A Trust-Integrated RPL Protocol to Detect Blackhole Attack in Internet of Things

Introduction

IoT allows user to machine and machine to machine interactions. IoT provides 3A communication where anything communicates at anytime from anywhere. In IoT, objects are sensed and controlled remotely across the network. IoT products are widely accepted by several industries like health care, energy, automotive, and agriculture (Wallgren, 2013). 75 billion IoT devices might be communicating over the network by 2025 (Statista Report, 2020). Such a large volume of devices communicating over the network poses security and privacy risk so securing a communication between IoT devices plays important role in the success of IoT. Intrusion prevention system such as authentication and encryption can be used as the first line of defense against attacks in IoT. These prevention schemes cannot eliminate internal attacks like blackhole, selective forwarding, rank, wormhole etc. If IoT nodes are captured and compromised, the attacker can obtain the cryptographic keys and propagate internal attacks. Intrusion detection and response presents a second line of defense which can detect any compromised nodes in the system. Securing routing protocol is one of the vital areas to secure IoT communication. RPL is the routing protocol for low power lossy network. RPL is vulnerable to routing attacks (Raoof et al., 2019). RPL does not have an inherent mechanism to detect the black hole attack. RPL has a build in security mechanism but it relies on encryption solution which is energy consuming. Moreover distributing and managing keys for billions of devices is complex and inefficient (Airehrour et al., 2017).

The objective of this research is to build a lightweight trusted RPL protocol, which can detect and eliminate blackhole attack from the network. A blackhole attack is when an adversary node becomes part of the victim network and then it starts to drop all the traffic that should pass through the adversary, like a blackhole. Normally in IoT network the adversary is either placed in a strategic location where a lot of the traffic has to go only through the adversary, or is combined with other attacks (e.g. sinkhole, rank attacks etc.) that would force neighboring nodes to route their traffic through the adversary. Blocking the alert signal arising from mission critical applications like military applications, disaster warning system or smart city are all scenarios with disastrous effect that seek immediate attention. Therefore, it is crucial to detect blackhole attack at the earliest to protect the IoT network. The sensors deployed in the IoT networks are energy constrained with limited storage and computing capabilities. Therefore, the focus of this research is to propose a lightweight trust integrated RPL routing protocol (TRPL) for IoT that could detect and isolate a blackhole attack while providing acceptable network performance. The contributions of this paper include:

• 1.

  Design of trust framework.

• 2.

  The proposed trust framework is integrated into RPL protocol, which provides a new trusted RPL protocol (TRPL).

• 3.

  The effectiveness of TRPL is compared against the standard RPL protocol and existing techniques using simulation under blackhole attack.

The rest of the paper is organized as follows: Section 2 describes the overview of RPL protocol, Section 3 describes related work, Section 4 detailed the proposed approach, Section 5 provides security analysis and Section 6 present simulations and results.