International Journal Papers

Permanent URI for this collectionhttp://dl.cerist.dz/handle/CERIST/17

Browse

Author: search.filters.author.Tandjaoui, DjamelHas files: Yes

Search Results

Now showing 1 - 5 of 5
  • Thumbnail Image
    Item
    Fault-tolerant AI-driven Intrusion Detection System for the Internet of Things
    (Elsevier, 2021-09) Medjek, Faiza; Tandjaoui, Djamel; Djedjig, Nabil; Romdhani, Imed
    Internet of Things (IoT) has emerged as a key component of all advanced critical infrastructures. However, with the challenging nature of IoT, new security breaches have been introduced, especially against the Routing Protocol for Low-power and Lossy Networks (RPL). Artificial-Intelligence-based technologies can be used to provide insights to deal with IoT’s security issues. In this paper, we describe the initial stages of developing, a new Intrusion Detection System using Machine Learning (ML) to detect routing attacks against RPL. We first simulate the routing attacks and capture the traffic for different topologies. We then process the traffic and generate large 2-class and multi-class datasets. We select a set of significant features for each attack, and we use this set to train different classifiers to make the IDS. The experiments with 5-fold cross-validation demonstrated that decision tree (DT), random forests (RF), and K-Nearest Neighbours (KNN) achieved good results of more than 99% value for accuracy, precision, recall, and F1-score metrics, and RF has achieved the lowest fitting time. On the other hand, Deep Learning (DL) model, MLP, Naïve Bayes (NB), and Logistic Regression (LR) have shown significantly lower performance.
  • Thumbnail Image
    Item
    Multicast DIS attack mitigation in RPL-based IoT-LLNs
    (Elsevier, 2021-09) Medjek, Faiza; Tandjaoui, Djamel; Djedjig, Nabil; Romdhani, Imed
    The IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL) was standardised by the IETF ROLL Working Group to address the routing issues in the Internet of Things (IoT) Low-Power and Lossy Networks (LLNs). RPL builds and maintains a Destination Oriented Directed Acyclic Graph (DODAG) topology using pieces of information propagated within the DODAG Information Object (DIO) control message. When a node intends to join the DODAG, it either waits for DIO or sends a DODAG Information Solicitation (DIS) control message Multicast to solicit DIOs from nearby nodes. Nevertheless, sending Multicast DIS messages resets the timer that regulates the transmission rate of DIOs to its minimum value, which leads to the network’s congestion with control messages. Because of the resource-constrained nature of RPL-LLNs, the lack of tamper resistance, and the security gaps of RPL, malicious nodes can exploit the Multicast DIS solicitation mechanism to trigger an RPL-specification-based attack, named DIS attack. The DIS attack can have severe consequences on RPL networks, especially on control packets overhead and power consumption. In this paper, we use the Cooja–Contiki simulator to assess the DIS attack’s effects on both static and dynamic PRL networks. Besides, we propose and implement a novel approach, namely RPL-MRC, to improve the RPL’s resilience against DIS Multicast. RPL-MRC aims to reduce the response to DIS Multicast messages. Simulation results demonstrate how the attack could damage the network performance by significantly increasing the control packets overhead and power consumption. On the other hand, the RPL-MRC proposed mechanism shows a significant enhancement in reducing the control overhead and power consumption for different scenarios.
  • Thumbnail Image
    Item
    Trust-aware and cooperative routing protocol for IoT security
    (2020-06) Djedjig, Nabil; Tandjaoui, Djamel; Medjek, Faiza; Romdhani, Imed
    The resource-constrained nature of IoT objects makes the Routing Protocol for Low-power and Lossy Networks (RPL) vulnerable to several attacks. Although RPL specification provides encryption protection to control messages, RPL is still vulnerable to internal attackers and selfish behaviours. To address the lack of robust security mechanisms in RPL, we design a new Metric-based RPL Trustworthiness Scheme (MRTS) that introduces trust evaluation for secure routing topology construction. Extensive simulations show that MRTS is efficient in terms of packet delivery ratio, energy consumption, nodes’ rank changes, and throughput. In addition, a mathematical modelling analysis shows that MRTS meets the requirements of consistency, optimality, and loop-freeness and that the proposed trust-based routing metric has the isotonicity and monotonicity properties required for a routing protocol. By using game theory concepts, we formally describe MRTS as a strategy for the iterated Prisoner’s Dilemma and demonstrate its cooperation enforcement characteristic. Both mathematical analysis and evolutionary simulation results show clearly that MRTS, as a strategy, is an efficient approach in promoting the stability and the evolution of the Internet of Things network.
  • Thumbnail Image
    Item
    An end-to-end secure key management protocol for e-health applications
    (Elsevier, 2015) Abdmeziem, Mohammed Riyadh; Tandjaoui, Djamel
    Key distribution is required to secure e-health applications in the context of Internet of Things (IoT). However, resources constraints in IoT make these applications unable to run existing key management protocols. In this paper, we propose a new lightweight key management protocol. This protocol is based on collaboration to establish a secure end-to-end communication channel between a highly resource constrained node and a remote entity. The secure channel allows the constrained node to transmit captured data while ensuring confidentiality and authentication. To achieve this goal, we propose offloading highly consuming cryptographic primitives to third parties. As a result, the constrained node obtains assistance from powerful entities. To assess our protocol, we conduct a formal validation regarding security properties. In addition, we evaluate both communication and computational costs to highlight energy savings. The results show that our protocol provides a considerable gain in energy while its security properties are ensured.
  • Thumbnail Image
    Item
    Gestion de clés et sécurité multipoint: étude et perspectives
    (Springer-Verlag, 2003) Seba, Hamida; Bouabdallah, Abdelmadjid; Badache, Nadjib; Bettahar, Hatem; Tandjaoui, Djamel
    La communication multipoint (ou communication de groupe) est un moyen efficace pour envoyer des données aux membres d’un groupe. Plusieurs types d’applications utilisant les communications multipoint nécessitent un certain niveau de sécurité: authentification, intégrité, confidentialité et contrôle d’accès. Comme les techniques implémentant ces services dans les communications point-à-point ne peuvent être appliquées telles quelles aux communications de groupe, la sécurité des communications de groupe a fait l’objet de plusieurs travaux. La gestion de clés qui constitue la brique de base des services de sécurité a été largement étudiée et a donné lieu à plusieurs publications. Dans cet article, nous décrivons les différentes approches existantes pour gérer et distribuer les clés dans un groupe. Nous discutons les avantages et les inconvénients des protocoles proposés dans la littérature et présentons une classification et une étude comparative de ces protocoles. Nous terminons cet article par quelques critiques et perspectives.