A novel and secure attacks detection framework for smart cities industrial internet of things
Introduction
Smart cities concept is an ongoing area of research where different technologies are used to make cities more sustainable with more feasible and smart infrastructures. Smart cities have different areas start from smart living, healthcare, education to smart industries and business (Khatua et al., 2019). Internet of Things (IoT) is one of the emerging technology based on interconnected sensing and communication enable autonomous machines, instruments, sensors, robotic devices and actuators (Qureshi, Idrees, Lloret, & Bosch, 2020; Zhang et al., 2018). This technology is also part of sustainable and smart cities infrastructure especially in industrial sector called Industrial Internet of Things (IIoT). In IIoT, the industrial devices are performing their functionality for better production, performance, and maintenance of industrial operations. Industrial sector is one of the core area of smart cities based on integration of smart technologies to improve the traditional industries performance, and reliability (Qureshi, Din, Jeon, & Piccialli, 2020). Communicational links establish the interconnection among these devices by using routing protocols and standards (Al Ridhawi, Otoum, Aloqaily, Jararweh, & Baker, 2020; Qureshi, Idrees, Lloret, & Bosch, 2020). The entire mechanism is fully automated and several commands are used to control the working of these processes. With various advantages, these networks are suffered with various challenges including connection losses, slow communication, energy consumption, interference, and security concerns.
Industrial sector in sustainable and smart cities need more secure and reliable models to ensure data communication among production units and devices (Alanazi, Abdullah, Qureshi, & Ismail, 2018; Aliero, Ghani, Qureshi, & Rohani, 2020; Ferrag, Maglaras, Janicke, Jiang, & Shu, 2018). In the presence of autonomous devices and their data communication, these network are vulnerable to various malicious entities. Different attacks can be launched to manipulate the data routing and disturb the functionality of devices such as HELLO-Flood attack, version number attack, sinkhole attack, and black hole attack (Deogirikar & Vidhate, 2017; Iqbal, Abdullah, & Qureshi, 2019; Laufs, Borrion, & Bradford, 2020; Qureshi, Bashir, & Abdullah, 2018). Moreover, a few threats and their resisting/precautionary means are complex in nature and are required to be analyzed due to sensitive nature of high valued industrial information where a single click can harm the entire process of industrial plants (Seigneur, 2005). The industrial machines and devices are connected with the internet to monitor and handle all the operations remotely. In most cases, the attacks are caused by compromised nodes within the network. As all the operations are automated. Therefore, a compromised node can disturb the entire stream of processes (Lipps, Krummacker, & Schotten, 2019). In these circumstances, a single malicious command can cause of serious impacts. There is a need to design a detection and prevision to identifying the security threats to define the preventive measures.
Various solutions have been proposed to tackle the security concern in smart cities. The existing frameworks are considered as the most sensitive framework due to sensitive data exchange among smart devices. Internet Protocol Version 6 (IPV6) Routing Protocol for Low-Power and Lossy Networks (RPLLN) is also one of the promising candidate technologies adopted by these networks. These protocol works were designed by Internet Engineering Task Force (IETF) for Low Power and Lossy wireless Networks. The communication standard of this protocol is IEEE 805.12.4. In RPL, the nodes are interconnected in a tree structure where each combination of nodes forms a Directed Acyclic Graph (DAG) to ensure loop-free communication in a network. Whenever too many inconsistencies occur in the network, the main root in DAG broadcasts a command to reconstruct the whole topology and this process is referred to as a global repair mechanism. This repair mechanism may also cause serious effects on the network like high resource consumption, high computational overhead, data loss and delay issues (Kharrufa, Al-Kashoash, & Kemp, 2019). All these circumstances urge research to develop a detection mechanism to identify the presence of such malicious nodes within the IIoT network and handle the most common attacks in these networks. These detection frameworks can be formed by the integration of several promising technologies that have capabilities to locate the presence of malicious nodes that are performing their functionality as a part of the framework (Wang, Capitaneanu, Marinca, & Lohan, 2019). This paper main focus is on IoT and IIoT data security within smart cities. In this context, the main objectives of this paper are as follows:
- •
Discuss the smart cities networks and their security concern
- •
Design a secure framework to improve the, IoT and IIoT networks functionality within smart cities networks.
- •
To design intrusion detection mechanisms for IoT and IIoT data communication.
- •
Evaluate the existing smart cities IoT and IIoT networks attacks including HELLO-Flood attack, version number attack, sinkhole attack and blackhole attacks.
