Visible to the public A Trust-Based Intrusion Detection System for Mobile RPL Based Networks

TitleA Trust-Based Intrusion Detection System for Mobile RPL Based Networks
Publication TypeConference Paper
Year of Publication2017
AuthorsMedjek, F., Tandjaoui, D., Romdhani, I., Djedjig, N.
Conference Name2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)
ISBN Number978-1-5386-3066-2
Keywords6LoWPAN, composability, cyber physical systems security, Intrusion detection, intrusion detection system, Intrusion Detection System scheme, IoT, Mobile communication, mobile radio, mobile RPL based networks, mobility support, Monitoring, off-load security related computation, Peer-to-peer computing, pubcrawl, resilience, Resiliency, Routing, Routing Protocol, Routing protocols, routing security, RPL security, security attacks, Sybil attack, Sybil-Mobile attack, T-IDS, telecommunication security, Trust Routing, Trusted Platform Module co-processor, Wireless sensor networks

Successful deployment of Low power and Lossy Networks (LLNs) requires self-organising, self-configuring, security, and mobility support. However, these characteristics can be exploited to perform security attacks against the Routing Protocol for Low-Power and Lossy Networks (RPL). In this paper, we address the lack of strong identity and security mechanisms in RPL. We first demonstrate by simulation the impact of Sybil-Mobile attack, namely SybM, on RPL with respect to control overhead, packet delivery and energy consumption. Then, we introduce a new Intrusion Detection System (IDS) scheme for RPL, named Trust-based IDS (T-IDS). T-IDS is a distributed, cooperative and hierarchical trust-based IDS, which can detect novel intrusions by comparing network behavior deviations. In T-IDS, each node is considered as monitoring node and collaborates with his peers to detect intrusions and report them to a 6LoWPAN Border Router (6BR). In our solution, we introduced a new timer and minor extensions to RPL messages format to deal with mobility, identity and multicast issues. In addition, each node is equipped with a Trusted Platform Module co-processor to handle identification and off-load security related computation and storage.

Citation Keymedjek_trust-based_2017