ITEA is the Eureka Cluster on software innovation
ITEA is the Eureka Cluster on software innovation
ITEA 4 page header azure circular

Open source code for DETONAR on border router

19045 STACK
New system

Intrusion detection systems (IDS) play a significant role in securing IoT networks as their goal is to detect intruders that have gained access to one or several IoT nodes. While most IDS have been designed to detect a specific or at most a few attacks, the DETONAR framework detects multiple attacks. However, is run on a designated sniffer network which adds additional cost in terms of hardware and maintenance. We propose DETONAR-Light that adapts DETONAR to run on data collected at a border router rather than on sniffer logs. We have made the source code available on the STACK github page

Niclas Finne (RISE)
Research area(s)
IoT security
Technical features

The DETONAR-Light git repository contains the Python code for the original DETONAR framework plus the modifications needed to run DETONAR on data collected using the Cooja simulator and via a border router instead of a separate network of sniffer devices. Also included are Python scripts for parsing logs from the Cooja simulator.

Integration constraints

DETONAR-light is in Python. The traces here are generated with the Cooja simulator but every simulator that can produce the same output format is usable.

Targeted customer(s)

IoT security

Conditions for reuse

Apache / BSD-style license

Publication date
Involved partners
RISE - Research institutes of Sweden (SWE)