Attacks on Low Power and Lossy Networks
The proliferation of the IoT is a new wave of innovation with recent forecasts suggesting massive deployment of several IoT devices to reach billions of devices. In general, an IoT framework could be defined as the use of heterogeneous technologies, systems, and TCP/IP protocols, with the growing paradigm of device-to-device communications and the contextual environment. IoT networks are considered as an example of Low-Power and Lossy Network (LLN), which consist of tiny, heterogeneous devices with limited power, memory, and processing resources . These specific networks have been used in a broad scope of real-world application areas such as smart home, water management, and industrial smart grid systems. However, the use of IoT devices imposes strict resource constraints regarding energy and memory as well as considering the high loss rate of the communication links in these networks.
Routing in IoT network facilitates the connection of network elements in different applications. So far, the only standardized protocol available for IoT is the routing protocol for low power and lossy networks (RPL) protocol . However, RPL provides little security against different routing attacks. In particular, the design flaws of secure network formation processes of the standard RPL exposes the network to various attacks such as sybil, blackhole, rank, and wormhole. These attacks hinder the enforcement of basic security services such as confidentiality, data integrity, authenticity, and access control, and could be exploited by an adversary to run more powerful attacks. Therefore, data routing in such networks is considered as one of the weakest links in the adoption of these networks in real-world applications such as smart grids.
An adversary could easily capture, tamper, or even destroy devices in an IoT network. It is due to the lack of physical protection and tamper resistance in LLNs. Although RPL provides confidentiality by using simple cryptographic mechanisms that ensure authenticity and integrity of its control messages, a legitimate node captured by an adversary can still eavesdrop, duplicate, or alter packets, leading to significant problems such as power outages in smart grid networks or widespread system failures. Even though many papers have extensively addressed the impact of attacks in traditional networks such as vehicular networks, wireless sensor networks, and mobile ad hoc networks, they could not be applied directly to the IoT. It is because of IoT networks’ specific characteristics such as device heterogeneity, resource constraints, few standard protocols, context-dependence, and cross-device dependencies. Therefore, researchers have started working on the design and development of novel solutions that can be efficiently used in the IoT networks to improve their communication reliability and security. Although sybil and wormhole attacks have been well investigated in the literature for traditional networks, there are still no suitable solutions that could fully address these attacks by considering the unique characteristics of IoT and RPL protocol. Novel techniques have been proposed to detect two of the most destructive attacks known as sybil and wormhole in RPL based IoT networks. The algorithms  consider a local common ancestor in order to perform the detection process and localization of attackers in a specific (possibly small) area in the network.
 P. Kaliyar, W. Ben Jaballah, M. Conti, C. Lal, “LiDL: Localization with early detection of Sybil and wormhole attacks in IoT Networks”, Elsevier Computer Security, 94: 101849, 2020.
 T. Winter, P. Thubert, A. Brandt, J. Hui,R. Kelsey, P. Levis, K. Pister, R. Struik,J. Vasseur, and R. Alexander, “RPL: IPv6 routing protocol for low-power and lossy networks,” 2012. [Online]. Available:http://www.rfc-editor.org/rfc/rfc6550.txt