A LIGHTWEIGHT MITIGATION TECHNIQUE AGAINST A MODIFIED VERSION NUMBER ATTACK IN IOT NETWORKS

A Lightweight Mitigation Technique Against a Modified Version Number Attack in IoT Networks

A Lightweight Mitigation Technique Against a Modified Version Number Attack in IoT Networks

Blog Article

The potential worldwide deployment of Internet of Things (IoT) networks for a broad scope of critical applications has led to significant security concerns.With no effective support for IoT security, this rising trend would expose IoT deployments to numerous security threats.Due to their inherent resource constraints, IoT networks are critically susceptible to a wide range of adverse attacks.In particular, internal routing attacks pose serious challenges to network stability and lifetime.

This is evident even for an IETF-standardized Rockets routing protocol like the IPv6 Routing Protocol for Low Power and Lossy Networks (RPL).It lacks adequate provisioning of network security, making an internal routing attack such as the common Version Number (VN) attack easy to initiate and effective to target performance degradation and resource exhaustion.It is also possible for further variants of such an adverse attack to emerge and incur a different and significant impact on RPL networks.In this paper, a novel variant of the VN attack, referred to as the Decreased VN (DVN) attack, in experimentally investigated.

It differently operates by decreasing the propagated VN value in DIO messages to cause Pre-Rolled disruptive subnet partitioning and topological re-establishment.Experimental evaluation results revealed the severe effects of DVN attacks on overall network performance.Network overhead and energy consumption were increased by more than 300% and 220%, respectively.Additionally, a reduction of over 28% and an increase of over 400% in PDR and latency, respectively, were experienced during the attack.

To effectively mitigate the DVN attack, a novel lightweight solution called DVN-Secure RPL (DVN-SRPL) is introduced in this paper.It is based on an effective and simple distributed security scheme with limited modifications to certain operational aspects of RPL design.Experimental testing of DVN-SRPL demonstrated its efficiency in detecting and containing DVN attacks.It succeeded in mitigating the adverse effects of the attacks with considerable reductions of 179% and 142% in energy consumption and network overhead, respectively.

Comparable QoS performance to the attack-free RPL was also maintained during the attack.

Report this page