RPL Attack Analysis: Evaluation of a Cryptography-Based Sybil Defence in IEEE 802.15.4

Abstract

While the Routing Protocol for Low Power and Lossy Networks (RPL) is built to support the constraints of low-powered devices, it struggles to meet the standards in security. Generally, low-powered devices are challenged with limited cryptography, tough key management, and interoperability issues. Despite these concerns, security is not only deficient for RPL, but proposed mitigations appear untouched as well. This paper therefore contributes a lightweight cryptosystem. It questions and justifies its virtue in a twofold. First, we illustrate the importance of this mitigation with an impactful Sybil attack that enables malicious routing on root level. Second, we construct an attack pattern model and life-cycle to demonstrate the operational capabilities and objectives of the adversary for Internet of Things (IoT) generic attack patterns. The cryptosystem divides IEEE 802.15.4 networks into isolated clusters with key derivation functions. Because the key derivation function adopts spectrum resource measurements, the proposal includes a cooperative defence to validate these measurements of joining nodes. To avoid overhead, the mitigation operates on symmetric-key cryptography, piggybacked cluster identifiers, and Maximum Transmission Unit (MTU) requests to the trusted party that stores encrypted identity keys of member nodes. This mitigation, when combined with the efficient routing of RPL, enables a broad application for smart low-power constrained devices in a scalable IoT network while it protects against Sybil attacks and eavesdropping.