Complex Event Processing for Object Tracking and Intrusion Detection in Internet of Things Environments

With the development of Internet of Things (IoT), there have been more and more services and applications
deployed in physical spaces and information systems. The massive number of sensors and
devices are embedded in IoT environments, which produce huge amounts of data continuously for
the IoT systems and platforms. Processing these data stream generated by the IoT networks with different
patterns has raised new challenges for the real-time performance of intrusion detection system
(IDS) in IoT environments, which has to react quickly to the hacking attacks and malicious activities
to IoT. In this paper, a complex event processing (CEP) based IDS model for object detection
tracking and intrusion detection in the IoT environments is proposed. Esper, an open source complex
event processing engine is used to develop the model. In this model, the cincoming streams of data
are detected by Esper engine according to the predefined EPL rules. And then, trigger corresponding
listeners, the normal events are sent to the higher layer application as an new event through the
adapter. In the alert event processor, the abnormal events are divided into the attack events and the
other causes of abnormal events, such as sensor fault, transmission delay, etc.