Detection of malicious packet dropping attacks in RPL-based internet of things

Sooyeon Shin, Kyounghoon Kim, Taekyoung Kwon

Research output: Contribution to journalArticle

Abstract

The routing protocol for low-power and lossy networks (RPL) is an IPv6-based routing protocol optimised for internet of things (IoT) environments. However, it is susceptible to malicious packet dropping attacks. If a node with a lower rank that is closer to the root node attempts a malicious packet dropping, it may disrupt basic data transmission or even the entire IoT application service. In this paper, we present a novel detection method for malicious packet dropping attacks against RPL-based networks. The proposed method is based on the anomaly intrusion detection system and detects malicious packet dropping in the presence of normal packet losses. We evaluate the performance of the method on Contiki’s network simulator, Cooja. The evaluation results show that the method has good performance in detecting malicious packet dropping attacks. In every case, the successful detection rate is greater than 94% and the false alarm rate is less than 3%.

Original languageEnglish
Pages (from-to)133-141
Number of pages9
JournalInternational Journal of Ad Hoc and Ubiquitous Computing
Volume31
Issue number2
DOIs
Publication statusPublished - 2019 Jan 1

Fingerprint

Routing protocols
Intrusion detection
Packet loss
Data communication systems
Simulators
Internet of things

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Cite this

@article{eb4c0db70df24a98bd0386eb7c7f3c6c,
title = "Detection of malicious packet dropping attacks in RPL-based internet of things",
abstract = "The routing protocol for low-power and lossy networks (RPL) is an IPv6-based routing protocol optimised for internet of things (IoT) environments. However, it is susceptible to malicious packet dropping attacks. If a node with a lower rank that is closer to the root node attempts a malicious packet dropping, it may disrupt basic data transmission or even the entire IoT application service. In this paper, we present a novel detection method for malicious packet dropping attacks against RPL-based networks. The proposed method is based on the anomaly intrusion detection system and detects malicious packet dropping in the presence of normal packet losses. We evaluate the performance of the method on Contiki’s network simulator, Cooja. The evaluation results show that the method has good performance in detecting malicious packet dropping attacks. In every case, the successful detection rate is greater than 94{\%} and the false alarm rate is less than 3{\%}.",
author = "Sooyeon Shin and Kyounghoon Kim and Taekyoung Kwon",
year = "2019",
month = "1",
day = "1",
doi = "10.1504/IJAHUC.2019.100085",
language = "English",
volume = "31",
pages = "133--141",
journal = "International Journal of Ad Hoc and Ubiquitous Computing",
issn = "1743-8225",
publisher = "Inderscience Enterprises Ltd",
number = "2",

}

Detection of malicious packet dropping attacks in RPL-based internet of things. / Shin, Sooyeon; Kim, Kyounghoon; Kwon, Taekyoung.

In: International Journal of Ad Hoc and Ubiquitous Computing, Vol. 31, No. 2, 01.01.2019, p. 133-141.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Detection of malicious packet dropping attacks in RPL-based internet of things

AU - Shin, Sooyeon

AU - Kim, Kyounghoon

AU - Kwon, Taekyoung

PY - 2019/1/1

Y1 - 2019/1/1

N2 - The routing protocol for low-power and lossy networks (RPL) is an IPv6-based routing protocol optimised for internet of things (IoT) environments. However, it is susceptible to malicious packet dropping attacks. If a node with a lower rank that is closer to the root node attempts a malicious packet dropping, it may disrupt basic data transmission or even the entire IoT application service. In this paper, we present a novel detection method for malicious packet dropping attacks against RPL-based networks. The proposed method is based on the anomaly intrusion detection system and detects malicious packet dropping in the presence of normal packet losses. We evaluate the performance of the method on Contiki’s network simulator, Cooja. The evaluation results show that the method has good performance in detecting malicious packet dropping attacks. In every case, the successful detection rate is greater than 94% and the false alarm rate is less than 3%.

AB - The routing protocol for low-power and lossy networks (RPL) is an IPv6-based routing protocol optimised for internet of things (IoT) environments. However, it is susceptible to malicious packet dropping attacks. If a node with a lower rank that is closer to the root node attempts a malicious packet dropping, it may disrupt basic data transmission or even the entire IoT application service. In this paper, we present a novel detection method for malicious packet dropping attacks against RPL-based networks. The proposed method is based on the anomaly intrusion detection system and detects malicious packet dropping in the presence of normal packet losses. We evaluate the performance of the method on Contiki’s network simulator, Cooja. The evaluation results show that the method has good performance in detecting malicious packet dropping attacks. In every case, the successful detection rate is greater than 94% and the false alarm rate is less than 3%.

UR - http://www.scopus.com/inward/record.url?scp=85066974856&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85066974856&partnerID=8YFLogxK

U2 - 10.1504/IJAHUC.2019.100085

DO - 10.1504/IJAHUC.2019.100085

M3 - Article

AN - SCOPUS:85066974856

VL - 31

SP - 133

EP - 141

JO - International Journal of Ad Hoc and Ubiquitous Computing

JF - International Journal of Ad Hoc and Ubiquitous Computing

SN - 1743-8225

IS - 2

ER -