MVTC-Sec: Lightweight Timestamp Correlation for Securing RPL Against DIO Replay Attacks
The rapid expansion of the Internet of Things (IoT) has brought greater attention to the reliability and security of communication within Low-Power and Lossy Networks (LLNs) with constrained resources. Of all the protocols for such networks, the Routing Protocol for Low-Power and Lossy Networks (RPL...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/11077154/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850102492865495040 |
|---|---|
| author | Tahar Guerbouz Akram Zine Eddine Boukhamla Djalila Belkebir Sahraoui Dhelim |
| author_facet | Tahar Guerbouz Akram Zine Eddine Boukhamla Djalila Belkebir Sahraoui Dhelim |
| author_sort | Tahar Guerbouz |
| collection | DOAJ |
| description | The rapid expansion of the Internet of Things (IoT) has brought greater attention to the reliability and security of communication within Low-Power and Lossy Networks (LLNs) with constrained resources. Of all the protocols for such networks, the Routing Protocol for Low-Power and Lossy Networks (RPL) plays a central role in enabling effective routing in 6LoWPAN-based IoT systems. However, RPL does not possess any built-in security measures, making it vulnerable to a wide range of attacks, primarily DODAG Information Object (DIO) message-based attacks such as DIO suppression, neighbor, and copycat attacks. Such attacks destabilize the network topology, reduce the packet delivery ratio (PDR), and increase both latency and energy consumption. To address these issues, this paper proposes MVTC-Sec, a Mathematically Validated Timestamp Correlation method that detects replay-based DIO attacks by analyzing deviations from the expected Trickle algorithm timing. Passively observing DIO intervals, MVTC-Sec identifies attack nodes violating the exponential backoff behavior, with efficient and lightweight attack detection irrespective of cryptographic overhead. We evaluate MVTC-Sec using the Cooja simulator under both static and mobile RPL scenarios, with varying attacker behaviors and replay intervals. Results show that MVTC-Sec achieves a detection accuracy ranging from 90% to 99%, improves packet delivery ratio (PDR) to 0.50-0.96, and reduces end-to-end latency by up to 60%. The scheme proves to be of low overhead, requiring only (48.1 kB ROM, 6.3 KB RAM), making it suitable for resource-constrained devices. Compared to the existing solutions, MVTC-Sec offers higher detection accuracy, lower complexity, and improved adaptability, making it an efficient and scalable protection method for RPL-based IoT networks. |
| format | Article |
| id | doaj-art-45174f4bdf254ce99c1d738a582e9d54 |
| institution | DOAJ |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-45174f4bdf254ce99c1d738a582e9d542025-08-20T02:39:44ZengIEEEIEEE Access2169-35362025-01-011312208812210610.1109/ACCESS.2025.358797711077154MVTC-Sec: Lightweight Timestamp Correlation for Securing RPL Against DIO Replay AttacksTahar Guerbouz0https://orcid.org/0000-0001-5762-3709Akram Zine Eddine Boukhamla1https://orcid.org/0000-0001-9209-7791Djalila Belkebir2https://orcid.org/0000-0002-3676-8025Sahraoui Dhelim3https://orcid.org/0000-0002-3620-1395Computer Science Department, Faculty of Sciences and Technology, Artificial Intelligence and Information Technology Laboratory (LINATI), University of Kasdi Merbah, Ouargla, AlgeriaComputer Science Department, Faculty of Sciences and Technology, Artificial Intelligence and Information Technology Laboratory (LINATI), University of Kasdi Merbah, Ouargla, AlgeriaFaculty of Sciences and Technology, University of Kasdi Merbah, Ouargla, AlgeriaSchool of Computing, Dublin City University, Dublin, IrelandThe rapid expansion of the Internet of Things (IoT) has brought greater attention to the reliability and security of communication within Low-Power and Lossy Networks (LLNs) with constrained resources. Of all the protocols for such networks, the Routing Protocol for Low-Power and Lossy Networks (RPL) plays a central role in enabling effective routing in 6LoWPAN-based IoT systems. However, RPL does not possess any built-in security measures, making it vulnerable to a wide range of attacks, primarily DODAG Information Object (DIO) message-based attacks such as DIO suppression, neighbor, and copycat attacks. Such attacks destabilize the network topology, reduce the packet delivery ratio (PDR), and increase both latency and energy consumption. To address these issues, this paper proposes MVTC-Sec, a Mathematically Validated Timestamp Correlation method that detects replay-based DIO attacks by analyzing deviations from the expected Trickle algorithm timing. Passively observing DIO intervals, MVTC-Sec identifies attack nodes violating the exponential backoff behavior, with efficient and lightweight attack detection irrespective of cryptographic overhead. We evaluate MVTC-Sec using the Cooja simulator under both static and mobile RPL scenarios, with varying attacker behaviors and replay intervals. Results show that MVTC-Sec achieves a detection accuracy ranging from 90% to 99%, improves packet delivery ratio (PDR) to 0.50-0.96, and reduces end-to-end latency by up to 60%. The scheme proves to be of low overhead, requiring only (48.1 kB ROM, 6.3 KB RAM), making it suitable for resource-constrained devices. Compared to the existing solutions, MVTC-Sec offers higher detection accuracy, lower complexity, and improved adaptability, making it an efficient and scalable protection method for RPL-based IoT networks.https://ieeexplore.ieee.org/document/11077154/IoT securityRPLLLNsIDStrickle algorithmreplay attacks |
| spellingShingle | Tahar Guerbouz Akram Zine Eddine Boukhamla Djalila Belkebir Sahraoui Dhelim MVTC-Sec: Lightweight Timestamp Correlation for Securing RPL Against DIO Replay Attacks IEEE Access IoT security RPL LLNs IDS trickle algorithm replay attacks |
| title | MVTC-Sec: Lightweight Timestamp Correlation for Securing RPL Against DIO Replay Attacks |
| title_full | MVTC-Sec: Lightweight Timestamp Correlation for Securing RPL Against DIO Replay Attacks |
| title_fullStr | MVTC-Sec: Lightweight Timestamp Correlation for Securing RPL Against DIO Replay Attacks |
| title_full_unstemmed | MVTC-Sec: Lightweight Timestamp Correlation for Securing RPL Against DIO Replay Attacks |
| title_short | MVTC-Sec: Lightweight Timestamp Correlation for Securing RPL Against DIO Replay Attacks |
| title_sort | mvtc sec lightweight timestamp correlation for securing rpl against dio replay attacks |
| topic | IoT security RPL LLNs IDS trickle algorithm replay attacks |
| url | https://ieeexplore.ieee.org/document/11077154/ |
| work_keys_str_mv | AT taharguerbouz mvtcseclightweighttimestampcorrelationforsecuringrplagainstdioreplayattacks AT akramzineeddineboukhamla mvtcseclightweighttimestampcorrelationforsecuringrplagainstdioreplayattacks AT djalilabelkebir mvtcseclightweighttimestampcorrelationforsecuringrplagainstdioreplayattacks AT sahraouidhelim mvtcseclightweighttimestampcorrelationforsecuringrplagainstdioreplayattacks |