A Security Mechanism for Detecting Intrusions in Internet of Things Using Selected Features Based on MI-BGSA

  • Mansour Sheikhan Department of Communication Engineering South Tehran Branch, Islamic Azad University Tehran, Iran
  • Hamid Bostani Research Center of Modeling and Optimization in Science and Engineering South Tehran Branch, Islamic Azad University Tehran, Iran
Keywords: Internet of things, intrusion detection, anomaly-based, misuse-based, optimum-path forest

Abstract

Internet of things (IoT) is a novel emerging approach in computer networks wherein all heterogeneous objects around us, which usually are resource-constrained objects, can connect to each other and also the Internet by using a broad range of technologies. IoT is a hybrid network which includes the Internet and also wireless sensor networks (WSNs) as the main components of IoT; so, implementing security mechanisms in IoT seems necessary. This paper introduces a novel intrusion detection architecture model for IoT that provides the possibility of distributed detection. The proposed hybrid model uses anomaly and misuse intrusion detection agents based on the supervised and unsupervised optimum-path forest models for providing the ability to detect internal and externals attacks, simultaneously. The number of input features to the proposed classifier is reduced by a hybrid feature selection algorithm, as well. The experimental results of simulated scenarios show the superior performance of proposed security mechanism in multi-faceted detection.

Downloads

Download data is not yet available.

Author Biographies

Mansour Sheikhan, Department of Communication Engineering South Tehran Branch, Islamic Azad University Tehran, Iran

Mansour Sheikhan is currently an Associate Professor in Electrical Engineering Department of Islamic Azad University-South Tehran Branch. His research interests include speech processing, neural networks, network security, and intelligent systems. He has published about 100 journal papers and 70 conference papers. He is the author of four books in Farsi and seven book chapters for IET, Springer, and Taylor & Francis.

Hamid Bostani, Research Center of Modeling and Optimization in Science and Engineering South Tehran Branch, Islamic Azad University Tehran, Iran

Hamid Bostani is a research assistant in Research Center of Modeling and Optimization in Science and Engineering of Islamic Azad University-South Tehran Branch. He received his B.Sc. and M.Sc. degrees in Computer Engineering from Shiraz and South Tehran Branches in 2008 and 2015, respectively. His research interests are machine learning, artificial intelligence, Internet of things, intrusion detection systems.

