Tianchen Zhang,Taimin Zhang,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.23919/chicc.2019.8866139

2019-01-01

Abstract:Advanced metering infrastructure (AMI) is a key component in the smart grid. Transmitting data robustly and reliably between the tremendous smart meters in the AMI is one of the most crucial tasks for providing various services in smart grid. Among the many efforts for designing practical routing protocols for the AMI, the Routing Protocol for Low-Power and Lossy Networks (RPL) proposed by the IETF ROLL working group is considered the most consolidated candidate. Resent research has shown cyber attacks such as blackhole attack and version number attack can seriously damage the performance of the network implementing RPL. The main reason that RPL. is vulnerable to these kinds of attacks is the lack an authentication mechanism. In this paper, we study the impact of blackhole attacks on the performance of the AMI network and proposed a new blackhole attack that can bypass the existing defense mechanism. Then, we propose a cuckoo filter based RPL to defend the AMI network from blackhole attacks. We also give the security analysis of the proposed method.

Abhishek Verma,Virender Ranga

DOI: https://doi.org/10.1109/JSEN.2020.2973677

2023-03-01

Abstract:Internet of Things (IoT) is one of the fastest emerging networking paradigms enabling a large number of applications for the benefit of mankind. Advancements in embedded system technology and compressed IPv6 have enabled the support of IP stack in resource constrained heterogeneous smart devices. However, global connectivity and resource constrained characteristics of smart devices have exposed them to different insider and outsider attacks, which put users' security and privacy at risk. Various risks associated with IoT slow down its growth and become an obstruction in the worldwide adoption of its applications. In RFC 6550, the IPv6 Routing Protocol for Low Power and Lossy Network (RPL) is specified by IETF's ROLL working group for facilitating efficient routing in 6LoWPAN networks, while considering its limitations. Due to resource constrained nature of nodes in the IoT, RPL is vulnerable to many attacks that consume the node's resources and degrade the network's performance. In this paper, we present a study on various attacks and their existing defense solutions, particularly to RPL. Open research issues, challenges, and future directions specific to RPL security are also discussed. A taxonomy of RPL attacks, considering the essential attributes like resources, topology, and traffic, is shown for better understanding. In addition, a study of existing cross-layered and RPL specific network layer based defense solutions suggested in the literature is also carried out.

Networking and Internet Architecture,Cryptography and Security

Mina Zaminkar,Reza Fotohi

DOI: https://doi.org/10.48550/arXiv.2005.09140

2020-05-17

Cryptography and Security

Abstract:Through the Internet of Things (IoT) the internet scope is established by the integration of physical things to classify themselves into mutual things. A physical thing can be created by this inventive perception to signify itself in the digital world. Regarding the physical things that are related to the internet, it is worth noting that considering numerous theories and upcoming predictions, they mostly require protected structures, moreover, they are at risk of several attacks. IoTs are endowed with particular routing disobedience called sinkhole attack owing to their distributed features. In these attacks, a malicious node broadcasts illusive information regarding the routings to impose itself as a route towards specific nodes for the neighboring nodes and thus, attract data traffic. RPL (IP-V6 routing protocol for efficient and low-energy networks) is a standard routing protocol which is mainly employed in sensor networks and IoT. This protocol is called SoS-RPL consisting of two key sections of the sinkhole detection. In the first section rating and ranking the nodes in the RPL is carried out based on distance measurements. The second section is in charge of discovering the misbehavior sources within the IoT network through, the Average Packet Transmission RREQ (APT-RREQ). Here, the technique is assessed through wide simulations performed within the NS-3 environment. Based on the results of the simulation, it is indicated that the IoT network behavior metrics are enhanced based on the detection rate, false-negative rate, false-positive rate, packet delivery rate, maximum throughput, and packet loss rate.

