Skip to main content
SpringerLink
Log in

A hybrid IDS for detection and mitigation of sinkhole attack in 6LoWPAN networks

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

The Internet of Things (IoT) is an expanding field of computer networks where resource-constrained devices connect to the internet through various wireless technologies. IoT systems already cover a broad spectrum, including smart homes, smart hospital systems, and hazard detection systems, with their influence expected to grow in the coming years. However, IoT systems are not without their drawbacks, as security breaches and device malfunctions can lead to severe disruptions in the ecosystem. In this article, we introduce an edge-assisted hybrid intrusion detection system designed to detect and mitigate Sinkhole Attacks (SHAs) within the IoT ecosystem. The unique aspect of our proposed approach is its deployment on edge devices, enabling it to identify SHAs as close as possible to the relevant data sources. Furthermore, we provide a comparative analysis based on simulation results and real-world testbed experiments to support our proposed methodology. Our findings demonstrate considerable improvements in scalability, accuracy, precision, recall, F1 score, packet delivery ratio, per-node power consumption, overall IoT network energy consumption, and end-to-end delay.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Algorithm 1
Fig. 6
Algorithm 2
Algorithm 3
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18

Similar content being viewed by others

Data policy and data availability statements

The data used in this study is available upon request from the corresponding author. In addition, data are available from the authors upon reasonable request and with permission of Bostani et al. [16] and Yavuz et al. [24].

References

  1. Hadaya, N.N., Alabady, S.A.: Improved RPL protocol for low-power and lossy network for IoT environment. SN Comput. Sci. 2(5), 341 (2021)

    Article  Google Scholar 

  2. Thakor, V.A., Razzaque, M.A., Khandaker, M.R.: Lightweight cryptography algorithms for resource-constrained IoT devices: a review, comparison and research opportunities. IEEE Access 9, 28177–28193 (2021)

    Article  Google Scholar 

  3. Quy, V.K., Hau, N.V., Anh, D.V., Ngoc, L.A.: Smart healthcare IoT applications based on fog computing: architecture, applications and challenges. Complex Intell. Syst. 8(5), 3805–3815 (2022)

    Article  Google Scholar 

  4. Wu, Y., Dai, H.N., Wang, H., Xiong, Z., Guo, S.: A survey of intelligent network slicing management for industrial IoT: integrated approaches for smart transportation, smart energy, and smart factory. IEEE Commun. Surv. Tutor. 24(2), 1175–1211 (2022)

    Article  Google Scholar 

  5. Bradley, J., Barbier, J., Handler, D.: Embracing the internet of everything to capture your share of \$14.4 trillion. Technical report, CISCO (2013)

  6. Das, A., Adhikari, N., Bhale, P.K., Rath, S.: A novel approach to detect rank attack in IoT ecosystem. In: Innovations in Intelligent Computing and Communication: First International Conference, ICIICC 2022, Bhubaneswar, Odisha, India, December 16–17, 2022, Proceedings. Springer, pp. 204–221 (2023)

  7. Bang, A.O., Rao, U.P., Kaliyar, P., Conti, M.: Assessment of routing attacks and mitigation techniques with RPL control messages: a survey. ACM Comput. Surv. (CSUR) 55(2), 1–36 (2022)

    Article  Google Scholar 

  8. Bhale, P., Dey, S., Biswas, S., Nandi, S.: Energy efficient approach to detect sinkhole attack using roving IDS in 6LoWPAN network. In: Innovations for Community Services: 20th International Conference, I4CS 2020, Bhubaneswar, India, January 12–14, 2020, Proceedings 20, pp. 187–207. Springer (2020)

  9. Bang, A.O., Rao, U.P., Visconti, A., Brighente, A., Conti, M.: An IoT inventory before deployment: a survey on IoT protocols, communication technologies, vulnerabilities, attacks, and future research directions. Comput. Secur. 123, 102914 (2022)

    Article  Google Scholar 

  10. Rondon, L.P., Babun, L., Aris, A., Akkaya, K., Uluagac, A.S.: Survey on enterprise internet-of-things systems (E-IoT): a security perspective. Ad Hoc Netw. 125, 102728 (2022)

    Article  Google Scholar 

  11. Kharrufa, H., Al-Kashoash, H.A., Kemp, A.H.: RPL-based routing protocols in IoT applications: a review. IEEE Sens. J. 19(15), 5952–5967 (2019)

