A Lightweight and Scalable Physical Layer Attack Detection Mechanism for the Internet of Things (IoT) Using Hybrid Security Schema

TL;DR

This paper introduces DFA-RPL, a lightweight hybrid security mechanism that detects flooding attacks in IoT networks by combining clustering, node selection, and ant colony algorithms to improve detection accuracy and network security.

Contribution

It proposes DFA-RPL, a novel hybrid detection method that effectively identifies malicious nodes in IoT networks using clustering and ant colony algorithms.

Findings

DFA-RPL outperforms IRAD and REATO in detection rate.

The method improves packet delivery and reduces false positives.

Simulation results confirm its effectiveness in securing IoT networks.

Abstract

The Internet of Things, also known as the IoT, refers to the billions of devices around the world that are now connected to the Internet, collecting and sharing data. The amount of data collected through IoT sensors must be completely securely controlled. To protect the information collected by IoT sensors, a lightweight method called Discover the Flooding Attack-RPL (DFA-RPL) has been proposed. The proposed DFA-RPL method identifies intrusive nodes in several steps to exclude them from continuing routing operations. Thus, in the DFA-RPL method, it first builds a cluster and selects the most appropriate node as a cluster head in DODAG, then, due to the vulnerability of the RPL protocol to Flooding attacks, it uses an ant colony algorithm (ACO) using five steps to detect attacks. Use Flooding to prevent malicious activity on the IoT network. In other words, if it detects a node as malicious, it puts that node on the detention list and quarantines it for a certain period of time. The results obtained from the simulation show the superiority of the proposed method in terms of Packet Delivery Rate, Detection Rate, False Positive Rate, and False Negative Rate compared to IRAD and REATO methods.