6LOWPAN ROUTING ATTACK DETECTION IN THE IOT

The Internet of Things (IoT) is increasing in popu- larity, opening up new opportunities for applications in a variety of fields. However, because of the device’s constrained resources and the dynamic topology for networks, The security of the Internet of Things is challenging.Due to the characteristics of the network, routing attacks on 6LoWPAN-based IoT devices can be particularly challenging to identify. Several techniques for detecting routing attacks, including anomaly detection, have been proposed in recent years. These techniques use various characteristics of network traffic to identify and classify routing attacks. This paper focuses on routing attacks against the Routing Protocol for Low-Power and Lossy Networks (RPL), which is widely used in IoT systems based on 6LoWPAN. The attacks discussed in this paper can be classified as either inherited from Wireless Sensor Networks or exploiting RPL-specific vulnerabil- ities. To detect routing attacks, this paper proposes an innovative Hybrid Intrusion Detection System (HIDS) that combines a one- class Support Vector Machine classifier with a decision tree classifier. To identify routing attacks with high accuracy and a low false alarm rate, the HIDS leverages the strengths of both a Signature Intrusion Detection System (SIDS) and an Anomaly-based Intrusion Detection System (AIDS). The routing dataset, which contains genuine IoT network traffic as well as various types of routing attacks, was implemented to run the proposed HIDS through tests. The hybrid IDS proposed in this study outperforms SIDS and AIDS approaches, according to the findings, with higher detection rates and lower false positive rates.