Top

Telecommunication Systems

Published in:

26-05-2020

CoSec-RPL: detection of copycat attacks in RPL based 6LoWPANs using outlier analysis

Authors: Abhishek Verma, Virender Ranga

Published in: Telecommunication Systems | Issue 1/2020

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The IPv6 routing protocol for low-power and lossy networks (RPL) is the standard routing protocol for IPv6 based low-power wireless personal area networks (6LoWPANs). In RPL protocol, DODAG information object (DIO) messages are used to disseminate routing information to other nodes in the network. A malicious node may eavesdrop DIO messages of its neighbor nodes and later replay the captured DIO many times with fixed intervals. In this paper, we present and investigate one of the severe attacks named as a non-spoofed copycat attack, a type of replay based DoS attack against RPL protocol. It is shown that the non-spoofed copycat attack increases the average end-to-end delay (AE2ED) and packet delivery ratio of the network. Thus, to address this problem, an intrusion detection system (IDS) named CoSec-RPL is proposed in this paper. The attack detection logic of CoSec-RPL is primarily based on the idea of outlier detection (OD). CoSec-RPL significantly mitigates the effects of the non-spoofed copycat attack on the network’s performance. The effectiveness of the proposed IDS is compared with the standard RPL protocol. The experimental results indicate that CoSec-RPL detects and mitigates non-spoofed copycat attack efficiently in both static and mobile network scenarios without adding any significant overhead to the nodes. To the best of our knowledge, CoSec-RPL is the first RPL specific IDS that utilizes OD for intrusion detection in 6LoWPANs.

previous article Adaptive cooperation for free space optical communications

next article Broadcast and Reliable Coverage based Efficient Recursive Routing in Large-Scale WSNs

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

(2018) Internet Control Message Protocol version 6 (ICMPv6) Parameters. https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml. Retrieved April 19, 2018.

Adat, V., & Gupta, B. (2018). Security in internet of things: Issues, challenges, taxonomy, and architecture. Telecommunication Systems, 67(3), 423–441.CrossRef

Airehrour, D., Gutierrez, J., & Ray, S. K. (2016). Secure routing for internet of things: A survey. Journal of Network and Computer Applications, 66, 198–213.CrossRef

Airehrour, D., Gutierrez, J. A., & Ray, S. K. (2018). SecTrust -RPL: A secure trust-aware RPL routing protocol for Internet of Things. Future Generation Computer Systems.

Alaba, F. A., Othman, M., Hashem, I. A. T., & Alotaibi, F. (2017). Internet of Things security: A survey. Journal of Network and Computer Applications, 88, 10–28.CrossRef

Ammar, M., Russello, G., & Crispo, B. (2018). Internet of things: A survey on the security of iot frameworks. Journal of Information Security and Applications, 38, 8–27.CrossRef

Ancillotti, E., Bolettieri, S., & Bruno, R. (2018). Rtt-based congestion control for the internet of things. In International conference on wired/wireless internet communication (pp 3–15). Berlin: Springer.

Ashton, K. (2009). That ‘internet of things’ thing. RFID Journal, 22(7), 97–114.

Barnett, V., & Lewis, T. (1974). Outliers in statistical data. London: Wiley.

10.

Bostani, H., & Sheikhan, M. (2017). Hybrid of anomaly-based and specification-based IDS for Internet of Things using unsupervised OPF based on MapReduce approach. Computer Communications.

11.

Domingues, R., Filippone, M., Michiardi, P., & Zouaoui, J. (2018). A comparative evaluation of outlier detection algorithms: Experiments and analyses. Pattern Recognition, 74, 406–421.CrossRef

12.

Dunkels, A., Schmidt, O., Finne, N., Eriksson, J., Österlind, F., & Durvy, N. T. M. (2011). The contiki os: The operating system for the internet of things. http://www.contikios.org. Retrieved March 10, 2020.

13.

Gaddour, O., & Koubâa, A. (2012). RPL in a nutshell: A survey. Computer Networks, 56(14), 3163–3178.CrossRef

14.

Gara, F., Saad, L. B., & Ayed, R. B. (2017). An efficient intrusion detection system for selective forwarding and clone attackers in ipv6-based wireless sensor networks under mobility. International Journal on Semantic Web and Information Systems (IJSWIS), 13(3), 22–47.CrossRef

15.

Ghaleb, B., Al-Dubai, A., Ekonomou, E., Qasem, M., Romdhani, I., & Mackenzie, L. (2018a). Addressing the DAO Insider Attack in RPL’s Internet of Things Networks. IEEE Communications Letters, 23(1), 68–71.CrossRef

16.

