Study of RPL DODAG Version Attacks

Similar documents
Routing over Low Power and Lossy Networks

Lesson 4 RPL and 6LoWPAN Protocols. Chapter-4 L04: "Internet of Things ", Raj Kamal, Publs.: McGraw-Hill Education

Analysis and Enhancement of RPL under Packet Drop Attacks

Enhancing Routing Protocol for Low Power and Lossy Networks

Internet Engineering Task Force (IETF) Request for Comments: ISSN: March 2012

RPL: Routing for IoT. Bardh Prenkaj Dept. of Computer Science. Internet of Things A.A

Mobile Communications

Quantitative Analysis and Evaluation of RPL with Various Objective Functions for 6LoWPAN

RPL- Routing over Low Power and Lossy Networks

Using the RPL Protocol for Supporting Passive Monitoring in the Internet of Things

ns-3 RPL module: IPv6 Routing Protocol for Low power and Lossy Networks

INTERNATIONAL JOURNAL OF COMMUNICATIONS Volume 12, Performance comparative analysis of LOADing-CTP and RPL routing protocols for LLNs

Wireless Sensor Networks Module 2: Routing

The P2P-RPL Routing Protocol for IPv6 Sensor Networks: Testbed Experiments

Principles of Wireless Sensor Networks

A Study of the RPL Repair Process Using ContikiRPL

IoT Roadmap in the IETF. Ines Robles

An Algorithm for Timely Transmission of Solicitation Messages in RPL for Energy-Efficient Node Mobility

A Distributed Monitoring Strategy for Detecting Version Number Attacks in RPL-based Networks

Routing in the Internet of Things (IoT) Rolland Vida Convergent Networks and Services

Resource Aware Routing Protocol in Heterogeneous Wireless Machine-to-Machine Networks

Design and Analysis of Routing Protocol for IPv6 Wireless Sensor Networks

Secure routing in IoT networks with SISLOF

Routing Protocol for LLN (RPL) Configuration Guide, Cisco IOS Release 15M&T

A Dinamic Multi-Layer Self-Healing Algorithm for WSN using Contiki OS

A Comparative Performance Study of the Routing Protocols RPL, LOADng and LOADng-CTP with Bidirectional Traffic for AMI Scenario

Leveraging upon standards to build the Internet of Things

A RPL based Adaptive and Scalable Data-collection Protocol module for NS-3 simulation platform

ns-3 RPL module: IPv6 Routing Protocol for Low power and Lossy Networks

Multi DODAGs in RPL for Reliable Smart City IoT

Sinks Mobility Strategy in IPv6-based WSNs for Network Lifetime Improvement

Routing for IoT and Sensor Systems

Cisco Systems, Inc. October Performance Evaluation of the Routing Protocol for Low-Power and Lossy Networks (RPL)

arxiv: v1 [cs.ni] 8 Jun 2016

Semainaire Objects connectés industriels, M2M, réseaux June 12th, 2014 IoT et Smart Cities: comment passer à l échelle

INESC TEC. Centre for Telecomunications and Multimedia. 21 March Manuel Ricardo. CTM Coordinator

RF and network basics. Antonio Liñán Colina

Implementation of Gradient Routing in WSNs

Optimizing Routing Protocol for Low power and Lossy Network (RPL) Objective Function for Mobile Low-Power Wireless Networks

Performance Analysis of RPL for Body Area Networks

A Critical Evaluation of the IPv6 Routing Protocol for Low Power and Lossy Networks (RPL)

Load Balancing Metric Based Routing Protocol for Low Power and Lossy Networks (lbrpl)

Improving the Energy Efficiency of WSN by Using Application-Layer Topologies to Constrain RPL-defined Routing Trees

Available online at ScienceDirect. Procedia Computer Science 87 (2016 )

Expanding Ring Search for Route Discovery in LOADng Routing Protocol

Performance Evaluation of Routing Protocols in Lossy Links for Smart Building Networks

Proposed Node and Network Models for M2M Internet

MULTI-CONSTRAINTS ADAPTIVE LINK QUALITY INDEX BASED MOBILE-RPL ROUTING PROTOCOL FOR LOW POWER LOSSY NETWORKS

THE Internet-of-Things (IoT) has become a new focus for

A Performance Evaluation of RPL in Contiki

This is a repository copy of Congestion-aware RPL for 6L0WPAN networks.

