Smart homes are one of the most promising applications of the emerging Internet of Things (IoT) technology. With the growing number of IoT related devices such as smart thermostats, smart fridges, smart speaker, smart light bulbs and smart locks, smart homes promise to make our lives easier and more comfortable. However, the increased deployment of such smart devices brings an increase in potential security risks and home privacy breaches. In order to overcome such risks, Intrusion Detection Systems are presented as pertinent tools that can provide network-level protection for smart devices deployed in home environments. These systems monitor the network activities of the smart home-connected de-vices and focus on alerting suspicious or malicious activity. They also can deal with detected abnormal activities by hindering the impostors in accessing the victim devices. However, the employment of such systems in the context of a smart home can be challenging due to the devices hardware limitations, which may restrict their ability to counter the existing and emerging attack vectors. Therefore, this paper proposes an experimental comparison between the widely used open-source NIDSs namely Snort, Suricata and Bro IDS to find the most appropriate one for smart homes in term of detection accuracy and resources consumption including CP and memory utilization. Experimental Results show that Suricata is the best performing NIDS for smart homes
翻译:智能家庭是新兴物联网技术最有希望的应用之一。随着智能自动调温器、智能冰箱、智能扬声器、智能灯泡和智能锁等与因特网有关的装置日益增多,智能家庭有望使我们的生活更轻松、更舒适;然而,增加部署这类智能设备会增加潜在的安全风险和侵犯家庭隐私行为;为了克服这些风险,入侵探测系统被介绍为相关工具,可为在家庭环境中部署的智能设备提供网络一级的保护。这些系统监测智能家庭连接设备网络活动,并侧重于提醒可疑或恶意活动。这些系统还可以处理已发现的异常活动,阻碍假冒者使用受害者装置。然而,在智能家庭背景下使用这类系统可能因设备硬件限制而面临挑战,这可能限制其应对现有和新出现的攻击性病媒的能力。因此,本文件建议对广泛使用的公开源NIDS(Snott、Suricata和Bro IDS)的网络活动进行实验性比较,以发现智能家庭最准确的记忆,包括智能家庭对智能家庭进行最精确的实验性研究,在智能家庭进行智能实验性研究时显示智能家庭的最佳利用。