Routing Attacs pada Internet Of Things Berbasis Smart Intrution Detecion System
DOI:
https://doi.org/10.25126/jtiik.2020721926Abstrak
Internet of Things (IoT) telah memasuki berbagai aspek kehidupan manusia, diantaranya smart city, smart home, smart street, dan smart industry yang memanfaatkan internet untuk memantau informasi yang dibutuhkan. Meskipun sudah dienkripsi dan diautentikasi, protokol jaringan IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN) yang dapat menghubungkan benda-benda yang terbatas sumber daya di IoT masih belum dapat diandalkan. Hal ini dikarenakan benda-benda tersebut masih dapat terpapar oleh routing attacks yang berasal dari jaringan 6LoWPAN dan internet. Makalah ini menyajikan kinerja Smart Intrusion Detection System berdasarkan Compression Header Analyzer untuk menganalisis model routing attacks lainnya pada jaringan IoT. IDS menggunakan compression header 6LoWPAN sebagai fitur untuk machine learning algorithm dalam mempelajari jenis routing attacks. Skenario simulasi dikembangkan untuk mendeteksi routing attacks berupa selective forwarding attack dan sinkhole attack. Pengujian dilakukan menggunakan feature selection dan machine learning algorithm. Feature selection digunakan untuk menentukan fitur signifikan yang dapat membedakan antara aktivitas normal dan abnormal. Sementara machine learning algorithm digunakan untuk mengklasifikasikan routing attacks pada jaringan IoT. Ada tujuh machine learning algorithm yang digunakan dalam klasifikasi antara lain Random Forest, Random Tree, J48, Bayes Net, JRip, SMO, dan Naive Bayes. Hasil percobaan disajikan untuk menunjukkan kinerja Smart Intrusion Detection System berdasarkan Compression Header Analyzer dalam menganalisis routing attacks. Hasil evaluasi menunjukkan bahwa IDS ini dapat mendeteksi antara serangan dan non-serangan.
Abstract
Internet of Things (IoT) has entered various aspects of human life including smart city, smart home, smart street, and smart industries that use the internet to get the information they need. Even though it's encrypted and authenticated, Internet protocol IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN) networks that can connect limited resources to IoT are still unreliable. This is because these objects can still be exposed to attacks from 6LoWPAN and the internet. This paper presents the performance of an Smart Intrusion Detection System based on Compression Header Analyzer to analyze other routing attack models on IoT networks. IDS uses a 6LoWPAN compression header as a feature for machine learning algorithms in learning the types of routing attacks. Simulation scenario was developed to detect routing attacks in the form of selective forwarding and sinkhole. Testing is done using the feature selection and machine learning algorithm. Feature selection is used to determine significant features that can distinguish between normal and abnormal activities. While machine learning algorithm is used to classify attacks on IoT networks. There were seven machine learning algorithms used in the classification including Random Forests, Random Trees, J48, Bayes Net, JRip, SMO, and Naive Bayes. Experiment Results to show the results of the Smart Intrusion Detection System based on Compression Header Analyzer in analyzing routing attacks. The evaluation results show that this IDS can protect between attacks and non-attacks.
Downloads
Referensi
ALRAJEH, N. A., KHAN, S. dan SHAMS, B. , 2013. Intrusion detection systems in wireless sensor networks: A review. International Journal of Distributed Sensor Networks.
AMBHORE, P., 2014. International Journal of Advanced Research in Intrusion Detection System for Intranet Security.
AMISH, P. dan VAGHELA, V. B., 2016. Detection and Prevention of Wormhole Attack in Wireless Sensor Network using AOMDV Protocol.
Procedia Computer Science, 79, pp. 700–707, Elsevier Masson SAS.
AYDIN, M. A., ZAIM, A. H. dan CEYLAN, K. G., 2009. A hybrid intrusion detection system design for computer network security. Computers and Electrical Engineering, 35(3), pp. 517–526. Elsevier Ltd.
CHELLI, K., 2015. Security Issues in Wireless Sensor Networks: Attacks and Countermeasures.
CRUZ, M. A. A. et al,. 2018. A Reference Model for Internet of Things Middleware. 5(2), pp. 871–883.
DESALE, KETAN SANJAY dan ADE, R., 2015. Genetic Algorithm based Feature Selection Approach for Effective Intrusion Detection System. 2015 International Conference on Computer Communication and Informatics.
HALL, M., 1999. Correlation-based Feature Selection for Machine Learning. 21i195-i20(April), pp. 1–5. Methodology.
HEER, T. et al,. 2011. Security Challenges in the IP-based Internet of Things. pp. 527–542.
