Skip to main content
SpringerLink
Log in

Resilient against spoofing in 6LoWPAN networks by temporary-private IPv6 addresses

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

An attacker can disrupt the network operations in the 6LoWPANs by spoofing the IPv6 address while evading the detection. Despite many existing spoofing prevention techniques, spoofing threat still persists. Thus, it becomes necessary to devise a method which can offer resilience against spoofing by reducing the attack disruption time. This study aims at reducing IPv6 spoofing attack disruption time in 6LoWPANs. Hence, it provides the resiliency against IPv6 spoofing threat. The time complexity analysis of the attack tree for the spoofing attack is performed to analyze the attack disruption time. The analytical results show that attack disruption window is directly proportional to the lifetime of the node addresses. The lower lifetime of node addresses ensure the reduction of the attack disruption window. Thus, the use of temporary node addresses can be a solution for reducing the spoofing attack disruption window. Node’s IPv6 address can be changed periodically to dissociate a node from its permanent identity. Hence, an attacker has to re-perform the attack to gain significant benefits. Corrupted routing table as a result of spoofing attack and its countermeasure is simulated in Cooja running Contiki operating system. The length of the attack window depends upon the periodicity of the address change. The higher frequency of address change decreases the attack disruption time with an increase in the communication cost. Simulations have been performed to compare the optimum value of address change periodicity concerning the communication cost for two private addressing schemes proposed in the literature.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

References

  1. Airehrour D, Gutierrez J, Ray SK (2016) Secure routing for internet of things: a survey. J Netw Comput Appl 66:198–213

    Article  Google Scholar 

  2. Aura T (2005) Cryptographically Generated Addresses (CGA). RFC 3972 (Proposed Standard). http://www.ietf.org/rfc/rfc3972.txt. Updated by RFCs 4581, 4982

  3. Badonnel AR, Mayzaud IC (2017) A distributed monitoring strategy for detecting version number attacks in rpl-based networks. IEEE Trans Netw Serv Manag 14(2):472–486. https://doi.org/10.1109/TNSM.2017.2705290

    Article  Google Scholar 

  4. Barbir A, Murphy SL, Yang Y (2006) Generic Threats to Routing Protocols. Tech. Rep. 4593. https://doi.org/10.17487/RFC4593. https://rfc-editor.org/rfc/rfc4593.txt

  5. Camtepe SA, Yener B (2007) Modeling and detection of complex attacks. In: 2007 Third international conference on security and privacy in communications networks and the workshops - securecomm 2007, pp 234–243. https://doi.org/10.1109/SECCOM.2007.4550338

  6. Choi J, In Y, Park C, Seok S, Seo H, Kim H (2018) Secure iot framework and 2d architecture for end-to-end security. J Supercomput 74(8):3521–3535. https://doi.org/10.1007/s11227-016-1684-0

    Article  Google Scholar 

  7. Chze PLR, Leong KS (2014) A secure multi-hop routing for iot communication. In: 2014 IEEE World forum on internet of things (WF-iot), pp 428–432. https://doi.org/10.1109/WF-IoT.2014.6803204

  8. Dunkels A, Grȯnvall B, Voigt T (2004) Contiki - A lightweight and flexible operating system for tiny networked sensors. In: Proceedings - conference on local computer networks, LCN, pp 455–462. https://doi.org/10.1109/LCN.2004.38

  9. Ghosh U, Datta R (2011) A secure dynamic ip configuration scheme for mobile ad hoc networks. Ad Hoc Netw 9(7):1327–1342. https://doi.org/10.1016/j.adhoc.2011.02.008

    Article  Google Scholar 

  10. Gomez C, Kim E, Kaspar D, Bormann C (2012) Problem statement and requirements for IPv6 over low-power wireless personal area network (6LoWPAN) routing. RFC 6606, RFC Editor. https://tools.ietf.org/pdf/rfc6606.pdf

  11. Granjal J, Monteiro E, Silva JS (2010) Enabling network-layer security on ipv6 wireless sensor networks. In: 2010 IEEE Global telecommunications conference GLOBECOM 2010, pp 1–6. https://doi.org/10.1109/GLOCOM.2010.5684293