Ghaleb, B., Al-Dubai, A. Y., Ekonomou, E., Alsarhan, A., Nasser, Y., Mackenzie, L. M., et al. (2018b). A survey of limitations and enhancements of the ipv6 routing protocol for low-power and lossy networks: A focus on core operations. IEEE Communications Surveys & Tutorials, 21(2), 1607–1635.CrossRef

17.

Gnawali, O., & Levis, P. (2010). The ETX Objective Function for RPL. draft-gnawali-roll-etxof-01. URL https://tools.ietf.org/html/draft-gnawali-roll-etxof-00.

18.

Gnawali, O., & Levis, P. (2012). The minimum rank with hysteresis objective function. Tech. rep., https://tools.ietf.org/html/rfc6719.

19.

Gungor, V. C., & Hancke, G. P. (2009). Industrial wireless sensor networks: Challenges, design principles, and technical approaches. IEEE Transactions on Industrial Electronics, 56(10), 4258–4265.CrossRef

20.

Hamid, M. A., Rashid, M., & Hong, C. S. (2006). Routing security in sensor network: Hello flood attack and defense. In IEEE, Proceedings of First International Conference on Next-Generation Wireless Systems (ICNEWS) (pp 2–4).

21.

Hoaglin, D. C. (2003). John W. Tukey and data analysis. Statistical Science (pp. 311–318).

22.

Hui, J. W. (2012). The routing protocol for low-power and lossy networks (RPL) option for carrying RPL information in data-plane datagrams. https://tools.ietf.org/html/rfc6553.

23.

IDC (2019). IDC Forecasts Worldwide Spending on the Internet of Things to Reach \$745 Billion in 2019, Led by the Manufacturing, Consumer, Transportation, and Utilities Sectors. https://www.idc.com/getdoc.jsp?containerId=prUS44596319. Retrieved August 25, 2019.

24.

IDC (2020). The Growth in Connected IoT Devices Is Expected to Generate 79.4ZB of Data in 2025, According to a New IDC Forecast. https://www.idc.com/getdoc.jsp?containerId=prUS45213219. Retrieved March 8, 2020.

25.

Jabez, J., & Muthukumar, B. (2015). Intrusion detection system (IDS): Anomaly detection using outlier detection approach. Procedia Computer Science, 48, 338–346.CrossRef

26.

Kabilan, K., Bhalaji, N., Selvaraj, C., Kumaar, M., & Karthikeyan, P. (2018). Performance analysis of IoT protocol under different mobility models. Computers & Electrical Engineering, 72, 154–168.CrossRef

27.

Kanaris, L., Sergiou, C., Kokkinis, A., Pafitis, A., Antoniou, N., & Stavrou, S. (2019). On the realistic radio and network planning of iot sensor networks. Sensors, 19(15), 3264.CrossRef

28.

Kumar, N., & Kumar, U. (2016). Anomaly-based network intrusion detection: An outlier detection techniques. In International Conference on Soft Computing and Pattern Recognition (pp. 262–269). Berlin: Springer.

29.

Le, A., Loo, J., Lasebae, A., Vinel, A., Chen, Y., & Chai, M. (2013). The impact of rank attack on network topology of routing protocol for low-power and lossy networks. IEEE Sensors Journal, 13(10), 3685–3692.CrossRef

30.

Le, A., Loo, J., Chai, K., & Aiash, M. (2016). A specification-based IDS for detecting attacks on RPL-based network topology. Information, 7(2), 25.CrossRef

31.

Levis, P., Clausen, T., Hui, J., Gnawali, O., & Ko, J. (2011). The trickle algorithm. Tech. rep. https://tools.ietf.org/html/rfc6206.

32.

Malik, M., Dutta, M., & Granjal, J. (2019). A survey of key bootstrapping protocols based on public key cryptography in the Internet of Things. IEEE Access, 7, 27443–27464.CrossRef

33.

Mayzaud, A., Sehgal, A., Badonnel, R., Chrisment, I., & Schönwälder, J. (2014). A study of RPL DODAG version attacks. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) 8508 LNCS:92–104.

34.

Mayzaud, A., Sehgal, A., Badonnel, R., Chrisment, I., & Schönwälder, J. (2015). Mitigation of topological inconsistency attacks in RPL-based low-power lossy networks. International Journal of Network Management, 25(5), 320–339.CrossRef

35.

Mayzaud, A., Badonnel, R., & Chrisment, I. (2016a). Detecting version number attacks using a distributed monitoring architecture. In Proceedings of IEEE/IFIP/In Assoc with ACM SIGCOMM international conference on network and service management (CNSM 2016) (pp. 127–135).

