Designing Efficient Sinkhole Attack Detection Mechanism in Edge-Based IoT Deployment
Abstract
:1. Introduction
1.1. Attack Schema of Sinkhole Attack in Edge-based IoT Environment
1.2. Goal of Designing Proposed Scheme
1.3. Attack Model
1.4. Research Contributions
- A new intrusion detection scheme for the detection of sinkhole attack in edge-based IoT environment (SAD-EIoT) has been proposed.
- SAD-EIoT is shown to be secure against sinkhole attacks in EIoT. It is validated through security analysis and also the results obtained through the NS2 simulation.
- Furthermore, SAD-EIoT is compared with other closely related existing techniques. The conducted comparison demonstrates that SAD-EIoT performs better than other existing techniques.
1.5. Structure of the Paper
2. Background
3. The Proposed Sinkhole Attack Detection Scheme
3.1. Network Scenario
3.2. Process Involved in SAD-EIoT
- Dropping of the packets
- Modification of information in the packets
- Forwarding the packets selectively (i.e., forwarding of UDP packets and dropping of TCP packets)
- Forwarding the packets with some delay
- Case 1: If does not get messages from a doubtful node , it attempts to figure out that node as or normal (genuine) node which has depleted its entire battery (might be a node failure). In such a situation, transmits to and waits some time for its response. If the condition holds, where is the waiting time’s threshold, it will indicate the expiry of waiting time. If both response message as well as data message from are not received by , it makes a decision as the ’s failure. Note that additional factors like network congestion have been included in .
- Case 2: If gets , but the is not received by , is identified as the “sinkhole attacker node” . It is also determined that is a kind of which consumes all packets and does not forward them towards the destination (i.e., ).
- Case 3: If receives the and also from , it checks the integrity of by using hashing algorithm (i.e., SHA-1 or SHA-256 [56]). If the integrity does not hold, is treated as the which has modified .
- Case 4: receives and also from , but the quality of service of the network is not up to the mark [57]. Since is a powerful node, it can run some technique to maintain the quality of the service of the network [57]. For example, may forward the UDP packets but not the TCP packets. If all these features are included then it becomes a sign of selective forwarding of packets (a kind of packet forwarding attack) [57,58,59]. For the detection purpose, can execute the following steps if the count of packets for a particular service (i.e., TCP) does not exceed the threshold value of count of packets in a particular duration of time. considers node as the . Further, note that the threshold value of count of packets in a particular duration of time is an empirical value which can be set at the at the time of the deployment of the nodes in the network.
- Case 5: When the is transmitted by to , it waits some time for the response message. If the condition holds, it will indicate the expiry of waiting time. If receives , it waits for receipt of from . If receives after the expiry of the waiting time (i.e., ), the node is detected as the because it delays the packets before forwarding them towards the destination (i.e., ).
- Network analyser: An edge node performs the analysis of the network behaviour. then identifies normal and abnormal activities of the network.
- Anomaly detector: For the detection of s, two different phases are used, namely Phase 1 for identifying the existence of s and Phase 2 for confirming the existence of s. does the work of sinkhole node detection by using the steps of existence algorithm in EIoT (Algorithm 1). After the completion of all steps mentioned in Phase 1, a list of doubted nodes is constructed that may or may not have the attacker nodes. To confirm the existence of s in the network, executes the steps of confirmation algorithm in EIoT (see Algorithm 2). After the successful completion of Phase 2, a list of confirmed s and is obtained which contains the entries for all types of s which exist in the network.
- Alarm system: After the successful completion of both phases of s detection, the list is generated. The blacklists these malicious nodes and also sends alarm messages to other legitimate IoT devices (i.e., IoT sensor nodes). Then, these legitimate nodes remove the entries of s from their neighbour list and start sending their packets to the other possible available route(s).
3.3. Formats of Messages Used in Sinkhole Attack Detection
- Status and data query message: The message is shown in Figure 6. transmits to all IoT devices (sensors). This message is constructed using the different fields, such as an ’s identity , an IoT device ’s identity , the information field and also the hashed message authentication code , where .