Zahrah A. Almusaylim,NZ Jhanjhi,Abdulaziz Alhumam

DOI: https://doi.org/10.3390/s20215997

IF: 3.9

2020-10-22

Sensors

Abstract:The rapid growth of the Internet of Things (IoT) and the massive propagation of wireless technologies has revealed recent opportunities for development in various domains of real life, such as smart cities and E-Health applications. A slight defense against different forms of attack is offered for the current secure and lightweight Routing Protocol for Low Power and Lossy Networks (RPL) of IoT resource-constrained devices. Data packets are highly likely to be exposed in transmission during data packet routing. The RPL rank and version number attacks, which are two forms of RPL attacks, can have critical consequences for RPL networks. The studies conducted on these attacks have several security defects and performance shortcomings. In this research, we propose a Secure RPL Routing Protocol (SRPL-RP) for rank and version number attacks. This mainly detects, mitigates, and isolates attacks in RPL networks. The detection is based on a comparison of the rank strategy. The mitigation uses threshold and attack status tables, and the isolation adds them to a blacklist table and alerts nodes to skip them. SRPL-RP supports diverse types of network topologies and is comprehensively analyzed with multiple studies, such as Standard RPL with Attacks, Sink-Based Intrusion Detection Systems (SBIDS), and RPL+Shield. The analysis results showed that the SRPL-RP achieved significant improvements with a Packet Delivery Ratio (PDR) of 98.48%, a control message value of 991 packets/s, and an average energy consumption of 1231.75 joules. SRPL-RP provided a better accuracy rate of 98.30% under the attacks.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Jun Jiang,Yuhong Liu

DOI: https://doi.org/10.48550/arXiv.2201.06937

2022-01-18

Abstract:IPv6 Routing Protocol for Low Power and Lossy Networks (RPL) is an essential routing protocol to enable communications for IoT networks with low power devices. RPL uses an objective function and routing constraints to find an optimized routing path for each node in the network. However, recent research has shown that topological attacks, such as selective forwarding attacks, pose great challenges to the secure routing of IoT networks. Many conventional secure routing solutions, on the other hand, are computationally heavy to be directly applied in resource-constrained IoT networks. There is an urgent need to develop lightweight secure routing solutions for IoT networks. In this paper, we first design and implement a series of advanced selective forwarding attacks from the attack perspective, which can flexibly select the type and percentage of forwarding packets in an energy efficient way, and even bad-mouth other innocent nodes in the network. Experiment results show that the proposed attacks can maximize the attack consequences (i.e. number of dropped packets) while maintaining undetected. Moreover, we propose a lightweight trust-based defense solution to detect and eliminate malicious selective forwarding nodes from the network. The results show that the proposed defense solution can achieve high detection accuracy with very limited extra energy usage (i.e. 3.4%).

Networking and Internet Architecture

Zhang Taimin,Ji Xiaoyu,Xu Wenyuan

DOI: https://doi.org/10.1007/s11036-020-01634-z

2020-01-01

Mobile Networks and Applications

Abstract:Advanced metering infrastructure (AMI) is the core component of the smart grid. As the wireless connection between smart meters in AMI is featured with high packet loss and low transmission rate, AMI is considered as a representative of the low power and lossy networks (LLNs). In such communication environment, the routing protocol in AMI network is essential to ensure the reliability and real-time of data transmission. The IPv6 routing protocol for low-power and lossy networks (RPL), proposed by IETF ROLL working group, is considered to be the best routing solution for the AMI communication environment. However, the performance of RPL can be seriously degraded due to jamming attack. In this paper, we analyze the performance degradation problem of RPL protocol under jamming attack. We propose a backup node selection mechanism based on the standard RPL protocol. The proposed mechanism chooses a predefined number of backup nodes that maximize the probability of successful transmission. We evaluation the proposed mechanism through MATLAB simulations, results show the proposed mechanism improves the performance of RPL under jamming attack prominently.

