Content uploaded by Aditya Tandon
Author content
All content in this area was uploaded by Aditya Tandon on Sep 07, 2021
Content may be subject to copyright.
978-1-7281-3591-5/19/$31.00 ©2019 IEEE
Trust-based Enhanced Secure Routing against Rank
and Sybil Attacks in IoT
Aditya Tandon
Department of Computer Science and Engineering
Amity University
Noida, U. P., India
askaditya@ieee.org
Prakash Srivastava
Department of Computer Science and Engineering
Amity University
Noida, U. P., India
psrivastava9@amity.edu
Abstract—
The Internet of Things (IoT) is an emerging
technology that plays a vital role in interconnecting various
objects into a network to provide desired services within its
resource constrained characteristics. In IoT, the Routing
Protocol for Low power and Lossy network (RPL) is the
standardized proactive routing protocol that achieves satisfying
resource consumption, but it does not consider the node’s
routing behavior for forwarding data packets. The malicious
intruders exploit these loopholes for launching various forms of
routing attacks. Different security mechanisms have been
introduced for detecting these attacks singly. However, the
launch of multiple attacks such as Rank attack and Sybil attacks
simultaneously in the IoT network is one of the devastating and
destructive situations. This problem can be solved by
establishing secure routing with trustworthy nodes. The
trustworthiness of the nodes is determined using trust evaluation
methods, where the parameters considered are based on the
factors that influence in detecting the attacks. In this work,
Providing Routing Security using the Technique of Collective
Trust (PROTECT) mechanism is introduced, and it aims to
provide a secure RPL routing by simultaneously detecting both
Rank and Sybil attacks in the network. The advantage of the
proposed scheme is highlighted by comparing its performance
with the performance of the Sec-Trust protocol in terms of
detection accuracy, energy consumption, and throughput.
Index Terms—IoT, RPL Security, Rank attack, Sybil attack,
Trust value, Secure DODAG Construction
I.
I
NTRODUCTION
The drastically advancing Internet of Things (IoT) refers to
the interconnection of physical devices that senses, monitors,
and collects any form of data with the aim of providing
intelligent and ubiquitous services. The IoT applications have
touched its presence in almost all sectors such as smart homes,
banking, home automation, healthcare, data management and
analysis, and agriculture. One of the significant challenges faced
with the ever-growing IoT applications is security, and most of
the IoT devices are not designed to handle privacy and security
issues [1]. As the number of connected devices increases, the
opportunity for malicious attacks and other security threats is
inevitable. Even though many IoT specific routing protocols are
developed to provide efficient routing decisions, they are not
thoroughly tested for trustworthiness [2]. The Routing Protocol
for Low Power and Lossy Networks (RPL) is an IPv6 based
routing protocol designed as a standard for IoT devices is
advantageous compared to other protocols [3].
The features of the RPL routing protocol are that it makes
efficient use of smart devices’ energy supports multi-topology
routing, less computational complexity, and message overhead,
and it supports both upward and downward traffic. However, the
problem faced in RPL routing protocol is that it does not
consider security in the network stage and is vulnerable to
attacks such as Rank attack, Sybil attack, black-hole attack, and
selective forwarding attack [4]. The previous works mostly focus
on the internal threats such as black-hole attacks, and selective
forwarding attacks which can be easily identified as these
malicious activities induces high packet drops, high control
overhead, and high network latency which in turn degrades the
network performance. However, security attacks such as Rank
attacks, where the malicious nodes alter the Rank for transferring
traffic through it [5] and Sybil attacks, which uses packet forging
mechanism to pose as multiple identities are difficult to detect
until it affects the RPL routing performance.