- Status response message: The structure of provided in Figure 7 is composed of different fields, such as , “remaining energy (battery power)” of , “rank information” of , the information field and . sends the message to . For saving energy, an IoT sensing device can utilize any one of the modes (“sleep”, “idle” and “working”) [60,61]. For the detection of sinkhole attack, the information about the two modes is needed (i.e., “idle” and “working”), because sensing devices cannot respond when they are in the sleeping state. The may contain two response types: 0 (idle state) and 1 (working state).
- Data message: The structure of provided in Figure 8 is composed of different fields, for example, , and of , as the sensing data needs to be transmitted to , and . Note that session key can be used to encrypt the data, if it is required.
- Information message After performing the detection of s, sends the information message to alert the other legitimate IoT sensors. The structure of provided in Figure 9 is also composed of different fields, like and detection information field contains the information of the detected s.
3.4. Research Methodology of SAD-EIoT
3.4.1. Sinkhole Attacker Node Existence Algorithm in EIoT
Algorithm 1 Sinkhole attacker node existence algorithm in EIoT. |
|
3.4.2. Sinkhole Attacker Node Confirmation Algorithm in EIoT
Algorithm 2 Sinkhole attacker node confirmation algorithm in EIoT |
|
4. Mathematical Models for SAD-EIoT
4.1. Packet Delivery Ratio
4.2. Throughput
4.3. End-to-End Delay
5. Analysis of SAD-EIoT
5.1. Security Analysis
5.2. Communication Cost
5.3. Computation Cost
6. Practical Implementation of SAD-EIoT
6.1. Simulation Environment
6.2. Simulation Scenarios
- Scenario of normal flow of traffic: The scenario of EIoT in the case of normal flow of traffic is simulated, containing all 121 normal nodes. Therefore, traffic of the network flows normally without any problem.
- Scenario of sinkhole attack: The scenario of EIoT under sinkhole attack is further simulated which consists of attacker nodes i.e., 24 IoT sensor nodes becomes s. Remaining nodes are normal nodes out of 121. The 24 attacker nodes contain various types of nodes like the “sinkhole attacker nodes which drop the packets”, “sinkhole nodes which delay the messages”, “sinkhole nodes which modify the messages” and “sinkhole nodes which selectively forward the messages”.
- Scenario of SAD-EIoT: The EIoT scenario under sinkhole attack along with the implementation of SAD-EIoT is further simulated. For the detection of s, each edge node transmits and receives various types of messages in EIoT. After performing the detection process blacklists all detected s and also informs other legitimate IoT sensor nodes through alert (information) messages.
6.3. Discussion on Simulation Results
6.3.1. Effect on Packet Delivery Ratio
6.3.2. Effect on Packet Loss Rate
6.3.3. Effect on End-to-End Delay
6.3.4. Effect on Throughput
6.3.5. Effect on Detection Rate and False Positive Rate
- A confusion matrix of the obtained results is constructed and its details are provided in Table 5. The provided matrix clears that SAD-EIoT detects 23 s.Thus, there is a total of 23 nodes (actual attackers), one node (normal nodes), 96 nodes (normal nodes) and one node (actually an attacker but identified as a normal node).
- There are in total 24 s and 81 normal nodes. Accordingly, and are and respectively.
7. Comparative Analysis of SAD-EIoT with Other Related Existing Schemes
8. Concluding Remarks
Author Contributions
Funding
Acknowledgments
Conflicts of Interest
References
- Challa, S.; Wazid, M.; Das, A.K.; Kumar, N.; Reddy, A.G.; Yoon, E.; Yoo, K. Secure Signature-Based Authenticated Key Establishment Scheme for Future IoT Applications. IEEE Access 2017, 5, 3028–3043. [Google Scholar] [CrossRef]
- Gubbi, J.; Buyya, R.; Marusic, S.; Palaniswami, M. Internet of Things (IoT): A vision, architectural elements, and future directions. Future Gener. Comput. Syst. 2013, 29, 1645–1660. [Google Scholar] [CrossRef] [Green Version]
- Esposito, C.; Castiglione, A.; Pop, F.; Choo, K.K.R. Challenges of Connecting Edge and Cloud Computing: A Security and Forensic Perspective. IEEE Cloud Comput. 2017, 4, 13–17. [Google Scholar] [CrossRef]
- Sheth, A. Internet of Things to Smart IoT Through Semantic, Cognitive, and Perceptual Computing. IEEE Intell. Syst. 2016, 31, 108–112. [Google Scholar] [CrossRef]
- Raut, S. What Is Edge Computing? Available online: http://bigdata-madesimple.com/edge-computing/ (accessed on 18 January 2020).