Amal Hkiri,Sami Alqurashi,Omar Ben Bahri,Mouna Karmani,Hamzah Faraj,Mohsen Machhout

DOI: https://doi.org/10.3390/electronics13112226

IF: 2.9

2024-06-07

Electronics

Abstract:The RPL protocol is essential for efficient communication within the Internet of Things (IoT) ecosystem, yet it remains vulnerable to various attacks, particularly in dense and mobile environments where it shows certain limitations and susceptibilities. This paper presents a comprehensive simulation-based analysis of the RPL protocol's vulnerability to the Hello Flood attack in mobile environments. Using four different group mobility models—the Column Mobility Model (CMM), Reference Point Group Mobility Model (RPGM), Nomadic Community Mobility Model (NCM), and Pursue Mobility Model (PMM)—within the Cooja simulator, this study uniquely investigates the Hello Flood attack in mobile settings, an area previously overlooked. Our systematic evaluation focuses on critical performance metrics, including the Packet Delivery Ratio (PDR), End-to-End Delay (E2ED), throughput, Expected Transmission Count (ETX), and Average Power Consumption (APC). The findings reveal several key insights: PDR decreases significantly, indicating increased packet loss or delivery failures; ETX values rise, necessitating more packet retransmissions and routing hops; E2ED increases, introducing delays in routing decisions and data transmission times; throughput declines as the attack disrupts data flow; and APC escalates due to higher energy usage on packet transmissions, especially over extended paths. These results underscore the urgent need for robust security measures to protect RPL-based IoT networks in mobile environments. Furthermore, our work emphasizes the exacerbated impact of the attack in mobile scenarios, highlighting the evolving security requirements of IoT networks.

engineering, electrical & electronic,physics, applied,computer science, information systems

B. Ghaleb,A. Al-Dubai,A. Hussain,J. Ahmad,I. Romdhani,Z. Jaroucheh

2023-05-17

Abstract:The Routing Protocol for Low power and Lossy networks (RPL) has been developed by the Internet Engineering Task Force (IETF) standardization body to serve as a part of the 6LoWPAN (IPv6 over Low-Power Wireless Personal Area Networks) standard, a core communication technology for the Internet of Things (IoT) networks. RPL organizes its network in the form of a tree-like structure where a node is configured as the root of the tree while others integrate themselves into that structure based on their relative distance. A value called the Rank is used to define each node's relative position and it is used by other nodes to take their routing decisions. A malicious node can illegitimately claim a closer position to the root by advertising a lower rank value trapping other nodes to forward their traffic through that malicious node. In this study, we show how this behavior can have a detrimental side effect on the network via extensive simulations and propose a new secure objective function to prevent such an attack.

Networking and Internet Architecture,Cryptography and Security

Somnath Karmakar,Jayasree Sengupta,Sipra Das Bit

DOI: https://doi.org/10.1109/comsnets51098.2021.9352937

2021-01-05

Abstract:In recent times researchers have found several security vulnerabilities in the Routing Protocol for Low power and Lossy network (RPL), amongst which rank attack is a predominant one causing detrimental effects on the network by creating a fake topology. To address this concern, we propose a low-overhead rank attack detection scheme for non-storing mode of RPL used in IoT to deal with both increased and decreased rank attacks. Accordingly, we have modified the RPL Destination Oriented Directed Acyclic Graph (DODAG) formation algorithm to detect rank attacks during topology formation and maintenance. The distributed module of the algorithm runs in all the participating nodes whereas the centralized module runs in the sink. Unlike many existing schemes, instead of sending additional control message, we make the scheme low-overhead by simply modifying the DAO control message. Additionally, a lightweight Message Authentication Code (HMAC-LOCHA) is used to verify the integrity and authenticity of the control messages exchanged between nodes and the sink. The correctness of the proposed scheme is established through a concrete proof using multiple test case scenarios. Finally, the performance of the proposed scheme is evaluated both theoretically and through simulation in Contiki-based Cooja simulator. Theoretical evaluation proves the scheme’s energy efficiency. Simulation results show that our scheme outperforms over a state-of-the-art rank attack detection scheme in terms of detection accuracy, false positive/negative rate and energy consumption while also keeping acceptable network performance such as improved detection latency and at par packet delivery ratio.

