Sensors (May 2021)

A Dense Neural Network Approach for Detecting Clone ID Attacks on the RPL Protocol of the IoT

  • Carlos D. Morales-Molina,
  • Aldo Hernandez-Suarez,
  • Gabriel Sanchez-Perez,
  • Linda K. Toscano-Medina,
  • Hector Perez-Meana,
  • Jesus Olivares-Mercado,
  • Jose Portillo-Portillo,
  • Victor Sanchez,
  • Luis Javier Garcia-Villalba

DOI
https://doi.org/10.3390/s21093173
Journal volume & issue
Vol. 21, no. 9
p. 3173

Abstract

Read online

At present, new data sharing technologies, such as those used in the Internet of Things (IoT) paradigm, are being extensively adopted. For this reason, intelligent security controls have become imperative. According to good practices and security information standards, particularly those regarding security in depth, several defensive layers are required to protect information assets. Within the context of IoT cyber-attacks, it is fundamental to continuously adapt new detection mechanisms for growing IoT threats, specifically for those becoming more sophisticated within mesh networks, such as identity theft and cloning. Therefore, current applications, such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), and Security Information and Event Management Systems (SIEM), are becoming inadequate for accurately handling novel security incidents, due to their signature-based detection procedures using the matching and flagging of anomalous patterns. This project focuses on a seldom-investigated identity attack—the Clone ID attack—directed at the Routing Protocol for Low Power and Lossy Networks (RPL), the underlying technology for most IoT devices. Hence, a robust Artificial Intelligence-based protection framework is proposed, in order to tackle major identity impersonation attacks, which classical applications are prone to misidentifying. On this basis, unsupervised pre-training techniques are employed to select key characteristics from RPL network samples. Then, a Dense Neural Network (DNN) is trained to maximize deep feature engineering, with the aim of improving classification results to protect against malicious counterfeiting attempts.

Keywords