stealthy attacks
Recently Published Documents


TOTAL DOCUMENTS

87
(FIVE YEARS 44)

H-INDEX

9
(FIVE YEARS 3)

2021 ◽  
Author(s):  
Abhay Deep Seth ◽  
Santosh Biswas ◽  
Amit Kumar Dhar

Abstract The Internet Engineering Task Force (IETF) has defined routing protocols for Low Power and Lossy Networks (RPL) for constrained devices. RPL constructs DODAGs (Destination Oriented Directed Acyclic Graphs), to optimize routing. RPL ensures acyclic topology with the DODAG version number. However, the control message's DODAG version number is not authenticated. So, RPL is vulnerable to topological inconsistency attack known as DODAG Version Number (DVN) attack. DVN attack creates a packet delay, packet loss, cyclic topology, etc., in the network. This paper proposes a method for detecting DODAG version number attacks. Several existing schemes to defend against the DVN, such as cryptographic techniques, trust-based, threshold-based and mitigation are computationally intensive or require protocol modification. DVN does not change the packet format or sequence of packets, but can still perform attacks and hence fall under the category of stealthy attacks, which are difficult to detect using traditional Intrusion Detection System$'$s (IDS). Discrete-Event System (DES) based IDS have been applied in the literature for stealthy attacks that achieve low overhead, low false alarm rate, etc. However, the construction of DES-based IDS for network protocol may lead to errors, as modelling is manual. The resulting IDS, therefore, is unable to guarantee its correctness. This paper proposes Linear Temporal Logic (LTL) based DES paradigm to detect DVN. LTL-based paradigm facilitates formal verification of the DES-based IDS, and hence the correctness of the scheme is ascertained. The proposed technique is simulated using the Contiki cooja simulator. When the percentage of spiteful nodes in the network increases, the true positive rate, and packet delivery rate drops, while the false positive rate and control message overhead increase. The memory requirement for sending the packets and verifying the nodes is minimal. The LTL-based IDS has been formally verified using NuSMV to ensure the correctness of the framework.


Automatica ◽  
2021 ◽  
Vol 133 ◽  
pp. 109869
Author(s):  
Tianju Sui ◽  
Xi-Ming Sun

2021 ◽  
Author(s):  
Rabah Ammour ◽  
Leonardo Brenner ◽  
Isabel Demongodin ◽  
Said Amari ◽  
Dimitri Lefebvre

2021 ◽  
Author(s):  
Md Hasan Shahriar ◽  
Mohammad Ashiqur Rahman ◽  
Nur Imtiazul Haque ◽  
Badrul Chowdhury

Sign in / Sign up

Export Citation Format

Share Document