Topology Construction in RPL Networks over Beacon-Enabled 802.15.4

In this paper, we propose a new scheme that allows coupling beacon-enabled IEEE 802.15.4 with the RPL routing protocol while keeping full compliance with both standards. We provide a means for RPL to pass the routing information to Layer 2 before the 802.15.4 topology is created by encapsulating RPL DIO messages in beacon frames. The scheme takes advantage of 802.15.4 command frames to solicit RPL DIO messages. The effect of the command frames is to reset the Trickle timer that governs sending DIO messages. We provide a detailed analysis of the overhead incurred by the proposed scheme to understand topology construction costs. We have evaluated the scheme using Contiki and the instruction-level Cooja simulator and compared our results against the most common scheme used for dissemination of the upper-layer information in beacon-enabled PANs. The results show energy savings during the topology construction phase and in the steady state

IETF standardization in the field of the Internet of Things (IoT): a survey

Smart embedded objects will become an important part of what is called the Internet of Things. However, the integration of embedded devices into the Internet introduces several challenges, since many of the existing Internet technologies and protocols were not designed for this class of devices. In the past few years, there have been many efforts to enable the extension of Internet technologies to constrained devices. Initially, this resulted in proprietary protocols and architectures. Later, the integration of constrained devices into the Internet was embraced by IETF, moving towards standardized IP-based protocols. In this paper, we will briefly review the history of integrating constrained devices into the Internet, followed by an extensive overview of IETF standardization work in the 6LoWPAN, ROLL and CoRE working groups. This is complemented with a broad overview of related research results that illustrate how this work can be extended or used to tackle other problems and with a discussion on open issues and challenges. As such the aim of this paper is twofold: apart from giving readers solid insights in IETF standardization work on the Internet of Things, it also aims to encourage readers to further explore the world of Internet-connected objects, pointing to future research opportunities

A RPL based adaptive and scalable data-collection protocol module for NS-3 simulation platform

International audienceThis paper presents data-collection protocol framework based on RPL (IPv6 Routing Protocol for Low Power and Lossy Networks) for NS-3 (Network Simulator 3) simulation platform. Its design, implementation, simple examples of operations and evaluations will also be demonstrated. The conclusions and future developments are located in the final part of this paper

Use of Clustering-based Routing Protocols in Low Power and Lossy Networks � A Survey

Internet of Things (IoT) is the one of the emerging field today, which consists of various resource-constrained devices that are limited in resources and work in the lossy wireless network. Therefore, IoT requires efficient routing protocol so that devices can communicate fast and power efficiently. Among different protocols available for wireless networks, Routing Protocol for Low Power and Lossy Networks (RPL) is a protocol specially standardized by IETF for efficient communication between IoT devices. Routing technique is one of the important factors of a routing protocol, which affects the performance of a protocol. In recent years, researchers contributed to improving RPL performance by providing various solutions and clustering is one of those ways to improve RPL performance by using Cluster- parent based Destination Oriented Directed Acyclic Graph (DODAG). In this paper, we discuss the various clustering-based routing protocols in a Low power and lossy networks (LLNs) and concludes that this survey might be helpful for future researchers

Performance analysis of Routing Protocol for Low power and Lossy Networks (RPL) in large scale networks

With growing needs to better understand our environments, the Internet-of-Things (IoT) is gaining importance among information and communication technologies. IoT will enable billions of intelligent devices and networks, such as wireless sensor networks (WSNs), to be connected and integrated with computer networks. In order to support large scale networks, IETF has defined the Routing Protocol for Low power and Lossy Networks (RPL) to facilitate the multi-hop connectivity. In this paper, we provide an in-depth review of current research activities. Specifically, the large scale simulation development and performance evaluation under various objective functions and routing metrics are pioneering works in RPL study. The results are expected to serve as a reference for evaluating the effectiveness of routing solutions in large scale IoT use cases

A specification-based IDS for detecting attacks on RPL-based network topology

Routing Protocol for Low power and Lossy network (RPL) topology attacks can downgrade the network performance significantly by disrupting the optimal protocol structure. To detect such threats, we propose a RPL-specification, obtained by a semi-auto profiling technique that constructs a high-level abstract of operations through network simulation traces, to use as reference for verifying the node behaviors. This specification, including all the legitimate protocol states and transitions with corresponding statistics, will be implemented as a set of rules in the intrusion detection agents, in the form of the cluster heads propagated to monitor the whole network. In order to save resources, we set the cluster members to report related information about itself and other neighbors to the cluster head instead of making the head overhearing all the communication. As a result, information about a cluster member will be reported by different neighbors, which allow the cluster head to do cross-check. We propose to record the sequence in RPL Information Object (DIO) and Information Solicitation (DIS) messages to eliminate the synchronized issue created by the delay in transmitting the report, in which the cluster head only does cross-check on information that come from sources with the same sequence. Simulation results show that the proposed Intrusion Detection System (IDS) has a high accuracy rate in detecting RPL topology attacks, while only creating insignificant overhead (about 6.3%) that enable its scalability in large-scale network

