LAUSR

Low-power and Lossy Networks (LLNs) comprise nodes characterised by constrained computational power, memory, and energy resources. The LLN nodes empower ubiquitous connections amongst numerous devices (e.g. temperature, humidity, and turbidity sensors, together with motors, valves and other actuators) to sense, control and store properties of their environments. They are often deployed in hostile, unattended, and unfavourable conditions. Securing them often becomes very challenging. The extent of interconnected LLN devices poses a series of routing threats (e.g. wormhole, grayhole, DIO suppression, and increase rank attacks). Consequently, an efficient and effective intrusion detection system (IDS) is of utmost importance in identifying anomalous activities in the IPv6 over Low-powered Wireless Personal Area Networks (6LoWPAN). This article proposes a robust Adversarial Reinforcement Learning (ARL) framework to generate efficient IDSs for evolving data environments. The integration of ARL and incremental machine-learning facilitates the generation of resource-efficient and robust IDS detectors. We demonstrate in particular how such an approach, leveraging notions of ‘concept drift’ detection and adaptation, can handle inevitable changes in the environment, giving the IDS best chances of detecting attacks in the current profile. The range of routing attacks considered is the most comprehensive to date. For the first time, Black-box and Grey-box ML-based adversaries aiming to destabilise the 6LoWPAN are distinguished and addressed.