  12. Granjal J, Monteiro E, Silva JS (2015) Security for the internet of things: a survey of existing protocols and open research issues. IEEE Commun Surv Tutorials 17(3):1294–1312. https://doi.org/10.1109/COMST.2015.2388550

    Article  Google Scholar 

  13. Granjal J, Monteiro E, Silva JS (2015) Security in the integration of low-power wireless sensor networks with the internet: a survey. Ad Hoc Netw 24:264–287

    Article  Google Scholar 

  14. Gu T, Mohapatra P (2018) Bf-iot: Securing the iot networks via fingerprinting-based device authentication. In: 2018 IEEE 15Th international conference on mobile ad hoc and sensor systems (MASS), pp 254–262. https://doi.org/10.1109/MASS.2018.00047

  15. Halcu I, Stamatescu G, Sgarciu V (2015) Enabling security on 6lowpan / ipv6 wireless sensor networks. In: 2015 7Th international conference on electronics, computers and artificial intelligence (ECAI), pp SSS–29–SSS–32. https://doi.org/10.1109/ECAI.2015.7301201

  16. Hennebert C, Santos JD (2014) Security protocols and privacy issues into 6loWPAN stack: a synthesis. IEEE Internet J 1(5):384–398. https://doi.org/10.1109/JIOT.2014.2359538

    Article  Google Scholar 

  17. Hossain M, Karim Y, Hasan R (2018) Secupan: a security scheme to mitigate fragmentation-based network attacks in 6lowpan. In: Proceedings of the eighth ACM conference on data and application security and privacy. ACM, pp 307–318

  18. IEEE: Ieee 802.15.4 standard (2007) [Online] https://standards.ieee.org/about/get/802/802.15.html

  19. Ikram M, Chowdhury AH, Zafar B, Cha HS, Kim K, Yoo SW, Kim D (2009) A simple lightweight authentic bootstrapping protocol for ipv6-based low rate wireless personal area networks (6lowpans). In: Proceedings of the 2009 international conference on wireless communications and mobile computing: connecting the world wirelessly, IWCMC ’09. ACM, New York, pp 937–941. https://doi.org/10.1145/1582379.1582583

  20. Jara AJ, Marin L, Skarmeta AF, Singh D, Bakul G, Kim D (2011) Mobility modeling and security validation of a mobility management scheme based on ecc for ip-based wireless sensor networks (6lowpan). In: 2011 Fifth international conference on innovative mobile and internet services in ubiquitous computing. IEEE, pp 491–496

  21. Krentz KF, Rafiee H, Meinel C (2013) 6lowpan security: Adding compromise resilience to the 802.15.4 security sublayer. In: Proceedings of the international workshop on adaptive security, ASPI ’13. ACM, New York, pp 1:1–1:10. https://doi.org/10.1145/2523501.2523502

  22. Kushalnagar N, Montenegro G, Schumacher C (2007) Rfc 4919: Ipv6 over low-power wireless personal area networks (6lowpans): overview, assumptions, problem statement, and goals. IETF 31:45–75

    Google Scholar 

  23. Liu A, Ning P (2008) Tinyecc: a configurable library for elliptic curve cryptography in wireless sensor networks. In: Proceedings of the 7th international conference on information processing in sensor networks, IPSN ’08. IEEE Computer Society, Washington, pp 245–256. https://doi.org/10.1109/IPSN.2008.47

  24. Mavani M, Asawa K (2017) Modeling and analyses of ip spoofing attack in 6lowpan network. Comput Secur 70:95–110

    Article  Google Scholar 

  25. Mavani M, Asawa K (2018) Privacy enabled disjoint and dynamic address auto-configuration protocol for 6lowpan. Ad Hoc Netw 79:72–86. https://doi.org/10.1016/j.adhoc.2018.06.010. http://www.sciencedirect.com/science/article/pii/S1570870518303627

    Article  Google Scholar 

  26. Mayzaud A, Badonnel R, Chrisment I (2016) A taxonomy of attacks in rpl-based internet of things. Int J Netw Secur 18(3):459–473

    Google Scholar 

  27. Mishra A, Dixit A (2018) Resolving threats in iot: Id spoofing to ddos. In: 2018 9Th international conference on computing, communication and networking technologies (ICCCNT), pp 1–7. https://doi.org/10.1109/ICCCNT.2018.8493729

