Biblio

Low power and lossy network (LLN) comprising of constrained devices like sensors and RFIDs, is a major component in the Internet of Things (IoT) environment as these devices provide global connectivity to physical devices or “Things”. LLNs are tied to the Internet or any High Performance Computing environment via an adaptation layer called 6LoWPAN (IPv6 over Low power Personal Area Network). The routing protocol used by 6LoWPAN is RPL (IPv6 Routing Protocol over LLN). Like many other routing protocols, RPL is susceptible to blackhole attacks which cause topological isolation for a subset of nodes in the LLN. A malicious node instigating the blackhole attack drops received packets from nodes in its subtree which it is supposed to forward. Thus, the malicious node successfully isolates nodes in its subtree from the rest of the network. In this paper, we propose an algorithm based on the concept of exponential smoothing to detect the topological isolation of nodes due to blackhole attack. Exponential smoothing is a technique for smoothing time series data using the exponential window function and is used for short, medium and long term forecasting. In our proposed algorithm, exponential smoothing is used to estimate the next arrival time of packets at the sink node from every other node in the LLN. Using this estimation, the algorithm is designed to identify the malicious nodes instigating blackhole attack in real time.

A significant segment of the Internet of Things (IoT) is the resource constrained Low Power and Lossy Networks (LLNs). The communication protocol used in LLNs is 6LOWPAN (IPv6 over Low-power Wireless Personal Area Network) which makes use of RPL (IPv6 Routing Protocol over Low power and Lossy network) as its routing protocol. In recent times, several security breaches in IoT networks occurred by targeting routers to instigate various DDoS (Distributed Denial of Service) attacks. Hence, routing security has become an important problem in securing the IoT environment. Though RPL meets all the routing requirements of LLNs, it is important to perform a holistic security assessment of RPL as it is susceptible to many security attacks. An important attribute of RPL is its rank property. The rank property defines the placement of sensor nodes in the RPL DODAG (Destination Oriented Directed Acyclic Graphs) based on an Objective Function. Examples of Objective Functions include Expected Transmission Count, Packet Delivery Rate etc. Rank property assists in routing path optimization, reducing control overhead and maintaining a loop free topology through rank based data path validation. In this paper, we investigate the vulnerabilities of the rank property of RPL by constructing an Attack Graph. For the construction of the Attack Graph we analyzed all the possible threats associated with rank property. Through our investigation we found that violation of protocols related to rank property results in several RPL attacks causing topological sub-optimization, topological isolation, resource consumption and traffic disruption. Routing security essentially comprises mechanisms to ensure correct implementation of the routing protocol. In this paper, we also present some observations which can be used to devise mechanisms to prevent the exploitation of the vulnerabilities of the rank property.