Abstract
IoT devices are vulnerable to various attacks because they are resource-limited. This paper introduces a novel type of attack called time-delay attack. The malicious nodes delay packet forwarding by extending the processing time of packets, thus affecting the performance and availability of the network. This attack is very stealthy and difficult to detect because it does not violate any communication protocol. To the best of our knowledge, how to detect the time-delay attack in IoT networks is still an open problem. We first propose a machine learning-based baseline algorithm to detect the time-delay attack. It models the system features of each node and the forwarding time of packets to detect whether a node is malicious or not. However, the baseline algorithm needs to detect all nodes in the network, which causes unnecessary resource consumption. Moreover, using a single model in the baseline algorithm does not have high robustness. To reduce the overhead and improve the detection performance, we design an efficient Detection algorithm based on Node pruning and Model fusion (DNM). DNM uses node pruning to filter out suspected nodes from all nodes. The suspected nodes are then detected according to a fusion model. We conduct experimental evaluations based on the Cooja network simulator. The experimental results show that baseline and DNM possess close to 90% accuracy, and DNM significantly outperforms other algorithms with an average F1-score of 0.85.
Similar content being viewed by others
Data availability
The datasets generated during and/or analysed during the current study are available from the corresponding author on reasonable request.
References
Aheleroff S, Xu X, Lu Y, Aristizabal M, Velásquez JP, Joa B, Valencia Y (2020) Iot-enabled smart appliances under industry 4.0: A case study. Adv Eng Inform 43. https://doi.org/10.1016/j.aei.2020.101043
Viswanath SK, Yuen C, Tushar W, Li W-T, Wen C-K, Hu K, Chen C, Liu X (2016) System design of the internet of things for residential smart grid. IEEE Wirel Commun 23(5):90–98. https://doi.org/10.1109/MWC.2016.7721747
Fang S, Da Xu L, Zhu Y, Ahati J, Pei H, Yan J, Liu Z (2014) An integrated system for regional environmental monitoring and management based on internet of things. IEEE Trans Industr Inf 10(2):1596–1605. https://doi.org/10.1109/TII.2014.2302638
Wang D, Chen D, Song B, Guizani N, Yu X, Du X (2018) From iot to 5g i-iot: The next generation iot-based intelligent algorithms and 5g technologies. IEEE Commun Mag 56(10):114–120. https://doi.org/10.1109/MCOM.2018.1701310
Pokhrel SR, Vu HL, Cricenti AL (2019) Adaptive admission control for iot applications in home wifi networks. IEEE Trans Mob Comput 19(12):2731–2742. https://doi.org/10.1109/TMC.2019.2935719
Li Y, Chi Z, Liu X, Zhu T (2018). Passive-zigbee: Enabling zigbee communication in iot networks with 1000x+ less power consumption. In: Proceedings of the 16th ACM Conference on Embedded Networked Sensor Systems, pp. 159–171. https://doi.org/10.1145/3274783.3274846
Kim H-S, Ko J, Culler DE, Paek J (2017) Challenging the ipv6 routing protocol for low-power and lossy networks (rpl): A survey. IEEE Commun Surv Tutorials 19(4):2502–2525. https://doi.org/10.1109/COMST.2017.2751617
Deogirikar J, Vidhate A (2017) Security attacks in iot: A survey. In: 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud)(I-SMAC), pp. 32–37. https://doi.org/10.1109/I-SMAC.2017.8058363
Stellios I, Kotzanikolaou P, Psarakis M, Alcaraz C, Lopez J (2018) A survey of iot-enabled cyberattacks: Assessing attack paths to critical infrastructures and services. IEEE Commun Surv Tutorials 20(4):3453–3495. https://doi.org/10.1109/COMST.2018.2855563
Prathapchandran K, Janani T (2021) A trust aware security mechanism to detect sinkhole attack in rpl-based iot environment using random forest-rftrust. Comput Netw 198:108413. https://doi.org/10.1016/j.comnet.2021.108413
Divya K, Jaipriya S, Anitha G, Malathy S, Maheswar R (2018) An energy efficient technique for time sensitive application using mc-wsn. In: 2018 2nd International Conference on Inventive Systems and Control (ICISC), pp. 1451–1455. https://doi.org/10.1109/ICISC.2018.8399048
Poe WY, Schmitt JB (2008) Placing multiple sinks in time-sensitive wireless sensor networks using a genetic algorithm. In: 14th GI/ITG Conference-Measurement, Modelling and Evalutation of Computer and Communication Systems, pp. 1–15
Korala H, Georgakopoulos D, Jayaraman PP, Yavari A (2022) A survey of techniques for fulfilling the time-bound requirements of time-sensitive iot applications. ACM Comput Surv. https://doi.org/10.1145/3510411
Song H, Zhu S, Cao G (2007) Attack-resilient time synchronization for wireless sensor networks. Ad Hoc Netw 5(1):112–125. https://doi.org/10.1016/j.adhoc.2006.05.016