The rest of the paper is organized as follows: Section 2 presents the smart cities and security requirements. Section 3 illustrates the literature review. Design and development phases of the proposed framework discusses in Section 4. Section 5 comprises simulation results performed to validate proposed framework and finally Section 5 concludes the paper with possible future direction.
Section snippets
Smart cities and security requirements
Smart cities concept is a transformation process for citizens, buildings, traffic systems, grid systems, industries, education and healthcare. This concept is getting improved by using smart technologies to monitor, control, recognize, comprehend to improve efficacy, impartiality, economic growth, quality of life (Qureshi, Ahmad, Piccialli, Casolla, & Jeon, 2020; Soyata, Habibzadeh, Ekenna, Nussbaum, & Lozano, 2019). Smart cities also defined as finite entity which has various advance
Related work
This section contains a detailed summary of existing security frameworks designed for smart cities domains.
Authors in (Alanazi et al., 2018) suggested a framework to tackle the cyber security challenges of smart cities which and ranked the factors by using fuzzy analytical hierarchal process. Authors discussed the security is one of the important factor due to presence of a malicious nodes in the network. An anomaly detection is used over the network and malicious node can be found and stopped
Design and development of proposed framework
This section includes the design and development of a proposed framework that can detect the presence of Hello-Flood attack, version number attack, sinkhole attack and black hole attack in RPL protocol. This section comprises of all the methods, mechanisms and algorithms which are used for intrusion detection in resource-constrained RPL devices.
Results and discussion
Proposed intrusion detection framework can efficiently detect the presence of HELLO-Flood attack, version number attack, sinkhole attack and black hole attack in RPL based IIoT environments (Fig. 9).
Conclusion
A novel and secure framework are proposed for RPL based resource constraint large scale IIoT environments. The proposed framework consists of two phases, threshold modulation phase, and attack detection phase to cater to some common attacks in RPL based networks such as HELLO-Flood attack, version number attack, sinkhole attack, and black hole attack. In the threshold modulation phase, the broader set of all possible features is shrieked by genetic programming and the best features are
Declaration of Competing Interest
None declared.
Acknowledgments
This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (No. 2018045330).
References (47)
- et al.
SecTrust-RPL: A secure trust-aware RPL routing protocol for Internet of Things
Future Generation Computer Systems
(2019) - et al.
Providing secure and reliable communication for next generation networks in smart cities
Sustainable Cities and Society
(2020) - et al.
Cyber security challenges in smart cities: Safety, security and privacy
Journal of Advanced Research
(2014) - et al.
A systematic review of data protection and privacy preservation schemes for smart grid communications
Sustainable Cities and Society
(2018) - et al.
Security and the smart city: A systematic review
Sustainable Cities and Society
(2020) - et al.
Link quality and energy utilization based preferable next hop selection routing for wireless body area networks
Computer Communications
(2020) - et al.(2015)
- et al.
Smart city in crisis: Technology and policy concerns
Sustainable Cities and Society
(2019) - et al.
Blockchain-based security and privacy in smart cities
Smart cities cybersecurity and privacy
(2019) - et al.
Cyber security and the internet of things: Vulnerabilities, threats, intruders and attacks
Journal of Cyber Security
(2015)
A trust-aware rpl routing protocol to detect blackhole and selective forwarding attacks
Accurate and dynamic predictive model for better prediction in medicine and healthcare
Irish Journal of Medical Science
An algorithm for detecting SQL injection vulnerability using black-box testing
Journal of Ambient Intelligence and Humanized Computing
Hybrid monitoring technique for detecting abnormal behaviour in RPL-based network
Journal of Communications
Comparing smart cities with different modeling approaches
Trust and reputation for service-oriented environments: Technologies for building business intelligence and consumer confidence
Security attacks in IoT: A survey
An anomaly-based IDS for detecting attacks in RPL-based internet of things
Addressing the DAO insider attack in RPL’s internet of things networks
IEEE Communications Letters
A secure routing protocol based on RPL for internet of things
Evaluating the simulation of software inspections
Systems and Software Engineering Publication
Cited by (74)
Federated learning in smart cities: Privacy and security survey
2023, Information SciencesEnergy aware Clustered blockchain data for IoT: An end-to-end lightweight secure & Enroute filtering approach
2023, Computer CommunicationsReview on intrusion detection system for IoT/IIoT -brief study
2024, Multimedia Tools and ApplicationsCyber-Resilience, Principles, and Practices
2024, Internet of Things