Amal Hkiri,Mouna Karmani,Omar Ben Bahri,Ahmed Mohammed Murayr,Fawaz Hassan Alasmari,Mohsen Machhout

DOI: https://doi.org/10.32604/cmc.2023.047087

2024-01-01

Abstract:The RPL (IPv6 Routing Protocol for Low-Power and Lossy Networks) protocol is essential for efficient communication within the Internet of Things (IoT) ecosystem. Despite its significance, RPL’s susceptibility to attacks remains a concern. This paper presents a comprehensive simulation-based analysis of the RPL protocol’s vulnerability to the decreased rank attack in both static and mobile network environments. We employ the Random Direction Mobility Model (RDM) for mobile scenarios within the Cooja simulator. Our systematic evaluation focuses on critical performance metrics, including Packet Delivery Ratio (PDR), Average End to End Delay (AE2ED), throughput, Expected Transmission Count (ETX), and Average Power Consumption (APC). Our findings illuminate the disruptive impact of this attack on the routing hierarchy, resulting in decreased PDR and throughput, increased AE2ED, ETX, and APC. These results underscore the urgent need for robust security measures to protect RPL-based IoT networks. Furthermore, our study emphasizes the exacerbated impact of the attack in mobile scenarios, highlighting the evolving security requirements of IoT networks.

computer science, information systems,materials science, multidisciplinary

Iain Baird,Baraq Ghaleb,Isam Wadhaj,Gordon Russell,William J. Buchanan

DOI: https://doi.org/10.3390/electronics13173467

IF: 2.9

2024-09-03

Electronics

Abstract:In the evolving landscape of the Internet of Things (IoT), ensuring the security and integrity of data transmission remains a paramount challenge. Routing Protocol for Low-Power and Lossy Networks (RPL) is commonly utilized in IoT networks to facilitate efficient data routing. However, RPL networks are susceptible to various security threats, with Sybil and flood attacks being particularly detrimental. Sybil attacks involve malicious nodes generating multiple fake identities to disrupt network operations, while flood attacks overwhelm network resources by inundating them with excessive traffic. This paper proposes a novel mitigation strategy leveraging Bloom filters and hash chains to enhance the security of RPL-based IoT networks against sybil and flood attacks. Extensive simulation and performance analysis demonstrate that this solution significantly reduces the impact of sybil and flood attacks while maintaining a low power consumption profile and low computational overhead.

engineering, electrical & electronic,computer science, information systems,physics, applied

Girish Sharma,Jyoti Grover,Abhishek Verma

DOI: https://doi.org/10.1109/ANTS59832.2023.10469481

2024-04-02

Abstract:In recent times, the Internet of Things (IoT) has a significant rise in industries, and we live in the era of Industry 4.0, where each device is connected to the Internet from small to big. These devices are Artificial Intelligence (AI) enabled and are capable of perspective analytics. By 2023, it's anticipated that over 14 billion smart devices will be available on the Internet. These applications operate in a wireless environment where memory, power, and other resource limitations apply to the nodes. In addition, the conventional routing method is ineffective in networks with limited resource devices, lossy links, and slow data rates. Routing Protocol for Low Power and Lossy Networks (RPL), a new routing protocol for such networks, was proposed by the IETF's ROLL group. RPL operates in two modes: Storing and Non-Storing. In Storing mode, each node have the information to reach to other node. In Non-Storing mode, the routing information lies with the root node only. The attacker may exploit the Non-Storing feature of the RPL. When the root node transmits User Datagram Protocol~(UDP) or control message packet to the child nodes, the routing information is stored in the extended header of the IPv6 packet. The attacker may modify the address from the source routing header which leads to Denial of Service (DoS) attack. This attack is RPL specific which is known as Hatchetman attack. This paper shows significant degradation in terms of network performance when an attacker exploits this feature. We also propose a lightweight mitigation of Hatchetman attack using game theoretic approach to detect the Hatchetman attack in IoT.

