Cloud Based Intrusion Detection Conceptual Model for IoT Objects

  • Authors

    • Abdulaziz Aborujilah
    • Rasheed Mohammad Nassr
    • Abdul Rauf Bin Johari
    2018-11-26
    https://doi.org/10.14419/ijet.v7i4.29.21953
  • IoT, IDS integration, cloud computing, visualization, ML
  • IoT is a new paradigm that link the physical objects with Internet. Many of vehicles, home appliances, human health and environmental monitoring and other objects are able to be connected to each other through the IoT network. IoT objects have the ability to sense and exchanging data with each other. However, IoT paradigm brings new challenges related to security issues.   Intrusion Detection Systems (IDS) is widely used to monitor and secure networks. It is very beneficial applying IDS in IoT environment. This paper suggests a conceptual model to integrate IDS with IoT networks. Initial experiments have been conducted to test the possibility of applying SNORT IDS in IoT environment. The results were very encouraging.

  • References

    1. [1] Zarpelão, B.B., Miani, R.S., Kawakani, C.T. and de Alvarenga, S.C., 2017. A Survey of Intrusion Detection in I nternet of Things. Journal of Network and Computer Applications.

      [2] Miorandi, D., Sicari, S., De Pellegrini, F., Chlamtac, I., 2012. Internet of things: vision, applications and research challenges. Ad Hoc Netw. 10 (7), 1497–1516.Mishra, A., Nadkarni, K., Patcha, A.,2004. Intrusion detection in wireless ad hoc networks. IEEE Wirel. Commun. 11 (1), 48–60

      [3] Lee, I., Lee, K., 2015. The internet of things (IoT): applications, investments, and challenges for enterprises. Bus. Horiz. 58 (4), 431–440.

      [4] Bradley, J., Barbier, J., Handler, D., 2013. Embracing the Internet of Everything to capture your share of $14.4 trillion, Tech. rep., Cisco White Paper

      [5] Sicari, S., Rizzardi, A., Grieco, L., Coen-Porisini, A., 2015. Security, privacy and trust in internet of Things: the road ahead. Comput. Netw. 76 (0), 146–164.

      [6] Singh, D., Tripathi, G., Jara, A.J., 2014. A survey of Internet-of-things: future vision, architecture, challenges and services. In: Internet of Things (WF-IoT), 2014 IEEE

      [7] Borgia, E., 2014. The Internet of Things vision: key features, applications and open issues. Comput. Commun. 54, 1–31.

      [8] Notra, S., Siddiqi, M., Gharakheili, H., Sivaraman, V., Boreli, R., 2014. An experimental study of security and privacy risks with emerging household appliances. In: Communications and Network Security (CNS), 2014 IEEE Conference on, pp. 79–84.

      [9] Sicari, S., Rizzardi, A., Grieco, L., Coen-Porisini, A., 2015. Security, privacy and trust in internet of Things: the road ahead. Comput. Netw. 76 (0), 146–164

      [10] Pantoni, R., Fonseca, C., Brandão, D., 2012. Street lighting system based on wireless

      [11] Elejoste, P., Angulo, I., Perallos, A., Chertudi, A., Zuazola, I.J.G., Moreno, A., Azpilicueta, L., Astrain, J.J., Falcone, F., Villadangos, J., 2013. an easy to deploy street light control system based on wireless communication and LED technology. Sensors 13 (5), 6492–6523.

      [12] Shahzad, G., Yang, H., Ahmad, A.W., Lee, C., 2016. Energy-efficient intelligent street lighting system using traffic-adaptive control. IEEE Sens. J. 16 (13), 5397–5405.

      [13] Oh, D., Kim, D., Ro, W.W., 2014. A malicious pattern detection engine for embedded security systems in the Internet of Things. Sensors 14 (12), 24188–24211. Pantoni, R., Fonseca, C., Brandão, D., 2012. Street lighting system based on wireless

      [14] Lee, T.-H., Wen, C.-H., Chang, L.-H., Chiang, H.-S., Hsieh, M.-C., 2014. A lightweight intrusion detection scheme based on energy consumption analysis in 6LowPAN. In:

      [15] Cervantes, C., Poplade, D., Nogueira, M., Santos, A., 2015. Detection of sinkhole attacks for supporting secure routing on 6LoWPAN for Internet of Things. In: 2015 IFIP/ IEEE International Symposium on Integrated Network Management (IM), pp. 606– 611

      [16] Raza, S., Wallgren, L., Voigt, T., 2013. SVELTE: real-time intrusion detection in the Internet of Things. Ad Hoc Netw. 11 (8), 2661–2674.

      [17] Amaral, J., Oliveira, L., Rodrigues, J., Han, G., Shu, L., 2014. Policy and network-based intrusion detection system for IPv6-enabled wireless sensor networks. In: Communications (ICC), 2014 IEEE International Conference on, pp. 1796–1801

      [18] Botta, Alessio, et al. "Integration of cloud computing and internet of things: a survey." Future Generation Computer Systems 56 (2016): 684-700.

      [19] Alamri, A., Ansari, W. S., Hassan, M. M., Hossain, M. S., Alelaiwi, A., Hossain, M. A., 2013. A survey on sensor-cloud: architecture, applications, and approaches. International Journal of Distributed Sensor Networks 2013.

      [20] Aitken, R., Chandra, V., Myers, J., Sandhu, B., Shifren, L., Yeric, G., 2014. Device and technology implications of the internet of things. In: VLSI Technology (VLSI-Technology): Digest of Technical Papers, 2014 Symposium on. pp. 1{4.