Low Power and Low Latency MAC Protocol: Dynamic Control of Radio Duty Cycle

DualMOP-RPL: Supporting Multiple Modes of Downward Routing in a Single RPL Network

New Real Evaluation Study of Rpl Routing Protocol Based on Cortex M3 Nodes of Iot-Lab Test Bed

Performance Comparison of the RPL and LOADng Routing Protocols in a Home Automation Scenario

Internet Engineering Task Force (IETF) Request for Comments: 7731 Category: Standards Track. February 2016

ContikiRPL and TinyRPL: Happy Together. JeongGil Ko Joakim Eriksson Nicolas Tsiftes Stephen Dawson-Haggerty Andreas Terzis Adam Dunkels David Culler

Opportunistic RPL for Reliable AMI Mesh Networks

Wireless Sensor Networks, energy efficiency and path recovery

RPL: The IP routing protocol designed for low power and lossy networks

ZigBee IP update IETF 87 Berlin. Robert Cragie

Performance Evaluation of RPL Objective Functions

Lecture 04 Introduction: IoT Networking - Part I

This is a repository copy of Dynamic RPL for Multi-hop Routing in IoT Applications.

Conference Paper. Cyber-OF: An Adaptive Cyber-Physical Objective Function for Smart Cities Applications

Interoperability. Luca Mottola slides partly by Simon Duquennoy. Politecnico di Milano, Italy and Swedish Institute of Computer Science

Trickle-F: fair broadcast suppression to improve energy-efficient route formation with the RPL routing protocol

Internet Engineering Task Force (IETF) Category: Standards Track. September The Minimum Rank with Hysteresis Objective Function

Internet of Things: Latest Technology Development and Applications

Routing Protocols in Internet of Things. Charlie Perkins December 15, 2015 with a few slides originated by Pascal

Comparative Study of RPL-Enabled Optimized Broadcast in Wireless Sensor Networks

Reliable Wireless Sensor Networks in Smart Homes Master of Science Thesis in Programme Computer Systems and Networks.

LOW-POWER and lossy networks (LLNs) comprised of

This is the author s final accepted version.

Supporting Mobile Swarm Robotics in Low Power and Lossy Sensor Networks. Kevin Andrea Robert Simon

A Comprehensive Evaluation of RPL under Mobility

Research Article RPL Mobility Support for Point-to-Point Traffic Flows towards Mobile Nodes

Comparative Analysis of Objective Functions in Routing Protocol for Low Power and Lossy Networks

Study and Analysis of Routing Protocols RIP and DSR Using Qualnet V5

IETF 93 ROLL. Routing over Low-Power And Lossy Networks. Chairs: Michael Richardson Ines Robles

Politecnico di Milano Advanced Network Technologies Laboratory. 6LowPAN

Intended status: Standards Track. H. Chen Huawei Technologies October 05, 2016

Comprehensive Performance Analysis of RPL Objective Functions in IoT Networks.

New Trust Metric for RPL Routing Protocol

WSN NETWORK ARCHITECTURES AND PROTOCOL STACK

Networked Embedded Systems: 6LoWPAN

A communication stack over PLC for multi physical layer IPv6 Networking

A COMPARISON OF REACTIVE ROUTING PROTOCOLS DSR, AODV AND TORA IN MANET

On Secure Routing in Low-Power and Lossy Networks: The Case of RPL

6TiSCH Interoperability Test Description

Implementation of a Wormhole Attack Against a RPL Network: Challenges and Effects

EVALUATING THE FUNCTIONALITY OF AN INDUSTRIAL INTERNET OF THINGS SYSTEM

IEEE COMMUNICATION SURVEYS & TUTORIALS 1 IEEE

Routing: Collection Tree Protocol. Original slides by Omprakash Gnawal

IPv6 Stack. 6LoWPAN makes this possible. IPv6 over Low-Power wireless Area Networks (IEEE )

