A Study of RPL DODAG Version Attacks

Best Paper AwardInternational audienceThe IETF designed the Routing Protocol for Low power and Lossy Networks (RPL) as a candidate for use in constrained networks. Keeping in mind the different requirements of such networks, the protocol was designed to support multiple routing topologies, called DODAGs, constructed using different objective functions, so as to optimize routing based on divergent metrics. A DODAG versioning system is incorporated into RPL in order to ensure that the topology does not become stale and that loops are not formed over time. However, an attacker can exploit this versioning system to gain an advantage in the topology and also acquire children that would be forced to route packets via this node. In this paper we present a study of possible attacks that exploit the DODAG version system. The impact on overhead, delivery ratio, end-to-end delay, rank inconsistencies and loops is studied

Gestion de risques appliquée aux réseaux RPL

National audienceLe principe de l'Internet des Objets se traduit par le déploiement de réseaux avec pertes et à faible puissance appelés réseaux LLN a . Ces réseaux permettent à de nombreux équipements embarqués comme des sondes ou des capteurs de pouvoir communiquer entre eux. Un protocole de routage appelé RPL b a été spécialement conçu par l'IETF pour répon-dre aux contraintes spécifiques qu'impose ce type de réseaux. Néanmoins, ce protocole reste exposé à de nombreuses attaques de sécurité. Si des mécanismes de protection existent, leur mise en oeuvre est coûteuse d'où l'intérêt d'une approche dynamique comme la gestion de risques permettant d'identifier, d'évaluer et de traiter les risques. Dans ce papier, nous pro-posons une approche de gestion de risques pour les réseaux RPL afin d'améliorer leur sécurité tout en minimisant la consommation de ressources induite par les contre-mesures. Nous en effectuons une évaluation à travers deux attaques spécifiques : l'attaque d'incohérence DAG et l'attaque sur le numéro de version. a. Low power and Lossy Networks b. Routing Protocol for LL

A Survey on Layer-Wise Security Attacks in IoT: Attacks, Countermeasures, and Open-Issues

© 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).Security is a mandatory issue in any network, where sensitive data are transferred safely in the required direction. Wireless sensor networks (WSNs) are the networks formed in hostile areas for different applications. Whatever the application, the WSNs must gather a large amount of sensitive data and send them to an authorized body, generally a sink. WSN has integrated with Internet-of-Things (IoT) via internet access in sensor nodes along with internet-connected devices. The data gathered with IoT are enormous, which are eventually collected by WSN over the Internet. Due to several resource constraints, it is challenging to design a secure sensor network, and for a secure IoT it is essential to have a secure WSN. Most of the traditional security techniques do not work well for WSN. The merger of IoT and WSN has opened new challenges in designing a secure network. In this paper, we have discussed the challenges of creating a secure WSN. This research reviews the layer-wise security protocols for WSN and IoT in the literature. There are several issues and challenges for a secure WSN and IoT, which we have addressed in this research. This research pinpoints the new research opportunities in the security issues of both WSN and IoT. This survey climaxes in abstruse psychoanalysis of the network layer attacks. Finally, various attacks on the network using Cooja, a simulator of ContikiOS, are simulated.Peer reviewe

Battery draining attacks against edge computing nodes in IoT networks

Many IoT devices, especially those deployed at the network edge have limited power resources. In this work, we study the effects of a variety of battery draining attacks against edge nodes. Specifically, we implemented hello flooding, packet flooding, selective forwarding, rank attack, and versioning attack in ContikiOS and simulated them in the Cooja simulator. We consider a number of relevant metrics, such as CPU time, low power mode time, TX/RX time, and battery consumption. Besides, we test the stretch attack with three different batteries as an extreme scenario. Our results show that versioning attack is the most severe in terms of draining the power resources of the network, followed by packet flooding and hello flooding attacks. Furthermore, we find that selective forwarding and rank attacks are not able to considerably increase the power resource usage in our scenarios. By quantifying the effects of these attacks, we demonstrate that under specific scenarios, versioning attack can be three to four times as effective as packet flooding and hello flooding attacks in wasting network resources. At the same time, packet flooding is generally comparable to hello flooding in CPU and TX time usage increase but twice as powerful in draining device batteries

Mitigation of Topological Inconsistency Attacks in RPL based Low Power Lossy Networks

International audienceRPL is a routing protocol for low-power and lossy networks. A malicious node can manipulate header options used by RPL to create topological inconsistencies, thereby causing denial of service attacks, reducing channel availability, increased control message overhead, and higher energy consumption at the targeted node and its neighborhood. RPL overcomes these topological inconsistencies via a fixed threshold, upon reaching which all subsequent packets with erroneous header options are ignored. However, this threshold value is arbitrarily chosen and the performance can be improved by taking into account network characteristics. To address this we present a mitigation strategy that allows nodes to dynamically adapt against a topological inconsistency attack based on the current network conditions. Results from our experiments show that our approach outperforms the fixed threshold and mitigates these attacks without significant overhead

Survey on RPL enhancements: a focus on topology, security and mobility

International audienceA few years ago, the IPv6 Routing Protocol for Low-power and Lossy Networks (RPL) was proposed by IETF as the routing standard designed for classes of networks in which both nodes and their interconnects are constrained. Since then, great attention has been paid by the scientific and industrial communities for the protocol evaluation and improvement. Indeed, depending on applications scenarios, constraints related to the target environments or other requirements, many adaptations and improvements can be made. So, since the initial release of the standard, several implementations were proposed, some targeting specific optimization goals whereas others would optimize several criteria while building the routing topology. They include, but are not limited to, extending the network lifetime, maximizing throughput at the sink node, avoiding the less secured nodes, considering nodes or sink mobility. Sometimes, to consider the Quality of Service (QoS), it is necessary to consider several of those criteria at the same time. This paper reviews recent works on RPL and highlights major contributions to its improvement, especially those related to topology optimization, security and mobility. We aim to provide an insight into relevant efforts around the protocol, draw some lessons and give useful guidelines for future developments

Security of the Internet of Things: Vulnerabilities, Attacks and Countermeasures

Wireless Sensor Networks (WSNs) constitute one of the most promising third-millennium technologies and have wide range of applications in our surrounding environment. The reason behind the vast adoption of WSNs in various applications is that they have tremendously appealing features, e.g., low production cost, low installation cost, unattended network operation, autonomous and longtime operation. WSNs have started to merge with the Internet of Things (IoT) through the introduction of Internet access capability in sensor nodes and sensing ability in Internet-connected devices. Thereby, the IoT is providing access to huge amount of data, collected by the WSNs, over the Internet. Hence, the security of IoT should start with foremost securing WSNs ahead of the other components. However, owing to the absence of a physical line-of-defense, i.e., there is no dedicated infrastructure such as gateways to watch and observe the flowing information in the network, security of WSNs along with IoT is of a big concern to the scientific community. More specifically, for the application areas in which CIA (confidentiality, integrity, availability) has prime importance, WSNs and emerging IoT technology might constitute an open avenue for the attackers. Besides, recent integration and collaboration of WSNs with IoT will open new challenges and problems in terms of security. Hence, this would be a nightmare for the individuals using these systems as well as the security administrators who are managing those networks. Therefore, a detailed review of security attacks towards WSNs and IoT, along with the techniques for prevention, detection, and mitigation of those attacks are provided in this paper. In this text, attacks are categorized and treated into mainly two parts, most or all types of attacks towards WSNs and IoT are investigated under that umbrella: “Passive Attacks” and “Active Attacks”. Understanding these attacks and their associated defense mechanisms will help paving a secure path towards the proliferation and public acceptance of IoT technology