By the same authors

A Trust-Based Intrusion Detection System for RPL Networks: Detecting a Combination of Rank and Blackhole Attacks

Research output: Contribution to journalArticlepeer-review

Standard

A Trust-Based Intrusion Detection System for RPL Networks: Detecting a Combination of Rank and Blackhole Attacks. / Ioulianou, Philokypros; Vasilakis, Vasileios; Shahandashti, Siamak F.

In: Journal of Cybersecurity and Privacy, Vol. 2, No. 1, 09.03.2022, p. 124-153.

Research output: Contribution to journalArticlepeer-review

Harvard

Ioulianou, P, Vasilakis, V & Shahandashti, SF 2022, 'A Trust-Based Intrusion Detection System for RPL Networks: Detecting a Combination of Rank and Blackhole Attacks', Journal of Cybersecurity and Privacy, vol. 2, no. 1, pp. 124-153. https://doi.org/10.3390/jcp2010009

APA

Ioulianou, P., Vasilakis, V., & Shahandashti, S. F. (2022). A Trust-Based Intrusion Detection System for RPL Networks: Detecting a Combination of Rank and Blackhole Attacks. Journal of Cybersecurity and Privacy, 2(1), 124-153. https://doi.org/10.3390/jcp2010009

Vancouver

Ioulianou P, Vasilakis V, Shahandashti SF. A Trust-Based Intrusion Detection System for RPL Networks: Detecting a Combination of Rank and Blackhole Attacks. Journal of Cybersecurity and Privacy. 2022 Mar 9;2(1):124-153. https://doi.org/10.3390/jcp2010009

Author

Ioulianou, Philokypros ; Vasilakis, Vasileios ; Shahandashti, Siamak F. / A Trust-Based Intrusion Detection System for RPL Networks: Detecting a Combination of Rank and Blackhole Attacks. In: Journal of Cybersecurity and Privacy. 2022 ; Vol. 2, No. 1. pp. 124-153.

Bibtex - Download

@article{bbab8ef79c1d4c8aa67797dd91cd378f,
title = "A Trust-Based Intrusion Detection System for RPL Networks: Detecting a Combination of Rank and Blackhole Attacks",
abstract = "Routing attacks are a major security issue for Internet of Things (IoT) networks utilising routing protocols, as malicious actors can overwhelm resource-constrained devices with denial-of-service (DoS) attacks, notably rank and blackhole attacks. In this work, we study the impact of the combination of rank and blackhole attacks in the IPv6 routing protocol for low-power and lossy (RPL) networks, and we propose a new security framework for RPL-based IoT networks (SRF-IoT). The framework includes a trust-based mechanism that detects and isolates malicious attackers with the help of an external intrusion detection system (IDS). Both SRF-IoT and IDS are implemented in the Contiki-NG operating system. Evaluation of the proposed framework is based on simulations using the Whitefield framework that combines both the Contiki-NG and the NS-3 simulator. Analysis of the simulations of the scenarios under active attacks showed the effectiveness of deploying SRF-IoT with 92.8% packet delivery ratio (PDR), a five-fold reduction in the number of packets dropped, and a three-fold decrease in the number of parent switches in comparison with the scenario without SRF-IoT. Moreover, the packet overhead introduced by SRF-IoT in attack scenarios is minimal at less than 2%. Obtained results suggest that the SRF-IoT framework is an efficient and promising solution that combines trust-based and IDS-based approaches to protect IoT networks against routing attacks. In addition, our solution works by deploying a watchdog mechanism on detector nodes only, leaving unaffected the operation of existing smart devices.",
keywords = "RPL security, Intrusion detection and prevention system",
author = "Philokypros Ioulianou and Vasileios Vasilakis and Shahandashti, {Siamak F.}",
note = " {\textcopyright} 2022 by the authors. Licensee MDPI, Basel, Switzerland",
year = "2022",
month = mar,
day = "9",
doi = "10.3390/jcp2010009",
language = "English",
volume = "2",
pages = "124--153",
journal = "Journal of Cybersecurity and Privacy",
issn = "2624-800X",
publisher = "Multidisciplinary Digital Publishing Institute (MDPI)",
number = "1",

