A novel and secure attacks detection framework for smart cities industrial internet of things

https://doi.org/10.1016/j.scs.2020.102343Get rights and content

Highlights

  • IPV6 based Routing Protocol is an ideal choice for effective data communication.

  • We propose a novel and secure framework to detect the presence of security threats.

  • The proposed framework possesses the capability to detect HELLO-Flood attack.

  • The performance of proposed framework is evaluated at various performance parameters.

  • Favorable results appear to support the proposed framework.

Abstract

New trend of smart cities has changed the life with more equipped and integrated systems. Various new technologies have adopted for sustainable and improved smart cities infrastructure. Internet of Thing (IoT) is a rapidly evolving technology for sustainable and improved smart cities infrastructure that is revealing its manifestations to facilitate mankind. Numerous privileges and easily adaptable nature of the IoT applications makes it a core component of smart cities. IoT is also implemented in the industrial sector referred to as the Industrial Internet of Things (IIoT) where various diverse services related to operation technologies, manufacturing, utilities, machines monitoring have been applied to connected devices. This phenomenon also makes it susceptible to a variety of crucial security concerns that need to be addressed. IPV6 based Routing Protocol for Low Power and Lossy Networks (RPL) is an ideal choice to ensures effective data communication in resource constraint IIoT environments. By using basic concepts of genetic programming, this paper proposes a novel and secure framework to detect the presence of security threats in RPL based IoT and IIoT networks. The proposed framework possesses the capability to detect HELLO-Flood attack, Version number attack, Sinkhole attack, and Black hole attack. The performance of proposed framework is evaluated at various performance parameters including attack detection accuracy, true positive rate, false-positive rate, throughput, and end-to-end delay. Favorable results appear to support the proposed framework and makes it a best choice for RPL based IIoT environments.

Introduction

Smart cities concept is an ongoing area of research where different technologies are used to make cities more sustainable with more feasible and smart infrastructures. Smart cities have different areas start from smart living, healthcare, education to smart industries and business (Khatua et al., 2019). Internet of Things (IoT) is one of the emerging technology based on interconnected sensing and communication enable autonomous machines, instruments, sensors, robotic devices and actuators (Qureshi, Idrees, Lloret, & Bosch, 2020; Zhang et al., 2018). This technology is also part of sustainable and smart cities infrastructure especially in industrial sector called Industrial Internet of Things (IIoT). In IIoT, the industrial devices are performing their functionality for better production, performance, and maintenance of industrial operations. Industrial sector is one of the core area of smart cities based on integration of smart technologies to improve the traditional industries performance, and reliability (Qureshi, Din, Jeon, & Piccialli, 2020). Communicational links establish the interconnection among these devices by using routing protocols and standards (Al Ridhawi, Otoum, Aloqaily, Jararweh, & Baker, 2020; Qureshi, Idrees, Lloret, & Bosch, 2020). The entire mechanism is fully automated and several commands are used to control the working of these processes. With various advantages, these networks are suffered with various challenges including connection losses, slow communication, energy consumption, interference, and security concerns.

Industrial sector in sustainable and smart cities need more secure and reliable models to ensure data communication among production units and devices (Alanazi, Abdullah, Qureshi, & Ismail, 2018; Aliero, Ghani, Qureshi, & Rohani, 2020; Ferrag, Maglaras, Janicke, Jiang, & Shu, 2018). In the presence of autonomous devices and their data communication, these network are vulnerable to various malicious entities. Different attacks can be launched to manipulate the data routing and disturb the functionality of devices such as HELLO-Flood attack, version number attack, sinkhole attack, and black hole attack (Deogirikar & Vidhate, 2017; Iqbal, Abdullah, & Qureshi, 2019; Laufs, Borrion, & Bradford, 2020; Qureshi, Bashir, & Abdullah, 2018). Moreover, a few threats and their resisting/precautionary means are complex in nature and are required to be analyzed due to sensitive nature of high valued industrial information where a single click can harm the entire process of industrial plants (Seigneur, 2005). The industrial machines and devices are connected with the internet to monitor and handle all the operations remotely. In most cases, the attacks are caused by compromised nodes within the network. As all the operations are automated. Therefore, a compromised node can disturb the entire stream of processes (Lipps, Krummacker, & Schotten, 2019). In these circumstances, a single malicious command can cause of serious impacts. There is a need to design a detection and prevision to identifying the security threats to define the preventive measures.

