Abstract
In the Routing Protocol for Low-power Lossy Networks (RPL), DODAG Information Object (DIO) control messages are sent by the network nodes to propagate the routing information to other nodes in the network. A malicious node can utilize this RPL protocol behavior to perform the copycat attack by eavesdropping DIO messages of its neighbor nodes and later replaying the eavesdropped DIO message multiple times with fixed interval. In this paper, we show that copycat attack severely degrades the performance of Low Power and Lossy Networks (LLNs). To address copycat attacks, we propose an Intrusion Detection System (IDS) that detects the attackers in very less time and with high accuracy. The proposed IDS is based on the idea of Outlier Detection (OD). To the best of our knowledge, our proposed IDS is the first RPL specific IDS that utilizes OD for performing intrusion detection in LLNs.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Airehrour, D., Gutierrez, J.A., Ray, S.K.: SecTrust-RPL: a secure trust-aware RPL routing protocol for Internet of things. Future Gener. Comput. Syst. 93, 860–876 (2018)
Barnett, V., Lewis, T.: Outliers in Statistical Data. Wiley, New York (1974)
Ben-Gal, I.: Outlier detection. In: Maimon, O., Rokach, L. (eds.) Data Mining and Knowledge Discovery Handbook, pp. 131–146. Springer, Boston (2005)
Bostani, H., Sheikhan, M.: Hybrid of anomaly-based and specification-based IDS for Internet of things using unsupervised OPF based on MapReduce approach. Comput. Commun. 98, 52–71 (2017)
Ghaleb, B., Al-Dubai, A., Ekonomou, E., Qasem, M., Romdhani, I., Mackenzie, L.: Addressing the DAO insider attack in RPL’s Internet of things networks. IEEE Commun. Lett. 23(1), 68–71 (2018)
Hui, J.W., Culler, D.E.: Extending IP to low-power, wireless personal area networks. IEEE Internet Comput. 12(4), 37–45 (2008)
Mayzaud, A., Badonnel, R., Chrisment, I.: Detecting version number attacks using a distributed monitoring architecture. In: Proceedings of IEEE/IFIP/In Association with ACM SIGCOMM International Conference on Network and Service Management (CNSM 2016), pp. 127–135 (2016)
Mayzaud, A., Badonnel, R., Chrisment, I.: A distributed monitoring strategy for detecting version number attacks in RPL-based networks. IEEE Trans. Netw. Serv. Manag. 14(2), 472–486 (2017)
Mayzaud, A., Sehgal, A., Badonnel, R., Chrisment, I., Schönwälder, J.: A study of RPL DODAG version attacks. In: LNCS (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 8508, pp. 92–104 (2014)
Mayzaud, A., Sehgal, A., Badonnel, R., Chrisment, I., Schönwälder, J.: Using the RPL protocol for supporting passive monitoring in the Internet of things. In: Proceedings of the NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, pp. 366–374 (2016)
Raoof, A., Matrawy, A., Lung, C.: Routing attacks and mitigation methods for RPL-based internet of things. IEEE Commun. Surv. Tutorials 21(2), 1582–1606 (2019)
Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in the internet of things. Ad Hoc Networks 11(8), 2661–2674 (2013)
Thulasiraman, P., Wang, Y.: A lightweight trust-based security architecture for RPL in Mobile IoT Networks. In: 16th IEEE Annual Consumer Communications & Networking Conference (CCNC), pp. 1–6. IEEE (2019)
Tsao, T., Alexander, R., Dohler, M., Daza, V., Lozano, A., Richardson, M.: A security threat analysis for the routing protocol for low-power and lossy networks (RPLs). Technical report (2015)
Verma, A., Ranga, V.: Addressing flooding attacks in IPv6-based low power and lossy networks. In: IEEE Region 10 Conference (TENCON), pp. 552–557, October 2019
Verma, A., Ranga, V.: Mitigation of DIS flooding attacks in RPL-based 6LoWPAN networks. Trans. Emerg. Telecommun. Technol. 31, e3802 (2020)
Verma, A., Ranga, V.: ELNIDS: ensemble learning based network intrusion detection system for RPL based Internet of things. In: 4th International Conference on Internet of Things: Smart Innovation and Usages (IoT-SIU), pp. 1–6. IEEE (2019)
Verma, A., Ranga, V.: Evaluation of network intrusion detection systems for RPL based 6LoWPAN networks in IoT. Wirel. Pers. Commun. 108(3), 1571–1594 (2019)
Wallgren, L., Raza, S., Voigt, T.: Routing attacks and countermeasures in the RPL-based Internet of things. Int. J. Distrib. Sens. Netw. 9(8), 794326 (2013)
Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, J.P., Alexander, R.: RPL: IPv6 routing protocol for low-power and lossy networks. Technical report (2012)
Acknowledgment
This research was supported by the Ministry of Human Resource Development, Government of India.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Verma, A., Ranga, V. (2020). Addressing Copycat Attacks in IPv6-Based Low Power and Lossy Networks. In: Arai, K., Kapoor, S., Bhatia, R. (eds) Intelligent Computing. SAI 2020. Advances in Intelligent Systems and Computing, vol 1229. Springer, Cham. https://doi.org/10.1007/978-3-030-52246-9_31
Download citation
DOI: https://doi.org/10.1007/978-3-030-52246-9_31
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-52245-2
Online ISBN: 978-3-030-52246-9
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)