      [21] Gomes, M. M., Righi, R. d. R., da Costa, C. A., 2014. Future directions for providing better iot infrastructure. In: Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct Publication. UbiComp '14 Adjunct. pp. 51{54.

      [22] European Commission, 2013. De_nition of a research and innovation policy leveraging Cloud Computing and IoT combination. Tender specifications, SMART 2013/0037.

      [23] J. Cannady, “Artificial neural networks for misuse detection,†in Proc. 1998 Nat. Inf. Syst. Secur. Conf., Arlington, VA, USA, 1998, pp. 443– 456

      [24] A. Bivens, C. Palagiri, R. Smith, B. Szymanski, and M. Embrechts, “Network-based intrusion detection using neural networks,†Intell. Eng. Syst. Artif. Neural Netw., vol. 12, no. 1, pp. 579–584, 2002.

      [25] H. Brahmi, B. Imen, and B. Sadok, “OMC-IDS: At the cross-roads of OLAP mining and intrusion detection,†in Advances in Knowledge Discovery and Data Mining. New York, NY, USA: Springer, 2012, pp. 13–24.

      [26] H. Zhengbing, L. Zhitang, and W. Junqi, “A novel network intrusion detection system (NIDS) based on signatures search of data mining,†in Proc. 1st Int. Conf. Forensic Appl. Techn. Telecommun. Inf. Multimedia Workshop (e-Forensics ‘08), 2008, pp. 10–16.

      [27] D. Apiletti, E. Baralis, T. Cerquitelli, and V. D’Elia, “Characterizing network traffic by means of the NetMine framework,†Comput. Netw., vol. 53, no. 6, pp. 774–789, Apr. 2009.

      [28] C. Livadas, R.Walsh, D. Lapsley, andW. Strayer, “Usingmachine learning techniques to identify botnet traffic,†in Proc 31st IEEE Conf. Local Comput. Netw., 2006, pp. 967–974.

      [29] F. Jemili, M. Zaghdoud, and A. Ben, “A model for an adaptive intrusion detection system using Bayesian network,†in Proc. IEEE Intell. Secur. Informat., 2007, pp. 66–70.

      [30] C. Kruegel, D. Mutz,W. Robertson, and F. Valeur, “Bayesian event classification for intrusion detection,†in Proc. IEEE 19th Annu. Comput. Secur. Appl. Conf., 2003, pp. 14–23.

      [31] R. Hendry and S. J. Yang, “Intrusion signature creation via clustering anomalies,†in Proc. SPIE Defense Secur. Symp. Int. Soc. Opt. Photonics, 2008, pp. 69730C–69730C.

      [32] M. Blowers and J. Williams, “Machine learning applied to cyber operations,†in Network Science and Cybersecurity. New York, NY, USA: Springer, 2014, pp. 55–175.

      [33] K. Sequeira and M. Zaki, “ADMIT: Anomaly-based data mining for intrusions,†in Proc 8th ACM SIGKDD Int. Conf. Knowl. Discov. Data Min., 2002, pp. 386–395.

      [34] D. Ariu, R. Tronci, and G. Giacinto, “HMMPayl: An intrusion detection system based on hiddenMarkov models,†Comput. Secur., vol. 30, no. 4, pp. 221–241, 2011.

      [35] S. S. Joshi and V. V. Phoha, “Investigating hidden Markov models capabilities in anomaly detection,†in Proc. ACM 43rd Annu. Southeast Reg. Conf., 2005, vol. 1, pp. 98–103.

      [36] Z. Li, A. Zhang, J. Lei, and L. Wang, “Real-time correlation of network security alerts,†in Proc. IEEE Int. Conf. e-Business Eng., 2007, pp. 73– 80

      [37] [37] Y. Li, J. Xia, S. Zhang, J. Yan, X. Ai, and K. Dai, “An efficient intrusion detection system based on support vector machines and gradually feature removal method,†Expert Syst. Appl., vol. 39, no. 1, pp. 424–430,2012.

      [38] Buczak, Anna L., and Erhan Guven. "A survey of data mining and machine learning methods for cyber security intrusion detection." IEEE Communications Surveys & Tutorials 18.2 (2016): 1153-1176.

      [39] Cayirci, Erdal, et al. "Snow leopard cloud: a multi-national education training and experimentation cloud and its security challenges." Cloud Computing (2009): 57-68.

      [40] Stewart, Kyle E., Jeffrey W. Humphries, and Todd R. Andel. "Developing a virtualization platform for courses in networking, systems administration and cyber security education." Proceedings of the 2009 spring simulation multiconference. Society for Computer Simulation International, 2009.

      [41] Gaspar, Alessio, et al. "The role of virtualization in computing education." ACM sIGCsE bulletin. Vol. 40. No. 1. ACM, 2008.

      [42] Roesch, Martin. "Snort: Lightweight intrusion detection for networks."Lisa.Vol.99.No.1.1999.

      [43] http://developer.samsung.com/tv/develop/tools/tv-extension/archive/),

  • Downloads

  • How to Cite

    Aborujilah, A., Nassr, R. M., & Johari, A. R. B. (2018). Cloud Based Intrusion Detection Conceptual Model for IoT Objects. International Journal of Engineering & Technology, 7(4.29), 119-123. https://doi.org/10.14419/ijet.v7i4.29.21953