- Marjanović, M.; Antonić, A.; Žarko, I.P. Edge Computing Architecture for Mobile Crowdsensing. IEEE Access 2018, 6, 10662–10674. [Google Scholar] [CrossRef]
- Stojmenovic, I.; Wen, S. The Fog computing paradigm: Scenarios and security issues. In Proceedings of the Federated Conference on Computer Science and Information Systems, Warsaw, Poland, 7–10 September 2014; pp. 1–8. [Google Scholar]
- Choo, K.K.R.; Rana, O.F.; Rajarajan, M. Cloud Security Engineering: Theory, Practice and Future Research. IEEE Trans. Cloud Comput. 2017, 5, 372–374. [Google Scholar] [CrossRef]
- Sukhov, A.; Sagatov, E.; Baskakov, A. Rank distribution for determining the threshold values of network variables and the analysis of DDoS attacks. Procedia Eng. 2017, 201, 417–427. [Google Scholar] [CrossRef]
- Zhao, P.; Li, J.; Zeng, F.; Xiao, F.; Wang, C.; Jiang, H. ILLIA: Enabling k-Anonymity-Based Privacy Preserving against Location Injection Attacks in Continuous LBS Queries. IEEE Internet Things J. 2018, 5, 1033–1042. [Google Scholar] [CrossRef]
- Wang, C.; Liu, G.; Huang, H.; Feng, W.; Peng, K.; Wang, L. MIASec: Enabling Data Indistinguishability against Membership Inference Attacks in MLaaS. IEEE Trans. Sustain. Comput. 2019. [Google Scholar] [CrossRef]
- Messerges, T.S.; Dabbish, E.A.; Sloan, R.H. Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 2002, 51, 541–552. [Google Scholar] [CrossRef] [Green Version]
- Ryoo, J.; Han, D.; Kim, S.; Lee, S. Performance Enhancement of Differential Power Analysis Attacks with Signal Companding Methods. IEEE Signal Process. Lett. 2008, 15, 625–628. [Google Scholar] [CrossRef]
- Rajan, A.; Jithish, J.; Sankaran, S. Sybil attack in IOT: Modelling and defenses. In Proceedings of the International Conference on Advances in Computing, Communications and Informatics (ICACCI’17), Udupi, India, 13–16 September 2017; pp. 2323–2327. [Google Scholar]
- Zhang, K.; Liang, X.; Lu, R.; Shen, X. Sybil Attacks and Their Defenses in the Internet of Things. IEEE Internet Things J. 2014, 1, 372–383. [Google Scholar] [CrossRef]
- Wazid, M.; Das, A.K. A Secure Group-Based Blackhole Node Detection Scheme for Hierarchical Wireless Sensor Networks. Wirel. Pers. Commun. 2017, 94, 1165–1191. [Google Scholar] [CrossRef]
- Wazid, M.; Das, A.K.; Kumari, S.; Khan, M.K. Design of sinkhole node detection mechanism for hierarchical wireless sensor networks. Secur. Commun. Networks 2016, 9, 4596–4614. [Google Scholar] [CrossRef]
- Wazid, M.; Reshma Dsouza, P.; Das, A.K.; Bhat K, V.; Kumar, N.; Rodrigues, J.J.P.C. RAD-EI: A routing attack detection scheme for edge-based Internet of Things environment. Int. J. Commun. Syst. 2019, 32, e4024. [Google Scholar] [CrossRef]
- Dong, D.; Li, M.; Liu, Y.; Li, X.; Liao, X. Topological Detection on Wormholes in Wireless Ad Hoc and Sensor Networks. IEEE/ACM Trans. Netw. 2011, 19, 1787–1796. [Google Scholar] [CrossRef] [Green Version]