Networked Embedded Systems: 6LoWPAN

ContikiRPL and TinyRPL: Happy Together

Low overhead loop-free routing in wireless sensor networks

A Depth First Forwarding (DFF) Extension for the LOADng Routing Protocol

RPL under Mobility. Kevin C. Lee, Raghuram Sudhaakar, Lillian Dai, Sateesh Addepalli, Mario Gerla

Transcription:

Study of RPL DODAG Version Attacks Anthéa Mayzaud anthea.mayzaud@inria.fr Rémi Badonnel Isabelle Chrisment Anuj Sehgal s.anuj@jacobs-university.de Jürgen Schönwälder IFIP AIMS 2014 Brno, Czech Republik 7/1/2014 A Study of RPL DODAG Version Attacks 1

Motivations Currently, no study of the consequences of these attacks targeting Internet-of-Things (IoT) networks Existing security strategies based on cryptographic operations VeRa, Version Number and Rank Authentication in RPL [1] TRAIL, Topology Authentication in RPL [2] Supporting the creation of a baseline to better develop mitigation strategies Observing attack-related patterns in order to improve counter-measures What is the impact of such an attack in an IoT network and does it make sense to mitigate it? 7/1/2014 A Study of RPL DODAG Version Attacks 2

Background Internet of Things RPL Protocol Outline Analysis of Version Number Attacks Attack Description Experimental Setup Analysis Metrics Impact Evaluation Results Control Packet Overhead Delivery Ratio End-to-end Delay Number of Loops and Inconsistencies Conclusions 7/1/2014 A Study of RPL DODAG Version Attacks 3

Background Internet of Things RPL Protocol Outline Analysis of Version Number Attacks Attack Description Experimental Setup Analysis Metrics Impact Evaluation Results Control Packet Overhead Delivery Ratio End-to-end Delay Number of Loops and Inconsistencies Conclusions 7/1/2014 A Study of RPL DODAG Version Attacks 4

Background Internet of Things Illustration solarfeeds.com Large-scale deployment of connected objects Sensors (wired or wireless) RFID chips Actuators Interactions and cooperations among objects Various application domains Logistics, transport Smart environments E-health 7/1/2014 A Study of RPL DODAG Version Attacks 5

Background LLN Networks and RPL Nodes with strong constraints Energy Memory Processing Lossy links Low throughputs TCP/UDP IPv6 RPL 6LoWPAN 802.15.4 MAC 802.15.4 PHY Existing routing protocols are not appropriate Design of a dedicated stack LLN : Low power and Lossy Network RPL : Routing Protocol for LLNs 7/1/2014 A Study of RPL DODAG Version Attacks 6

Background The Routing Protocol for LLNs (RPL) Protocol description RFC 6550 (March 2012) [3] IPv6-based distance vector protocol Building of specific graphs called DODAG (Destination Oriented Directed Acyclic Graph) 3 ICMPv6 control messages (DIS, DIO, DAO) 2 1 3 Traffic patterns Multipoint-to-point (MP2P) Point-to-multipoint (P2MP) Point-to-point (P2P) 4 5 RPL instance Set of DODAGs Optimized for a given routing objective based on metrics/constraints 8 9 7/1/2014 A Study of RPL DODAG Version Attacks 7

Background RPL DODAG Principle Upward direction Root 1 Downward direction Root: destination node which manages the DODAG graph Upward routes: built with DIO messages to reach the root 2 8 4 3 9 5 Trickle timer: used to define sending frequency of control messages Downward routes: built with DAO messages to reach a node Node rank value: used to indicate node s position with respect to the root ; always increasing in the downward direction Metrics: used to characterize links and select the preferred parent 7/1/2014 A Study of RPL DODAG Version Attacks 8

Background RPL DODAG Principle Upward direction DIO 1 DIO Downward direction Root: destination node which manages the DODAG graph Upward routes: built with DIO messages to reach the root 2 8 4 3 9 5 Trickle timer: used to define sending frequency of control messages Downward routes: built with DAO messages to reach a node Node rank value: used to indicate node s position with respect to the root ; always increasing in the downward direction Metrics: used to characterize links and select the preferred parent 7/1/2014 A Study of RPL DODAG Version Attacks 9

