A Lightweight Anomaly Detection Technique for Low-Resource IoT Devices: A Game-Theoretic Methodology

Affiliation auteurs!!!! Error affiliation !!!!
TitreA Lightweight Anomaly Detection Technique for Low-Resource IoT Devices: A Game-Theoretic Methodology
Type de publicationConference Paper
Year of Publication2016
AuteursSedjelimaci H, Senouci SMohammed, Al-Bahri M
Conference Name2016 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS (ICC)
PublisherIEEE; IEEE Commun Soc
Conference Location345 E 47TH ST, NEW YORK, NY 10017 USA
ISBN Number978-1-4799-6664-6
Mots-clésAnomaly detection, game theory, Low-resources devices, Nash equilibrium
Résumé

In the Internet of Things (IoT), resources' constrained tiny sensors and devices could be connected to unreliable and untrusted networks. Nevertheless, securing IoT technology is mandatory, due to the relevant data handled by these devices. Intrusion Detection System (IDS) is the most efficient technique to detect the attackers with a high accuracy when cryptography is broken. This is achieved by combining the advantages of anomaly and signature detection, which are high detection and low false positive rates, respectively. To achieve a high detection rate, the anomaly detection technique relies on a learning algorithm to model the normal behavior of a node and when a new attack pattern (often known as signature) is detected, it will be modeled with a set of rules. This latter is used by the signature detection technique for attack confirmation. However, the activation of anomaly detection for low-resource IoT devices could generate a high-energy consumption, specifically when this technique is activated all the time. Using game theory and with the help of Nash equilibrium, anomaly detection is activated only when a new attack's signature is expected to occur. This will make a balance between accuracy detection and energy consumption. Simulation results show that the proposed anomaly detection approach requires a low energy consumption to detect the attacks with high accuracy (i.e. high detection and low false positive rates).

DOI10.1109/ICC.2016.7510811