Lee JH, Shin J, Realff MJ (2018) Machine learning: Overview of the recent progresses and implications for the process systems engineering field. Comput Chem Eng 114:111–121. https://doi.org/10.1016/j.compchemeng.2017.10.008
Chen Z, Liu J, Shen Y, Simsek M, Kantarci B, Mouftah HT, Djukic P (2022) Machine learning-enabled iot security: Open issues and challenges under advanced persistent threats. ACM Comput Surv 55(5):1–37. https://doi.org/10.1145/3530812
Huang X, Wu Y (2022) Identify selective forwarding attacks using danger model: Promote the detection accuracy in wireless sensor networks. IEEE Sens J 22(10):9997–10008. https://doi.org/10.1109/JSEN.2022.3166601
Ding J, Wang H, Wu Y (2022) The detection scheme against selective forwarding of smart malicious nodes with reinforcement learning in wireless sensor networks. IEEE Sens J 22(13):13696–13706. https://doi.org/10.1109/JSEN.2022.3176462
Chen X, Feng W, Luo Y, Shen M, Ge N, Wang X (2022) Defending against link flooding attacks in internet of things: A bayesian game approach. IEEE Internet Things J 9(1):117–128. https://doi.org/10.1109/JIOT.2021.3093538
Srinivas TAS, Manivannan S (2020) Prevention of hello flood attack in iot using combination of deep learning with improved rider optimization algorithm. Comput Commun 163:162–175. https://doi.org/10.1016/j.comcom.2020.03.031
Teng Z, Du C, Li M, Zhang H, Zhu W (2022) A wormhole attack detection algorithm integrated with the node trust optimization model in wsns. IEEE Sens J 22(7):7361–7370. https://doi.org/10.1109/JSEN.2022.3152841
Pu C, Choo K-KR (2022) Lightweight sybil attack detection in iot based on bloom filter and physical unclonable function. Comput Secur 113:102541. https://doi.org/10.1016/j.cose.2021.102541
Alghamdi R, Bellaiche M (2023) A cascaded federated deep learning based framework for detecting wormhole attacks in iot networks. Comput Secur 125:103014. https://doi.org/10.1016/j.cose.2022.103014
Kim J-D, Ko M, Chung J-M (2022) Physical identification based trust path routing against sybil attacks on rpl in iot networks. IEEE Wireless Commun Lett 11(5):1102–1106. https://doi.org/10.1109/LWC.2022.3157831
Moradi M, Jahangir AH (2021) A new delay attack detection algorithm for ptp network in power substation. Int J Electr Power Energy Syst 133:107226. https://doi.org/10.1016/j.ijepes.2021.107226
Moussa B, Kassouf M, Hadjidj R, Debbabi M, Assi C (2020) An extension to the precision time protocol (ptp) to enable the detection of cyber attacks. IEEE Trans Industr Inf 16(1):18–27. https://doi.org/10.1109/TII.2019.2943913
Wang J, Peng C (2017) Analysis of time delay attacks against power grid stability. In: Proceedings of the 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, pp. 67–72. https://doi.org/10.1145/3055386.3055392
De Pace G, Wang Z, Benin J, He H, Sun Y (2020) Evaluation of communication delay based attack against the smart grid. In: 2020 IEEE Kansas Power and Energy Conference (KPEC), pp. 1–6. https://doi.org/10.1109/KPEC47870.2020.9167543
Lou X, Tran, C, Yau DK, Tan R, Ng H, Fu, TZ, Winslett M (2019) Learning-based time delay attack characterization for cyber-physical systems. In: 2019 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm), pp. 1–6 . https://doi.org/10.1109/SmartGridComm.2019.8909732
Abbasspour A, Sargolzaei A, Victorio M, Khoshavi N (2020) A neural network-based approach for detection of time delay switch attack on networked control systems. Procedia Computer Science 168:279–288. https://doi.org/10.1016/j.procs.2020.02.250
Ganesh P, Lou X, Chen Y, Tan R, Yau DKY, Chen D, Winslett M (2021) Learning-based simultaneous detection and characterization of time delay attack in cyber-physical systems. IEEE Trans Smart Grid 12(4):3581–3593. https://doi.org/10.1109/TSG.2021.3058682
Sargolzaei A, Yen KK, Abdelghani MN (2015) Preventing time-delay switch attack on load frequency control in distributed power systems. IEEE Trans Smart Grid 7(2):1176–1185. https://doi.org/10.1109/TSG.2015.2503429
Victorio M, Sargolzaei A, Khalghani MR (2021) A secure control design for networked control systems with linear dynamics under a time-delay switch attack. Electronics 10(3):322. https://doi.org/10.3390/electronics10030322
Altaf A, Abbas H, Iqbal F, Khan MMZM, Rauf A, Kanwal T (2021) Mitigating service-oriented attacks using context-based trust for smart cities in iot networks. J Syst Archit 115:102028. https://doi.org/10.1016/j.sysarc.2021.102028
Mabodi K, Yusefi M, Zandiyan S, Irankhah L, Fotohi R (2020) Multi-level trust-based intelligence schema for securing of internet of things (iot) against security threats using cryptographic authentication. J Supercomput 76(9):7081–7106. https://doi.org/10.1007/s11227-019-03137-5