References

[1] E. Borgia, “The Internet of things: key features, applications and open issues,” Computer Communications, vol. 54, pp. 1-31, Dec. 2014.
[2] M. De Sanctis, E. Cianca, G. Araniti, I. Bisio, and R. Prasad, “Satellite communications supporting Internet of remote things,” IEEE Internet of Things Journal, vol. 3, pp. 113-123, Jan. 2016.
[3] S. Raza, Lightweight security solutions for the Internet of things. Ph.D. Thesis, School of Innovation, Design and Engineering, Mälardalen University, Västerås, Sweden, 2013.
[4] T. Kushalnagar, G. Montenegro, and C. Schumacher, “IPv6 over low-power wireless personal area networks (6LoWPANs): overview, assumptions, problem statement, and goals,” RFC 4919, 2007.
[5] L. Wallgren, S. Raza, and T. Voigt, “Routing attacks and countermeasures in the RPL-based Internet of things,” International Journal of Distributed Sensor Networks, Article ID 794326, pp. 1-11, Jun. 2013.
[6] S. Raza, L. Wallgren, and T. Voigt, “SVELTE: real-time intrusion detection in the Internet of things,” Ad Hoc Networks, vol. 11, pp. 2661-2674, Nov. 2013.
[7] J. Granjal, E. Monteiro, and J.S. Silva, “Security in the integration of low-power wireless sensor networks with the Internet: a survey,” Ad Hoc Networks, vol. 24, pp. 264-287, Jan. 2015.
[8] A. Botta, W. de Donato, V. Persico, and A. Pescapé, “Integration of cloud computing and Internet of things: a survey,” Future Generation Computer Systems, vol. 56, pp. 684-700, Mar. 2016.
[9] C. Stergiou, K.E. Psannis, B.G. Kim, and B. Gupta, “Secure integration of IoT and cloud computing,” Future Generation Computer Systems, pp. 1-12, Published online 1 Dec. 2016. DOI: 10.1016/j.future.2016.11.031
[10] A. Ouaddah, H. Mousannif, A.A. Elkalam, and A.A. Ouahman, “Access control in the Internet of things: big challenges and new opportunities,” Computer Networks, vol. 112, pp. 237-262, Jan. 2017.
[11] C. Alcaraz, R. Roman, P. Najera, and J. Lopez, “Security of industrial sensor network-based remote substations in the context of the Internet of things,” Ad Hoc Networks, vol. 11, pp. 1091-1104, May 2013.
[12] H.R. Ghaeini and N.O. Tippenhauer, “HAMIDS: hierarchical monitoring intrusion detection system for industrial control systems,” In: Proceeding of the 2nd ACM Workshop on Cyber-Physical Systems Security and Privacy, Vienna, Austria, 2016.
[13] D. Airehrour, J. Gutierrez, and S.K. Ray, “Secure routing for internet of things: a survey,” Journal of Network and Computer Applications, vol. 66, pp. 198-213, May 2016.
[14] R. Roman, J. Zhou, and J. Lopez, “On the features and challenges of security and privacy in distributed Internet of things,” Computer Networks, vol. 57, pp. 2266-2279, Jul. 2013.
[15] F. Alam, R. Mehmood, I. Katib, and A. Albeshri, “Analysis of eight data mining algorithms for smarter Internet of things,” Procedia Computer Science, vol. 98, pp. 437-442, 2016.
[16] P. Kasinathan, C. Pastrone, M.A. Spirito, and M. Vinkovits, “Denial-of-service detection in 6LoWPAN based Internet of things,” In: Proceedings of 9th International Conference on Wireless and Mobile Computing, Networking and Communications, Lyon, France, 2013.
[17] C. Jun and C. Chi, “Design of complex event-processing IDS in Internet of things,” In: Proceedings of the 6th International Conference on Measuring Technology and Mechatronics Automation, Zhangjiajie, China, 2011.
[18] R.H. Weber and E. Studer, “Cybersecurity in the Internet of things: legal aspects,” Computer Law & Security Review, vol. 32, pp. 715-728, Oct. 2016.
[19] H. Bostani and M. Sheikhan, “Hybrid of anomaly-based and specification-based IDS for Internet of things using unsupervised OPF based on MapReduce approach,” Computer Communications, vol. 98, pp. 52-71, Jan. 2017.
[20] H. Bostani and M. Sheikhan, “Modification of supervised OPF-based intrusion detection systems using unsupervised learning and social network concept,” Pattern Recognition, vol. 62, pp. 56-72, Feb. 2017.
[21] H. Bostani and M. Sheikhan, “Hybrid of binary gravitational search algorithm and mutual information for feature selection in intrusion detection systems,” Soft Computing, vol. 21, pp. 2307-2324, May 2017.
[22] A. Le, J. Loo, A. Lasebae, M. Aiash, and Y. Luo, “6LoWPAN: a study on QoS security threats and countermeasures using intrusion detection system approach,” International Journal of Communication Systems, vol. 25, pp. 1189-1212, Aug. 2012.
[23] J.P. Papa, A.X. Falcão, and C.T.N. Suzuki, “Supervised pattern classification based on optimum-path forest,” International Journal of Imaging Systems and Technology, vol. 19, pp. 120-131, Jun. 2009.
[24] C.R. Pereira, R.Y.M. Nakamura, K.A.P. Costa, and J.P. Papa, “An optimum-path forest framework for intrusion detection in computer networks,” Engineering Applications of Artificial Intelligence, vol. 25, pp. 1226-1234, Sep. 2012.
[25] K.A.P. Costa, L.A.M. Pereira, R.Y.M. Nakamura, C.R. Pereira, J.P. Papa, and A.X. Falcão, “A nature-inspired approach to speed up optimum-path forest clustering and its application to intrusion detection in computer networks,” Information Sciences, vol. 294, pp. 95-108, Feb. 2015.
[26] L.M. Rocha, F.A.M. Cappabianco, and A.X. Falcão, “Data clustering as an optimum-path forest problem with applications in image analysis,” International Journal of Imaging Systems and Technology, vol. 19, pp. 50-68, Jun. 2009.
[27] J. Dean and S. Ghemawat, “MapReduce: simplified data processing on large clusters,” In: Proceeding of 6th Symposium on Operating Systems Design and Implementation, San Francisco, USA, 2004.
[28] M. Tavallaee, E. Bagheri, L. Wei, and A. Ghorbani, “NSL-KDD Data Set” (Available on http://www.unb.ca/research/iscx/dataset/iscx-NSL-KDD-dataset.html), [Accessed on 28 Feb. 2016].
[29] J. Hussain and S. Lalmuanawma, “Feature analysis, evaluation and comparisons of classification algorithms based on noisy intrusion dataset,” Procedia Computer Science, vol. 92, pp. 188-198, 2016.
[30] A. Karkouch, H. Mouannif, H. Moatassime, and T. Noel, “Data quality in Internet of things: a state-of-the-art survey,” Journal of Network and Computer Applications, vol. 73, pp. 57-81, Sep. 2016.
[31] M. Sheikhan and H. Bostani, “A novel security mechanism for detecting intrusions in Internet of things,” In: Proceeding of 8th International Symposium on Telecommunications, Tehran, Iran, 2016.
Published
2017-06-30
How to Cite
Sheikhan, M., & Bostani, H. (2017, June 30). A Security Mechanism for Detecting Intrusions in Internet of Things Using Selected Features Based on MI-BGSA. International Journal of Information & Communication Technology Research, 9(2), 53-62. Retrieved from http://journal.itrc.ac.ir/index.php/ijictr/article/view/11
Section
Information Technology