- Hamedheidari, S.; Rafeh, R. A novel agent-based approach to detect sinkhole attacks in wireless sensor networks. Comput. Secur. 2013, 37, 1–14. [Google Scholar] [CrossRef]
- Ngai, E.C.H.; Liu, J.; Lyu, M.R. An efficient intruder detection algorithm against sinkhole attacks in wireless sensor networks. Comput. Commun. 2007, 30, 2353–2364. [Google Scholar] [CrossRef]
- Shafiei, H.; Khonsari, A.; Derakhshi, H.; Mousavi, P. Detection and mitigation of sinkhole attacks in wireless sensor networks. J. Comput. Syst. Sci. 2014, 80, 644–653. [Google Scholar] [CrossRef]
- Wazid, M.; Katal, A.; Sachan, R.S.; Goudar, R.H.; Singh, D.P. Detection and prevention mechanism for Blackhole attack in Wireless Sensor Network. In Proceedings of the IEEE International Conference on Communications and Signal Processing (ICCSP’13), Melmaruvathur, India, 3–5 April 2013; pp. 576–581. [Google Scholar]
- Wazid, M.; Das, A.K. An Efficient Hybrid Anomaly Detection Scheme Using K-Means Clustering for Wireless Sensor Networks. Wirel. Pers. Commun. 2016, 90, 1971–2000. [Google Scholar] [CrossRef]
- Chatterjee, S.; Das, A.K. An effective ECC-based user access control scheme with attribute-based encryption for wireless sensor networks. Secur. Commun. Netw. 2015, 8, 1752–1771. [Google Scholar] [CrossRef]
- Das, A.K. A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks. Peer-To-Peer Netw. Appl. 2016, 9, 223–244. [Google Scholar] [CrossRef]
- Das, A.K. A secure and effective biometric-based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor. Int. J. Commun. Syst. 2017, 30, 1–25. [Google Scholar] [CrossRef]
- Das, A.K. A Secure and Efficient User Anonymity-Preserving Three-Factor Authentication Protocol for Large-Scale Distributed Wireless Sensor Networks. Wirel. Pers. Commun. 2015, 82, 1377–1404. [Google Scholar] [CrossRef]
- Dolev, D.; Yao, A.C. On the security of public key protocols. IEEE Trans. Inf. Theory 1983, 29, 198–208. [Google Scholar] [CrossRef]
- Das, M.L. Two-factor user authentication in wireless sensor networks. IEEE Trans. Wirel. Commun. 2009, 8, 1086–1090. [Google Scholar] [CrossRef]
- Salehi, S.A.; Razzaque, M.A.; Naraei, P.; Farrokhtala, A. Detection of sinkhole attack in wireless sensor networks. In Proceedings of the IEEE International Conference on Space Science and Communication (IconSpace’13), Melaka, Malaysia, 1–3 July 2013; pp. 361–365. [Google Scholar]
- Wang, S.S.; Yan, K.Q.; Wang, S.C.; Liu, C.W. An Integrated Intrusion Detection System for Cluster-based Wireless Sensor Networks. Expert Syst. Appl. 2011, 38, 15234–15243. [Google Scholar] [CrossRef]
- Wang, Y.; Fu, W.; Agrawal, D.P. Gaussian versus Uniform Distribution for Intrusion Detection in Wireless Sensor Networks. IEEE Trans. Parallel Distrib. Syst. 2013, 24, 342–355. [Google Scholar] [CrossRef]
- Wang, Y.; Wang, X.; Xie, B.; Wang, D.; Agrawal, D.P. Intrusion Detection in Homogeneous and Heterogeneous Wireless Sensor Networks. IEEE Trans. Mob. Comput. 2008, 7, 698–711. [Google Scholar] [CrossRef]
