Denial-of-Service attacks on 6LoWPAN-RPL networks: Issues and practical solutions
RPL (Routing Protocol for Low-power and lossy networks) is a specific routing protocol designed to optimize 6LoWPAN (IPv6 over Low power Wireless Personal Area Network) operation. As 6LoWPAN suffers from resource constraints on battery, processor, memory and bandwidth, it affects the performance of the RPL protocol. From security point of view, this will make RPL vulnerable to several threats directly or indirectly. Thus, cryptographic systems are not sufficient to protect the RPL from internal attacks; a compromised node from the network may cause undesired operation without being detected by these systems. An intrusion detection system (IDS) should be used, but it is not easy given the nature of 6LoWPAN; on a side its resource constraints, and on the other side its opening to the outside world through the Internet.
In this paper we focus on denial of service (DoS) attacks, we determine the elements to be taken into account in selecting a compatible IDS and we give some solutions that we consider effective and valid for 6LoWPAN-RPL based networks
Keywords: RPL, ROLL, 6LoWPAN, IDS, DoS, Network security.
J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of Things (IoT): A vision, architectural elements, and future directions,” Future Gener. Comput. Syst., vol. 29, no. 7, pp. 1645–1660, Sep. 2013.
G. Yang and F. Li, “Investigation of Security and Defense System for Home Based on Internet of Things,” in 2010 International Conference on Web Information Systems and Mining (WISM), 2010, vol. 2, pp. 8–12.
G. Shen and B. Liu, “The visions, technologies, applications and security issues of Internet of Things,” in 2011 International Conference on E -Business and E -Government (ICEE), 2011, pp. 1–4.
C. P. P. Schumacher, N. Kushalnagar, and G. Montenegro, “IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals.” [Online]. Available: https://tools.ietf.org/html/rfc4919.
N. Kushalnagar, G. Montenegro, D. E. Culler, and J. W. Hui, “Transmission of IPv6 Packets over IEEE 802.15.4 Networks.” [Online]. Available: http://tools.ietf.org/html/rfc4944.
J. A. Gutierrez, M. Naeve, E. Callaway, M. Bourgeois, V. Mitter, and B. Heile, “IEEE 802.15.4: a developing standard for low-power low-cost wireless personal area networks,” IEEE Netw., vol. 15, no. 5, pp. 12–19, Sep. 2001.
T. W. , “RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks.” [Online]. Available: http://tools.ietf.org/html/rfc6550.
A. Rghioui, M. Bouhorma, and A. Benslimane, “Analytical study of security aspects in 6LoWPAN networks,” in 2013 5th International Conference on Information and Communication Technology for the Muslim World (ICT4M), 2013, pp. 1–5.
R. K. Alexander, M. Richardson, T. Tsao, V. Daza, A. Lozano, and M. Dohler, “A Security Threat Analysis for Routing Protocol for Low-power and lossy networks (RPL).” [Online]. Available: http://tools.ietf.org/html/draft-ietf-roll-security-threats-07.
A. Wood and J. . Stankovic, “Denial of service in sensor networks,” Computer, vol. 35, no. 10, pp. 54–62, Oct. 2002.
A. Le, J. Loo, A. Lasebae, M. Aiash, and Y. Luo, “6LoWPAN: a study on QoS security threats and countermeasures using intrusion detection system approach,” Int. J. Commun. Syst., vol. 25, no. 9, pp. 1189–1212, Sep. 2012.
D. Kyriazis, T. Varvarigou, A. Rossi, D. White, and J. Cooper, “Sustainable smart city IoT applications: Heat and electricity management amp; Eco-conscious cruise control for public transportation,” in World of Wireless, Mobile and Multimedia Networks (WoWMoM), 2013 IEEE 14th International Symposium and Workshops on a, 2013, pp. 1–5.
S. Chakrabarti, Z. Shelby, and E. Nordmark, “Neighbor Discovery Optimization for IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs).” [Online]. Available: http://tools.ietf.org/html/rfc6775.
T. Narten, W. A. Simpson, E. Nordmark, and H. Soliman, “Neighbor Discovery for IP version 6 (IPv6).” [Online]. Available: https://tools.ietf.org/html/rfc4861.
M. Felsche, A. Huhn, and H. Schwetlick, “Routing Protocols for 6LoWPAN,” in IT Revolutions, M. L. Reyes, J. M. F. Arias, J. J. G. de la Rosa, J. Langer, F. J. B. Outeiriño, and A. Moreno-Munñoz, Eds. Springer Berlin Heidelberg, 2012, pp. 71–83.
G. K. Ee, C. K. Ng, N. K. Noordin, and B. M. Ali, “A Review of 6LoWPAN Routing Protocols,” Proc. Asia-Pac. Adv. Netw., vol. 30, no. 0, pp. 71–81, Dec. 2010.
V. Kumar and S. Tiwari, “Routing in IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN): A Survey,” J. Comput. Netw. Commun., vol. 2012, p. e316839, Mar. 2012.
J. Martocci, P. Mil, N. Riou, and W. Vermeylen, “Building Automation Routing Requirements in Low-Power and Lossy Networks.” [Online]. Available: http://tools.ietf.org/html/rfc5867.
A. Brandt and J. Buron, “Home Automation Routing Requirements in Low-Power and Lossy Networks.” [Online]. Available: http://tools.ietf.org/html/rfc5826.
S. Dwars, T. Phinney, and P. Thubert, “Industrial Routing Requirements in Low-Power and Lossy Networks.” [Online]. Available: http://tools.ietf.org/html/rfc5673.
M. Dohler, D. Barthel, T. Watteyne, and T. Winter, “Routing Requirements for Urban Low-Power and Lossy Networks.” [Online]. Available: http://tools.ietf.org/html/rfc5548.
M. J. Handley and E. Rescorla, “Internet Denial-of-Service Considerations.” [Online]. Available: http://tools.ietf.org/html/rfc4732.
A. P. R. da Silva, M. H. T. Martins, B. P. S. Rocha, A. A. F. Loureiro, L. B. Ruiz, and H. C. Wong, “Decentralized Intrusion Detection in Wireless Sensor Networks,” in Proceedings of the 1st ACM International Workshop on Quality of Service &Amp; Security in Wireless and Mobile Networks, New York, NY, USA, 2005, pp. 16–23.