Liu L, Ma Z, Meng W (2019) Detection of multiple-mix-attack malicious nodes using perceptron-based trust in iot networks. Futur Gener Comput Syst 101:865–879. https://doi.org/10.1016/j.future.2019.07.021
Liu L, Xu X, Liu Y, Ma Z, Peng J (2021) A detection framework against cpma attack based on trust evaluation and machine learning in iot network. IEEE Internet Things J 8(20):15249–15258. https://doi.org/10.1109/JIOT.2020.3047642
Ma Z, Liu L, Meng W (2020) Towards multiple-mix-attack detection via consensus-based trust management in iot networks. Comput Secur 96:101898. https://doi.org/10.1016/j.cose.2020.101898
Singh M, Sardar AR, Majumder K, Sarkar SK (2017) A lightweight trust mechanism and overhead analysis for clustered wsn. IETE J Res 63(3):297–308. https://doi.org/10.1080/03772063.2017.1284613
Poongodi T, Khan MS, Patan R, Gandomi AH, Balusamy B (2019) Robust defense scheme against selective drop attack in wireless ad hoc networks. IEEE Access 7:18409–18419. https://doi.org/10.1109/ACCESS.2019.2896001
Eskandari M, Janjua ZH, Vecchio M, Antonelli F (2020) Passban ids: An intelligent anomaly-based intrusion detection system for iot edge devices. IEEE Internet Things J 7(8):6882–6897. https://doi.org/10.1109/JIOT.2020.2970501
Nguyen TD, Marchal, S, Miettinen M, Fereidooni H, Asokan N, Sadeghi AR (2019) Dïot: A federated self-learning anomaly detection system for iot. In: 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS), pp. 756–767. https://doi.org/10.1109/ICDCS.2019.00080
Moussa B, Debbabi M, Assi C (2016) A detection and mitigation model for ptp delay attack in an iec 61850 substation. IEEE Trans Smart Grid 9(5):3954–3965. https://doi.org/10.1109/TSG.2016.2644618
Suhail S, Hussain R, Abdellatif M, Pandey SR, Khan A, Hong CS (2020) Provenance-enabled packet path tracing in the rpl-based internet of things. Comput Netw 173:107189. https://doi.org/10.1016/j.comnet.2020.107189
Rousseeuw PJ, Croux C (1993) Alternatives to the median absolute deviation. J Am Stat Assoc 88(424):1273–1283. https://doi.org/10.1080/01621459.1993.10476408
Chen Z, Song S, Wei Z, Fang J, Long J (2021) Approximating median absolute deviation with bounded error. Proceedings of the VLDB Endowment 14(11):2114–2126. https://doi.org/10.14778/3476249.3476266
Ganesh P, Lou X, Chen Y, Tan R, Yau DK, Chen D, Winslett M (2021) Learning-based simultaneous detection and characterization of time delay attack in cyber-physical systems. IEEE Trans Smart Grid 12(4):3581–3593. https://doi.org/10.1109/TSG.2021.3058682
Sak H, Senior AW, Beaufays F (2014) Long short-term memory recurrent neural network architectures for large scale acoustic modeling. In: INTERSPEECH, pp. 338–342
Ganti RK, Jayachandran P, Luo H, Abdelzaher TF (2006) Datalink streaming in wireless sensor networks. In: Proceedings of the 4th International Conference on Embedded Networked Sensor Systems, pp. 209–222. http://doi.org/10.1145/1182807.1182829
Osterlind F, Dunkels A, Eriksson, J, Finne N, Voigt T (2006) Cross-level sensor network simulation with cooja. In: Proceedings. 2006 31st IEEE Conference on Local Computer Networks, pp. 641–648. https://doi.org/10.1109/LCN.2006.322172
Funding
This work is supported by the National Key R &D Program of China under No. 2021YFB2700500 and 2021YFB2700502, the Open Fund of Key Laboratory of Civil Aviation Smart Airport Theory and System, Civil Aviation University of China under No. SATS202206, the National Natural Science Foundation of China under No. U20B2050, Public Service Platform for Basic Software and Hardware Supply Chain Guarantee under No. TC210804A.
Author information
Authors and Affiliations
Contributions
Wenjie Zhao: Conceptualization, Data curation, Software, Formal analysis, Methodology, Writing - original draft, Writing - review & editing. Yu Wang: Investigation, Methodology, Software, Writing - original draft. Wenbin Zhai: Conceptualization, Resources, Funding acquisition, Project administration, Supervision, Writing - review & editing. Liang Liu: Methodology, Formal analysis, Supervision, Writing - review & editing. Yulei Liu: Writing - review & editing.
Corresponding author
Ethics declarations
Ethics approval
Not applicable.
Consent to publish
All of the authors have approved the contents of this paper and have agreed to the submission policies of Peer-to-Peer Networking and Applications.
Conflict of interest
We declare that we have no competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Zhao, W., Wang, Y., Zhai, W. et al. Efficient time-delay attack detection based on node pruning and model fusion in IoT networks. Peer-to-Peer Netw. Appl. 16, 1286–1309 (2023). https://doi.org/10.1007/s12083-023-01477-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-023-01477-x