Background RPL DODAG Principle Upward direction DAO 2 DAO 8 1 4 3 9 DAO 5 Downward direction DAO Root: destination node which manages the DODAG graph Upward routes: built with DIO messages to reach the root Trickle timer: used to define sending frequency of control messages Downward routes: built with DAO messages to reach a node Node rank value: used to indicate node s position with respect to the root ; always increasing in the downward direction Metrics: used to characterize links and select the preferred parent 7/1/2014 A Study of RPL DODAG Version Attacks 10

Background RPL DODAG Principle Root Root: destination node which manages the DODAG graph 1 Upward routes: built with DIO messages to reach the root 2 3 Rank = 2 Trickle timer: used to define sending frequency of control messages Rank = 3 8 4 9 5 Rank = 4 Downward routes: built with DAO messages to reach a node Node rank value: used to indicate node s position with respect to the root ; always increasing in the downward direction Metrics: used to characterize links and select the preferred parent 7/1/2014 A Study of RPL DODAG Version Attacks 11

Background RPL DODAG Principle Root Root: destination node which manages the DODAG graph 1 Upward routes: built with DIO messages to reach the root 2 3 Rank = 2 Trickle timer: used to define sending frequency of control messages Rank = 3 8 4 9 5 Rank = 4 Downward routes: built with DAO messages to reach a node Node rank value: used to indicate node s position with respect to the root ; always increasing in the downward direction Metrics: used to characterize links and select the preferred parent 7/1/2014 A Study of RPL DODAG Version Attacks 12

Background Other RPL Mechanisms Datapath Validation [4] Data control mechanism used to detect loops Flags in the Hop-by-Hop option header O flag used to track packet direction R flag used to track rank error (mismatch between O flag and current direction of a packet) Version Number Version of a DODAG graph DIO field supposed to remain unchanged by the other nodes Only incremented by the root Used to rebuild the DODAG (global repair) 7 2 5 1 3 8 6 4 9 Available link Link in Version N Link in Version N+1 10 7/1/2014 A Study of RPL DODAG Version Attacks 13

Background Internet of Things RPL Protocol Outline Analysis of Version Number Attacks Attack Description Experimental Setup Analysis Metrics Impact Evaluation Results Control Packet Overhead Delivery Ratio End-to-end Delay Number of Loops and Inconsistencies Conclusions 7/1/2014 A Study of RPL DODAG Version Attacks 14

Analysis of Version Number Attacks Attack Description Increment of the version number by an attacker 1 5 9 13 17 Propagation of the malicious version number Direct consequences Unnecessary rebuilding Control message overhead Loops generation 2 3 6 7 10 11 14 15 18 19 Indirect consequences Impact on energy reserves Data packets loss Channel availability 4 8 12 Available link 16 20 7/1/2014 A Study of RPL DODAG Version Attacks 15

Analysis of Version Number Attacks Experimental Setup Grid topology of 20 nodes Node 1 is the DODAG root Relocation of the attacker to multiple positions Simulations based on Cooja (Contiki 2.6) 1 simulation without attacker as a baseline Duration of 50 min. 5 times each scenario Attacks start after 5 min. 1 2 3 4 5 9 13 17 6 10 14 18 7 8 11 12 15 16 19 20 Available link Attack Message 7/1/2014 A Study of RPL DODAG Version Attacks 16

Analysis of Version Number Attacks Analysis Metrics Control packet overhead Total number of RPL control packets (DIS, DIO, DAO) transmitted and received Delivery ratio Number of data packets successfully delivered to the sink compared to the number of data packets generated by all nodes Average end-to-end delay Average time spent for all packets from all nodes to be successfully delivered Number of inconsistencies Number of packets when a mismatch between the O flag and the actual direction is detected Number of loops Number of packets when an inconsistency is detected with the R flag 7/1/2014 A Study of RPL DODAG Version Attacks 17

Background Internet of Things RPL Protocol Outline Analysis of Version Number Attacks Attack description Experimental Setup Analysis Metrics Impact Evaluation Results Control Packet Overhead Delivery Ratio End-to-end Delay Number of Loops and Inconsistencies Conclusions 7/1/2014 A Study of RPL DODAG Version Attacks 18

