Kalis2.0 - A SECaaS-Based Context-Aware Self-Adaptive Intrusion Detection System for IoT

The wide variety of application domains makes the Internet of Things (IoT) quite unique among other types of computer networks: IoT networks can be made of devices of different types, i.e., characterized by different hardware, functionalities, computing capabilities, and also network topology and communication protocols may drastically change from one IoT application to another. Such a heterogeneity requires ad-hoc security solutions, as security techniques that are effective in one IoT context may not be so in another context. Furthermore, IoT networks are ever evolving by their very nature as smart devices can be easily added or removed. These factors call for the design of security tools capable of adapting themselves to the specific IoT instance, but also to the continuous network changes. In this article we propose a context-aware, Security-as-a-Service-based approach for intrusion detection whereby an IDS: 1) autonomously collects information about the monitored system; 2) chooses the best detection strategy accordingly; and 3) modifies the detection strategy as the network evolves over time. This comprehensive approach to intrusion detection is an attempt to face the heterogeneity which characterizes the IoT in all its aspects, making it possible the design of a security tool able to be self-adaptive and context-aware, that is, effective in different and evolving IoT scenarios with little or no human intervention.