A Simple Approach for Mitigating a New Flooding Attack in RPL-Based IoT Networks
The growing deployment of Internet of Things (IoT) devices in diverse daily-life smart applications makes the security of IoT networks a critical requirement. However, efficient support of network security remains challenging even for a standardized IoT network protocol such as the IPv6 Routing Prot...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10824786/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841550789445681152 |
|---|---|
| author | Mehdi Rouissat Ibrahim S. Alsukayti Mohammed Belkheir Mohammed Alreshoodi Allel Mokaddem Djamila Ziani |
| author_facet | Mehdi Rouissat Ibrahim S. Alsukayti Mohammed Belkheir Mohammed Alreshoodi Allel Mokaddem Djamila Ziani |
| author_sort | Mehdi Rouissat |
| collection | DOAJ |
| description | The growing deployment of Internet of Things (IoT) devices in diverse daily-life smart applications makes the security of IoT networks a critical requirement. However, efficient support of network security remains challenging even for a standardized IoT network protocol such as the IPv6 Routing Protocol for Low Power and Lossy Networks (RPL). It incorporates limited protection from external security attacks but stays considerably vulnerable to internal routing attacks. The inherent design of RPL, particularly its topology establishment and maintenance mechanism, makes it easy to initiate more damaging attacks such as flooding attacks. Given the constrained characteristics of IoT devices, flooding IoT networks can easily lead to resource exhaustion and network performance degradation. This paper introduces a new variant of the flooding attack namely the Destination Advertisement Object Flooding (DAOF) attack. It is based on using routing communications, particularly the DAO messages, to disseminate unnecessary routing traffic which instigate excessive transmissions of control messages across the network. As demonstrated by the experimental results of this study, the DAOF attack can increase network overhead by more than 65% even in a relatively small-scale setup. Additionally, it can notably lead to high energy consumption with an average increase of 36% and low QoS performance with an average latency increase of 150%. For effective mitigation of the DAOF attack, a new lightweight solution based on a simple collaboration among RPL nodes is presented in this paper. It is referred to as DAOF-Secure RPL (DAOF-SRPL). It is based on simple in-protocol modifications to provide RPL with effective security support against the DAOF attack. In contrast to RPL in the attack scenarios, DAOF-SRPL achieved a reduction of over 80% in the total transmission rates of control messages. Meanwhile, it was able to maintain energy consumption and latency at minimal levels while preserving the same PDR results. |
| format | Article |
| id | doaj-art-a7b5e15274bf4561aeed2eb119756e87 |
| institution | Kabale University |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-a7b5e15274bf4561aeed2eb119756e872025-01-10T00:01:19ZengIEEEIEEE Access2169-35362025-01-01135342535810.1109/ACCESS.2025.352579810824786A Simple Approach for Mitigating a New Flooding Attack in RPL-Based IoT NetworksMehdi Rouissat0https://orcid.org/0000-0002-4444-2754Ibrahim S. Alsukayti1https://orcid.org/0000-0002-6925-598XMohammed Belkheir2Mohammed Alreshoodi3https://orcid.org/0000-0002-3066-6909Allel Mokaddem4Djamila Ziani5https://orcid.org/0000-0001-6505-8770University Center of Nour Bachir El-Bayadh, STIC Laboratory, University Aboubekr Belkaid, Tlemcen, AlgeriaDepartment of Computer Science, College of Computer, Qassim University, Buraydah, Saudi ArabiaLIMA Laboratory, University Center of Nour Bachir El-Bayadh, El-Bayadh, AlgeriaUnit of Scientific Research, Applied College, Qassim University, Buraydah, Saudi ArabiaLIMA Laboratory, University Center of Nour Bachir El-Bayadh, El-Bayadh, AlgeriaLIMA Laboratory, University Center of Nour Bachir El-Bayadh, El-Bayadh, AlgeriaThe growing deployment of Internet of Things (IoT) devices in diverse daily-life smart applications makes the