LEADER: Low Overhead Rank Attack Detection for Securing RPL based IoT

TL;DR

This paper introduces LEADER, a low-overhead, distributed scheme for detecting rank attacks in RPL-based IoT networks by modifying control messages and using lightweight authentication, improving security with minimal resource use.

Contribution

The paper presents a novel, low-overhead rank attack detection method for RPL in IoT, combining message modification and lightweight authentication, validated through theoretical analysis and simulation.

Findings

Outperforms existing schemes in detection accuracy

Reduces false positive and negative rates

Consumes less energy while maintaining network performance

Abstract

In recent times researchers have found several security vulnerabilities in the Routing Protocol for Low power and Lossy network (RPL), amongst which rank attack is a predominant one causing detrimental effects on the network by creating a fake topology. To address this concern, we propose a low-overhead rank attack detection scheme for non-storing mode of RPL used in IoT to deal with both increased and decreased rank attacks. Accordingly, we have modified the RPL Destination Oriented Directed Acyclic Graph (DODAG) formation algorithm to detect rank attacks during topology formation and maintenance. The distributed module of the algorithm runs in all the participating nodes whereas the centralized module runs in the sink. Unlike many existing schemes, instead of sending additional control message, we make the scheme low-overhead by simply modifying the DAO control message. Additionally, a lightweight Message Authentication Code (HMAC-LOCHA) is used to verify the integrity and authenticity of the control messages exchanged between nodes and the sink. The correctness of the proposed scheme is established through a concrete proof using multiple test case scenarios. Finally, the performance of the proposed scheme is evaluated both theoretically and through simulation in Contiki-based Cooja simulator. Theoretical evaluation proves the energy efficiency of the scheme. Simulation results show that our scheme outperforms over a state-of-the-art rank attack detection scheme in terms of detection accuracy, false positive or negative rate and energy consumption while also keeping acceptable network performance such as improved detection latency and at par packet delivery ratio.