一种缓解基于RPL的物联网网络中新泛洪攻击的简单方法

The growing deployment of Internet of Things (IoT) devices in diverse daily-life smart applications makes the security of IoT networks a critical requirement. However, efficient support of network security remains challenging even for a standardized IoT network protocol such as the IPv6 Routing Protocol for Low Power and Lossy Networks (RPL). It incorporates limited protection from external security attacks but stays considerably vulnerable to internal routing attacks. The inherent design of RPL, particularly its topology establishment and maintenance mechanism, makes it easy to initiate more damaging attacks such as flooding attacks. Given the constrained characteristics of IoT devices, flooding IoT networks can easily lead to resource exhaustion and network performance degradation. This paper introduces a new variant of the flooding attack namely the Destination Advertisement Object Flooding (DAOF) attack. It is based on using routing communications, particularly the DAO messages, to disseminate unnecessary routing traffic which instigate excessive transmissions of control messages across the network. As demonstrated by the experimental results of this study, the DAOF attack can increase network overhead by more than 65% even in a relatively small-scale setup. Additionally, it can notably lead to high energy consumption with an average increase of 36% and low QoS performance with an average latency increase of 150%. For effective mitigation of the DAOF attack, a new lightweight solution based on a simple collaboration among RPL nodes is presented in this paper. It is referred to as DAOF-Secure RPL (DAOF-SRPL). It is based on simple in-protocol modifications to provide RPL with effective security support against the DAOF attack. In contrast to RPL in the attack scenarios, DAOF-SRPL achieved a reduction of over 80% in the total transmission rates of control messages. Meanwhile, it was able to maintain energy consumption and latency at minimal levels while preserving the same PDR results.