A Hybrid Intrusion Detection System for IoT Applications with Constrained Resources

Chao Wu, Yuan'An Liu, Fan Wu, Feng Liu, Hui Lu, Wenhao Fan, Bihua Tang

OAI: oai:igi-global.com:240653 • DOI: 10.4018/IJDCF.2020010106

Network security and network forensics technologies for the Internet of Things (IoT) need special consideration due to resource-constraints. Cybercrimes conducted in IoT focus on network information and energy sources. Graph theory is adopted to analyze the IoT network and a hybrid Intrusion Detection System (IDS) is proposed. The hybrid IDS consists of Centralized and Active Malicious Node Detection (CAMD) and Distributed and Passive EEA (Energy Exhaustion Attack) Resistance (DPER). CAMD is integrated in the genetic algorithm-based data gathering scheme. CAMD detects malicious nodes manipulated by cyber criminals and provides digital evidence for forensics. DPER is implemented in a set of communication protocols to alleviate the impact of EEA attacks. Simulation experiments conducted on NS-3 platform showed the hybrid IDS proposed detected and traced malicious nodes precisely without compromising energy efficiency. Besides, the impact of EEA attacks conducted by cyber criminals was effectively alleviated.

Digital Crime & Forensics Security and Forensics IT Security and Ethics