A potential flooding version number attack against RPL based IOT networks

Mehdi Rouissat; Mohammed Belkheir; Hichem Sid Ahmed Belkhira

doi:10.2478/jee-2022-0035

Abstract

Routing protocol for low power and lossy networks (RPL) has been proposed for power, memory, and processing constrained devices. Owing to their constrained, RPL-based networks are exposed to a wide range of security attacks that mainly include control message tampering. In this paper we propose and study a modified version number attack, based on flooding the network by falsified incremented version numbers. The obtained results show that the modified attack led to an immense increase in the overhead, 1426%, compared with the attack-free case, and an increase of 182 % in the total energy consumption. When it comes to PDR a degradation to 4.7% has been recorded, affecting the reliability of the network. On the other hand, the latency also showed an increase from 0.24 s in the attack-free case to 0.89 s, which is mainly due to the high congestion created by the attack.

References

[1] T. Winter et al, “RPL: IPv6 Routing Protocol for Low Power and Lossy Networks”, Internet Requests for Comments, RFC Editor, RFC 6550, March, https://ietf.org/doc/rfc6550/, 2012.
Search in Google Scholar Back to article
[2] A. Raoof, A. Matrawy, and C. Lung,“Secure Routing in IoT: Evaluation of RPL’s Secure Mode under Attacks”, IEEE Global Communications Conference, (GLOBECOM), pp. 1-6, 2019.10.1109/GLOBECOM38437.2019.9013120
Search in Google Scholar Back to article
[3] J. Granjal, E. Monteiro, and J. Silva, “Security for the Internet of Things: A Survey of Existing Protocols and Open Research Issues”, IEEE Comm. Surveys and Tutorials, vol. 17, no. 3, pp. 1294-1312, doi :10.1109/COMST..2388550, 2015.
Open DOI Search in Google Scholar Back to article
[4] S. Y. Hashemi and F. S. Aliee, “Dynamic and comprehensive trust model for IoT and its integration into RPL”, The Journal of Supercomputing, vol. 75, no. 7, pp 3555–3584, doi: 10.1007/s11227-018-2700-3, 2019.
Open DOI Search in Google Scholar Back to article
[5] F. Ahmed and Y. Ko, “Mitigation of black hole attacks in Routing Protocol for Low Power and Lossy Networks”, Security and Communication Networks, vol. 9, pp. 5143–5154, doi:10.1002/sec.1684, 2016.10.1002/sec.1684
Search in Google Scholar Back to article
[6] S. M. H. Mirshahjafari and B. S. Ghahfarokhi, “Sinkhole+CloneID: A hybrid attack on RPL performance and detection method”, Information Security Journal: A Global Perspective, vol. 28, pp. 107-119, doi: 10.1080/19393555.1658829, 2019.10.1080/19393555.2019.1658829
Search in Google Scholar Back to article
[7] A. Musaddiq, Y. B. Zikria et al, “Routing protocol forLow-Power and Lossy Networks for heterogeneous traffic network”, J Wireless Com Network, vol. 21, doi: 10.1186/s13638-020-1645-4, 2020.
Open DOI Search in Google Scholar Back to article
[8] U. Shafique, A. Khan, A. Rehman, et al, “Detection of rank attack in routing protocol for Low Power and Lossy Networks”, Ann.Telecommun., vol. 73, pp. 429–438, doi: 10.1007/s12243-018-0645-4, 2018.
Open DOI Search in Google Scholar Back to article
[9] A. Raoof, A. Matrawy, and C.-H. Lung, “Routing Attacks and Mitigation Methods for RPL-Based Internet of Things”, IEEE Communications Surveys & Tutorials, vol. 21, no. 2, pp. 1582-1606, Secondquarter, doi:10.1109/COMST.2018.288 5894, 2019.10.1109/COMST.2018.2885894
Search in Google Scholar Back to article
[10] H. Pereira, G. L. Moritz, R. D. Souza, A. Munaretto, and M. Fonseca, “Increased Network Lifetime and Load Balancing Based on Network Interface Average Power Metric for RPL”, IEEE Access, vol. 8, pp. 48686-48696, doi: 10.1109/ACCESS.29 79834, 2020.
Open DOI Search in Google Scholar Back to article
[11] B. V. P. Levis, T. H. Clausen, O. Gnawali, J. Hui, and J. Ko, The Trickle Algorithm, RFC 6206, March, https://www.rfc-editor.org/info/rfc6206, 2011.10.17487/rfc6206
Search in Google Scholar Back to article
[12] H. Lamaazi and N. Benamar, “RPL Enhancement Based FL-Trickle: A Novel Flexible Trickle Algorithm for Low Power and Lossy Networks”, Wireless Pers. Commun., 110, 1403–1428, doi.org/10. 1007/s11277-019-06792-2, 2020.10.1007/s11277-019-06792-2
Search in Google Scholar Back to article
[13] H. Kharrufa, H. A. A. Al-Kashoash, and A. H. Kemp, “RPL-Based Routing Protocols in IoT Applications: A Review”, IEEE Sensors Journal, vol. 19, no. 15, pp. 5952-5967, doi: 10.1109/JSEN.29 10881, 2019.10.1109/JSEN.2019.2910881
