Denial-of-Service attacks on 6LoWPAN-RPL networks: Threats and an intrusion detection system proposition
نویسندگان
چکیده
RPL (Routing Protocol for Low-power and lossy networks) is a specific routing protocol designed to optimize 6LoWPAN (IPv6 over Low power Wireless Personal Area Network) operation. As 6LoWPAN suffers from resource constraints on battery, processor, memory and bandwidth, it affects the performance of the RPL protocol. From security point of view, this will make RPL vulnerable to several threats directly or indirectly. Thus, cryptographic systems are not sufficient to protect the RPL from internal attacks; a compromised node from the network may cause undesired operation without being detected by these systems. An intrusion detection system (IDS) should be used, but it is not easy given the nature of 6LoWPAN; on a side its resource constraints, and on the other side its opening to the outside world through the Internet. In this paper we focus on denial of service (DoS) attacks, we determine the elements to be taken into account in selecting a compatible IDS and we give some solutions that we consider effective and valid for 6LoWPAN-RPL based networks.
منابع مشابه
HF-Blocker: Detection of Distributed Denial of Service Attacks Based On Botnets
Abstract—Today, botnets have become a serious threat to enterprise networks. By creation of network of bots, they launch several attacks, distributed denial of service attacks (DDoS) on networks is a sample of such attacks. Such attacks with the occupation of system resources, have proven to be an effective method of denying network services. Botnets that launch HTTP packet flood attacks agains...
متن کاملEvaluation of an Intrusion Detection System for Routing Attacks in Wireless Self-organised Networks
Wireless Sensor Networks (WSNs) arebecoming increasingly popular, and very useful in militaryapplications and environmental monitoring. However,security is a major challenge for WSNs because they areusually setup in unprotected environments. Our goal in thisstudy is to simulate an Intrusion Detection System (IDS)that monitors the WSN and report intrusions accurately andeffectively. We have thus...
متن کاملDetecting Denial of Service Message Flooding Attacks in SIP based Services
Increasing the popularity of SIP based services (VoIP, IPTV, IMS infrastructure) lead to concerns about its security. The main signaling protocol of next generation networks and VoIP systems is Session Initiation Protocol (SIP). Inherent vulnerabilities of SIP, misconfiguration of its related components and also its implementation deficiencies cause some security concerns in SIP based infra...
متن کاملRouting Attacks and Countermeasures in the RPL-Based Internet of Things
*e Routing Protocol for Low-Power and Lossy Networks (RPL) is a novel routing protocol standardized for constrained environments such as 6LoWPAN networks. Providing security in IPv6/RPL connected 6LoWPANs is challenging because the devices are connected to the untrusted Internet and are resource constrained, the communication links are lossy, and the devices use a set of novel IoT technologies ...
متن کاملA Lightweight Intrusion Detection System Based on Specifications to Improve Security in Wireless Sensor Networks
Due to the prevalence of Wireless Sensor Networks (WSNs) in the many mission-critical applications such as military areas, security has been considered as one of the essential parameters in Quality of Service (QoS), and Intrusion Detection System (IDS) is considered as a fundamental requirement for security in these networks. This paper presents a lightweight Intrusion Detection System to prote...
متن کامل