    Article  Google Scholar 

  12. Yusoff, N.H.M., Zakaria, N.A., Sikora, A., et al.: 6LoWPAN protocol in fixed environment: A performance assessment analysis. In: 2019 10th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), vol. 2, pp. 1142–1147. IEEE (2019)

  13. Gandhi, K.K.A., Arumugam, C.: Toward a unified and secure approach for extraction of forensic digital evidence from an IoT device. Int. J. Inf. Secur. 22, 1–15 (2022)

    Google Scholar 

  14. Kureshi, R.R., Mishra, B.K.: A comparative study of data encryption techniques for data security in the IoT device. In: Internet of Things and Its Applications: Select Proceedings of ICIA 2020, pp. 451–460. Springer (2022)

  15. Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in the Internet of Things. Ad Hoc Netw. 11(8), 2661–2674 (2013)

    Article  Google Scholar 

  16. Bostani, H., Sheikhan, M.: Hybrid of anomaly-based and specification-based IDS for Internet of Things using unsupervised OPF based on MapReduce approach. Comput. Commun. 98, 52–71 (2017)

    Article  Google Scholar 

  17. Bilal, A., Hasany, S.M.N., Pitafi, A.H.: Effective modelling of sinkhole detection algorithm for edge-based Internet of Things (IoT) sensing devices. IET Commun. 16(8), 845–855 (2022)

    Article  Google Scholar 

  18. Zaminkar, M., Fotohi, R.: SoS-RPL: securing internet of things against sinkhole attack using RPL protocol-based node rating and ranking mechanism. Wirel. Pers. Commun. 114, 1287–1312 (2020)

    Article  Google Scholar 

  19. Sangaiah, A.K., Javadpour, A., Ja’fari, F., Pinto, P., Ahmadi, H., Zhang, W.: CL-MLSP: the design of a detection mechanism for sinkhole attacks in smart cities. Microprocess. Microsyst. 90, 104504 (2022)

    Article  Google Scholar 

  20. Liu, Y., Ma, M., Liu, X., Xiong, N.N., Liu, A., Zhu, Y.: Design and analysis of probing route to defense sink-hole attacks for Internet of Things security. IEEE Trans. Netw. Sci. Eng. 7(1), 356–372 (2018)

    Article  Google Scholar 

  21. Prathapchandran, K., Janani, T.: A trust aware security mechanism to detect sinkhole attack in RPL-based IoT environment using random forest-RFTRUST. Comput. Netw. 198, 108413 (2021)

    Article  Google Scholar 

  22. Sharma, G., Grover, J., Verma, A.: QSec-RPL: detection of version number attacks in RPL based mobile IoT using Q-learning. Ad Hoc Netw. 142, 103118 (2023)

    Article  Google Scholar 

  23. Nayak, S., Ahmed, N., Misra, S.: Deep learning-based reliable routing attack detection mechanism for industrial Internet of Things. Ad Hoc Netw. 123, 102661 (2021)

    Article  Google Scholar 

  24. Yavuz, F.Y., Devrim, Ü., Ensar, G.: Deep learning for detection of routing attacks in the internet of things. Int. J. Comput. Intell. Syst. 12(1), 39 (2018)

    Article  Google Scholar 

  25. Adjih, C., Baccelli, E., Fleury, E., Harter, G., Mitton, N., Noel, T., Pissard-Gibollet, R., Saint-Marcel, F., Schreiner, G., Vandaele, J., et al.: FIT IoT-LAB: a large scale open experimental IoT testbed. In: 2015 IEEE 2nd World Forum on Internet of Things (WF-IoT), pp. 459–464. IEEE (2015)

  26. Perez, A.: SSL, TLS and DTLS protocols. In: Network Security, pp. 109–132 (2014)

  27. Batina, L., Chow, S.S.M., Hancke, G., Liu, Z.: Introduction to the special issue on cryptographic engineering for internet of things: security foundations, lightweight solutions, and attacks. ACM Trans. Embed. Comput. Syst. (2019). https://doi.org/10.1145/3322641

    Article  Google Scholar 

  28. Alhirabi, N., Rana, O., Perera, C.: Security and privacy requirements for the internet of things: a survey. ACM Trans. Internet Things (2021). https://doi.org/10.1145/3437537