Search in Google Scholar Back to article
[14] A. Verma and V. Ranga, “Mitigation of DIS flooding attacks in RPL-based 6LoWPAN networks, Transactions on Emerging Telecommunications Technologies, vol. 31, no. 2, pp. e3802, doi:10.1002/ett.3802, 2020.10.1002/ett.3802
Search in Google Scholar Back to article
[15] M. Sain, Y. J. Kang, and H. J. Lee, “Survey on security in Internet of Things: State of the art and challenges”, 19th International Conference on Advanced Communication Technology (ICACT), pp. 699–704, 2017.10.23919/ICACT.2017.7890183
Search in Google Scholar Back to article
[16] A. Verma and V. Ranga, “Security of RPL Based 6LoWPAN Networks on the Internet of Things: A Review”, IEEE Sensors Journal, vol. 20, no. 11, pp. 5666-5690, doi: 10.1109/JSEN.29736 77, 2020.10.1109/JSEN.2020.2973677
Search in Google Scholar Back to article
[17] R. Sahay et al, “A holistic framework for prediction of routing attacks in IoT-LLNs”, The Journal of Supercomputing, vol. 78, pp 1409-1433, doi: 10.1007/s11227-0211-03922-1, 2021.10.1007/s11227-021-03922-1
Search in Google Scholar Back to article
[18] A. Mayzaud et al, “A Taxonomy of Attacks in RPL-based Internet of Things”, Int. J. Netw. Secur., vol. 18, pp 459-473, doi: 10.6633/IJNS.05.18(3).07, 2016.
Open DOI Search in Google Scholar Back to article
[19] P. O. Kamgueu et al, “Survey on RPL enhancements: A focus on topology, security and mobility”, Computer Communications, vol. 120, pp. 10-21, doi: 10.1016/j.comcom.02.011, 2018.10.1016/j.comcom.2018.02.011
Search in Google Scholar Back to article
[20] A. Aris and S. F. Oktug, “Analysis of the RPL Version Number Attack with Multiple Attackers”, International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), pp. 1-8, doi: 10.1109/CyberSA49311..9139695, 2020.10.1109/CyberSA49311.2020.9139695
Search in Google Scholar Back to article
[21] P. P. Ioulianou et al, “Battery Drain Denial-of-Service Attacks and Defenses in the Internet of Things”, Journal of Telecommunications and Information Technology, no. 2, pp. 37-45., doi: 10.26636/jtit.131919, 2019.10.26636/jtit.2019.131919
Search in Google Scholar Back to article
[22] A. Aris, S. F. Oktug, and S. B. O. Yalcin, “RPL version number attacks: In-depth study”, NOMS - IEEE/IFIP Network Operations and Management Symposium, pp. 776-779, doi: 10.1109/NOMS.7502897, 2016.10.1109/NOMS.2016.7502897
Search in Google Scholar Back to article
[23] A. Mayzaud, R. Badonel, and I. Chrissment “A Distributed Monitoring Strategy for Detecting Version Number Attacks in RPL-Based Networks”, IEEE Transactions on Network and Service Management, vol. 14, pp. 472-486, doi: 10.1109/TNSM.270 5290, 2017.10.1109/TNSM.2017.2705290
Search in Google Scholar Back to article
[24] Contiki rpl, https://github.com/Contiki-os/contiki/blob/release-3-0/, 2021,.
Search in Google Scholar Back to article
[25] M. Palattella, N. Accettura, X. Vilajosana, T. Watteyne, L. Grieco, G. Boggia, and M. Dohler, “Standardized Protocol Stack for the Internet of (Important) Things”, IEEE Communications Surveys Tutorials, vol. 15, no. 3, pp. 1389–1406, Third, doi: 10.1109/SURV.2012.111412.00158, 2013.10.1109/SURV.2012.111412.00158
Search in Google Scholar Back to article
[26] I. Wadhaj et al, “Mitigation Mechanisms Against the DAO Attack on the Routing Protocol for Low Power and Lossy Networks (RPL)” IEEE Access, vol. 8, pp. 43665-43675, doi: 10.1109/ACCESS.2977476, 2020.10.1109/ACCESS.2020.2977476
Search in Google Scholar Back to article
[27] F. Osterlind, “A Sensor Network Simulator for the Contiki OS”, Technical Report, Tech. Rep, May, 2006.
Search in Google Scholar Back to article
[28] S. L. Advancare, Zolertia: Z1 datasheet, http://zolertia.sourceforge.net/wiki/images/e/e8/Z1_RevC_Datasheet.pdf, 2010.
Search in Google Scholar Back to article
[29] M. A. Nasab, S. Shamshirband, A. Chronopoulos, A. Mosavi, and N. Nabipour, “Energy-Efficient Method for Wireless Sensor Networks Low-Power Radio Operation in Internet of Things”, Electronics, vol. 9, no. 2, pp. 320–333, Feb., doi: 10.3390/electro nics9020320, 2020.
Open DOI Search in Google Scholar Back to article
[30] S. S. Solapure and H. H. Kenchannavar, “Design and analysis of RPL objective functions using variant routing metrics for IoT applications”, Wireless Networks, vol. 26, no. 3, doi: 10.1007/s11276-020-02348-6.
Open DOI Search in Google Scholar Back to article

A potential flooding version number attack against RPL based IOT networks

Abstract

Paradigm

My account