  28. Mavani M, Asawa K (2017) Privacy preserving ipv6 address auto-configuration for internet of things. In: Intelligent communication and computational technologies. Springer, pp 577–584

  29. Nikravan M, Movaghar A, Hosseinzadeh M (2019) A lightweight signcryption scheme for defense against fragment duplication attack in the 6lowpan networks. Peer-to-Peer Netw Appl 12(1):209–226. https://doi.org/10.1007/s12083-018-0659-8

    Article  Google Scholar 

  30. Oliveira LML, Rodrigues JJPC, Neto C, De sousa AF (2013) Network admission control solution for 6LoWPAN networks. Proceedings - 7th international conference on innovative mobile and internet services in ubiquitous computing, IMIS 2013, pp 472–477. https://doi.org/10.1109/IMIS.2013.85

  31. Osterlind F, Dunkels A, Eriksson J, Finne N, Voigt T (2006) Cross-level sensor network simulation with cooja. In: Proceedings 2006 31st IEEE conference on Local computer networks. IEEE, pp 641–648

  32. Park S, Kim K, Haddad W, Chakrabarti S, Laganier J (2011) Ipv6 over low power wpan security analysis. IETF. ID draft-daniel-610wpan-security-analysis-05. Retrieved 10 May 2016

  33. Pongle P, Chavan G (2015) A survey: attacks on rpl and 6lowpan in iot. In: 2015 International conference on pervasive computing (ICPC), pp 1–6. https://doi.org/10.1109/PERVASIVE.2015.7087034

  34. Qiu Y, Ma M (2015) An authentication and key establishment scheme to enhance security for m2m in 6lowpans. In: 2015 IEEE International conference on communication workshop (ICCW), pp 2671–2676. https://doi.org/10.1109/ICCW.2015.7247582

  35. Sarikaya B, Thubert P (2016) Address protected neighbor discovery for low-power and lossy networks. Internet-Draft draft-sarikaya-6lo-ap-nd-02, IETF Secretariat. http://www.ietf.org/internet-drafts/draft-sarikaya-6lo-ap-nd-02.txt

  36. Shelby C, Nordmark B (2012) Neighbor Discovery Optimization for IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs). RFC 6775, RFC Editor. http://www.rfc-editor.org/rfc/rfc6775.txt

  37. Simon DEA tunslip6 utility. https://github.com/contiki-os/contiki/blob/master/tools

  38. Vasseur JP, Dunkels A (2010) Interconnecting smart objects with ip: The next internet. Morgan Kaufmann, San Mateo

    Chapter  Google Scholar 

  39. Wang X, Mu Y (2015) Addressing and privacy support for 6lowpan. IEEE Sens J 15(9):5193–5201. https://doi.org/10.1109/JSEN.2015.2438002

    Article  Google Scholar 

  40. Wilhelm M, Martinovic I, Uzun E, Schmitt JB (2010) Sudoku: Secure and usable deployment of keys on wireless sensors. In: 2010 6Th IEEE workshop on secure network protocols, pp 1–6. https://doi.org/10.1109/NPSEC.2010.5634458

  41. Winter T, Brandt H (2012) RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks. RFC 6550, RFC Editor. http://www.rfc-editor.org/rfc/rfc6550.txt

  42. Xiong K, Zhang Y, Zhang Z, Wang S, Zhong Z (2014) Pa-nemo: Proxy mobile ipv6-aided network mobility management scheme for 6lowpan. Elektron Elektrotechn 20(3):98–103

    Google Scholar 

  43. Yu H, He J (2012) Trust-based mutual authentication for bootstrapping in 6lowpan. JCM 7(8):634–642

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Jaypee Institute of Information Technology, Noida, India

    Monali Mavani & Krishna Asawa

Authors
  1. Monali Mavani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Krishna Asawa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Monali Mavani.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Mavani, M., Asawa, K. Resilient against spoofing in 6LoWPAN networks by temporary-private IPv6 addresses. Peer-to-Peer Netw. Appl. 13, 333–347 (2020). https://doi.org/10.1007/s12083-019-00792-6

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-019-00792-6

Keywords

Search

Navigation