Attacks on Low Power and Lossy Networks

Written by PHOENIX project on 03. 05. 2021.

The proliferation of the IoT is a new wave of innovation with recent forecasts suggesting massive deployment of several IoT devices to reach billions of devices. In general, an IoT framework could be defined as the use of heterogeneous technologies, systems, and TCP/IP protocols, with the growing paradigm of device-to-device communications and the contextual environment. IoT networks are considered as an example of Low-Power and Lossy Network (LLN), which consist of tiny, heterogeneous devices with limited power, memory, and processing resources [1]. These specific networks have been used in a broad scope of real-world application areas such as smart home, water management, and industrial smart grid systems. However, the use of IoT devices imposes strict resource constraints regarding energy and memory as well as considering the high loss rate of the communication links in these networks.

Routing in IoT network facilitates the connection of network elements in different applications. So far, the only standardized protocol available for IoT is the routing protocol for low power and lossy networks (RPL) protocol [2]. However, RPL provides little security against different routing attacks. In particular, the design flaws of secure network formation processes of the standard RPL exposes the network to various attacks such as sybil, blackhole, rank, and wormhole. These attacks hinder the enforcement of basic security services such as confidentiality, data integrity, authenticity, and access control, and could be exploited by an adversary to run more powerful attacks. Therefore, data routing in such networks is considered as one of the weakest links in the adoption of these networks in real-world applications such as smart grids.

An adversary could easily capture, tamper, or even destroy devices in an IoT network. It is due to the lack of physical protection and tamper resistance in LLNs. Although RPL provides confidentiality by using simple cryptographic mechanisms that ensure authenticity and integrity of its control messages, a legitimate node captured by an adversary can still eavesdrop, duplicate, or alter packets, leading to significant problems such as power outages in smart grid networks or widespread system failures. Even though many papers have extensively addressed the impact of attacks in traditional networks such as vehicular networks, wireless sensor networks, and mobile ad hoc networks, they could not be applied directly to the IoT. It is because of IoT networks’ specific characteristics such as device heterogeneity, resource constraints, few standard protocols, context-dependence, and cross-device dependencies. Therefore, researchers have started working on the design and development of novel solutions that can be efficiently used in the IoT networks to improve their communication reliability and security. Although sybil and wormhole attacks have been well investigated in the literature for traditional networks, there are still no suitable solutions that could fully address these attacks by considering the unique characteristics of IoT and RPL protocol. Novel techniques have been proposed to detect two of the most destructive attacks known as sybil and wormhole in RPL based IoT networks. The algorithms [1] consider a local common ancestor in order to perform the detection process and localization of attackers in a specific (possibly small) area in the network.

[1] P. Kaliyar, W. Ben Jaballah, M. Conti, C. Lal, “LiDL: Localization with early detection of Sybil and wormhole attacks in IoT Networks”, Elsevier Computer Security, 94: 101849, 2020.

[2] T. Winter, P. Thubert, A. Brandt, J. Hui,R. Kelsey, P. Levis, K. Pister, R. Struik,J. Vasseur, and R. Alexander, “RPL: IPv6 routing protocol for low-power and lossy networks,” 2012. [Online]. Available:http://www.rfc-editor.org/rfc/rfc6550.txt

Cookie	Type	Duration	Description
__cfduid	1	1 month	The cookie is set by CloudFare. It is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.
_wpfuuid	0	10 years	Contact form UUID (Universally Unique Identifier) cookie. It allows the plugin to connect entries by the same user and does not contain or represent any personal information or entry details.
cookielawinfo-checkbox-necessary	0	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-non-necessary	0	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Non Necessary".
test_cookie	0	11 months
viewed_cookie_policy	0	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. It is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randomly generated number to identify unique visitors.
_gat_gtag_UA_152331303_1	1 minute	Google uses this cookie to distinguish users.
_gid	1 day	This cookie is installed by Google Analytics. It is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.

Attacks on Low Power and Lossy Networks

Energy Shield

BRIDGE

Success

Defender

NRG-5

sofie-logo

Elsa

interflex

Intergrid

NobelGrid

PROMOTioN-Logo-RZ-RGB

logo_reserve_sRGB

wisegrid-logo