JABEZ, J. dan MUTHUKUMAR, B., 2015. Intrusion detection system (ids): Anomaly detection using outlier detection approach. Procedia Computer Science, 48(C), pp. 338–346. Elsevier Masson SAS.
KAMESH dan SAKTHI PRIYA, N., 2014. Security enhancement of authenticated RFID generation. International Journal of Applied Engineering Research, 9(22), pp. 5968–5974.
KANG, S., 2015. A Feature Selection Algorithm to Find Optimal Feature Subsets for Detecting DoS Attacks. pp. 1–3.
KIM, S. dan LEE, I., 2017. IoT device security based on proxy re-encryption. Journal of Ambient Intelligence and Humanized Computing, 0(0), p. 0. Springer Berlin Heidelberg.
KOLIAS, C. et al,. 2016. Intrusion detection in 802.11 networks: Empirical evaluation of threats and a public dataset. IEEE Communications Surveys and Tutorials, 18(1), pp. 184–208.
KOTHMAYR, T., 2011. A Security Architecture for Wireless Sensor Networks based on DTLS.
MEENAKSHI, M. dan GEETIKA, G., 2014. Survey on Classification Methods using WEKA. India International Journal of Computer Applications, 86(18), pp. 16–19.
NAPIAH, M. N. et al,. 2018. Compression Header Analyzer Intrusion Detection System (CHA -IDS) for 6LoWPAN Communication Protocol. IEEE Access, 3536(c).
NGU, A. H. H. et al., 2016. IoT Middleware : A Survey on Issues and Enabling Technologies. X(X), pp. 1–20.
PAVAN PONGLE, G. C., 2015. A Survey : Attacks on RPL and 6LoWPAN in IoT. 0(c), pp. 0–5.
PHARATE, A., 2015. Classification of Intrusion Detection System. 118(7), pp. 23–26.
PONGLE, P. dan CHAVAN, G., 2015. Real Time Intrusion and Wormhole Attack Detection in Internet of Things. International Journal of Computer Applications, 121(9), pp. 975–8887.
RAZA, S., DUQUENNOY, S., 2011. Securing communication in 6LoWPAN with compressed IPsec. In Distributed Computing in Sensor Systems and. IEEE Workshops (DCOSS), pp. 1–8.
RAZA, S., WALLGREN, L. dan VOIGT, T., 2013. SVELTE : Real-time intrusion detection in the Internet of Things. AD HOC NETWORKS. Elsevier B.V.
SAHU, S. dan MEHTRE, B. M., 2015. Network Intrusion Detection System Using J48 Decision Tree. Advances in Computing, Communications and Informatics (ICACCI), 2015 International Conference on, pp. 2023–2026.
SHAH, H., SHRIMALI, R. dan PARIKH, V., 2016. Header Compression and Neighbor Discovery in 6LoWPAN based IoT - A survey. Proceedings of the 2016 IEEE International Conference on Wireless Communications, Signal Processing and Networking, pp. 306–311. WiSPNET 2016.
SHELBY, Z. dan BORMANN, C., 2009. 6LoWPAN : The Wireless Embedded Internet.
SINGH, V. P., 2013. Signal Strength based Hello Flood Attack Detection and Prevention in Wireless Sensor Networks. 62(15), pp. 1–6.
SONAR, K. dan UPADHYAY, H., 2016. An Approach to Secure Internet of Things Against DDoS.
WALLGREN, L., RAZA, S. dan VOIGT, T., 2013. Routing Attacks and Countermeasures in the RPL-Based Internet of Things.
Unduhan
Diterbitkan
Terbitan
Bagian
Lisensi
Artikel ini berlisensi Creative Common Attribution-ShareAlike 4.0 International (CC BY-SA 4.0)
Penulis yang menerbitkan di jurnal ini menyetujui ketentuan berikut:
- Penulis menyimpan hak cipta dan memberikan jurnal hak penerbitan pertama naskah secara simultan dengan lisensi di bawah Creative Common Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) yang mengizinkan orang lain untuk berbagi pekerjaan dengan sebuah pernyataan kepenulisan pekerjaan dan penerbitan awal di jurnal ini.
- Penulis bisa memasukkan ke dalam penyusunan kontraktual tambahan terpisah untuk distribusi non ekslusif versi kaya terbitan jurnal (contoh: mempostingnya ke repositori institusional atau menerbitkannya dalam sebuah buku), dengan pengakuan penerbitan awalnya di jurnal ini.
- Penulis diizinkan dan didorong untuk mem-posting karya mereka online (contoh: di repositori institusional atau di website mereka) sebelum dan selama proses penyerahan, karena dapat mengarahkan ke pertukaran produktif, seperti halnya sitiran yang lebih awal dan lebih hebat dari karya yang diterbitkan. (Lihat Efek Akses Terbuka).