- Zhan, G.; Shi, W.; Deng, J. Design and Implementation of TARF: A Trust-Aware Routing Framework for WSNs. IEEE Trans. Dependable Secur. Comput. 2012, 9, 184–197. [Google Scholar] [CrossRef]
- Shin, S.; Kwon, T.; Jo, G.; Park, Y.; Rhy, H. An Experimental Study of Hierarchical Intrusion Detection for Wireless Industrial Sensor Networks. IEEE Trans. Ind. Inform. 2010, 6, 744–757. [Google Scholar] [CrossRef]
- Yu, Y.; Li, K.; Zhou, W.; Li, P. Trust Mechanisms in Wireless Sensor Networks: Attack Analysis and Countermeasures. J. Netw. Comput. Appl. 2012, 35, 867–880. [Google Scholar] [CrossRef]
- Liu, Y.; Ma, M.; Liu, X.; Xiong, N.; Liu, A.; Zhu, Y. Design and Analysis of Probing Route to Defense Sink-hole Attacks for Internet of Things Security. IEEE Trans. Netw. Sci. Eng. 2018. [Google Scholar] [CrossRef]
- Chen, H.; Meng, C.; Shan, Z.; Fu, Z.; Bhargava, B.K. A Novel Low-Rate Denial of Service Attack Detection Approach in ZigBee Wireless Sensor Network by Combining Hilbert-Huang Transformation and Trust Evaluation. IEEE Access 2019, 7, 32853–32866. [Google Scholar] [CrossRef]
- Fang, W.; Xu, M.; Zhu, C.; Han, W.; Zhang, W.; Rodrigues, J.J.P.C. FETMS: Fast and Efficient Trust Management Scheme for Information-Centric Networking in Internet of Things. IEEE Access 2019, 7, 13476–13485. [Google Scholar] [CrossRef]
- Pongle, P.; Chavan, G. A survey: Attacks on RPL and 6LoWPAN in IoT. In Proceedings of the International Conference on Pervasive Computing (ICPC’15), Pune, India, 8–10 January 2015; pp. 1–6. [Google Scholar]
- Yang, Y.; Wu, L.; Yin, G.; Li, L.; Zhao, H. A Survey on Security and Privacy Issues in Internet-of-Things. IEEE Internet Things J. 2017, 4, 1250–1258. [Google Scholar] [CrossRef]
- Lyu, C.; Zhang, X.; Liu, Z.; Chi, C. Selective Authentication Based Geographic Opportunistic Routing in Wireless Sensor Networks for Internet of Things Against DoS Attacks. IEEE Access 2019, 7, 31068–31082. [Google Scholar] [CrossRef]
- He, Y.; Han, G.; Wang, H.; Ansere, J.A.; Zhang, W. A sector-based random routing scheme for protecting the source location privacy in WSNs for the Internet of Things. Future Gener. Comput. Syst. 2019, 96, 438–448. [Google Scholar] [CrossRef]
- Airehrour, D.; Gutierrez, J.A.; Ray, S.K. SecTrust-RPL: A secure trust-aware RPL routing protocol for Internet of Things. Future Gener. Comput. Syst. 2019, 93, 860–876. [Google Scholar] [CrossRef]
- Sicari, S.; Rizzardi, A.; Miorandi, D.; Coen-Porisini, A. REATO: REActing TO Denial of Service attacks in the Internet of Things. Comput. Netw. 2018, 137, 37–48. [Google Scholar] [CrossRef]
- Deshmukh-Bhosale, S.; Sonavane, S.S. A Real-Time Intrusion Detection System for Wormhole Attack in the RPL based Internet of Things. Procedia Manuf. 2019, 32, 840–847. [Google Scholar] [CrossRef]
- Liu, G.; Quan, W.; Cheng, N.; Zhang, H.; Yu, S. Efficient DDoS attacks mitigation for stateful forwarding in Internet of Things. J. Netw. Comput. Appl. 2019, 130, 1–13. [Google Scholar] [CrossRef]
