AuthorsP. Kaliyar, W. Ben Jaballah, M. Conti and C. Lal
TitleLiDL: Localization with early detection of sybil and wormhole attacks in IoT Networks
AfilliationSoftware Engineering
Project(s)Department of Validation Intelligence for Autonomous Software Systems
Publication TypeJournal Article
Year of Publication2020
JournalComputers and Security, Elsevier
Keywords6LoWPAN, Internet of things, IPv6, RPL, Security, Sybil attack, Wormhole attack

The Internet of Things (IoT) is recognized as a disruptive innovation that has been led by industry leaders and researchers. IoT promises to improve our daily life based on smart objects interacting with each other, and that can be connected to the Internet. Building a security framework into this new paradigm is a significant technical challenge today. It is mainly due to the low-cost and resource-constrained nature of IoT devices. In most of the IoT application scenarios, the routing is done by the de-facto standard protocol called routing protocol for low power and lossy networks (RPL). The use of RPL is suitable due to its energy-efficient schemes, availability of secure and multiple communication modes, and adaptivity to work in various IoT network scenarios. Hence, many researchers are now focusing on RPL related security issues. To this end, our work provides a concise description of two major threats to RPL called sybil and wormhole attacks. Moreover, we propose two solutions to detect these attacks in RPL-based IoT networks. Specifically, our proposed techniques exploit the concept of Highest Rank Common Ancestor (HRCA) to find a common ancestor with the highest rank among all the ancestors that a pair of nodes have in the target network tree. Our two detection algorithms not only detect an ongoing attack but also localizes the position of the adversary in the network. Thus, it makes the mitigation process lightweight and fast. We implement the two approaches in Cooja, the Contiki network emulator. The results obtained from our experiments demonstrate the feasibility of the proposals concerning true positive rate, detection time, packet loss ratio, memory consumption, and network overhead. Our techniques show promising to cover more complex scenarios in the future.

Citation Key27364

Contact person