Reduced overhead routing in short-range low-power and lossy wireless networks

In this paper we present enhanced routing protocol for low-lower and lossy networks (ERPL), a reduced overhead routing protocol for short-range low-power and lossy wireless networks, based on RPL. ERPL enhances peer-to-peer (P2P) route construction and data packet forwarding in RPL’s storing and non-storing modes of operation (MoPs). In order to minimize source routing overhead, it encodes routing paths in Bloom Filters (BF). The salient features of ERPL include the following: (i) optimized P2P routing and data forwarding; (ii) no additional control messages; and (iii) minimized source routing overhead. We extensively evaluated ERPL against RPL using emulation, simulation, and physical test-bed based experiments. Our results demonstrate that ERPL outperforms standard RPL in P2P communication and its optimized P2P route construction and data forwarding algorithms also positively impact the protocol’s performance in multi-point to point (MP2P) and point to multi-point (P2MP) communications. Our results demonstrate that the BF-based approach towards compressed source routing information is feasible for the kinds of networks considered in this paper. The BF-based approach results in 65% lower source routing control overhead compared to RPL. Our results also provide new insights into the performance of MP2P, P2MP, and P2P communications relative to RPL’s destination-oriented directed a-cyclic graph (DODAG) depth, i.e., a deeper DODAG negatively impacts the performance of MP2P and P2MP communications, however it positively impacts P2P communication, while the reverse holds true for a relatively shallow DODAG

Security techniques for sensor systems and the Internet of Things

Sensor systems are becoming pervasive in many domains, and are recently being generalized by the Internet of Things (IoT). This wide deployment, however, presents significant security issues. We develop security techniques for sensor systems and IoT, addressing all security management phases. Prior to deployment, the nodes need to be hardened. We develop nesCheck, a novel approach that combines static analysis and dynamic checking to efficiently enforce memory safety on TinyOS applications. As security guarantees come at a cost, determining which resources to protect becomes important. Our solution, OptAll, leverages game-theoretic techniques to determine the optimal allocation of security resources in IoT networks, taking into account fixed and variable costs, criticality of different portions of the network, and risk metrics related to a specified security goal. Monitoring IoT devices and sensors during operation is necessary to detect incidents. We design Kalis, a knowledge-driven intrusion detection technique for IoT that does not target a single protocol or application, and adapts the detection strategy to the network features. As the scale of IoT makes the devices good targets for botnets, we design Heimdall, a whitelist-based anomaly detection technique for detecting and protecting against IoT-based denial of service attacks. Once our monitoring tools detect an attack, determining its actual cause is crucial to an effective reaction. We design a fine-grained analysis tool for sensor networks that leverages resident packet parameters to determine whether a packet loss attack is node- or link-related and, in the second case, locate the attack source. Moreover, we design a statistical model for determining optimal system thresholds by exploiting packet parameters variances. With our techniques\u27 diagnosis information, we develop Kinesis, a security incident response system for sensor networks designed to recover from attacks without significant interruption, dynamically selecting response actions while being lightweight in communication and energy overhead