A Specification-Based IDS for Detecting Attacks on RPL-Based Network Topology

Le, Anhtuan; Loo, Jonathan; Chai, Kok Keong; Aiash, Mahdi

doi:10.3390/info7020025

Cited by 161 publications

(98 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A malicious node can apply the neighbor attack by retransmitting the routing control messages it hears [27]. This behavior causes neighbor nodes to think that the source of the control message is close to them and take actions accordingly.…”

Section: D/dos Attacks To the Network Layermentioning

confidence: 99%

“…Similar to the global repair, the local repair mechanism of RPL can be the target of a D/DoS attack called local repair [27,29]. Local repair is an alternative repair solution of RPL which aims to solve the local inconsistencies and issues and cost less than the global repair mechanism since it involves a smaller portion of the network.…”

Section: D/dos Attacks To the Network Layermentioning

confidence: 99%

“…DIS messages are used in RPL when a new node wants to join the network and therefore asking for information about the RPL network. Attackers can send unnecessary DIS messages in DIS attacks [27], which causes the neighboring nodes to reset their DIO timers and send DIO messages frequently. Thus, the attacker forces nodes to generate redundant control messages and consume more power.…”

Section: D/dos Attacks To the Network Layermentioning

confidence: 99%

“…Le et al proposed a specification-based IDS [27] which is based on their previous work [29]. Their IDS targets rank, sinkhole, local repair, neighbor and DIS attacks.…”

Section: Intrusion Detection Systems Proposed For Internet Of Thingsmentioning

confidence: 99%

“…However malicious nodes may use rank in various ways to apply D/DoS attacks. In [27] and [28], an attacker node selects the neighbor with worst rank as a preferred parent instead of choosing the one with the best rank. Thus an inefficient DODAG is created which causes delays and an increased number of control messages.…”

Section: D/dos Attacks To the Network Layermentioning

confidence: 99%

See 4 more Smart Citations

Security of Internet of Things for a Reliable Internet of Services

Arış

Oktuğ

Voigt

2018

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. The Internet of Things (IoT) consists of resource-constrained devices (e.g., sensors and actuators) which form low power and lossy networks to connect to the Internet. With billions of devices deployed in various environments, IoT is one of the main building blocks of future Internet of Services (IoS). Limited power, processing, storage and radio dictate extremely efficient usage of these resources to achieve high reliability and availability in IoS. Denial of Service (DoS) and Distributed DoS (DDoS) attacks aim to misuse the resources and cause interruptions, delays, losses and degrade the offered services in IoT. DoS attacks are clearly threats for availability and reliability of IoT, and thus of IoS. For highly reliable and available IoS, such attacks have to be prevented, detected or mitigated autonomously. In this study, we propose a comprehensive investigation of Internet of Things security for reliable Internet of Services. We review the characteristics of IoT environments, cryptography-based security mechanisms and D/DoS attacks targeting IoT networks. In addition to these, we extensively analyze the intrusion detection and mitigation mechanisms proposed for IoT and evaluate them from various points of view. Lastly, we consider and discuss the open issues yet to be researched for more reliable and available IoT and IoS.

show abstract

Section: D/dos Attacks To the Network Layermentioning

confidence: 99%

Section: D/dos Attacks To the Network Layermentioning

confidence: 99%

Section: D/dos Attacks To the Network Layermentioning

confidence: 99%

“…Le et al proposed a specification-based IDS [27] which is based on their previous work [29]. Their IDS targets rank, sinkhole, local repair, neighbor and DIS attacks.…”

Section: Intrusion Detection Systems Proposed For Internet Of Thingsmentioning

confidence: 99%

Section: D/dos Attacks To the Network Layermentioning

confidence: 99%

See 3 more Smart Citations

Security of Internet of Things for a Reliable Internet of Services

Arış

Oktuğ

Voigt

2018

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

A novel scheme based on coarse‐grained localization and fine‐grained isolation for defending against Sybil attack in low power and lossy networks

Tong

Zhang

Zhu

et al. 2023

Asian Journal of Control

View full text Add to dashboard Cite

Due to the lack of security mechanisms and sensor resources, the IPv6 Routing Protocol for Low power and Lossy networks (RPL) is vulnerable to various attacks, among which Sybil attack has received a lot of attention. This paper proposes a novel scheme based on coarse‐grained localization and fine‐grained isolation (CLFI) for defending Sybil attack. In CLFI, normal neighbor nodes are identified based on received signal strength indicator (RSSI). To further identify Sybil nodes, a physical address identifier called is defined, which is calculated as the difference of RSSI at two different receivers when they are receiving the same packet. In order to facilitate the calculation of , a set of anchor nodes are deployed to broadcast the received RPL control packets. Then Sybil behaviors can be detected by comparing the physical address identifier with the logical address embedded in the received packets. The proposed CLFI scheme has been completely implemented in the Contiki operating system. The extensive evaluation in comparison with the state‐of‐the‐art scheme indicates that CLFI can quickly localize and isolate Sybil nodes.

show abstract

Future IoT‐enabled threats and vulnerabilities: State of the art, challenges, and future prospects

Srivastava

Gupta

Quamara

et al. 2020

Int J Communication

View full text Add to dashboard Cite

SummaryIn the recent era, the security issues affecting the future Internet‐of‐Things (IoT) standards has fascinated noteworthy consideration from numerous research communities. In this view, numerous assessments in the form of surveys were proposed highlighting several future IoT‐centric subjects together with threat modeling, intrusion detection systems (IDS), and various emergent technologies. In contrast, in this article, we have focused exclusively on the emerging IoT‐related vulnerabilities. This article is a multi‐fold survey that emphasizes on understanding the crucial causes of novel vulnerabilities in IoT paradigms and issues in existing research. Initially, we have emphasized on different layers of IoT architecture and highlight various emerging security challenges associated with each layer along with the key issues of different IoT systems. Secondly, we discuss the exploitation, detection, and defense methodologies of IoT malware‐enabled distributed denial of service (DDoS), Sybil, and collusion attack capabilities. We have also discussed numerous state‐of‐the‐art strategies for intrusion detection and methods for IDS setup in future IoT systems. Third, we have presented a brief classification of existing IoT authentication protocols and a comparative analysis of such protocols based on different IoT‐enabled cyber attacks. For conducting a real‐time future IoT research, we have presented some emerging blockchain solutions. We have also discussed a comparative examination of some of the recently developed simulation tools and IoT test beds that are characterized based on different layers of IoT infrastructure. We have also outlined some of the open issues and future research directions and also facilitate the readers with broad classification of existing surveys in this domain that addresses several scopes related to the IoT paradigm. This survey article focuses in enabling IoT‐related research activities by comparing and merging scattered surveys in this domain.

show abstract

A Specification-Based IDS for Detecting Attacks on RPL-Based Network Topology

Cited by 161 publications

References 11 publications

Security of Internet of Things for a Reliable Internet of Services

Security of Internet of Things for a Reliable Internet of Services

A novel scheme based on coarse‐grained localization and fine‐grained isolation for defending against Sybil attack in low power and lossy networks

Future IoT‐enabled threats and vulnerabilities: State of the art, challenges, and future prospects

Contact Info

Product

Resources

About