Denial-of-Service Attacks and Countermeasures in the RPL-Based Internet of Things

This event has now finished.
  • Date and time: Wednesday 27 November 2019, 12.30pm to 1.30pm
  • Location: LMB/023, Law and Management Building, Campus East, University of York (Map)
  • Admission: Free admission

Event details

Internet of Things (IoT) is already playing a significant role in our lives, as more and more industries are adopting IoT for improving existing systems and providing novel applications. However, recent attacks caused by Mirai and Chalubo botnets show that IoT systems are vulnerable and new security mechanisms are required.

In this talk, a prototype of Intrusion Detection System (IDS) for protecting IoT networks and devices from Denial-of-Service (DoS) attacks is presented. Our focus is on detecting attacks that exploit the IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL), which is a widely used protocol for packet routing in low-power IoT networks. Our considered Operating System (OS) is the popular ContikiOS and we use the Cooja simulator to study DoS attacks and test the detection algorithms. In particular, we simulated scenarios that involve both benign and malicious/compromised IoT devices. A compromised device exploits RPL control messages to cause other devices perform heavy computations and disrupt the established network routes. The obtained simulation results help us understand the characteristics of an RPL-based IoT network under its normal operation and devise effective countermeasures against malicious activity. A new threshold-based IDS is proposed and a first prototype is implemented in ContikiOS. The IDS relies on tunable parameters and involves both centralised and distributed components in order to effectively detect malicious RPL messages.

Philokypros Ioulianou

University of York

Contact us

+44 (0)1904 325501
Department of Computer Science, University of York, York YO10 5GH