Intrusion Detection in IoT Networks with Kernel-Level Hardware Monitoring
Open Access
Author:
Cosson, Adrien
Graduate Program:
Computer Science and Engineering
Degree:
Master of Science
Document Type:
Master Thesis
Date of Defense:
July 08, 2020
Committee Members:
Patrick Drew Mcdaniel, Thesis Advisor/Co-Advisor Chitaranjan Das, Program Head/Chair Gang Tan, Committee Member
Keywords:
IoT Network Security Intrusion Detection Linux Kernel Module
Abstract:
IoT systems have been broadly adopted, and we are now seeing increasing deployment in both home and commercial environments. However, with this broad distribution of new technology, there has been an introduction of new classes of attacks, specifically targeting IoT networks and devices.
Due to the constrained natures of IoT devices, as well as the opacity of IoT framework, standard intrusion detection systems cannot be applied here.
In this paper, we introduce Sentinel, a new framework aimed at facilitating the conception of novel detection system.
By leveraging common features of IoT frameworks, we expose, collect and centralize low-level system information of each smart device in a network.
We demonstrate that the data collected contains some strong signal, by designing a proof of concept intrusion detector that reaches a 95.7% accuracy. We also perform a power consumption analysis to prove that Sentinel is compatible with the power requirements of battery-operated devices, by increasing the power usage by less than 1%.
We believe that this framework can be used to design highly performant, specialized IoT intrusion detection systems.
