Table 4.
Summary of ZigBee-based IDS.
| Ref. | Protocol | Simulation or Testbed | IDS Method | Methodology | Attacks | Results and Potential Improvements |
|---|---|---|---|---|---|---|
| [99] | SID-HAN | Simulation (NS2) | Layered Specification-based | IEEE 802.15.4 Standard Normal behaviors |
ZigBee Mac and Physical Layer | System capable to detect several known and unknown attacks efficiently Require: -IDS for upper layers of ZigBee -Testbed experiments |
| [100] | TA-ZB | Simulation (Avrora) | Anomaly-based | -Analysis of KillerBee framework -Implemented IDS in ZigBee radio |
KillerBee-Association flooding and packet replay attacks |
-Efficient attack detection -Broad spectrum attack analysis is required |
| [101] | ABAS | Testbed | Anomaly-based | Comparison Analysis with Signature and Specification |
DoS, Flooding and Pulse DoS | 0% FPR for known attacks 95% FPR for unknown attacks |
| [102] | FL-IDS | Simulation | Fuzzy Logic | Asymptotic Analysis | Flood | -Require more mathematical and comparison analysis -Require analysis of more attacks |
| [103] | HAN-IDS-IPS | Simulation | Model-based IDS ML based IPS |
Design for PHY and MAC Layers of ZigBee HAN |
Cyber Attacks | Efficient in detecting Cyber based attacks Require Testbed Analysis |
| [104] | EE-IDS | Simulation | Optimized watchdog mechanism (OWM) |
OWM (trust-based method) | Worm Hole | Good energy consumption, PDR, end-end delay Proposed system evaluation against mobility models |
| [105] | EE-IDSEP | Simulation (NS2) | Energy Efficient Trust | -Developed two modules EE-IDS and EE-IDSEP -Comparison Analysis |
Worm Hole and DDOS | Proposed protocol efficiency increased by 23% (AODV), 28% (STR), 33% (OSTR) Proposed system evaluation against mobility models |
| [106] | HHT-TE-IDS | Simulation and Test Bed | HHT and EMD | Scalable HHT-based | LDoS | Capable of detecting Low Rate DoS attack |