J. Schwartz, Thanassis Avgerinos, and David Brumley. 2010. All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In Proceedings of the 2010 IEEE Symposium onSecurity and Privacy (SP’10). IEEE, 317--331. Google ScholarDigital Library
- Konstantin Serebryany, Derek Bruening, Alexander Potapenko, and Dmitry Vyukov. 2012. AddressSanitizer: A fast address sanity checker. In USENIX ATC, Vol. 2012. Google ScholarDigital Library
- G. Edward Suh, Jae W. Lee, David Zhang, and Srinivas Devadas. 2004. Secure program execution via dynamic information flow tracking. SIGARCH Comput. Archit. News 32, 5 (Oct. 2004), 85--96.Google ScholarDigital Library
- Stelios Timotheou. 2008. Nonnegative least squares learning for the random neural network. In Artificial Neural Networks-ICANN 2008. Springer, 195--204. Google ScholarDigital Library
- Stelios Timotheou. 2010. The random neural network: A survey. The Computer Journal 53, 3 (2010), 251--267. Google ScholarDigital Library
- W. Trappe, R. Howard, and R. S. Moore. 2015. Low-energy security: Limits and opportunities in the internet of things. IEEE Security Privacy 13, 1 (Jan. 2015), 14--21.Google ScholarDigital Library
- Kleber Vieira, Alexandre Schulter, Carlos Westphall, and Carla Westphall. 2010. Intrusion detection for grid and cloud computing. IT Professional 12, 4 (2010), 38--43. Google ScholarDigital Library
- John Wilander, Nick Nikiforakis, Yves Younan, Mariam Kamkar, and Wouter Joosen. 2011. RIPE: Runtime intrusion prevention evaluator. In Proceedings of the 27th Annual Computer Security Applications Conference. ACM. Google ScholarDigital Library
- Shelly Xiaonan Wu and Wolfgang Banzhaf. 2010. The use of computational intelligence in intrusion detection systems: A review. Applied Soft Computing 10, 1 (2010), 1--35. Google ScholarDigital Library
- Li Da Xu, Wu He, and Shancang Li. 2014. Internet of things in industries: A survey. IEEE Transactions on Industrial Informatics 10, 4 (Nov. 2014), 2233--2243.Google ScholarCross Ref
- Man-Ki Yoon, S. Mohan, Jaesik Choi, Jung-Eun Kim, and Lui Sha. 2013. SecureCore: A multicore-based intrusion detection architecture for real-time embedded systems. In Proceedings of the 2013 IEEE 19th Real-Time and Embedded Technology and Applications Symposium (RTAS’13). 21--32. Google ScholarDigital Library
- Yves Younan. 2014. 25 Years of Vulnerabilities: 1988-2012. Retrieved from http://labs.snort.org/blogfiles/Sourcefire\\-25-Years-of-Vulnerabilities-Research-Report.pdf.Google Scholar
- Yves Younan, Pieter Philippaerts, Lorenzo Cavallaro, R. Sekar, Frank Piessens, and Wouter Joosen. 2010. PAriCheck: An efficient pointer arithmetic checker for C programs. In Proceedings of the 5th ACM Symposium on Computer and Communication Security. ACM, 145--156. Google ScholarDigital Library
Index Terms
- Intelligent Intrusion Detection in Low-Power IoTs
Recommendations
Edge-Based Intrusion Detection for IoT devices
Special Issue on Analytics for Cybersecurity and Privacy, Part 1As the Internet of Things (IoT) is estimated to grow to 25 billion by 2021, there is a need for an effective and efficient Intrusion Detection System (IDS) for IoT devices. Traditional network-based IDSs are unable to efficiently detect IoT malware and ...
Evaluating the survivability of Intrusion Tolerant Database systems and the impact of intrusion detection deficiencies
The immaturity of current intrusion detection techniques limits traditional security mechanisms in surviving malicious attacks. Intrusion tolerance approaches have emerged to overcome these limitations. However, to what extent an intrusion tolerant ...
Two-level machine learning driven intrusion detection model for IoT environments
As a consequence of the growing number of cyberattacks on IoT devices, the need for defences like intrusion detection systems (IDSs) has significantly risen. But current IDS implementations for IoT are complex to design, difficult to incorporate, platform-...
Comments