Attacks on Low Power and Lossy Networks

The proliferation of the IoT is a new wave of innovation with recent forecasts suggesting massive deployment  of  several  IoT  devices  to  reach  billions of devices.    In  general,  an  IoT  framework  could be  defined  as  the  use  of  heterogeneous  technologies, systems, and TCP/IP protocols, with the growing paradigm of device-to-device communications and the contextual environment. IoT networks are considered as an example of Low-Power and Lossy Network (LLN), which consist of tiny, heterogeneous devices with limited power, memory, and processing resources [1].   These  specific  networks  have  been  used  in a broad scope of real-world application areas such as smart home, water  management,   and  industrial  smart grid systems.  However, the use of IoT devices imposes strict resource constraints regarding energy and memory as well as considering the high loss rate of the communication links in these networks.

Routing in IoT network facilitates the connection of network elements in different applications.  So far, the  only  standardized  protocol  available  for  IoT  is the  routing  protocol  for  low  power  and  lossy  networks (RPL)   protocol [2].   However,  RPL  provides  little security against different routing attacks. In particular, the design flaws of secure network formation  processes  of  the  standard  RPL  exposes  the network to various attacks such as sybil, blackhole, rank, and wormhole.  These attacks hinder the enforcement of basic security services such as confidentiality, data integrity, authenticity, and access control, and could be exploited by an adversary to run more powerful attacks.  Therefore,  data routing in such networks is considered as one of the weakest  links  in  the  adoption  of  these  networks  in real-world applications such as smart grids.

An adversary could easily capture, tamper, or even destroy devices in an IoT network.  It is due to the lack of physical protection and tamper resistance in LLNs.  Although RPL provides confidentiality by using simple cryptographic mechanisms that ensure authenticity  and  integrity  of  its  control  messages,  a legitimate  node  captured  by  an  adversary  can  still eavesdrop, duplicate, or alter packets, leading to significant  problems  such  as  power  outages  in  smart grid  networks  or  widespread  system  failures.   Even though many papers have extensively addressed the impact of attacks in traditional networks such as vehicular networks, wireless sensor networks,  and mobile ad hoc networks,  they could not be applied  directly  to  the  IoT.  It  is  because  of  IoT  networks’ specific characteristics such as device heterogeneity, resource constraints, few standard protocols, context-dependence,  and  cross-device  dependencies. Therefore,  researchers  have  started  working  on  the design  and  development  of  novel  solutions  that  can be  efficiently  used  in  the  IoT  networks  to  improve their  communication  reliability  and  security.   Although sybil  and  wormhole  attacks have been well investigated in the literature for traditional networks, there are still no suitable solutions that could fully address these attacks by considering the unique characteristics of IoT and RPL protocol.  Novel techniques have been proposed to detect two of  the  most  destructive  attacks  known  as sybil and wormhole in RPL based IoT networks. The  algorithms  [1] consider  a  local  common  ancestor in order to perform the detection process and localization of attackers in a specific (possibly small) area in the network.


[1] P. Kaliyar, W. Ben Jaballah, M. Conti, C. Lal, “LiDL: Localization with early detection of Sybil and wormhole attacks in IoT Networks”, Elsevier Computer Security, 94: 101849, 2020.

[2] T.  Winter,   P.  Thubert,   A.  Brandt,   J.  Hui,R.   Kelsey,   P.   Levis,   K.   Pister,   R.   Struik,J.  Vasseur,   and  R.  Alexander,   “RPL:  IPv6 routing    protocol    for    low-power    and    lossy networks,”   2012.   [Online].   Available:

This project has received funding from the European Union’s Horizon 2020 research and Innovation programme under grant agreement N°832989. All information on this website reflects only the authors' view. The Agency and the Commission are not responsible for any use that may be made of the information this website contains.

Sign up to our newsletter