security of IoT networks a critical requirement. However, efficient support of network security remains challenging even for a standardized IoT network protocol such as the IPv6 Routing Protocol for Low Power and Lossy Networks (RPL). It incorporates limited protection from external security attacks but stays considerably vulnerable to internal routing attacks. The inherent design of RPL, particularly its topology establishment and maintenance mechanism, makes it easy to initiate more damaging attacks such as flooding attacks. Given the constrained characteristics of IoT devices, flooding IoT networks can easily lead to resource exhaustion and network performance degradation. This paper introduces a new variant of the flooding attack namely the Destination Advertisement Object Flooding (DAOF) attack. It is based on using routing communications, particularly the DAO messages, to disseminate unnecessary routing traffic which instigate excessive transmissions of control messages across the network. As demonstrated by the experimental results of this study, the DAOF attack can increase network overhead by more than 65% even in a relatively small-scale setup. Additionally, it can notably lead to high energy consumption with an average increase of 36% and low QoS performance with an average latency increase of 150%. For effective mitigation of the DAOF attack, a new lightweight solution based on a simple collaboration among RPL nodes is presented in this paper. It is referred to as DAOF-Secure RPL (DAOF-SRPL). It is based on simple in-protocol modifications to provide RPL with effective security support against the DAOF attack. In contrast to RPL in the attack scenarios, DAOF-SRPL achieved a reduction of over 80% in the total transmission rates of control messages. Meanwhile, it was able to maintain energy consumption and latency at minimal levels while preserving the same PDR results.https://ieeexplore.ieee.org/document/10824786/Internet of Things (IoT)wireless networksnetwork securityenergy efficiency |
| spellingShingle | Mehdi Rouissat Ibrahim S. Alsukayti Mohammed Belkheir Mohammed Alreshoodi Allel Mokaddem Djamila Ziani A Simple Approach for Mitigating a New Flooding Attack in RPL-Based IoT Networks IEEE Access Internet of Things (IoT) wireless networks network security energy efficiency |
| title | A Simple Approach for Mitigating a New Flooding Attack in RPL-Based IoT Networks |
| title_full | A Simple Approach for Mitigating a New Flooding Attack in RPL-Based IoT Networks |
| title_fullStr | A Simple Approach for Mitigating a New Flooding Attack in RPL-Based IoT Networks |
| title_full_unstemmed | A Simple Approach for Mitigating a New Flooding Attack in RPL-Based IoT Networks |
| title_short | A Simple Approach for Mitigating a New Flooding Attack in RPL-Based IoT Networks |
| title_sort | simple approach for mitigating a new flooding attack in rpl based iot networks |
| topic | Internet of Things (IoT) wireless networks network security energy efficiency |
| url | https://ieeexplore.ieee.org/document/10824786/ |
| work_keys_str_mv | AT mehdirouissat asimpleapproachformitigatinganewfloodingattackinrplbasediotnetworks AT ibrahimsalsukayti asimpleapproachformitigatinganewfloodingattackinrplbasediotnetworks AT mohammedbelkheir asimpleapproachformitigatinganewfloodingattackinrplbasediotnetworks AT mohammedalreshoodi asimpleapproachformitigatinganewfloodingattackinrplbasediotnetworks AT allelmokaddem asimpleapproachformitigatinganewfloodingattackinrplbasediotnetworks AT djamilaziani asimpleapproachformitigatinganewfloodingattackinrplbasediotnetworks AT mehdirouissat simpleapproachformitigatinganewfloodingattackinrplbasediotnetworks AT ibrahimsalsukayti simpleapproachformitigatinganewfloodingattackinrplbasediotnetworks AT mohammedbelkheir simpleapproachformitigatinganewfloodingattackinrplbasediotnetworks AT mohammedalreshoodi simpleapproachformitigatinganewfloodingattackinrplbasediotnetworks AT allelmokaddem simpleapproachformitigatinganewfloodingattackinrplbasediotnetworks AT djamilaziani simpleapproachformitigatinganewfloodingattackinrplbasediotnetworks |