Securing communication in 6LoWPAN with compressed IPsec

Raza, Shahid; Duquennoy, Simon; Chung, Tony; Yazar, Dogan; Voigt, Thiemo; Roedig, Utz

doi:10.1109/dcoss.2011.5982177

Cited by 180 publications

(98 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The 6LoWPAN does not ensure end-to-end protection between an IP sensor node and the Internet which makes it vulnerable to eavesdropping/spoofing and man in the middle attacks. These can be prevented by IPsec which defines a set of protocols to enable the authentication and encryption of each IP packet at the network layer [45]. The most common attack in the category of threats arising from the Internet is the botnet attack where data is forged by the botnet network and the wrong data is sent to the user node.…”

Section: Attacks and Security Mechanisms For Adaptation And Network mentioning

confidence: 99%

“…Authentication attack Network access control framework [44] PS Provides the node identification, but only enables one border router; Not implemented yet; Man in the middle, Eavesdropping/spoofing IPsec (AH and EPS) [45] PS Provides end-to-end secure communication; Pre-shared keys mechanism is not very flexible; Botnet attack Bot analysis module [46] IDS Good detection rates for large number of nodes; Decreased network performance and large overhead; RPL Selective forwarding attack Lightweight Heartbeat [48] IDS It has to be combined with IPsec to detect attack; No defense is provided after the attack is detected; Resilient techniques [51] PS Improved delivery ratio, but an increase in energy consumption; Spoofed/altered inf., sinkhole, selective forwarding SVELTE [50] IDS SVELTEs overhead is small enough; The true positive rate is not 100% due to some false alarms; Sinkhole attack IDS solution [52] IDS IPsec and bidirectional communication are necessary. Parent fail-over & rank authentication [53] …”

Section: Psmentioning

confidence: 99%

See 1 more Smart Citation

A Survey of Potential Security Issues in Existing Wireless Sensor Network Protocols

Tomić

McCann

2017

IEEE Internet Things J.

217

110

View full text Add to dashboard Cite

Abstract-The increasing pervasiveness of Wireless Sensor Networks (WSNs) in diverse application domains including critical infrastructure systems, sets an extremely high security bar in the design of WSN systems to exploit their full benefits, increasing trust while avoiding loss. Nevertheless, a combination of resource restrictions and the physical exposure of sensor devices inevitably cause such networks to be vulnerable to security threats, both external and internal. While several researchers have provided a set of open problems and challenges in WSN security and privacy, there is a gap in the systematic study of the security implications arising from the nature of existing communication protocols in WSNs. Therefore, we have carried out a deep-dive into the main security mechanisms and their effects on the most popular protocols and standards used in WSN deployments i.e. IEEE 802.15.4, B-MAC, 6LoWPAN, RPL, BCP, CTP, and CoAP, where potential security threats and existing countermeasures are discussed at each layer of WSN stack. This work culminates in a deeper analysis of network layer attacks deployed against the RPL routing protocol. We quantify the impact of individual attacks on the performance of a network using the Cooja network simulator. Finally, we discuss new research opportunities in network layer security and how to use Cooja as a benchmark for developing new defenses for WSN systems.

show abstract

Section: Attacks and Security Mechanisms For Adaptation And Network mentioning

confidence: 99%

Section: Psmentioning

confidence: 99%

A Survey of Potential Security Issues in Existing Wireless Sensor Network Protocols

Tomić

McCann

2017

IEEE Internet Things J.

217

110

View full text Add to dashboard Cite

show abstract

“…If the routing path has a malicious node, then the security of the messages routed through this path cannot be guaranteed. In addition to this, IEEE 802.15.4 PHY and Link Layer Security works only in the IoT -Access Network Layer in our generic architecture and when messages leave this layer and enter the Internet, they are no more protected [40].…”

Section: Which Security Solution To Use?mentioning

confidence: 99%

Security of Internet of Things for a Reliable Internet of Services

Arış

Oktuğ

Voigt

2018

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. The Internet of Things (IoT) consists of resource-constrained devices (e.g., sensors and actuators) which form low power and lossy networks to connect to the Internet. With billions of devices deployed in various environments, IoT is one of the main building blocks of future Internet of Services (IoS). Limited power, processing, storage and radio dictate extremely efficient usage of these resources to achieve high reliability and availability in IoS. Denial of Service (DoS) and Distributed DoS (DDoS) attacks aim to misuse the resources and cause interruptions, delays, losses and degrade the offered services in IoT. DoS attacks are clearly threats for availability and reliability of IoT, and thus of IoS. For highly reliable and available IoS, such attacks have to be prevented, detected or mitigated autonomously. In this study, we propose a comprehensive investigation of Internet of Things security for reliable Internet of Services. We review the characteristics of IoT environments, cryptography-based security mechanisms and D/DoS attacks targeting IoT networks. In addition to these, we extensively analyze the intrusion detection and mitigation mechanisms proposed for IoT and evaluate them from various points of view. Lastly, we consider and discuss the open issues yet to be researched for more reliable and available IoT and IoS.

show abstract

“…work on the 6LoWPAN), the pertinent cryptographic primitives are also adapted and improved accordingly. Such an example is the IPsec protocol and its variants that utilize header compression [44], [45], [46], which can provide similar levels of protection while preserving the valuable node resources.…”

Section: Security Analysis and Considerationsmentioning

confidence: 99%