36.

Mayzaud, A., Sehgal, A., Badonnel, R., Chrisment, I., & Schönwälder, J. (2016b). Using the RPL protocol for supporting passive monitoring in the Internet of Things. In Proceedings of the NOMS 2016—2016 IEEE/IFIP network operations and management symposium (pp. 366–374).

37.

Mayzaud, A., Badonnel, R., & Chrisment, I. (2017). A distributed monitoring strategy for detecting version number attacks in RPL-based networks. IEEE Transactions on Network and Service Management, 14(2), 472–486.CrossRef

38.

Medjek, F., Tandjaoui, D., Romdhani, I., & Djedjig, N. (2018). Security threats in the internet of things: Rpl’s attacks and countermeasures. In Security and privacy in smart sensor networks, IGI Global (pp. 147–178).

39.

Mohammadi, P., & Ghaffari, A. (2019). Defending against flooding attacks in mobile ad-hoc networks based on statistical analysis. Wireless Personal Communications, 106(2), 365–376.CrossRef

40.

Musaddiq, A., Zikria, Y. B., Hahm, O., Yu, H., Bashir, A. K., & Kim, S. W. (2018). A survey on resource management in IoT operating systems. IEEE Access, 6, 8459–8482.CrossRef

41.

Čolaković, A., & Hadžialić, M. (2018). Internet of Things (IoT): A review of enabling technologies, challenges, and open research issues. Computer Networks, 144, 17–39.CrossRef

42.

Pathan, A. S. K., Lee, H. W., & Hong, C. S. (2006). Security in wireless sensor networks: Issues and challenges. IEEE, 2006 8th international conference advanced communication technology (pp. 1043–1048).

43.

Perazzo, P., Vallati, C., Anastasi, G., & Dini, G. (2017a). DIO suppression attack against routing in the Internet of Things. IEEE Communications Letters, 21(11), 2524–2527.CrossRef

44.

Perazzo, P., Vallati, C., Arena, A., Anastasi, G., & Dini, G. (2017b). An implementation and evaluation of the security features of RPL. In Lecture Notes in Computer Science (including subseries Lecture notes in artificial intelligence and lecture notes in bioinformatics).

45.

Raoof, A., Matrawy, A., & Lung, C. (2019). Routing attacks and mitigation methods for RPL-based Internet of Things. IEEE Communications Surveys Tutorials, 21(2), 1582–1606.CrossRef

46.

Raymond, D. R., & Midkiff, S. F. (2008). Denial-of-service in wireless sensor networks: Attacks and defenses. IEEE Pervasive Computing, 1, 74–81.CrossRef

47.

Raza, S. (2013). Lightweight security solutions for the internet of things. PhD thesis, SICS. http://soda.swedishict.se/5548/.

48.

Raza, S., Wallgren, L., & Voigt, T. (2013). Svelte: Real-time intrusion detection in the internet of things. Ad Hoc Networks, 11(8), 2661–2674.CrossRef

49.

Seeber, S., Sehgal, A., Stelte, B., Rodosek, G. D., & Schonwalder, J. (2013). Towards a trust computing architecture for RPL in Cyber Physical Systems. In 2013 9th International conference on network and service management (CNSM), IEEE (pp. 134–137).

50.

Sfar, A. R., Natalizio, E., Challal, Y., & Chtourou, Z. (2018). A roadmap for security challenges in the Internet of Things. Digital Communications and Networks, 4(2), 118–137.CrossRef

51.

Shamsoshoara, A., Korenda, A., Afghah, F., & Zeadally, S. (2019). A survey on hardware-based security mechanisms for internet of things. arXiv preprint arXiv:1907.12525

52.

Thubert, P. (2012). Objective function zero for the routing protocol for low-power and lossy networks (rpl). Tech. rep. https://www.rfc-editor.org/info/rfc6552.

53.

Thulasiraman, P., & Wang, Y. (2019). A lightweight trust-based security architecture for RPL in mobile IoT networks. In 2019 16th IEEE annual consumer communications & networking conference (CCNC), IEEE (pp 1–6).

54.

Tripathi, J. (2014). On design, evaluation and enhancement of IP-based routing solutions for low power and lossy networks. PhD thesis, Drexel University.

55.

Tsao, T., Alexander, R., Dohler, M., Daza, V., Lozano, A., & Richardson, M. (2015). A security threat analysis for the routing protocol for low-power and lossy networks (rpls). Tech. rep. https://doi.org/10.1007/978-0-387-78875-3_9.

56.

Vallati, C. (2019). Personal communication.

57.

