An intrusion detection framework for energy constrained IoT devices

Industrial Internet of Things (IIoT) exemplifies IoT with applications in manufacturing, surveillance, automotive, smart buildings, homes and transport. It leverages sensor technology, cutting edge communication and data analytics technologies and the open Internet to consolidate IT and operational technology (OT) aiming to achieve cost and performance benefits. However, the underlying resource constraints and ad hoc nature of such systems have significant implications especially in achieving effective intrusion detection. Consequently, contemporary solutions requiring a stable infrastructure and extensive computational resources are inadequate to fulfill these characteristics of an IIoT system. In this paper, we propose an intrusion detection framework for the energy-constrained IoT devices which form the foundation of an IIoT ecosystem. In view of the ad hoc nature of such systems as well as emerging complex threats such as botnets, we assess the feasibility of collaboration between the host (IoT devices) and the edge devices for effective intrusion detection whilst minimizing energy consumption and communication overhead. We implemented the proposed framework with Contiki operating system and conducted rigorous evaluation to identify potential performance trade-offs. The evaluation results demonstrate that the proposed framework can minimize energy and communication overheads whilst achieving an effective collaborative intrusion detection for IIoT systems.