- Raoof, A.; Matrawy, A.; Lung, C. Routing Attacks and Mitigation Methods for RPL-Based Internet of Things. IEEE Commun. Surv. Tutor. 2019, 21, 1582–1606. [Google Scholar] [CrossRef]
- Mayzaud, A.; Badonnel, R.; Chrisment, I. A Distributed Monitoring Strategy for Detecting Version Number Attacks in RPL-Based Networks. IEEE Trans. Netw. Serv. Manag. 2017, 14, 472–486. [Google Scholar] [CrossRef]
- Cheng, Y.; Agrawal, D.P. An improved key distribution mechanism for large-scale hierarchical wireless sensor networks. Ad Hoc Netw. 2007, 5, 35–48. [Google Scholar] [CrossRef]
- Das, A.K. An unconditionally secure key management scheme for large-scale heterogeneous wireless sensor networks. In Proceedings of the First International on Communication Systems and Networks and Workshops (COMSNETS 2009), Bangalore, India, 5–10 January 2009; pp. 1–10. [Google Scholar]
- Das, A.K.; Sharma, P.; Chatterjee, S.; Sing, J.K. A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. J. Netw. Comput. Appl. 2012, 35, 1646–1656. [Google Scholar] [CrossRef]
- Das, A.K. An efficient random key distribution scheme for large-scale distributed sensor networks. Secur. Commun. Netw. 2011, 4, 162–180. [Google Scholar] [CrossRef]
- Wang, J.; Dong, W.; Cao, Z.; Liu, Y. On the Delay Performance in a Large-Scale Wireless Sensor Network: Measurement, Analysis, and Implications. IEEE/ACM Trans. Netw. 2015, 23, 186–197. [Google Scholar] [CrossRef]
- Secure Hash Standard. FIPS PUB 180-1, National Institute of Standards and Technology (NIST), U.S. Department of Commerce, April 1995. 1995. Available online: http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf (accessed on 18 January 2020).
- Farsi, M.; Badawy, M.; Moustafa, M.; Arafat Ali, H.; Abdulazeem, Y. A Congestion-Aware Clustering and Routing (CCR) Protocol for Mitigating Congestion in WSN. IEEE Access 2019, 7, 105402–105419. [Google Scholar] [CrossRef]
- Ren, J.; Zhang, Y.; Zhang, K.; Shen, X. Adaptive and Channel-Aware Detection of Selective Forwarding Attacks in Wireless Sensor Networks. IEEE Trans. Wirel. Commun. 2016, 15, 3718–3731. [Google Scholar] [CrossRef]
- Ren, K.; Lou, W.; Zhang, Y. LEDS: Providing Location-Aware End-to-End Data Security in Wireless Sensor Networks. IEEE Trans. Mob. Comput. 2008, 7, 585–598. [Google Scholar] [CrossRef]
- Ghazvini, M.; Vahabi, M.; Rasid, M.; Abdullah, R.; Musa, W. Low Energy Consumption MAC Protocol for Wireless Sensor Networks. In Proceedings of the IEEE 2nd International Conference on Sensor Technologies and Applications, Cap Esterel, France, 25–31 August 2008; pp. 49–54. [Google Scholar]
- Park, S.; Hong, S.W.; Lee, E.; Kim, S.H.; Crespi, N. Large-scale mobile phenomena monitoring with energy-efficiency in wireless sensor networks. Comput. Networks 2015, 81, 116–135. [Google Scholar] [CrossRef]
- The Network Simulator-ns-2. Available online: http://www.isi.edu/nsnam/ns/ (accessed on 18 January 2020).