Cryptography and Security

S. Remya,Manu J. Pillai,C. Arjun,Somula Ramasubbareddy,Yongyun Cho

DOI: https://doi.org/10.1109/access.2024.3391918

IF: 3.9

2024-05-03

IEEE Access

Abstract:An extensive worldwide network known as the Internet of Things (IoT) links different electronic devices and facilitates easy communication and group work. This interdependency is especially apparent in Low Power and Lossy Networks (LLNs), where resource-constrained devices adhere to specified protocols for effective communication. Such systems frequently use Routing Protocol for LLNs (RPL). Nevertheless, due to its basic simplicity, there are numerous ways to exploit it, thereby compromising network security. It is also difficult to carry out complex computational operations on LLNs due to their resource constraints. A highly developed system called the Trust-Based Intrusion Detection System for RPL (TIDSRPL) is presented in this research study. Complex trust computations are offloaded to the root node by TIDSRPL, which assesses node trust based on network behavior. Reduce the possibility of resource depletion with this strategic transfer that preserves energy, storage, and computational resources at the node level. Comparative analysis with the default RPL Objective Function (OF), MRHOF-RPL, demonstrates TIDSRPL's superior efficacy in detecting and isolating malicious nodes engaged in Sinkhole, Selective forwarding, and Sybil attacks. Notably, TIDSRPL exhibits a 20-35% reduction in average packet loss ratio and attains 33-45% greater energy efficiency compared to MRHOF-RPL, reinforcing its robustness in securing LLN operations.

computer science, information systems,telecommunications,engineering, electrical & electronic

Lan Zhang,Gang Feng,Shuang Qin

DOI: https://doi.org/10.1109/ICCW.2015.7247579

2015-01-01

Abstract:RPL is specifically designed for Low power and Lossy Networks (LLNs). With the expansion of LLNs applications, security of RPL becomes one of the major concerns. This paper mainly addresses the security aspect of RPL. We first analyze the vulnerability of RPL self-organising properties, and identify a new RPL internal intrusion, named routing choice (RC) intrusion. We specially analyze the harm of a type RC intrusion in RPL using ETX metric, which further validates the effectiveness of our work. Second, we design IDSs for RPL to defense intrusions. Our design discusses detection methodologies, system architectures, detection data and intrusion respose with some promotions. To satisfy the energy efficiency requirements, we propose three type Monitor Nodes (MNs) devices for different RPL applications. To explicitly show the design of IDSs, we apply our IDS to defense the type of RC intrusion in RPL using ETX metric on Contiki OS, and the results verify the effectiveness of our IDSs. Finally, we theoretically analyzed the applicability of IDSs for RPL.

Semih Cakir,Sinan Toklu,Nesibe Yalcin

DOI: https://doi.org/10.1109/access.2020.3029191

IF: 3.9

2020-01-01

IEEE Access

Abstract:Cyberattacks targeting Internet of Things (IoT), have increased significantly, over the past decade, with the spread of internet-connected smart devices and applications. Routing Protocol for Low-Power and Lossy Network (RPL) enables messages to be routed between nodes for the Wireless Sensor Network in the network layer. RPL protocol, which is sensitive and difficult to protect, is exposed to various attacks. These attacks negatively affect data transmission and cause great destruction to the topology by consuming the resources. Hello Flooding (HF) attacks against RPL cause consumption of constrained resources (memory, processing and energy) in nodes. Therefore, in this study, a Gated Recurrent Unit network model based deep learning has been proposed to predict and prevent HF attacks on RPL protocol in IoT networks. The proposed model has been compared with Support Vector Machine and Logistic Regression methods, and different power states and total energy consumptions of the nodes have been taken into consideration and experimented with. The results confirm the promised and expected performance from the model in terms of source efficiency and IoT security. In addition, attack detection has been carried out with a much lower error rate than literature studies for HF attacks from RPL flood attacks.

computer science, information systems,telecommunications,engineering, electrical & electronic

