LEADER: Low Overhead Rank Attack Detection for Securing RPL based IoT

In recent times researchers have found several security vulnerabilities in the Routing Protocol for Low power and Lossy network (RPL), amongst which rank attack is a predominant one causing detrimental effects on the network by creating a fake topology. To address this concern, we propose a low-overhead rank attack detection scheme for non-storing mode of RPL used in IoT to deal with both increased and decreased rank attacks. Accordingly, we have modified the RPL Destination Oriented Directed Acyclic Graph (DODAG) formation algorithm to detect rank attacks during topology formation and maintenance. The distributed module of the algorithm runs in all the participating nodes whereas the centralized module runs in the sink. Unlike many existing schemes, instead of sending additional control message, we make the scheme low-overhead by simply modifying the DAO control message. Additionally, a lightweight Message Authentication Code (HMAC-LOCHA) is used to verify the integrity and authenticity of the control messages exchanged between nodes and the sink. The correctness of the proposed scheme is established through a concrete proof using multiple test case scenarios. Finally, the performance of the proposed scheme is evaluated both theoretically and through simulation in Contiki-based Cooja simulator. Theoretical evaluation proves the energy efficiency of the scheme. Simulation results show that our scheme outperforms over a state-of-the-art rank attack detection scheme in terms of detection accuracy, false positive or negative rate and energy consumption while also keeping acceptable network performance such as improved detection latency and at par packet delivery ratio.