سیستم تشخیص نفوذ برای اینترنت اشیا Intrusion Detection System for Internet of Things

1. INTRODUCTION The Internet of Things (IoT) is a smart network which connects all things to the internet for the purpose of exchanging information with agreed protocols [1]. So, anyone can access anything, at any time and from anywhere [2]. In IoT network, things or objects are wirelessly connected with smart tiny sensors. IoT devices can interact with each other without human intervention [3]. IoT uses unique addressing schemes to interact with other objects/things and cooperate with objects to create new applications or services. IoT introduces various applications like smart homes, smart cities, health monitoring, smart environment, and smart water [4]. With the development of IoT applications, there are so many issues raised. Among many other iss ues, security issue of IoT cannot be ignored. IoT devices are accessed from anywhere via untrusted network like the internet so IoT networks are unprotected against a wide range of malicious attacks. If security issues are not addressed then the confidential information may be leaked at any time. Thus, the security problem must be addressed.  Confidentiality: An attacker can easily intercept the message passing from sender to the receiver so that privacy can be leaked and content can be modified [5]. So that secure message passing is required in IoT.  Integrity: The message must not be altered in transit; it should be received at receiver node same as it is sent at sender node. Integrity guarantees that message has not been altered by unauthorized p ersons while in transmission [5].  Availability: Data or resources must be available when required [5]. Attackers can flood the bandwidth of resources to damage the availability. Availability can be damage by malicious attacks like Denial of service (DOS) attack, flooding attack, black hole attack, jamming attacks etc.  Authenticity: Authenticity involves proof of identity [6]. Users should be able to identify each other’s identity with which they are interacting. It can be verified through authentication process so t he unauthorized entity cannot participate in the communication [7].  Non-Repudiation: Non-repudiation ensures that the sender and receiver cannot deny having sent and received the message respectively [8].  Data Freshness: Data must be recent whenever required. It guarantees that the no old messages replayed by an adversary [9].