Vasseur, J., Agarwal, N., Hui, J., Shelby, Z., Bertrand, P., & Chauvenet, C. (2011). RPL: The IP routing protocol designed for low power and lossy networks. Internet Protocol for Smart Objects (IPSO) Alliance 36. http://www.ipso-alliance.org/wp-content/media/rpl.pdf.

58.

Verma, A., & Ranga, V. (2019a). Addressing flooding attacks in IPv6-based low power and lossy networks. In TENCON 2019-2019 IEEE Region 10 Conference (TENCON), IEEE (pp 552–557).

59.

Verma, A., & Ranga, V. (2019b). ELNIDS: Ensemble learning based network intrusion detection system for RPL based Internet of Things. In 2019 4th International conference on Internet of Things: Smart innovation and usages (IoT-SIU), IEEE (pp 1–6).

60.

Verma, A., & Ranga, V. (2019c). Evaluation of network intrusion detection systems for RPL based 6LoWPAN networks in IoT. Wireless Personal Communications (pp. 1–24).

61.

Verma, A., & Ranga, V. (2020). Mitigation of DIS flooding attacks in RPL-based 6LoWPAN networks. Transactions on Emerging Telecommunications Technologies, 31(2), e3802.CrossRef

62.

Verma, A., & Ranga, V. (2020). Security of RPL based 6LoWPAN networks in the Internet of Things: A review. IEEE Sensors Journal. https://doi.org/10.1109/JSEN.2020.2973677. Early Access.

63.

Wadhaj, I., Ghaleb, B., Thomson, C., Al-Dubai, A., & Buchanan, W. J. (2020). Mitigation mechanisms against the DAO attack on the routing protocol for low power and lossy networks (RPL). IEEE Access, 8, 43665–43675.CrossRef

64.

Wallgren, L., Raza, S., & Voigt, T. (2013). Routing attacks and countermeasures in the RPL-based Internet of Things. International Journal of Distributed Sensor Networks, 9(8), 794326.CrossRef

65.

Wang, H., Li, H., Fang, J., & Wang, H. (2018). Robust Gaussian Kalman filter with outlier detection. IEEE Signal Processing Letters, 25(8), 1236–1240.CrossRef

66.

Wang, J., Chalhoub, G., Tall, H., & Misson, M. (2017). Routing protocol enhancement for mobility support in wireless sensor networks. In International conference on ad-hoc networks and wireless (pp 262–275). Berlin: Springer.

67.

Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, J. P., & Alexander, R. (2012). RPL: IPv6 routing protocol for low-power and lossy networks. Tech. rep. https://tools.ietf.org/html/rfc6550.

68.

Xie, W., Goyal, M., Hosseini, H., Martocci, J., Bashir, Y., Baccelli, E., & Durresi, A. (2010). Routing loops in dag-based low power and lossy networks. In 2010 24th IEEE international conference on advanced information networking and applications (AINA), IEEE (pp. 888–895).

69.

Xu, L. D., He, W., & Li, S. (2014). Internet of Things in industries: A survey. IEEE Transactions on Industrial Informatics, 10(4), 2233–2243.CrossRef

70.

Yang, Y., Wu, L., Yin, G., Li, L., & Zhao, H. (2017). A survey on security and privacy issues in Internet-of-Things. IEEE Internet of Things Journal, 4(5), 1250–1258.CrossRef

71.

Zhi, T., Luo, H., & Liu, Y. (2018). A Gini impurity-based interest flooding attack defence mechanism in NDN. IEEE Communications Letters, 22(3), 538–541.CrossRef

72.

Ziegeldorf, J. H., Morchon, O. G., & Wehrle, K. (2014). Privacy in the Internet of Things: Threats and challenges. Security and Communication Networks, 7(12), 2728–2742.CrossRef

Title: CoSec-RPL: detection of copycat attacks in RPL based 6LoWPANs using outlier analysis
Authors: Abhishek Verma
Virender Ranga
Publication date: 26-05-2020
Publisher: Springer US
Published in: Telecommunication Systems / Issue 1/2020
Print ISSN: 1018-4864
Electronic ISSN: 1572-9451
DOI: https://doi.org/10.1007/s11235-020-00674-w

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 1/2020

TV white spaces exploration for cognitive radio: taxonomy and research issues

QoS-aware multi-path video streaming for urban VANETs using ACO algorithm

Adaptive cooperation for free space optical communications

Broadcast and Reliable Coverage based Efficient Recursive Routing in Large-Scale WSNs

Energy efficiency optimization in MIMO heterogeneous wireless powered communication networks

Achieving privacy protection for crowdsourcing application in edge-assistant vehicular networking