A NOVEL APPROACH TO SECURITY OF INTERNET OF THINGS
DOI:
https://doi.org/10.63503/c.acset.2025.11Keywords:
Internet of Things, Hello Flood Attack, Trust-based Security, Intrusion Detection, NS-2Abstract
Using simple communication protocols, the Internet of Things (IoT) links billions of objects, from sensors to smart appliances. Applications in smart cities, industry, healthcare, and transportation are made possible by this interconnectedness, but it also poses new security risks. IoT devices are particularly vulnerable to assaults because, in contrast to traditional computing systems, they frequently have limitations with regard to processing power, memory, battery life, and bandwidth. An example of this type of assault is the Hello Flood attack, in which a malevolent node bombards the network with an overwhelming number of "hello" packets. The following consequences result from normal IoT nodes responding to these packets, which they interpret as genuine neighbor discovery messages: Denial of Service (DoS) (disturbance of legitimate communication), Network congestion (bandwidth consumed by malicious traffic), and Resource exhaustion (nodes wasting energy replying to fake requests). Conventional defense
Techniques like machine learning-based intrusion detection systems or strong cryptography. Due to their high computational and energy consumption, detection is inappropriate for limited IoT contexts. Your work presents a trust-based detection and isolation approach to close this gap. With this method, every network node is tracked and given a trust value determined by its actions. Reduced trust is applied to nodes that exhibit aberrant behavior, such as sending out an excessive number of hello packets. A node is deemed malicious and removed from the routing process whenever its trust score drops below a certain level. Network Simulator-2 is used to implement and assess the plan (NS-2). Among the important performance indicators are: The delay is the amount of time it takes for data packets to get to their destination. Throughput: How quickly data is successfully transferred across a network.
The percentage of dropped or lost packets is known as packet loss. Brought on by malevolent behavior. Energy consumption: the aggregate of the nodes' energy usage throughout the simulation. By reducing latency (communication speeds up after malicious nodes are isolated), minimizing packet loss (malicious traffic is dropped before damaging the network), increasing throughput (more legitimate packets reach their destination), and improving energy efficiency (nodes no longer waste energy on phony hello packets), the outcomes show how much better performance is achieved with the recommended approach.
References
1. Boka, R., & Sadasivam, T. DIS flooding attack impact on the performance of RPL-based IoT networks. IEEE International Conference on Emerging Smart Computing and Informatics (ICESC), 2021.
2. Cakir, S., et al. RPL attack detection and prevention in IoT networks using GRU-based deep learning. IEEE Access, 2020 | 8: p. 60212–60220.
3. Chen, X., et al. Defending against link flooding attacks in IoT: A Bayesian game approach. IEEE Internet of Things Journal, 2022 | 9(4): p. 3201–3212.
4. Kamaldeep, et al. Contiki-based mitigation of UDP flooding attacks in IoT. IEEE International Conference on Computing, Communication and Automation (ICCCA), 2017.
5. Hassija, V., et al. A survey on IoT security. IEEE Access, 2019 | 7: p. 91761–91784.