Intrusion Detection System for detecting internal threats in 6LoWPAN

6LoWPAN (IPv6 over Low-power Wireless Personal Area Network) is a standard developed by the Internet Engineering Task Force group to enable the Wireless Sensor Networks to connect to the IPv6 Internet. This standard is rapidly gaining popularity for its applicability, ranging extensively from health care to environmental monitoring. Security is one of the most crucial issues that need to be considered properly in 6LoWPAN. Common 6LoWPAN security threats can come from external or internal attackers. Cryptographic techniques are helpful in protecting the external attackers from illegally joining the network. However, because the network devices are commonly not tampered-proof, the attackers can break the cryptography codes of such devices and use them to operate like an internal source. These malicious sources can create internal attacks, which may downgrade significantly network performance. Protecting the network from these internal threats has therefore become one of the centre security problems on 6LoWPAN. This thesis investigates the security issues created by the internal threats in 6LoWPAN and proposes the use of Intrusion Detection System (IDS) to deal with such threats. Our main works are to categorise the 6LoWPAN threats into two major types, and to develop two different IDSs to detect each of this type effectively. The major contributions of this thesis are summarised as below. First, we categorise the 6LoWPAN internal threats into two main types, one that focuses on compromising directly the network performance (performance-type) and the other is to manipulate the optimal topology (topology-type), to later downgrade the network service quality indirectly. In each type, we select some typical threats to implement, and assess their particular impacts on network performance as well as identify performance metrics that are sensitive in the attacked situations, in order to form the basis detection knowledge. In addition, on studying the topology-type, we propose several novel attacks towards the Routing Protocol for Low Power and Lossy network (RPL - the underlying routing protocol in 6LoWPAN), including the Rank attack, Local Repair attack and DIS attack. Second, we develop a Bayesian-based IDS to detect the performance-type internal threats by monitoring typical attacking targets such as traffic, channel or neighbour nodes. Unlike other statistical approaches, which have a limited view by just using a single metric to monitor a specific attack, our Bayesian-based IDS can judge an abnormal behaviour with a wiser view by considering of different metrics using the insightful understanding of their relations. Such wiser view helps to increase the IDS’s accuracy significantly. Third, we develop a Specification-based IDS module to detect the topology-type internal threats based on profiling the RPL operation. In detail, we generalise the observed states and transitions of RPL control messages to construct a high-level abstract of node operations through analysing the trace files of the simulations. Our profiling technique can form all of the protocol’s legal states and transitions automatically with corresponding statistic data, which is faster and easier to verify compare with other manual specification techniques. This IDS module can detect the topology-type threats quickly with a low rate of false detection. We also propose a monitoring architecture that uses techniques from modern technologies such as LTE (Long-term Evolution), cloud computing, and multiple interface sensor devices, to expand significantly the capability of the IDS in 6LoWPAN. This architecture can enable the running of both two proposed IDSs without much overhead created, to help the system to deal with most of the typical 6LoWPAN internal threats. Overall, the simulation results in Contiki Cooja prove that our two IDS modules are effective in detecting the 6LoWPAN internal threats, with the detection accuracy is ranging between 86 to 100% depends on the types of attacks, while the False Positive is also satisfactory, with under 5% for most of the attacks. We also show that the additional energy consumptions and the overhead of the solutions are at an acceptable level to be used in the 6LoWPAN environment

A specification-based IDS for detecting attacks on RPL-based network topology

Routing Protocol for Low power and Lossy network (RPL) topology attacks can downgrade the network performance significantly by disrupting the optimal protocol structure. To detect such threats, we propose a RPL-specification, obtained by a semi-auto profiling technique that constructs a high-level abstract of operations through network simulation traces, to use as reference for verifying the node behaviors. This specification, including all the legitimate protocol states and transitions with corresponding statistics, will be implemented as a set of rules in the intrusion detection agents, in the form of the cluster heads propagated to monitor the whole network. In order to save resources, we set the cluster members to report related information about itself and other neighbors to the cluster head instead of making the head overhearing all the communication. As a result, information about a cluster member will be reported by different neighbors, which allow the cluster head to do cross-check. We propose to record the sequence in RPL Information Object (DIO) and Information Solicitation (DIS) messages to eliminate the synchronized issue created by the delay in transmitting the report, in which the cluster head only does cross-check on information that come from sources with the same sequence. Simulation results show that the proposed Intrusion Detection System (IDS) has a high accuracy rate in detecting RPL topology attacks, while only creating insignificant overhead (about 6.3%) that enable its scalability in large-scale network

Wireless mesh networks for smart-grids

Tese de mestrado. Mestrado Integrado em Engenharia Electrotécnica e de Computadores - Major Telecomunicações. Faculdade de Engenharia. Universidade do Porto. 201