OPSMOTE-ML: an optimized SMOTE with machine learning models for selective forwarding attack detection in low power and lossy networks of internet of things

Al-Amiedy, Taief Alaa,Anbar, Mohammed,Belaton, Bahari
DOI: https://doi.org/10.1007/s10586-024-04598-x
2024-06-09
Cluster Computing
Abstract:The Internet of Things represents a rapidly evolving networking paradigm that brings numerous benefits through its diverse applications. Advances in embedded system architectures and the compression of IPv6 have facilitated embedding IP stack functionalities within resource-constrained low power and lossy networks (LLNs). However, the widespread deployment of LLN networks within the IoT infrastructure has made them a target for cyber attackers. Machine and Deep Learning methods show promise in detecting anomalies within the Routing Protocol for LLNs. However, they face challenges such as handling imbalanced data, identifying relevant attack features, selecting the most suitable model parameters for detection, and accurately pinpointing attacker nodes across various locations in LLN. This study proposes an approach for detecting Selective Forwarding attacks in the LLN, consisting of four main stages: data preparation, data balancing using an optimized synthetic minority over-sampling technique, feature selection with binary particle swarm optimization algorithm, and attack detection via an optimized Random Forest with GridSearchCV. The proposed approach is evaluated using a grid-based dataset across three scenarios that differ in attacker node positioning relative to the LLN's root node. The findings indicate that the proposed approach achieved the highest accuracy and F-measure score of 99.82% in the second scenario. It also recorded precision scores of 100% in both the first and second scenarios and a recall score of 100% in the third scenario. Ultimately, the proposed approach outperforms existing methods, demonstrating its superiority in detecting SF attacks within LLNs.
computer science, information systems, theory & methods
What problem does this paper attempt to address?