A Distributed and Cooperative Verification Mechanism to Defend against DODAG Version Number Attack in RPL

Firoz Ahmed, Young-Bae Ko

Abstract

To design a routing protocol for Low-power and Lossy Networks (LLNs), the IETF developed RPL (Routing Protocol for Low-power and lossy network) which is novel, standard and light weight routing protocol standardized for constrained environment and does not have the functionality like of traditional routing protocols. Providing security in RPL is still challenging as the devices are connected to the vulnerable Internet, limited resources, and the communication links are lossy. Therefore, an attacker can easily exploit the functionalities of RPL protocol. RPL exposed to a variety of attacks. One of the most inconsistency topological attacks is DODAG version number attack. In this paper, we proposed a distributed and cooperative verification mechanism to securely defend against the DODAG version number attack with low control overhead and high reliability. Simulation results show that the proposed approach defends DODAG version number attack reliably and reduces control overhead significantly.

References

  1. Chugh, K., Lasebae, A. and Loo, J., 2012. Case Study of a Black Hole Attack on 6LoWPAN-RPL. SECURWARE 2012, The Sixth International Conference on Emerging Security Information, Systems and Technologies, (c), pp.157-162.
  2. Dunkels, A., 2011. The ContikiMAC Radio Duty Cycling Protocol. SICS Technical Report T2011:13 , ISSN 1100-3154, pp.1-11. Available at: http://dunkels.com /adam/dunkels11contikimac.pdf.
  3. Dunkels, A., Grönvall, B. and Voigt, T., 2004. Contiki - A lightweight and flexible operating system for tiny networked sensors. Proceedings - Conference on Local Computer Networks, LCN, pp.455-462.
  4. Dvir, A., Holczer, T. and Buttyan, L., 2011. VeRA - Version number and rank authentication in RPL. In Proceedings - 8th IEEE International Conference on Mobile Ad-hoc and Sensor Systems, MASS 2011. IEEE, pp. 709-714. Available at: http://ieeexplore.ieee .org/lpdocs/epic03/wrapper.htm?arnumber=6076674 [Accessed May 8, 2016].
  5. Kushalnagar, N. C., Montenegro, G. (Microsoft C. and Schumacher, C.A., 2007. RFC4919: IPv6 over LowPower Wireless Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals. Request for Comments: 4919, pp.1-12. Available at: https://tools.ietf.org/html/rfc 4919 [Accessed May 8, 2016].
  6. Le, A. et al., 2011. Specification-based IDS for securing RPL from topology attacks. In 2011 IFIP Wireless Days (WD). IEEE, pp. 1-3. Available at: http://ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm? arnumber=6098218 [Accessed May 8, 2016].
  7. Le, A. et al., 2013. The impact of rank attack on network topology of routing protocol for low-power and lossy networks. IEEE Sensors Journal, 13(10), pp.3685- 3692. Available at: http://ieeexplore.ieee.org/lpdocs/ep ic03/wrapper.htm?arnumber=6525333 [Accessed May 8, 2016].
  8. Levis, P. et al., 2004. Trickle: a self-regulating algorithm for code propagation and maintenance in wireless sensor networks. Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1, pp.2-2.
  9. Mayzaud, A. et al., 2014. A study of RPL DODAG version attacks. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Springer Berlin Heidelberg, pp. 92-104. Available at: http://link.springer.com/10.1007/978-3-662-43862-6_ 12 [Accessed May 8, 2016].
  10. Mayzaud, A. et al., 2015. Mitigation of topological inconsistency attacks in RPL-based low-power lossy networks. International Journal of Network Management, 25(5), pp.320-339. Available at: http://doi.wiley.com/10.1002/nem.1898 [Accessed May 8, 2016].
  11. Österlind, F. et al., 2006. Cross-level sensor network simulation with COOJA. In Proceedings - Conference on Local Computer Networks, LCN. IEEE, pp. 641- 648. Available at: http://ieeexplore.ieee.org/lpdocs /epic03/wrapper.htm?arnumber=4116633 [Accessed May 8, 2016].
  12. Perrey, H. et al., 2013. TRAIL: Topology Authentication in RPL. 2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp.73-74. Available at: http://ieeexplore.ieee.org/lp docs/epic03/wrapper.htm?arnumber=6970745 [Accessed May 8, 2016].
  13. Pongle, P. and Chavan, G., 2015. A survey: Attacks on RPL and 6LoWPAN in IoT. 2015 International Conference on Pervasive Computing: Advance Communication Technology and Application for Society, ICPC 2015, 00(c), pp.0-5.
  14. Raza, S., Wallgren, L. and Voigt, T., 2013. SVELTE: Real-time intrusion detection in the Internet of Things. Ad Hoc Networks, 11(8), pp.2661-2674. Available at: http://linkinghub.elsevier.com/retrieve/pii/S15708705 13001005 [Accessed May 8, 2016].
  15. T Matsunaga, K Toyoda, I.S., 2015. Low false alarm attackers detection in RPL by considering timing inconstancy between the rank measurements. IEICE Communications Express, 4(2), pp.44-49.
  16. Tsao, T. et al., 2015. A Security Threat Analysis for the Routing Protocol for Low-Power and Lossy Networks (RPLs). , (7416). Available at: http://www.ietf.org/r fc/rfc7416.txt [Accessed May 8, 2016].
  17. Weekly, K. and Pister, K., 2012. Evaluating sinkhole defense techniques in RPL networks. In Proceedings - International Conference on Network Protocols, ICNP. IEEE, pp. 1-6. Available at: http://ieeexplore .ieee.org/lpdocs/epic03/wrapper.htm?arnumber=64599 48 [Accessed May 8, 2016].
  18. Winter, T. et al., 2012. 01 RFC6550 RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks. Internet Engineering Task Force (IETF), Request for Comments?: 6550, ISSN:2070-1721, pp.1-157. Available at: https://datatracker.ietf.org/doc/rfc6550/.
Download


Paper Citation


in Harvard Style

Ahmed F. and Ko Y. (2016). A Distributed and Cooperative Verification Mechanism to Defend against DODAG Version Number Attack in RPL . In Proceedings of the 6th International Joint Conference on Pervasive and Embedded Computing and Communication Systems - Volume 1: PEC, (PECCS 2016) ISBN 978-989-758-195-3, pages 55-62. DOI: 10.5220/0005930000550062


in Bibtex Style

@conference{pec16,
author={Firoz Ahmed and Young-Bae Ko},
title={A Distributed and Cooperative Verification Mechanism to Defend against DODAG Version Number Attack in RPL},
booktitle={Proceedings of the 6th International Joint Conference on Pervasive and Embedded Computing and Communication Systems - Volume 1: PEC, (PECCS 2016)},
year={2016},
pages={55-62},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005930000550062},
isbn={978-989-758-195-3},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 6th International Joint Conference on Pervasive and Embedded Computing and Communication Systems - Volume 1: PEC, (PECCS 2016)
TI - A Distributed and Cooperative Verification Mechanism to Defend against DODAG Version Number Attack in RPL
SN - 978-989-758-195-3
AU - Ahmed F.
AU - Ko Y.
PY - 2016
SP - 55
EP - 62
DO - 10.5220/0005930000550062