SPRINKLER: A Multi-RPL Man-in-the-Middle Identification Scheme in IoT Networks

Aviram Zilberman, Amit Dvir, Ariel Stulman

פרסום מחקרי: פרסום בכתב עתמאמרביקורת עמיתים

תקציר

Cyber-threat protection is one of the most challenging research branches of Internet-of-Things (<sc>i</sc>o<sc>t</sc>). With the exponential increase of tiny connected devices, the battle between friend and foe intensifies. Unfortunately, <sc>i</sc>o<sc>t</sc> devices offer very limited security features, laying themselves wide open to new attacks, inhibiting the expected global adoption of <sc>i</sc>o<sc>t</sc> technologies. Moreover, existing prevention and mitigation techniques and intrusion detection systems handle attack anomalies rather than the attack itself while using a significant amount of the network resources. <sc>rpl</sc>, the de-facto routing protocol for <sc>i</sc>o<sc>t</sc>, proposes minimal security features that cannot handle internal attacks. Hence, in this paper, we propose <sc>sprinkler</sc>, which identifies the specific <italic>thing</italic> that is under attack by an adversarial Man-in-The-Middle. <sc>sprinkler</sc> uses the multi-instance feature of <sc>rpl</sc> to identify the adversary. The proposed solution adheres to two basic principles: it only uses pre-existing standard routing protocols and does not rely on a centralized or trusted third-party node such as a certificate authority. All information must be gleaned by each node using only primitives that already exist in the underlying communication protocol, which excludes any training dataset. Simulations show that <sc>sprinkler</sc> adds minimal maintenance and energy expenditure while pinpointing deterministically the attacker in the network. In particular, <sc>sprinkler</sc> has a message delivery rate and detection rate of 100&#x0025;.

שפה מקוריתאנגלית
עמודים (מ-עד)1-18
מספר עמודים18
כתב עתIEEE Transactions on Mobile Computing
מזהי עצם דיגיטלי (DOIs)
סטטוס פרסוםהתקבל/בדפוס - 2024

טביעת אצבע

להלן מוצגים תחומי המחקר של הפרסום 'SPRINKLER: A Multi-RPL Man-in-the-Middle Identification Scheme in IoT Networks'. יחד הם יוצרים טביעת אצבע ייחודית.

פורמט ציטוט ביבליוגרפי