Mina Zaminkar,Fateme Sarkohaki,Reza Fotohi

DOI: https://doi.org/10.48550/arXiv.2012.02242

2020-11-21

Cryptography and Security

Abstract:Internet of Things (IoT) provides the possibility for milliards of devices throughout the world to communicate with each other, and data is collected autonomously. The big data generated by the devices should be managed securely. Due to security challenges, like malicious nodes, many approaches cannot respond to these concerns. In this paper, a robust hybrid method, including encryption, is used as an efficient approach for resolving the RPL protocol concerns so that the devices are connected securely. Therefore, the proposed DSH-RPL method for securing the RPL protocol comprises the four following phases: The first phase creates a reliable RPL. The second phase detects the sinkhole attack. The third phase quarantines the detected malicious node, and the fourth phase transmits data through encryption. The simulation results show that the DSH-RPL reduces the false-positive rate more than 18.2% and 23.1%, and reduces the false-negative rate more than 16.1% and 22.78%, it also increases the packet delivery rate more than 19.68% and 25.32% and increases the detection rate more than 26% and 31% compared to SecTrust-RPL and IBOOS-RPL.

Abhishek Verma,Virender Ranga

DOI: https://doi.org/10.1007/s00607-020-00862-1

2023-03-01

Abstract:IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL) is the standard network layer protocol for achieving efficient routing in IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN). Resource-constrained and non-tamper resistant nature of smart sensor nodes makes RPL protocol susceptible to different threats. An attacker may use insider or outsider attack strategy to perform Denial-of-Service (DoS) attacks against RPL based networks. Security and Privacy risks associated with RPL protocol may limit its global adoption and worldwide acceptance. A proper investigation of RPL specific attacks and their impacts on an underlying network needs to be done. In this paper, we present and investigate one of the catastrophic attacks named as a copycat attack, a type of replay based DoS attack against the RPL protocol. An in-depth experimental study for analyzing the impacts of the copycat attack on RPL has been done. The experimental results show that the copycat attack can significantly degrade network performance in terms of packet delivery ratio, average end-to-end delay, and average power consumption. To the best of our knowledge, this is the first paper that extensively studies the impact of RPL specific replay mechanism based DoS attack on 6LoWPAN networks.

Networking and Internet Architecture,Cryptography and Security

Selim Yilmaz,Emre Aydogan,Sevil Sen

DOI: https://doi.org/10.48550/arXiv.2303.16561

2023-03-29

Cryptography and Security

Abstract:Intrusion detection is an indispensable part of RPL security due to its nature opening to attacks from insider attackers. While there are a good deal of studies that analyze different types of attack and propose intrusion detection systems based on various techniques that are proposed in the literature, how to place such intrusion detection systems on RPL topology is not investigated. This is the main contribution of this study, and three intrusion detection architectures based on central and distributed placement of intrusion detection nodes are analyzed rigorously against different types of attacks and attackers at various locations in the RPL topology and evaluated from different aspects including their effectiveness, cost, and security.

Nadia A. Alfriehat,Mohammed Anbar,Shankar Karuppayah,Shaza Dawood Ahmed Rihan,Basim Ahmad Alabsi,Alaa M. Momani

DOI: https://doi.org/10.1109/access.2024.3368633

IF: 3.9

2024-03-06

IEEE Access

Abstract:The internet of things (IoT) is an emerging technological advancement with significant implications. It connects a wireless sensor or node network via low-power and lossy networks (LLN). The routing protocol over a low-power and lossy network (RPL) is the fundamental component of LLN. Its lightweight design effectively addresses the limitations imposed by bandwidth, energy, and memory on both LLNs and IoT devices. Notwithstanding its efficacy, RPL introduces susceptibilities, including the version number attack (VNA), which underscores the need for IoT systems to implement effective security protocols. This work reviews and categorizes the security mechanisms proposed in the literature to detect VNA against RPL-based IoT networks. The existing mechanisms are thoroughly discussed and analyzed regarding their performance, datasets, implementation details, and limitations. Furthermore, a qualitative comparison is presented to benchmark this work against existing studies, showcasing its uniqueness. Finally, this work analyzes research gaps and proposes future research avenues.

computer science, information systems,telecommunications,engineering, electrical & electronic