Salvato in:
Dettagli Bibliografici
Autori principali: Yilmaz, Selim, Sen, Sevil, Aydogan, Emre
Natura: Preprint
Pubblicazione: 2023
Soggetti:
Accesso online:https://arxiv.org/abs/2303.16561
Tags: Aggiungi Tag
Nessun Tag, puoi essere il primo ad aggiungerne!!
_version_ 1866916660893450240
author Yilmaz, Selim
Sen, Sevil
Aydogan, Emre
author_facet Yilmaz, Selim
Sen, Sevil
Aydogan, Emre
contents In RPL security, intrusion detection (ID) plays a vital role, especially given its susceptibility to attacks, particularly those carried out by insider threats. While numerous studies in the literature have proposed intrusion detection systems (IDS) utilizing diverse techniques, the placement of such systems within RPL topology remains largely unexplored. This study aims to address this gap by rigorously evaluating three intrusion detection architectures, considering central and distributed placement, across multiple criteria including effectiveness, cost, privacy, and security. The findings underscore the significant impact of attacker position and the proximity of IDS to attackers on detection outcomes. Hence, alongside the evaluation of traditional intrusion detection architectures, this study explores the use of federated learning (FL) for improving intrusion detection within RPL networks. FL's decentralized model training approach effectively addresses the impact of attacker position on IDS performance by ensuring the collection of relevant information from nodes regardless of their proximity to potential attackers. Moreover, this approach not only mitigates security concerns but also minimizes communication overhead among ID nodes. Consequently, FL reduces the need for extensive data transfer, thus mitigating the impact of packet loss and latency inherent in lossy networks. Additionally, the study investigates the effect of local data sharing on FL performance, clarifying the balance between effectiveness and security.
format Preprint
id arxiv_https___arxiv_org_abs_2303_16561
institution arXiv
publishDate 2023
record_format arxiv
spellingShingle Exploring and Enhancing Placement of IDS in RPL: A Federated Learning-based Approach
Yilmaz, Selim
Sen, Sevil
Aydogan, Emre
Cryptography and Security
In RPL security, intrusion detection (ID) plays a vital role, especially given its susceptibility to attacks, particularly those carried out by insider threats. While numerous studies in the literature have proposed intrusion detection systems (IDS) utilizing diverse techniques, the placement of such systems within RPL topology remains largely unexplored. This study aims to address this gap by rigorously evaluating three intrusion detection architectures, considering central and distributed placement, across multiple criteria including effectiveness, cost, privacy, and security. The findings underscore the significant impact of attacker position and the proximity of IDS to attackers on detection outcomes. Hence, alongside the evaluation of traditional intrusion detection architectures, this study explores the use of federated learning (FL) for improving intrusion detection within RPL networks. FL's decentralized model training approach effectively addresses the impact of attacker position on IDS performance by ensuring the collection of relevant information from nodes regardless of their proximity to potential attackers. Moreover, this approach not only mitigates security concerns but also minimizes communication overhead among ID nodes. Consequently, FL reduces the need for extensive data transfer, thus mitigating the impact of packet loss and latency inherent in lossy networks. Additionally, the study investigates the effect of local data sharing on FL performance, clarifying the balance between effectiveness and security.
title Exploring and Enhancing Placement of IDS in RPL: A Federated Learning-based Approach
topic Cryptography and Security
url https://arxiv.org/abs/2303.16561