Protecting IoT networks against routing attacks

The rapid development of Internet of Things (IoT) will offer great benefits for both individuals and companies. However, as smart devices are widely deployed, they become attractive to hackers. Some recent examples are the 25 critical vulnerabilities discovered, known as "BadAlloc", which allow the execution of Denial-of-Service (DoS) attacks, as well as the existence of IoT malware such as Mozi which affect network operation. Therefore, new solutions should be developed to protect the computationally-limited devices. In this work, a new Security Framework for IoT-based networks (SRF-IoT) is proposed. Our focus is on detecting and isolating attackers that exploit routing protocols which are used in 6LoWPAN IoT networks for packet routing. Although, many works study the security of routing protocols such as the IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL), they are still vulnerable to various attacks. We study the impact of well-known routing attacks such as DoS, rank and blackhole attacks in IoT networks. To investigate the impact of routing attacks, we design and develop the algorithms in ContikiOS, a popular Operating System, and using Cooja simulator we simulate the different scenarios. The obtained simulation results help us understand the characteristics of an RPL-based IoT network under its normal operation and devise effective countermeasures against malicious activity. The SRF-IoT framework contains a trust-based mechanism that identifies and isolates malicious attackers with the help of an external Intrusion Detection System. Evaluation is based on simulations on a new simulator tool called Whitefield framework that combines both Contiki-NG and NS-3 simulator. This new simulator is used in this project as it allows large scale (over 100 nodes) realistic simulations using real-world stacks such as Contiki-NG. The analysis of the results showed the effectiveness of SRF-IoT in a network under combined rank and blackhole attacks with 92.8% Packet Delivery Ratio, and 8.2% packets dropped. Moreover, parent switches are kept low, reaching almost a hundred. Simulation results demonstrate that SRF-IoT is an efficient and promising solution to protect an IoT network against routing attacks.