Visible to the public Attack graph — Based vulnerability assessment of rank property in RPL-6LOWPAN in IoT

TitleAttack graph — Based vulnerability assessment of rank property in RPL-6LOWPAN in IoT
Publication TypeConference Paper
Year of Publication2018
AuthorsSahay, R., Geethakumari, G., Modugu, K.
Conference Name2018 IEEE 4th World Forum on Internet of Things (WF-IoT)
Date Publishedfeb
ISBN Number978-1-4673-9944-9
Keywords6LoWPAN, attack graph, communication protocol, composability, computer network security, destination oriented directed acyclic graphs, directed graphs, expected transmission count, holistic security assessment, Internet of Things, IoT networks, IP networks, IPv6 Routing Protocol, LLNs, loop free topology, low-power wireless personal area network, Network topology, objective function, packet delivery rate, personal area networks, pubcrawl, rank based data path validation, rank property, Resiliency, resource constrained Low Power and Lossy Networks, resource consumption, Routing, routing path optimization, Routing protocols, routing requirements, routing security, RPL attacks, RPL DODAG, RPL-6LOWPAN, security, security attacks, security breaches, sensor nodes, telecommunication network topology, topological isolation, topological sub-optimization, traffic disruption, vulnerability assessment

A significant segment of the Internet of Things (IoT) is the resource constrained Low Power and Lossy Networks (LLNs). The communication protocol used in LLNs is 6LOWPAN (IPv6 over Low-power Wireless Personal Area Network) which makes use of RPL (IPv6 Routing Protocol over Low power and Lossy network) as its routing protocol. In recent times, several security breaches in IoT networks occurred by targeting routers to instigate various DDoS (Distributed Denial of Service) attacks. Hence, routing security has become an important problem in securing the IoT environment. Though RPL meets all the routing requirements of LLNs, it is important to perform a holistic security assessment of RPL as it is susceptible to many security attacks. An important attribute of RPL is its rank property. The rank property defines the placement of sensor nodes in the RPL DODAG (Destination Oriented Directed Acyclic Graphs) based on an Objective Function. Examples of Objective Functions include Expected Transmission Count, Packet Delivery Rate etc. Rank property assists in routing path optimization, reducing control overhead and maintaining a loop free topology through rank based data path validation. In this paper, we investigate the vulnerabilities of the rank property of RPL by constructing an Attack Graph. For the construction of the Attack Graph we analyzed all the possible threats associated with rank property. Through our investigation we found that violation of protocols related to rank property results in several RPL attacks causing topological sub-optimization, topological isolation, resource consumption and traffic disruption. Routing security essentially comprises mechanisms to ensure correct implementation of the routing protocol. In this paper, we also present some observations which can be used to devise mechanisms to prevent the exploitation of the vulnerabilities of the rank property.

Citation Keysahay_attack_2018