{"title":"DEEM:一种用于检测物联网天坑攻击的分散节能方法","authors":"Saeid Rafiei Taghanaki, K. Jamshidi, Ali Bohlooli","doi":"10.1109/ICCKE48569.2019.8965177","DOIUrl":null,"url":null,"abstract":"The RPL protocol was provided for routing in the Internet of Things (IoT) network. This protocol may be under attack. One of the attacks in the RPL protocol is the sinkhole attack that, an attacker tries to attract nearby nodes and, as a result, it causes that many nodes pass their traffic through the attacker node. In the previous methods for detecting a sinkhole attack in the RPL protocol, the accuracy of the detection parameter has been important. In the present study, by providing a local detection method called DEEM and improving the overhead in terms of energy consumption associated with the detection method, also a proper detection accuracy was obtained. DEEM has two phases in each node called Information Gathering and Detection Phases. We implemented DEEM on Contiki OS and evaluated it using the Cooja simulator. Our assessment shows that, in simulated scenarios, DEEM has a low overhead in term of energy consumption, a high true positive rate, and a good detection speed, and this is a scalable method. The cost of DEEM overhead is small enough to be deployed in resource-constrained nodes.","PeriodicalId":6685,"journal":{"name":"2019 9th International Conference on Computer and Knowledge Engineering (ICCKE)","volume":"2 1","pages":"325-330"},"PeriodicalIF":0.0000,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"DEEM: A Decentralized and Energy Efficient Method for detecting sinkhole attacks on the internet of things\",\"authors\":\"Saeid Rafiei Taghanaki, K. Jamshidi, Ali Bohlooli\",\"doi\":\"10.1109/ICCKE48569.2019.8965177\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The RPL protocol was provided for routing in the Internet of Things (IoT) network. This protocol may be under attack. One of the attacks in the RPL protocol is the sinkhole attack that, an attacker tries to attract nearby nodes and, as a result, it causes that many nodes pass their traffic through the attacker node. In the previous methods for detecting a sinkhole attack in the RPL protocol, the accuracy of the detection parameter has been important. In the present study, by providing a local detection method called DEEM and improving the overhead in terms of energy consumption associated with the detection method, also a proper detection accuracy was obtained. DEEM has two phases in each node called Information Gathering and Detection Phases. We implemented DEEM on Contiki OS and evaluated it using the Cooja simulator. Our assessment shows that, in simulated scenarios, DEEM has a low overhead in term of energy consumption, a high true positive rate, and a good detection speed, and this is a scalable method. The cost of DEEM overhead is small enough to be deployed in resource-constrained nodes.\",\"PeriodicalId\":6685,\"journal\":{\"name\":\"2019 9th International Conference on Computer and Knowledge Engineering (ICCKE)\",\"volume\":\"2 1\",\"pages\":\"325-330\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 9th International Conference on Computer and Knowledge Engineering (ICCKE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCKE48569.2019.8965177\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 9th International Conference on Computer and Knowledge Engineering (ICCKE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCKE48569.2019.8965177","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
DEEM: A Decentralized and Energy Efficient Method for detecting sinkhole attacks on the internet of things
The RPL protocol was provided for routing in the Internet of Things (IoT) network. This protocol may be under attack. One of the attacks in the RPL protocol is the sinkhole attack that, an attacker tries to attract nearby nodes and, as a result, it causes that many nodes pass their traffic through the attacker node. In the previous methods for detecting a sinkhole attack in the RPL protocol, the accuracy of the detection parameter has been important. In the present study, by providing a local detection method called DEEM and improving the overhead in terms of energy consumption associated with the detection method, also a proper detection accuracy was obtained. DEEM has two phases in each node called Information Gathering and Detection Phases. We implemented DEEM on Contiki OS and evaluated it using the Cooja simulator. Our assessment shows that, in simulated scenarios, DEEM has a low overhead in term of energy consumption, a high true positive rate, and a good detection speed, and this is a scalable method. The cost of DEEM overhead is small enough to be deployed in resource-constrained nodes.