Intrusion Detection System Framework for Internet of Things

Visa enkel post
dc.contributor.authorBecker, Johan
dc.contributor.authorVester, My
dc.contributor.departmentChalmers tekniska högskola / Institutionen för data- och informationsteknik (Chalmers)sv
dc.contributor.departmentChalmers University of Technology / Department of Computer Science and Engineering (Chalmers)en
dc.date.accessioned2019-07-03T14:28:20Z
dc.date.available2019-07-03T14:28:20Z
dc.date.issued2017
dc.description.abstractToday, we see an increasing trend towards connected devices. This trend of connecting devices instead of people is called the Internet of Things (IoT). Some of these devices are sensor nodes that are battery-driven micro controller units that are equipped with sensors and wireless communication capabilities. When they are connected to each other they compose a wireless sensor network (WSN). Historically the sensor nodes have been very limited both in terms of computational power and size of memory. As the nodes have grown more powerful, the WSNs have started to communicate using IP, allowing for communication towards the Internet, which makes the network vulnerable against common attacks against connected devices. This is a problem since the nodes often lack protection due to their hardware limitations. However, a new and more powerful generation of sensor nodes is currently available. Allowing for additional security for the applications because they now have more memory, hence they can store both the intended application and an Intrusion Detection System (IDS). This thesis presents the design, implementation and evaluation of a novel design of an IDS framework for sensor nodes. The IDS is implemented on top of the Contiki operating system (OS) which is a widely used OS for wireless sensor nodes. The evaluation of the IDS is performed with focus on energy consumption, detection rate, network reliability and latency, which makes the results comparable to other related works in the field. The main contribution of the thesis is a novel design of a detection method for detecting different routing attacks against RPL including sinkhole attacks, wormhole attacks and selective-forwarding attacks. The method is called RoVer which stands for role-based verification. The IDS framework combines different detection methods for discovering both Denial of Service attacks and routing attacks. The implementation is tested and evaluated on the modern sensor node platform called Texas Instruments SensorTag CC2650STK. Results show that the methods designed and implemented within the thesis are not just feasible but also effective when detecting attacks against the sensor nodes. Evaluation shows that RoVer has a detection rate of 100% while the two detection algorithms for flooding attacks have detection rates on 75%, all while keeping the amount of false alarms to a low number.
dc.identifier.urihttps://hdl.handle.net/20.500.12380/249988
dc.language.isoeng
dc.setspec.uppsokTechnology
dc.subjectData- och informationsvetenskap
dc.subjectComputer and Information Science
dc.titleIntrusion Detection System Framework for Internet of Things
dc.type.degreeExamensarbete för masterexamensv
dc.type.degreeMaster Thesisen
dc.type.uppsokH
local.programmeComputer systems and networks (MPCSN), MSc
Ladda ner
Original bundle
Visar 1 - 1 av 1
Bild (thumbnail)
Namn:
249988.pdf
Storlek:
17.45 MB
Format:
Adobe Portable Document Format
Beskrivning:
Fulltext
Ladda ner
Samling
Examensarbeten för masterexamen