Various solutions have been proposed to tackle the security concern in smart cities. The existing frameworks are considered as the most sensitive framework due to sensitive data exchange among smart devices. Internet Protocol Version 6 (IPV6) Routing Protocol for Low-Power and Lossy Networks (RPLLN) is also one of the promising candidate technologies adopted by these networks. These protocol works were designed by Internet Engineering Task Force (IETF) for Low Power and Lossy wireless Networks. The communication standard of this protocol is IEEE 805.12.4. In RPL, the nodes are interconnected in a tree structure where each combination of nodes forms a Directed Acyclic Graph (DAG) to ensure loop-free communication in a network. Whenever too many inconsistencies occur in the network, the main root in DAG broadcasts a command to reconstruct the whole topology and this process is referred to as a global repair mechanism. This repair mechanism may also cause serious effects on the network like high resource consumption, high computational overhead, data loss and delay issues (Kharrufa, Al-Kashoash, & Kemp, 2019). All these circumstances urge research to develop a detection mechanism to identify the presence of such malicious nodes within the IIoT network and handle the most common attacks in these networks. These detection frameworks can be formed by the integration of several promising technologies that have capabilities to locate the presence of malicious nodes that are performing their functionality as a part of the framework (Wang, Capitaneanu, Marinca, & Lohan, 2019). This paper main focus is on IoT and IIoT data security within smart cities. In this context, the main objectives of this paper are as follows:

  • Discuss the smart cities networks and their security concern

  • Design a secure framework to improve the, IoT and IIoT networks functionality within smart cities networks.

  • To design intrusion detection mechanisms for IoT and IIoT data communication.

  • Evaluate the existing smart cities IoT and IIoT networks attacks including HELLO-Flood attack, version number attack, sinkhole attack and blackhole attacks.

The rest of the paper is organized as follows: Section 2 presents the smart cities and security requirements. Section 3 illustrates the literature review. Design and development phases of the proposed framework discusses in Section 4. Section 5 comprises simulation results performed to validate proposed framework and finally Section 5 concludes the paper with possible future direction.

Section snippets

Smart cities and security requirements

Smart cities concept is a transformation process for citizens, buildings, traffic systems, grid systems, industries, education and healthcare. This concept is getting improved by using smart technologies to monitor, control, recognize, comprehend to improve efficacy, impartiality, economic growth, quality of life (Qureshi, Ahmad, Piccialli, Casolla, & Jeon, 2020; Soyata, Habibzadeh, Ekenna, Nussbaum, & Lozano, 2019). Smart cities also defined as finite entity which has various advance

Related work

This section contains a detailed summary of existing security frameworks designed for smart cities domains.

Authors in (Alanazi et al., 2018) suggested a framework to tackle the cyber security challenges of smart cities which and ranked the factors by using fuzzy analytical hierarchal process. Authors discussed the security is one of the important factor due to presence of a malicious nodes in the network. An anomaly detection is used over the network and malicious node can be found and stopped

Design and development of proposed framework

This section includes the design and development of a proposed framework that can detect the presence of Hello-Flood attack, version number attack, sinkhole attack and black hole attack in RPL protocol. This section comprises of all the methods, mechanisms and algorithms which are used for intrusion detection in resource-constrained RPL devices.

Results and discussion

Proposed intrusion detection framework can efficiently detect the presence of HELLO-Flood attack, version number attack, sinkhole attack and black hole attack in RPL based IIoT environments (Fig. 9).

Conclusion

A novel and secure framework are proposed for RPL based resource constraint large scale IIoT environments. The proposed framework consists of two phases, threshold modulation phase, and attack detection phase to cater to some common attacks in RPL based networks such as HELLO-Flood attack, version number attack, sinkhole attack, and black hole attack. In the threshold modulation phase, the broader set of all possible features is shrieked by genetic programming and the best features are

Declaration of Competing Interest

None declared.

Acknowledgments

This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (No. 2018045330).

References (47)

  • D. Airehrour et al.

    A trust-aware rpl routing protocol to detect blackhole and selective forwarding attacks

    (2017)
  • H. Alanazi et al.

    Accurate and dynamic predictive model for better prediction in medicine and healthcare

    Irish Journal of Medical Science

    (2018)
  • M.S. Aliero et al.

    An algorithm for detecting SQL injection vulnerability using black-box testing

    Journal of Ambient Intelligence and Humanized Computing

    (2020)
  • M. Alzubaidi et al.

    Hybrid monitoring technique for detecting abnormal behaviour in RPL-based network

    Journal of Communications

    (2018)
  • L.G. Anthopoulos et al.

    Comparing smart cities with different modeling approaches

  • J. Caminha et al.
    (2018)
  • E. Chang et al.

    Trust and reputation for service-oriented environments: Technologies for building business intelligence and consumer confidence

    (2006)
  • R. Clarke
    (2013)
  • J. Deogirikar et al.

    Security attacks in IoT: A survey

  • B. Farzaneh et al.

    An anomaly-based IDS for detecting attacks in RPL-based internet of things

  • B. Ghaleb et al.

    Addressing the DAO insider attack in RPL’s internet of things networks

    IEEE Communications Letters

    (2018)
  • G. Glissa et al.

    A secure routing protocol based on RPL for internet of things

  • T. Hansen et al.

    Evaluating the simulation of software inspections

    Systems and Software Engineering Publication

    (2019)
  • Cited by (74)

    View all citing articles on Scopus
    View full text