Cem Ata Baykara¹, Ilgın Şafak² and Kübra Kalkan¹, ¹Ozyegin University, Turkey, ²Fibabanka R&D Center, Turkey

This paper proposes a new lightweight handshake protocol implemented on top of the Constrained Application Protocol (CoAP) that can be used in device discovery and ensuring the IoT network security by autonomously managing devices of any computational complexity using whitelisting and blacklisting. A Physical Unclonable Function (PUF) is utilized for the session key generation in the proposed handshake protocol. The CoAP server performs real-time device discovery using the proposed handshake protocol, and anomaly detection using machinelearning algorithms to ensure the security of the IoT network. To the best of our knowledge, the presented PUF-based handshake protocol is the first to performs blacklisting and whitelisting. Whitelisted IoT devices not displaying anomalous behavior can join and remain in the IoT network. IoT devices that display anomalous behavior are autonomously blacklisted by the CoAP server and are either disallowed from joining the IoT network or are removed from the IoT network. Simulation results show that amongst the five machine learning algorithms studied, the stacking classifier displays the highest overall anomaly detection accuracy of 99.98%. Based on the results of the network simulation performed, the CoAP server is capable of blacklisting malicious IoT devices within the network with perfect accuracy.

IoT Networks, Network Security, Handshake Protocols, Anomaly Detection, Machine Learning.