}

RIS (suitable for import to EndNote) - Download

TY - JOUR

T1 - A Trust-Based Intrusion Detection System for RPL Networks: Detecting a Combination of Rank and Blackhole Attacks

AU - Ioulianou, Philokypros

AU - Vasilakis, Vasileios

AU - Shahandashti, Siamak F.

N1 - © 2022 by the authors. Licensee MDPI, Basel, Switzerland

PY - 2022/3/9

Y1 - 2022/3/9

N2 - Routing attacks are a major security issue for Internet of Things (IoT) networks utilising routing protocols, as malicious actors can overwhelm resource-constrained devices with denial-of-service (DoS) attacks, notably rank and blackhole attacks. In this work, we study the impact of the combination of rank and blackhole attacks in the IPv6 routing protocol for low-power and lossy (RPL) networks, and we propose a new security framework for RPL-based IoT networks (SRF-IoT). The framework includes a trust-based mechanism that detects and isolates malicious attackers with the help of an external intrusion detection system (IDS). Both SRF-IoT and IDS are implemented in the Contiki-NG operating system. Evaluation of the proposed framework is based on simulations using the Whitefield framework that combines both the Contiki-NG and the NS-3 simulator. Analysis of the simulations of the scenarios under active attacks showed the effectiveness of deploying SRF-IoT with 92.8% packet delivery ratio (PDR), a five-fold reduction in the number of packets dropped, and a three-fold decrease in the number of parent switches in comparison with the scenario without SRF-IoT. Moreover, the packet overhead introduced by SRF-IoT in attack scenarios is minimal at less than 2%. Obtained results suggest that the SRF-IoT framework is an efficient and promising solution that combines trust-based and IDS-based approaches to protect IoT networks against routing attacks. In addition, our solution works by deploying a watchdog mechanism on detector nodes only, leaving unaffected the operation of existing smart devices.

AB - Routing attacks are a major security issue for Internet of Things (IoT) networks utilising routing protocols, as malicious actors can overwhelm resource-constrained devices with denial-of-service (DoS) attacks, notably rank and blackhole attacks. In this work, we study the impact of the combination of rank and blackhole attacks in the IPv6 routing protocol for low-power and lossy (RPL) networks, and we propose a new security framework for RPL-based IoT networks (SRF-IoT). The framework includes a trust-based mechanism that detects and isolates malicious attackers with the help of an external intrusion detection system (IDS). Both SRF-IoT and IDS are implemented in the Contiki-NG operating system. Evaluation of the proposed framework is based on simulations using the Whitefield framework that combines both the Contiki-NG and the NS-3 simulator. Analysis of the simulations of the scenarios under active attacks showed the effectiveness of deploying SRF-IoT with 92.8% packet delivery ratio (PDR), a five-fold reduction in the number of packets dropped, and a three-fold decrease in the number of parent switches in comparison with the scenario without SRF-IoT. Moreover, the packet overhead introduced by SRF-IoT in attack scenarios is minimal at less than 2%. Obtained results suggest that the SRF-IoT framework is an efficient and promising solution that combines trust-based and IDS-based approaches to protect IoT networks against routing attacks. In addition, our solution works by deploying a watchdog mechanism on detector nodes only, leaving unaffected the operation of existing smart devices.

KW - RPL security

KW - Intrusion detection and prevention system

U2 - 10.3390/jcp2010009

DO - 10.3390/jcp2010009

M3 - Article

VL - 2

SP - 124

EP - 153

JO - Journal of Cybersecurity and Privacy

JF - Journal of Cybersecurity and Privacy

SN - 2624-800X

IS - 1

ER -