- Perkins, C.E.; Royer, E.M. Ad-hoc on-demand distance vector routing. In Proceedings of the Second IEEE Workshop on Mobile Computing Systems and Applications (WMCSA’99), New Orleans, LA, USA, 25–26 February 1999; pp. 90–100. [Google Scholar]
Protocol | Goal | Method Used | Outcomes and Limitations |
---|---|---|---|
Wang et al. [34] | Intrusion detection | Single and multi sensing detection methods | Performed intrusion detection with low detection rate |
Wang et al. [32] | Intrusion detection | Misuse based IDS method | Performed intrusion detection with low detection rate along with high computational cost |
Wang et al. [33] | Intrusion detection | Gaussian and uniformly distributed method | Performed intrusion detection with low detection rate (in the case of lower number of nodes) |
Salehi et al. [31] | Intrusion detection | Information flow based detection | Performed intrusion detection with high false positive rate |
Wazid et al. [17] | Sinkhole node detection in WSN | Cluster based sinkhole node detection | Performed sinkhole node detection with high computation cost |
Wazid et al. [18] | Routing attack detection in IoT | RAD-EI | Performed routing attack detection with high computation cost |
Symbol | Description |
---|---|
jth edge node | |
ith IoT smart device (sensor node) | |
kth sinkhole attacker node | |
List of suspected s | |
List of s | |
, | Identities of and , respectively |
Shared secret key between and | |
Energy remaining value at an IoT sensor | |
Rank of an IoT sensor | |
, | Lowest and highest values of ranks of , respectively |
Hop count for from | |
Threshold value of hop count for the network | |
, | Messages containing status & data query and status response, respectively |
, | Messages containing only data and information, respectively |
, | Information contents in messages and , respectively |
Message ’s data content | |
Waiting time and its threshold at , respectively | |
, , | Packet delivery ratios under normal circumstance of traffic, |
attack condition and under SAD-EIoT, respectively | |
Detection rate/true positive rate | |
False positive rate | |
, | True and false positives, respectively |
, | True and false negatives, respectively |
, , | End-to-end delay (in seconds) in normal condition, |
attack condition and under SAD-EIoT cases, respectively | |
, , | Throughput in bits per second in normal condition, |
attack condition and under SAD-EIoT cases, respectively | |
“Total data packets transmitted by IoT sensing devices” | |
“Total confirmed data packets received at ” | |
“Total data packets that are not transmitted to edge node” by attacker nodes | |
“Total data packets that are not transmitted to edge node” by authentic attacker nodes | |
“Total data packets that are not transmitted to edge node” by attacker nodes | |
“Information message transmitted by each ” to all regular IoT sensing nodes | |
, | “Sending and receiving time” of a data packet, say i, respectively |
“One-way collision-resistant cryptographic hash function” | |
p | Total packets |
, | A data packet and its corresponding size |
ℏ | Hashed message authentication code (HMAC) |
Concatenation of data X with data Y |
Parameter | Description |
---|---|
Platform | Ubuntu 18.04 LTS |
Network area | m |
Number of nodes | 121 nodes |
Number of attacker nodes | 24 |
Time considered for simulations | 1800 s |
Traffic type | CBR/UDP |
Packet transmission rate | 25 Kbps |
IoT device’s communication range | 100 m |
Parameter | Case of Normal Flow | Case of Sinkhole | Under the Deployment |
---|---|---|---|
of Traffic | Attack | of SAD-EIoT | |
Packet delivery ratio | 0.81 | 0.29 | 0.77 |
Packet loss rate (in pps) | 0.005 | 0.012 | 0.006 |
End-to-end delay (in seconds) | 0.72803 | 0.80338 | 0.74485 |
Throughput (in bps) | 12.48 | 2.88 | 11.84 |
Actual Value | |||
---|---|---|---|
Predicted value | Positives | Negatives | |
Positives | TP: 23 | FP: 01 | |
Negatives | FN: 01 | TN: 96 |
© 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Pundir, S.; Wazid, M.; Singh, D.P.; Das, A.K.; J. P. C. Rodrigues, J.; Park, Y. Designing Efficient Sinkhole Attack Detection Mechanism in Edge-Based IoT Deployment. Sensors 2020, 20, 1300. https://doi.org/10.3390/s20051300
Pundir S, Wazid M, Singh DP, Das AK, J. P. C. Rodrigues J, Park Y. Designing Efficient Sinkhole Attack Detection Mechanism in Edge-Based IoT Deployment. Sensors. 2020; 20(5):1300. https://doi.org/10.3390/s20051300
Chicago/Turabian StylePundir, Sumit, Mohammad Wazid, Devesh Pratap Singh, Ashok Kumar Das, Joel J. P. C. Rodrigues, and Youngho Park. 2020. "Designing Efficient Sinkhole Attack Detection Mechanism in Edge-Based IoT Deployment" Sensors 20, no. 5: 1300. https://doi.org/10.3390/s20051300
APA StylePundir, S., Wazid, M., Singh, D. P., Das, A. K., J. P. C. Rodrigues, J., & Park, Y. (2020). Designing Efficient Sinkhole Attack Detection Mechanism in Edge-Based IoT Deployment. Sensors, 20(5), 1300. https://doi.org/10.3390/s20051300