Towards multiple-mix-attack detection via consensus-based trust management in IoT networks

Zuchao Ma, Liang Liu, Weizhi Meng*

*Corresponding author for this work

Research output: Contribution to journalJournal articleResearchpeer-review


With the rapid development of Internet of Things (IoT), various smart devices can work collaboratively and construct a kind of multihop IoT network. However, due to the distributed nature, how to defend such kind of network against insider attacks remains a challenge, especially under multiple-mix-attack model where attackers can launch several attacks simultaneously. In this work, we consider a type of multiple-mix-attack that combines three typical attacks - tamper attack, drop attack and replay attack with an uncertain probability. For detection, we propose an approach called Distributed Consensus based Trust Model (DCONST), which can evaluate the trustworthiness of IoT nodes by sharing certain information called cognition. In particular, DCONST can detect malicious nodes and analyze their concrete attack behaviours via the K-Means clustering method. To further discuss the impact of cognition aggregation on detection accuracy and the additional burden on the network, we design three modes of DCONST: DCONST-Light, DCONST-Normal and DCONST-Proactive. In the evaluation, as compared with the similar methods of Hard Detection (HD) and Perceptron Detection with Enhancement (PDE), it is found that DCONST can achieve a better detection rate in the range from around 10% to 40%. In addition, DCONST-Normal and DCONST-Proactive can further improve the detection rate by 5% to 20% as compared to DCONST-Light.

Original languageEnglish
Article number101898
JournalComputers and Security
Number of pages21
Publication statusPublished - Sep 2020


  • Insider attack
  • IoT network
  • K-means method
  • Malicious node
  • Trust management
  • Trust-based consensus


Dive into the research topics of 'Towards multiple-mix-attack detection via consensus-based trust management in IoT networks'. Together they form a unique fingerprint.

Cite this