Open source code for DETONAR on border router

Intrusion detection systems (IDS) play a significant role in securing IoT networks as their goal is to detect intruders that have gained access to one or several IoT nodes. While most IDS have been designed to detect a specific or at most a few attacks, the DETONAR framework detects multiple attacks. However, is run on a designated sniffer network which adds additional cost in terms of hardware and maintenance. We propose DETONAR-Light that adapts DETONAR to run on data collected at a border router rather than on sniffer logs. We have made the source code available on the STACK github page

The DETONAR-Light git repository contains the Python code for the original DETONAR framework plus the modifications needed to run DETONAR on data collected using the Cooja simulator and via a border router instead of a separate network of sniffer devices. Also included are Python scripts for parsing logs from the Cooja simulator.

DETONAR-light is in Python. The traces here are generated with the Cooja simulator but every simulator that can produce the same output format is usable.

IoT security

Apache / BSD-style license