The Internet of Things(IoT)consists of interconnected smart devices communicating and collecting data.The Routing Protocol for Low-Power and Lossy Networks(RPL)is the standard protocol for Internet Protocol Version 6(...The Internet of Things(IoT)consists of interconnected smart devices communicating and collecting data.The Routing Protocol for Low-Power and Lossy Networks(RPL)is the standard protocol for Internet Protocol Version 6(IPv6)in the IoT.However,RPL is vulnerable to various attacks,including the sinkhole attack,which disrupts the network by manipulating routing information.This paper proposes the Unweighted Voting Method(UVM)for sinkhole node identification,utilizing three key behavioral indicators:DODAG Information Object(DIO)Transaction Frequency,Rank Harmony,and Power Consumption.These indicators have been carefully selected based on their contribution to sinkhole attack detection and other relevant features used in previous research.The UVM method employs an unweighted voting mechanism,where each voter or rule holds equal weight in detecting the presence of a sinkhole attack based on the proposed indicators.The effectiveness of the UVM method is evaluated using the COOJA simulator and compared with existing approaches.Notably,the proposed approach fulfills power consumption requirements for constrained nodes without increasing consumption due to the deployment design.In terms of detection accuracy,simulation results demonstrate a high detection rate ranging from 90%to 100%,with a low false-positive rate of 0%to 0.2%.Consequently,the proposed approach surpasses Ensemble Learning Intrusion Detection Systems by leveraging three indicators and three supporting rules.展开更多
ARP-based Distributed Denial of Service (DDoS) attacks due to ARP-storms can happen in local area networks where many computer systems are infected by worms such as Code Red or by DDoS agents. In ARP attack, the DDoS ...ARP-based Distributed Denial of Service (DDoS) attacks due to ARP-storms can happen in local area networks where many computer systems are infected by worms such as Code Red or by DDoS agents. In ARP attack, the DDoS agents constantly send a barrage of ARP requests to the gateway, or to a victim computer within the same sub-network, and tie up the resource of attacked gateway or host. In this paper, we set to measure the impact of ARP-attack on resource exhaustion of computers in a local area network. Based on attack experiments, we measure the exhaustion of processing and memory resources of a victim computer and also other computers, which are located on the same network as the victim computer. Interestingly enough, it is observed that an ARP-attack not only exhausts resource of the victim computer but also significantly exhausts processing resource of other non-victim computers, which happen to be located on the same local area network as the victim computer.展开更多
基金funded by the Deanship of Scientific Research at Najran University for this research through a Grant(NU/RG/SERC/12/50)under the Research Groups at Najran University,Saudi Arabia.
文摘The Internet of Things(IoT)consists of interconnected smart devices communicating and collecting data.The Routing Protocol for Low-Power and Lossy Networks(RPL)is the standard protocol for Internet Protocol Version 6(IPv6)in the IoT.However,RPL is vulnerable to various attacks,including the sinkhole attack,which disrupts the network by manipulating routing information.This paper proposes the Unweighted Voting Method(UVM)for sinkhole node identification,utilizing three key behavioral indicators:DODAG Information Object(DIO)Transaction Frequency,Rank Harmony,and Power Consumption.These indicators have been carefully selected based on their contribution to sinkhole attack detection and other relevant features used in previous research.The UVM method employs an unweighted voting mechanism,where each voter or rule holds equal weight in detecting the presence of a sinkhole attack based on the proposed indicators.The effectiveness of the UVM method is evaluated using the COOJA simulator and compared with existing approaches.Notably,the proposed approach fulfills power consumption requirements for constrained nodes without increasing consumption due to the deployment design.In terms of detection accuracy,simulation results demonstrate a high detection rate ranging from 90%to 100%,with a low false-positive rate of 0%to 0.2%.Consequently,the proposed approach surpasses Ensemble Learning Intrusion Detection Systems by leveraging three indicators and three supporting rules.
文摘ARP-based Distributed Denial of Service (DDoS) attacks due to ARP-storms can happen in local area networks where many computer systems are infected by worms such as Code Red or by DDoS agents. In ARP attack, the DDoS agents constantly send a barrage of ARP requests to the gateway, or to a victim computer within the same sub-network, and tie up the resource of attacked gateway or host. In this paper, we set to measure the impact of ARP-attack on resource exhaustion of computers in a local area network. Based on attack experiments, we measure the exhaustion of processing and memory resources of a victim computer and also other computers, which are located on the same network as the victim computer. Interestingly enough, it is observed that an ARP-attack not only exhausts resource of the victim computer but also significantly exhausts processing resource of other non-victim computers, which happen to be located on the same local area network as the victim computer.