Impact Evaluation Results Control Packet Overhead 1 5 9 13 17 2 6 10 14 18 3 7 11 15 19 4 8 12 16 20 Overhead for every node 1250 control pkts without attacker Up to 18 times in the worst case Per column: maximum for the nodes in the bottom row (4, 8, 12, 16, 20) Similar results for positions 2 and 5 which are minimums Not only the number of neighbors, but also the distance from the root impacts the overhead. 7/1/2014 A Study of RPL DODAG Version Attacks 19

Impact Evaluation Results Per Node Outgoing Packet Overhead 1 5 9 13 17 2 6 10 14 18 3 7 11 15 19 4 8 12 16 20 Overhead not only localized at the neighborhood of the attacker Not only the attacker neighborhood is impacted, but also the entire network. 7/1/2014 A Study of RPL DODAG Version Attacks 20

Impact Evaluation Results Delivery Ratio Reduced by up to 30% Similar pattern than packets overhead Strong correlation between path length and effects on the DR The farther the attacker from the root, the worse the delivery ratio. 7/1/2014 A Study of RPL DODAG Version Attacks 21

Impact Evaluation Results Average end-to-end delay Almost doubled High variation in the results No strong correlation between location of the attacker and the delay. 7/1/2014 A Study of RPL DODAG Version Attacks 22

Impact Evaluation Results Loops and Inconsistencies 1 5 9 13 17 2 6 10 14 18 3 7 11 15 19 4 8 12 16 20 Same pattern Greater distance from root, lesser inconsistencies Proximity to the root and most number of neighbors, highest number of loops Larger number of neighbors and attacker proximity to root lead to higher number of loops and inconsistencies. 7/1/2014 A Study of RPL DODAG Version Attacks 23

Impact Evaluaiton Results Inconsistencies per Node 1 5 9 13 17 2 6 10 14 18 3 7 11 15 19 4 8 12 16 20 Inconsistencies mostly located around the attacker Majority of inconsistencies is detected by parents of the attacker and also by its children. 7/1/2014 A Study of RPL DODAG Version Attacks 24

Background Internet of Things RPL Protocol Outline Analysis of Version Number Attacks Attack Description Experimental Setup Analysis Metrics Impact Evaluation Results Control Packet Overhead Delivery Ratio End-to-end Delay Number of Loops and Inconsistencies Conclusions 7/1/2014 A Study of RPL DODAG Version Attacks 25

Conclusions and Future Work Study of the impact of version number attacks within RPL networks Increase of control packets overhead by up to 18 times Decrease of delivery ratio by up to 30% End-to-end delay nearly doubled Strong correlation between the position of the attacker and the observed effects RPL network lifetime can be drastically shorten Perspectives Extension to more complex topologies Evaluation of existing solutions based on observed baseline Development of lightweight mitigation strategies based on identified attack patterns 7/1/2014 A Study of RPL DODAG Version Attacks 26

References [1] Dvir et al., VeRa Version Number and Rank Authentication in RPL, in Proc. of the IEEE 8th International Conference on Mobile Adhoc and Sensor Systems (MASS), 2011, Hangzou, China. [2] Perrey, H. et al., TRAIL: Topology Authentication in RPL, in CoRR, 2011. [3] Winter, T. et al., RPL, IPv6 Routing Protocol for Low-Power and Lossy Networks. IETF RFC 6550 (March 2012). [4] Hui, J. and Vasseur, J., The Routing Protocol for Low-Power and Lossy Networks (RPL) Option for Carrying RPL Information in Data-Plane Datagrams. IETF RFC 6553 (March 2012). [5] Contiki project: http://www.contiki-os.org [6] Tsao, T. et al., A Security Threat Analysis for Routing Protocol for Low-power and Lossy Networks (RPL). IETF Internet Draft (December 2013). 7/1/2014 A Study of RPL DODAG Version Attacks 27

Thank you for your attention! Questions? 7/1/2014 A Study of RPL DODAG Version Attacks 28

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback