Link to the University of Pittsburgh Homepage
Link to the University Library System Homepage Link to the Contact Us Form

Identifying Malicious Nodes in Multihop IoT Networks using Dual Link Technologies and Unsupervised Learning

Liu, Xin and Abdelhakim, Mai and Krishnamurthy, Prashant and Tipper, David (2018) Identifying Malicious Nodes in Multihop IoT Networks using Dual Link Technologies and Unsupervised Learning. Open Journal of Internet of Things (OJIoT), 4 (1). pp. 109-125. ISSN 2364-7108

Download (1MB) | Preview


Packet manipulation attack is one of the challenging threats in cyber-physical systems (CPSs) and Internet of Things (IoT), where information packets are corrupted during transmission by compromised devices. These attacks consume network resources, result in delays in decision making, and could potentially lead to triggering wrong actions that disrupt an overall system’s operation. Such malicious attacks as well as unintentional faults are difficult to locate/identify in a large-scale mesh-like multihop network, which is the typical topology suggested by most IoT standards. In this paper, first, we propose a novel network architecture that utilizes powerful nodes that can support two distinct communication link technologies for identification of malicious networked devices (with typical singlelink technology). Such powerful nodes equipped with dual-link technologies can reveal hidden information within meshed connections that is hard to otherwise detect. By applying machine intelligence at the dual-link nodes, malicious networked devices in an IoT network can be accurately identified. Second, we propose two techniques based on unsupervised machine learning, namely hard detection and soft detection, that enable dual-link nodes to identify malicious networked devices. Our techniques exploit network diversity as well as the statistical information computed by dual-link nodes to identify the trustworthiness of resource-constrained devices. Simulation results show that the detection accuracy of our algorithms is superior to the conventional watchdog scheme, where nodes passively listen to neighboring transmissions to detect corrupted packets. The results also show that as the density of the dual-link nodes increases, the detection accuracy improves and the false alarm rate decreases.


Social Networking:
Share |


Item Type: Article
Status: Published
CreatorsEmailPitt UsernameORCID
Liu, Xinxil178@pitt.eduXIL178
Abdelhakim, Maimaia@pitt.eduMAIA
Krishnamurthy, Prashantprashk@pitt.eduPRASHK
Tipper, Daviddtipper@pitt.eduDTIPPER
Date: 2018
Date Type: Acceptance
Journal or Publication Title: Open Journal of Internet of Things (OJIoT)
Volume: 4
Number: 1
Publisher: Research Online Publishing
Page Range: pp. 109-125
DOI or Unique Handle: 101:1-2018080519310495220214
Schools and Programs: School of Computing and Information > Telecommunications
Refereed: Yes
ISSN: 2364-7108
Official URL:
Article Type: Research Article
Additional Information: Proceedings of the International Workshop on Very Large Internet of Things (VLIoT 2018) in conjunction with the VLDB 2018 Conference in Rio de Janeiro, Brazil
Date Deposited: 10 Jul 2018 17:22
Last Modified: 17 Mar 2020 19:50


Monthly Views for the past 3 years

Plum Analytics

Actions (login required)

View Item View Item