    Article  Google Scholar 

  29. Hassija, V., Chamola, V., Saxena, V., Jain, D., Goyal, P., Sikdar, B.: A survey on IoT security: application areas, security threats, and solution architectures. IEEE Access 7, 82721–82743 (2019)

    Article  Google Scholar 

  30. Grammatikis, P.I.R., Sarigiannidis, P.G., Moscholios, I.D.: Securing the internet of things: challenges, threats and solutions. Internet of Things 5, 41–70 (2019)

    Article  Google Scholar 

  31. Yibo, C., Hou, K.M., Zhou, H., Shi, H.L., Liu, X., Diao, X., Ding, H., Li, J.J., De Vaulx, C.: 6LoWPAN stacks: a survey. In: 2011 7th International Conference on Wireless Communications, Networking and Mobile Computing, pp. 1–4. IEEE (2011)

  32. Pongle, P., Chavan, G.: A survey: attacks on RPL and 6LoWPAN in IoT. In: 2015 International Conference on Pervasive Computing (ICPC), pp. 1–6. IEEE (2015)

  33. Verma, A., Ranga, V.: Security of RPL based 6LoWPAN networks in the internet of things: a review. IEEE Sens. J. 20(11), 5666–5690 (2020)

    Article  Google Scholar 

  34. Pasikhani, A.M., Clark, J.A., Gope, P., Alshahrani, A.: Intrusion detection systems in RPL-based 6LoWPAN: a systematic literature review. IEEE Sens. J. 21(11), 12940–12968 (2021)

  35. Antwarg, L., Miller, R.M., Shapira, B., Rokach, L.: Explaining anomalies detected by autoencoders using Shapley additive explanations. Expert Syst. Appl. 186, 115736 (2021)

    Article  Google Scholar 

  36. Emeç, M., Özcanhan, M.H.: ROUT42023: RPL based routing attack dataset for IoT. IEEE Dataport (2023). https://doi.org/10.21227/3mbe5j70

  37. Verma, A., Ranga, V.: RPL-NIDDS17-A data set for intrusion detection in RPL based 6LoWPAN networks (Internet of Things). Int. J. Grid Distrib. Comput. 11(8), 43–56 (2018)

    Article  Google Scholar 

  38. Instant Contiki. http://www.contiki-os.org/start.html. Accessed 11 Aug 2018

  39. Cooja Simulator. http://anrg.usc.edu/contiki/index.php/CoojaSimulator. Accessed 11 Aug 2018

  40. Tirumala, A.: Iperf: the TCP/UDP bandwidth measurement tool. http://dast.nlanr.net/Projects/Iperf/ (1999)

  41. Godard, S.: SYSSTAT utilities home page. Information and code. http://sebastien.godard.pagesperso-orange.fr/index.html (2015)

Download references

Acknowledgements

We would like to express our sincere gratitude to the Computer Science and Engineering department of the Indian Institute of Technology Guwahati for their support and assistance during our research. We would also like to acknowledge the Nesec Lab for their invaluable support in providing the required infrastructure for conducting our experiments. Without their assistance, it would not have been possible to carry out this research.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Indian Institute of Technology Guwahati, Guwahati, 781039, Assam, India

    Pradeepkumar Bhale & Sukumar Nandi

  2. Department of Computer Science and Engineering, Indian Institute of Information Technology, Pune, 411041, Maharashtra, India

    Pradeepkumar Bhale

  3. Department of Electrical Engineering and Computer Science, Indian Institute of Technology Bhilai, Bhilai, 492015, Chhattisgarh, India

    Santosh Biswas

Authors
  1. Pradeepkumar Bhale
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Santosh Biswas
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sukumar Nandi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Pradeepkumar Bhale.

Ethics declarations

Conflict of interest

We confirm that the work represents original work and is not under review by any other publication. All authors have reviewed and agreed with its content. Additionally, we declare no competing interests related to this research.

Human and animal rights

The authors did not conduct any studies involving human participants or animals for this work.

Informed consent

No informed consent is to be reported.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bhale, P., Biswas, S. & Nandi, S. A hybrid IDS for detection and mitigation of sinkhole attack in 6LoWPAN networks. Int. J. Inf. Secur. 23, 915–934 (2024). https://doi.org/10.1007/s10207-023-00763-2

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-023-00763-2

Keywords

Search

Navigation