Skip to main content
SpringerLink
Log in

Intrusion Detection Systems for Smart Home IoT Devices: Experimental Comparison Study

  • Conference paper
  • First Online:
Security in Computing and Communications (SSCC 2019)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1208))

Included in the following conference series:

Abstract

With the growing number of IoT related devices, smart homes promise to make our lives easier and more comfortable. However, the increased deployment of such smart devices brings a lot of security and privacy risks. In order to overcome such risks, Intrusion Detection Systems are presented as pertinent tools that can provide network-level protection for smart devices deployed in home environments. These systems monitor the network activities of the smart home-connected devices and focus on alerting suspicious or malicious activity. They also can deal with detected abnormal activities by hindering the impostors in accessing the victim devices. However, the employment of such systems in the context of smart home can be challenging due to the devices hardware limitations, which may restrict their ability to counter the existing and emerging attack vectors. Therefore, this paper proposes an experimental comparison between the widely used open-source NIDSs namely Snort, Suricata and Bro (currently known as Zeek) to find the most appropriate IDS for smart homes in term of resources consumption including CPU and memory utilisation. Experimental Results show that Suricata and Bro are the best performing NIDS for smart homes.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Sourcefire: www.sourcefire.com.

  2. 2.

    OISF: https://suricata-ids.org/about/oisf/.

References

  1. Albin, E., Rowe, N.C.: A realistic experimental comparison of the Suricata and Snort intrusion-detection systems. In: 2012 26th International Conference on Advanced Information Networking and Applications Workshops, pp. 122–127. IEEE (2012)

    Google Scholar 

  2. Alhomoud, A., Munir, R., Disso, J.P., Awan, I., Al-Dhelaan, A.: Performance evaluation study of intrusion detection systems. Procedia Comput. Sci. 5, 173–180 (2011)

    Article  Google Scholar 

  3. Anthi, E., Williams, L., Słowińska, M., Theodorakopoulos, G., Burnap, P.: A supervised intrusion detection system for smart home IoT devices. IEEE Internet Things J. 6(5), 9042–9053 (2019)

    Article  Google Scholar 

  4. Avast: Avast smart home security report 2019. https://bit.ly/2Ns2ju2. Accessed 29 Aug 2019

  5. Bhosale, D.A., Mane, V.M.: Comparative study and analysis of network intrusion detection tools. In: 2015 International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT), pp. 312–315. IEEE (2015)

    Google Scholar 

  6. Brumen, B., Legvart, J.: Performance analysis of two open source intrusion detection systems. In: 2016 39th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), pp. 1387–1392. IEEE (2016)

    Google Scholar 

  7. Bulajoul, W., James, A., Pannu, M.: Network intrusion detection systems in high-speed traffic in computer networks. In: 2013 IEEE 10th International Conference on e-Business Engineering, pp. 168–175. IEEE (2013)

    Google Scholar 

  8. China, R., Avadhani, P.: A comparison of two intrusion detection systems. IJCST 4(1), 316–319 (2013)

    Google Scholar 

  9. Dietrich, T.: Smart home product security risks can be alarming. https://www.insurancejournal.com/news/national/2019/01/03/513394.htm. Accessed 28 Mar 2019

  10. Ghosh, A.K., Schwartzbard, A., Schatz, M.: Learning program behavior profiles for intrusion detection. In: Workshop on Intrusion Detection and Network Monitoring, vol. 51462, pp. 1–13 (1999)

    Google Scholar 

  11. Hargreaves, T., Wilson, C., Hauxwell-Baldwin, R.: Learning to live in a smart home. Build. Res. Inf. 46(1), 127–139 (2018)

    Article  Google Scholar 

  12. InsightDiy: TechUK and GfK: The state of the connected home. https://bit.ly/2oz4nbf. Accessed 11 Aug 2019

  13. Isa, F.M., Saad, S., Fadzil, A.F.A., Saidi, R.M.: Comprehensive performance assessment on open source intrusion detection system. In: Kor, L.-K., Ahmad, A.-R., Idrus, Z., Mansor, K.A. (eds.) Proceedings of the Third International Conference on Computing, Mathematics and Statistics (iCMS2017), pp. 45–51. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-7279-7_6

    Chapter  Google Scholar 

  14. Joy, A.M.: Performance comparison between Linux containers and virtual machines. In: 2015 International Conference on Advances in Computer Engineering and Applications, pp. 342–346. IEEE (2015)

    Google Scholar 

  15. Lin, H., Bergmann, N.: IoT privacy and security challenges for smart home environments. Information 7(3), 44 (2016)

    Article  Google Scholar 

  16. Liu, K., Fan, Z., Liu, M., Zhang, S.: Hybrid intrusion detection method based on k-means and CNN for smart home. In: 2018 IEEE 8th Annual International Conference on CYBER Technology in Automation, Control, and Intelligent Systems (CYBER), pp. 312–317. IEEE (2018)

    Google Scholar 

  17. Mehra, P.: A brief study and comparison of snort and bro open source network intrusion detection systems. Int. J. Adv. Res. Comput. Commun. Eng. 1(6), 383–386 (2012)

