An Intrusion Detection System for Constrained WSN and IoT Nodes Based on Binary Logistic Regression
Date
2018ISBN
978-1-4503-5960-3Publisher
Association for Computing MachineryPlace of publication
Montreal, QC, CanadaSource
Proceedings of the 21st ACM International Conference on Modeling, Analysis and Simulation of Wireless and Mobile SystemsGoogle Scholar check
Metadata
Show full item recordAbstract
In this paper we evaluate the feasibility of running a lightweight Intrusion Detection System within a constrained sensor or IoT node. We propose mIDS, which monitors and detects attacks using a statistical analysis tool based on Binary Logistic Regression (BLR). mIDS takes as input only local node parameters for both benign and malicious behavior and derives a normal behavior model that detects abnormalities within the constrained node.We offer a proof of correct operation by testing mIDS in a setting where network-layer attacks are present. In such a system, critical data from the routing layer is obtained and used as a basis for profiling sensor behavior. Our results show that, despite the lightweight implementation, the proposed solution achieves attack detection accuracy levels within the range of 96% - 100%.