Home // SECURWARE 2012 , The Sixth International Conference on Emerging Security Information, Systems and Technologies // View article

Case Study of a Black Hole Attack on 6LoWPAN-RPL

Authors:
Karishma Chugh
Aboubaker Lasebae
Jonathan Loo

Keywords: IoT; 6LowPAN; Contiki; RPL; ContikiRPL; Wireless sensor network; Black hole attack

Abstract:
This paper throws light on shortcomings of the Contiki Operating system and ContikiRPL routing protocol, which may lead to an easy injection of malicious activity similar to black hole attack in wireless sensor network. Contiki and ContikiRPL are components for microcontroller devices belonging to the 6LoWPAN group and Internet of Things (IoT). Directed acyclic graph Identification Object (DIO) packets are a part of routing metrics and form an integral part of ContikiRPL. Increased number of DIO messages reflect instability in the network routing topology and their decreasing frequency reflects stable network. In unstable networks, re-formation of path for data packets is initialised by RPL. In this case study it was found that malicious nodes, which continue to send self-generated data packets cause an increase in the number of DIO messages exchanged between nodes while malicious nodes, which supress self-generated data packets are able to disguise the instability of network by having no effect on the number of DIO messages or packet delay. Scenario with malicious node sending self-generated data packets showed 8% increase in total number of DIO packets exchanged amongst nodes while scenario with malicious node not generating any data packets had less number of DIO messages exchanged thus falsely presenting a stable network topology. It was also found that data packets suffer delay in presence of malicious activity in the network. Data packets generated by malicious nodes were 4.3 times higher delayed as compared to data packets from their counterparts in clear network. Data packets from non-malicious nodes also suffered considerably higher delay. Thus, increased packet delay and increase in exchange of DIO messages can be treated as preliminary indicators of malicious activity but more concrete parameters are required to identify malicious nodes. This case study may be helpful in designing an effective defense system against known attacks on wireless sensor networks.

Pages: 157 to 162

Copyright: Copyright (c) IARIA, 2012

Publication date: August 19, 2012

Published in: conference

ISSN: 2162-2116

ISBN: 978-1-61208-209-7

Location: Rome, Italy

Dates: from August 19, 2012 to August 24, 2012