An Intrusion Detection and Prevention Framework for Internet-Integrated CoAP WSN
Authors
Abstract
End-to-end communications between Internet de- vices and Internet-integrated constrained wireless sensing plat- forms will provide an important contribution to the enabling of many of the envisioned IoT applications and, in this context, security must be addressed when employing communication technologies such as 6LoWPAN and CoAP. Considering the constraints typically found on sensing devices in terms of energy, memory and computational capability, the integration of Wireless Sensor Networks (WSN) with the Internet using such technologies will open new threats and attacks that must be dealt with, particularly those originated at devices without the constraints of WSN sensors (e.g. Internet hosts). Existing encryption strategies for communications in IoT environments are unable to protect Internet-integrated WSN environments from Denial of Service (DoS) attacks, as well as from other forms of attacks at the network and application layers using CoAP. We may thus fairly consider that anomaly and intrusion detection will play a major role in the materialization of most of the envisioned IoT applica- tions. In this article, we propose a framework to support intrusion detection and reaction in Internet-integrated CoAP WSN, and in the context of this framework we design and implement various approaches to support security against various classes of attacks. We have implemented and evaluated experimentally the proposed framework and mechanisms, considering various attack scenarios, and our approach was found to be viable, from the point of view of its impact on critical resources of sensing devices and of its efficiency in dealing with the considered attacks.
Keywords
IoT security, CoAP security, 6LoWPAN security, intrusion detection and prevention, Internet-integrated wireless sensor networks
Subject
Internet of Things, security, intrusion detection
Related Project
MobiWise: from mobile sensing to mobility advising
Journal
Security and Communication Networks, Vol. 2018, Hindawi, April 2018
DOI
Cited by
No citations found