Skip to main content
SpringerLink
Log in

An Intrusion Detection System on Ping of Death Attacks in IoT Networks

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Internet of things (IoT) is almost vulnerable to cyber security attacks due to the limited computational resources of conventional IoT devices. In this paper, ping of death as a cyber security attack is modeled for IoT networks. Attackers increase the length of transmit packets intentionally in order to degrade the network resources. To mitigate ping of death attacks, an intrusion detection system (IDS) is designed to be included in the network gateway to detect attacks and to filter out the over-length packets. The IDS relies on an integer optimization problem minimizing the false alarm probability while maintaining the missed detection probability below a desired level. The problem is solved using a search method. Simulation results demonstrate the impact of the proposed IDS by not allowing the gateway queue lengths to grow unexpectedly and to maintain queues at a normal level. Furthermore, simulation results provide a guideline for the network administrator to configure the IDS parameters such a normal packet length.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

References

  1. IoT Analytics. (2014). Why the internet of things is called internet of things: Definition, history, disambiguation. December 19, 2014. [Online]. https://iot-analytics.com/internetof-things-definition.

  2. Al-Shargabi, B, & Sabri, O. (2017). Internet of things: An exploration study of opportunities and challenges. In 2017 international conference on engineering & MIS (ICEMIS) on IEEE, 2017.

  3. Hao, C., Xueqin, J., & Heng, L. (2011). A brief introduction to IoT gateway. In IET international conference on communication technology and application (ICCTA 2011) (pp. 610–613).

  4. Samuel, S. S. I. (2016). A review of connectivity challenges in IoT-smart home. In 3rd MEC international conference on big data and smart city, IEEE conferences, 2016.

  5. Rayes, A., & Salam, S. (2017). Internet of things security and privacy. In Springer, 2017 (pp. 211–238).

  6. Kibirige, G. W., & Sanga, C. (2015). A survey on detection of sinkhole attack in wireless sensor network. arXiv preprint arXiv:1505.01941.

  7. Keshri, A., Singh, S., Agarwal, M., & Nandiy, S. K. (2016). DoS attacks prevention using IDS and data mining. In 2016 international conference on accessibility to digital world (ICADW), IEEE conferences (pp. 87–92).

  8. Xena network team. (2017). Distributed denial of service, DDoS attack testing and verification solutions. July, 2017. [Online]. https://www.xenanetworks.com/wp-content/uploads/2017/07/Xena-DDoS-WP.pdf.

  9. Brachmann, M., Keoh, S. L., Morchon, O. G., & Kumar, S. S. (2012). End-to-end transport security in the IP-based internet of things. In 21st international conference on computer communications and networks (ICCCN), 2012.

  10. Raza, S., Shafagh, H., Hewage, K., Hummen, R., & Voigt, T. (2013). Lithe: Lightweight Secure CoAP for the internet of things. IEEE Sensors Journal,13, 3711–3720.

    Article  Google Scholar 

  11. Raza, S., Trabalza, D., & Voigt, T. (2012). 6lowpan compressed DTLS for CoAP. In 2012 IEEE 8th international conference on distributed computing in sensor systems (pp. 287–289).

  12. Kumar, V., & Tiwari, S. (2012). Routing in IPv6 over low-power wireless personal area networks (6LoWPAN): A survey. Journal of Computer Networks and Communications, 1–11.

  13. Raza, S., Duquennoy, S., Chung, T., Yazar, D., Voigt, T., & Roedig, U. (2011). Securing communication in 6LoWPAN with compressed IPsec. In Distributed computing in sensor systems and workshops (DCOSS) (pp. 1–8).

  14. Pharate, A., & Bhat, B. (2015). Classification of intrusion detection system. International Journal of Computer Applications,118(17), 0975–8887.

    Google Scholar 

  15. Ioulianou, P., Vasileios, V., Ioannis, M., & Michael, L. (2018). A signature-based intrusion detection system for the internet of things. Information and Communication Technology Form.

  16. Ukil, A., Bandyoapdhyay, S., Puri, C., & Pal, A. (2016). IoT healthcare analytics: The importance of anomaly detection. In 2016 IEEE 30th international conference on advanced information networking and applications (AINA) (pp. 994–997).

  17. Le, A., Loo, J., Chai, K., & Aiash, M. (2016). A specification-based IDS for detecting attacks on RPL-based network topology. Information,7(2), 25.

    Article  Google Scholar 

  18. Sedjelmaci, H., Senouci, S. M., & Al-Bahri, M. (2016). A lightweight anomaly detection technique for low-resource IoT devices: A game-theoretic methodology. In 2016 IEEE international conference on communications (ICC), 2016.

  19. Raza, S., Wallgren, L., & Voigt, T. (2013). SVELTE: Real-time intrusion detection in the Internet of Things. Ad Hoc Networks,11, 2661–2674.

    Article  Google Scholar 

  20. Raza, S., Duquennoy, S., Höglund, J., & Voigt, U. R. A. T. (2012). Secure communication for the Internet of Things a comparison of link-layer security and IPsec for 6LowPAN. Security and Communication Networks,7(12), 2654–2668.

    Article  Google Scholar 

  21. Cervantes, C., Poplade, D., Nogueira, M., & Santos, A. (2015). Detection of sinkhole attacks for supporting secure routing on 6LoWPAN for internet of things. In 2015 IFIP/IEEE international symposium on integrated network management (IM), 2015.

  22. Surendar, M., & Umamakeswari, A. (2016). InDReS: An intrusion detection and response system for Internet of Things with 6LoWPAN. In Proceedings of 2016 IEEE international conference on wireless communications signal processing and networking (pp. 903–1908).

  23. Yan, K., Wang, S., Wang, S., & Liu, C. (2010). Hybrid intrusion detection system for enhancing the security of a cluster-based. In 2010 3rd international conference on computer science and information technology (Vol. 1, pp. 114–118).

  24. Sedjelmaci, H., Senouci, S., & Taleb, T. (2017). An accurate security game for low-resource IoT devices. IEEE Transactions on Vehicular Technology,66(10), 9381–9393.

    Article  Google Scholar 

  25. Stolyar, A. L. (2005). Maximizing queuing network utility subject to stability: Greedy primal–dual algorithm. Queueing Systems,50(4), 401–457.

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electrical Engineering, University of Kurdistan, Sanandaj, Iran

    Asrin Abdollahi & Mohammad Fathi

Authors
  1. Asrin Abdollahi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohammad Fathi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohammad Fathi.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Abdollahi, A., Fathi, M. An Intrusion Detection System on Ping of Death Attacks in IoT Networks. Wireless Pers Commun 112, 2057–2070 (2020). https://doi.org/10.1007/s11277-020-07139-y

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-020-07139-y

Keywords

Search

Navigation