    Google Scholar 

  18. Murphy, B.R.: Comparing the performance of intrusion detection systems: Snort and Suricata. Ph.D. thesis, Colorado Technical University (2019)

    Google Scholar 

  19. O’Leary, M.: Snort. In: O’Leary, M. (ed.) Cyber Operations, pp. 947–982. Apress, Berkeley (2019). https://doi.org/10.1007/978-1-4842-4294-0_19

    Chapter  Google Scholar 

  20. Paulauskas, N., Skudutis, J.: Investigation of the intrusion detection system “snort” performance. Elektron. Elektrotech. 87, 15–18 (2008)

    Google Scholar 

  21. Paxson, V.: Bro: a system for detecting network intruders in real-time. Comput. Netw. 31(23–24), 2435–2463 (1999)

    Article  Google Scholar 

  22. Pihelgas, M.: A comparative analysis of open-source intrusion detection systems. Tallinn University of Technology & University of Tartu, Tallinn (2012)

    Google Scholar 

  23. Rambus: Smart home: Threats and countermeasures. https://www.rambus.com/iot/smart-home/. Accessed 02 July 2019

  24. Resmi, A.: Intrusion detection system techniques and tools: a survey (2017)

    Google Scholar 

  25. Roesch, M., et al.: Snort: lightweight intrusion detection for networks. In: LISA 1999, pp. 229–238 (1999)

    Google Scholar 

  26. Salah, K., Kahtani, A.: Performance evaluation comparison of snort NIDS under Linux and windows server. J. Netw. Comput. Appl. 33(1), 6–15 (2010)

    Article  Google Scholar 

  27. Shah, S.A.R., Issac, B.: Performance comparison of intrusion detection systems and application of machine learning to Snort system. Future Gener. Comput. Syst. 80, 157–170 (2018)

    Article  Google Scholar 

  28. Sivaraman, V., Gharakheili, H.H., Fernandes, C., Clark, N., Karliychuk, T.: Smart IoT devices in the home: security and privacy implications. IEEE Technol. Soc. Mag. 37(2), 71–79 (2018)

    Article  Google Scholar 

  29. Thongkanchorn, K., Ngamsuriyaroj, S., Visoottiviseth, V.: Evaluation studies of three intrusion detection systems under various attacks and rule sets. In: 2013 IEEE International Conference of IEEE Region 10 (TENCON 2013), pp. 1–4. IEEE (2013)

    Google Scholar 

  30. Van Der Meulen, R.: Gartner says 6.4 billion connected ‘things’ will be in use in 2016, up 30 percent from 2015. STAMFORD, Conn (2015)

    Google Scholar 

  31. Wang, X., Kordas, A., Hu, L., Gaedke, M., Smith, D.: Administrative evaluation of intrusion detection system. In: Proceedings of the 2nd Annual Conference on Research in Information Technology, pp. 47–52. ACM (2013)

    Google Scholar 

  32. White, J.S., Fitzsimmons, T., Matthews, J.N.: Quantitative analysis of intrusion detection systems: Snort and Suricata. In: Cyber Sensing 2013, vol. 8757, p. 875704. International Society for Optics and Photonics (2013)

    Google Scholar 

  33. Zeek: Introduction: Bro overview. https://bit.ly/2mRmeKd. Accessed 29 Aug 2019

Download references

Acknowledgement

This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement no. 786698. This work reflects authors view and Agency is not responsible for any use that may be made of the information it contains.

Author information

Authors and Affiliations

  1. CSCAN, University of Plymouth, Plymouth, PL4 8AA, UK

    Faisal Alsakran & Gueltoum Bendiab

  2. School of Computing, University of Portsmouth, Portsmouth, PO1 2UP, UK

    Stavros Shiaeles

  3. Department of Informatics and Telecommunications, University of Peloponnese, 22131, Tripolis, Greece

    Nicholas Kolokotronis

Authors
  1. Faisal Alsakran
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gueltoum Bendiab
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stavros Shiaeles
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Nicholas Kolokotronis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Stavros Shiaeles .

Editor information

Editors and Affiliations

  1. Indian Institute of Information Technology and Management, Trivandrum, India

    Sabu M. Thampi

  2. University of Murcia, Espinardo, Murcia, Spain

    Gregorio Martinez Perez

  3. University of Queensland, Brisbane, QLD, Australia

    Ryan Ko

  4. Howard University, Washington, DC, USA

    Danda B. Rawat

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Alsakran, F., Bendiab, G., Shiaeles, S., Kolokotronis, N. (2020). Intrusion Detection Systems for Smart Home IoT Devices: Experimental Comparison Study. In: Thampi, S., Martinez Perez, G., Ko, R., Rawat, D. (eds) Security in Computing and Communications. SSCC 2019. Communications in Computer and Information Science, vol 1208. Springer, Singapore. https://doi.org/10.1007/978-981-15-4825-3_7

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-4825-3_7

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-4824-6

  • Online ISBN: 978-981-15-4825-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation