Biblio

Although 6LoWPAN has brought about a revolutionary leap in networking for Low-power Lossy Networks, challenges still exist, including security concerns that are yet to answer. The most common type of attack on 6LoWPANs is the network layer, especially routing attacks, since the very members of a 6LoWPAN network have to carry out packet forwarding for the whole network. According to the initial purpose of IoT, these nodes are expected to be resource-deficient electronic devices with an utterly stochastic time pattern of attachment or detachment from a network. This issue makes preserving their authenticity or identifying their malignity hard, if not impossible. Since 6LoWPAN is a successor and a hybrid of previously developed wireless technologies, it is inherently prone to cyber-attacks shared with its predecessors, especially Wireless Sensor Networks (WSNs) and WPANs. On the other hand, multiple attacks have been uniquely developed for 6LoWPANs due to the unique design of the network layer protocol of 6LoWPANs known as RPL. While there exist publications about attacks on 6LoWPANs, a comprehensive survey exclusively on RPL-specific attacks is felt missing to bold the discrimination between the RPL-specific and non-specific attacks. Hence, the urge behind this paper is to gather all known attacks unique to RPL in a single volume.

With large scale generation and exchange of data between IoT devices and constrained IoT security to protect data communication, it becomes easy for attackers to compromise data routes. In IoT networks, IPv6 Routing Protocol is the de facto routing protocol for Low Power and Lossy Networks (RPL). RPL offers limited security against several RPL-specific and WSN-inherited attacks in IoT applications. Additionally, IoT devices are limited in memory, processing, and power to operate properly using the traditional Internet and routing security solutions. Several mitigation schemes for the security of IoT networks and routing, have been proposed including Machine Learning-based, IDS-based, and Trust-based approaches. In existing trust-based methods, mobility of nodes is not considered at all or its insufficient for mobile sink nodes, specifically for security against RPL attacks. This research work proposes a conceptual design, named SMTrust, for security of routing protocol in IoT, considering the mobility-based trust metrics. The proposed solution intends to provide defense against popular RPL attacks, for example, Blackhole, Greyhole, Rank, Version Number attacks, etc. We believe that SMTrust shall provide better network performance for attacks detection accuracy, mobility and scalability as compared to existing trust models, such as, DCTM-RPL and SecTrust-RPL. The novelty of our solution is that it considers the mobility metrics of the sensor nodes as well as the sink nodes, which has not been addressed by the existing models. This consideration makes it suitable for mobile IoT environment. The proposed design of SMTrust, as secure routing protocol, when embedded in RPL, shall ensure confidentiality, integrity, and availability among the sensor nodes during routing process in IoT communication and networks.

The Internet of Things (IoT) integrates the Internet and electronic devices belonging to different domains, such as smart home automation, industrial processes, military applications, health, and environmental monitoring. Usually, IoT devices have limited resources and Low Power and Lossy Networks (LLNs) are being used to interconnect such devices. Routing Protocol for Low-Power and Lossy Networks (RPL) is one of the preferred routing protocols for this type of network, since it was specially developed for LLNs, also known as IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN). In this paper the most well-known routing attacks against 6LoWPAN networks were studied and implemented through simulation, conducting a behavioral analysis of network components (resources, topology, and data traffic) under attack condition. In order to achieve a better understanding on how attacks in 6LoWPAN work, we first conducted a study on 6LoWPAN networks and RPL protocol functioning. Furthermore, we also studied a series of well-known routing attacks against this type of Wireless Sensor Networks and these attacks were then simulated using Cooja simulator provided by Contiki operating system. The results obtained after the simulations are discussed along with other previous researches. This analysis may be of real interest when it comes to identify indicators of compromise for each type of attack and appropriate countermeasures for prevention and detection of these attacks.

A significant segment of the Internet of Things (IoT) is the resource constrained Low Power and Lossy Networks (LLNs). The communication protocol used in LLNs is 6LOWPAN (IPv6 over Low-power Wireless Personal Area Network) which makes use of RPL (IPv6 Routing Protocol over Low power and Lossy network) as its routing protocol. In recent times, several security breaches in IoT networks occurred by targeting routers to instigate various DDoS (Distributed Denial of Service) attacks. Hence, routing security has become an important problem in securing the IoT environment. Though RPL meets all the routing requirements of LLNs, it is important to perform a holistic security assessment of RPL as it is susceptible to many security attacks. An important attribute of RPL is its rank property. The rank property defines the placement of sensor nodes in the RPL DODAG (Destination Oriented Directed Acyclic Graphs) based on an Objective Function. Examples of Objective Functions include Expected Transmission Count, Packet Delivery Rate etc. Rank property assists in routing path optimization, reducing control overhead and maintaining a loop free topology through rank based data path validation. In this paper, we investigate the vulnerabilities of the rank property of RPL by constructing an Attack Graph. For the construction of the Attack Graph we analyzed all the possible threats associated with rank property. Through our investigation we found that violation of protocols related to rank property results in several RPL attacks causing topological sub-optimization, topological isolation, resource consumption and traffic disruption. Routing security essentially comprises mechanisms to ensure correct implementation of the routing protocol. In this paper, we also present some observations which can be used to devise mechanisms to prevent the exploitation of the vulnerabilities of the rank property.