Autonomous Detection of Synchronization Attacks in the Industrial Internet Of Things

Time Synchronization is an essential communication component for Industrial Wireless Sensor Networks (IWSNs). An IWSN is composed of multiple distributed resource-constrained sensor nodes, which require their local clocks to be synchronized with each other to exchange packets in a precisely real time ordered schedule. Time synchronization protocols are not outlined with security support. As a consequence, a new generation of attacks arose, explicitly targeting the corresponding protocols. Recent research studies [1, 2, 3] prove that synchronization attacks are severe and practical. Without detection mechanisms, synchronization attacks bypass security defenses. A methodology for the detection of synchronization attacks based on characteristics of the synchronization protocol is proposed in this paper. Thus, we propose a novel method based on machine learning algorithms for detecting IIoT synchronization attacks. Applying such strategies for cyber-security in IIoT requires the availability of substantial synchronization IIoT attack data. In our research, the real-life equivalent simulations using the open source OpenWSN simulator has been utilized for generation of high fidelity attack area, within the 6TiSCH industrial network. We believe that the IIoT attack dataset generated in this work can be used for further research and for detecting high layer attacks too. Experimentation was carried out using six learning algorithms to detect the attack and classify them from legitimate behavior.