SPRINKLER: A Multi-RPL Man-in-the-Middle Identification Scheme in IoT Networks

Aviram Zilberman, Amit Dvir, Ariel Stulman

Research output: Contribution to journalArticlepeer-review


Cyber-threat protection is one of the most challenging research branches of Internet-of-Things (<sc>i</sc>o<sc>t</sc>). With the exponential increase of tiny connected devices, the battle between friend and foe intensifies. Unfortunately, <sc>i</sc>o<sc>t</sc> devices offer very limited security features, laying themselves wide open to new attacks, inhibiting the expected global adoption of <sc>i</sc>o<sc>t</sc> technologies. Moreover, existing prevention and mitigation techniques and intrusion detection systems handle attack anomalies rather than the attack itself while using a significant amount of the network resources. <sc>rpl</sc>, the de-facto routing protocol for <sc>i</sc>o<sc>t</sc>, proposes minimal security features that cannot handle internal attacks. Hence, in this paper, we propose <sc>sprinkler</sc>, which identifies the specific <italic>thing</italic> that is under attack by an adversarial Man-in-The-Middle. <sc>sprinkler</sc> uses the multi-instance feature of <sc>rpl</sc> to identify the adversary. The proposed solution adheres to two basic principles: it only uses pre-existing standard routing protocols and does not rely on a centralized or trusted third-party node such as a certificate authority. All information must be gleaned by each node using only primitives that already exist in the underlying communication protocol, which excludes any training dataset. Simulations show that <sc>sprinkler</sc> adds minimal maintenance and energy expenditure while pinpointing deterministically the attacker in the network. In particular, <sc>sprinkler</sc> has a message delivery rate and detection rate of 100&#x0025;.

Original languageEnglish
Pages (from-to)1-18
Number of pages18
JournalIEEE Transactions on Mobile Computing
StateAccepted/In press - 2024


  • Cryptography
  • Internet of Things
  • IoT
  • LLN device identification
  • MiTM
  • Mobile computing
  • Routing
  • Routing protocols
  • RPL
  • secret sharing
  • Standards
  • Training


Dive into the research topics of 'SPRINKLER: A Multi-RPL Man-in-the-Middle Identification Scheme in IoT Networks'. Together they form a unique fingerprint.

Cite this