Even though many security mechanisms have been
implemented to protect the information in IoT devices, IoT
devices are still vulnerable to attacks due to the resource-
constrained nature of IoT and the complex distribution of the
network. Most of the cryptographic algorithms occupy large
memory space and CPU cycles, which results in performance
degradation. If the attackers gain access to the encryption keys,
the entire network information is at the risk of being exposed. As
the RPL protocol does not consider the node’s behavior during
the routing process, security attacks such as Rank attack and
Sybil attacks are easily implemented, and it then paves the way
to the other internal attackers. Introducing trust-aware secure
routing protocols can mitigate these attacks.
A. Contribution
The proposed work has the following contributions that are
mentioned below. The proposed work aims to achieve a trust-
based secure RPL routing by detecting and mitigating the Rank
and Sybil attacks simultaneously in an IoT environment.
• The proposed scheme uses a context-aware trust
evaluation method for determining the trustworthiness
of parent nodes and child nodes.
• The parameters considered for direct trust and indirect
trust calculation for parent nodes and child nodes are
based on the factors that influence the detection of Rank
and Sybil attacker.
• The proposed scheme focuses on providing a solution
for detecting the Rank attacker in a particular scenario,
where the Sybil attacker takes a Rank attacker as one of
its fake identities to launch an attack.
• The performance evaluation of the proposed secure RPL
protocol is compared with the SecTrust-RPL protocol
under Rank and Sybil attacks to prove the advantage of
the proposed methodology.
B. Paper Organization
This work is organized into the following sections: Section
2 deals with the related works. Section 3 explains in detail about
the proposed methodology. Section 4 deals with the
experimental evaluation of the proposed algorithm in the RPL
protocol. Section 5 provides the conclusion for the proposed
scheme.
II. R
ELATED
W
ORK
The authors in [6] proposed a parent node selection scheme
based on a trust-based threshold mechanism to achieve secure
RPL routing against Rank attacks. The advantage of the scheme
is that the malicious node is detected during parent selection
mechanism and Rank attacks are mitigated. The disadvantage of
the scheme is that the other vulnerable attacks such as Sybil
attacks and black-hole attacks cannot be detected appropriately
and mitigated.
The metric-based trustworthiness scheme proposed in [7]
enhances the RPL security by calculating and choosing the most
trusted path. The advantage of the scheme is that the Rank
falsification attack in the network can be mitigated and obtaining
secure routing through trustworthy nodes. The disadvantage is
that the communication overhead and energy consumption is
more due to large computation leads to net- work performance
degradation.
The authors in [8] proposed the Version number and Rank
Authentication protocol (VeRA) for RPL routing to protect
against attacks such as version number and Rank spoofing at-
tacks. The disadvantage of the scheme is that the memory and
energy restriction of the resource-constrained IoT devices are
not considered as it, in turn, affects the network performance.
The Topology Authentication in RPL (TRAIL) proposed in [9]
which is used for solving topology inconsistency by defending
against attacks such as Rank. The disadvantage of TRAIL is that
the child nodes cannot confirm the honesty of the parent node.
The authors in [10] proposed the techniques for detecting and
mitigating Rank inconsistency attack in RPL based IoT. The
scheme does not consider the trustworthiness of the node which
results in other security attacks. The authors in [11] proposed a
secure trust-aware RPL based routing protocol that aims to
provide secure routing and detection and isolation of Routing
attacks. The drawback is that the scheme does not consider the
contextual trust calculation and trust value obtained through all
the nodes are considered trustworthy.
The Secure and Scalable RPL routing protocol for the
Internet of Things (SPLIT) proposed in [12] uses a lightweight
remote attestation technique for improving security by
defending against attacks such as Rank attack and Sybil attacks.
The disadvantage of the scheme is that the intermittent
connectivity of the robust network is not considered and
performance fac- tors such as energy consumption are not
validated considering the real-time scenario. The authors in [13]
proposed detection and a detour method against packet dropping
attacks in the RPL protocol. The disadvantage of the scheme is
that the collection of nodes still forward traffic resulting in fast
energy exhaustion.
A trust-based resilient routing mechanism for IoT proposed
in [14] manages the reputation of every node in the network. The
drawback is that it applies only direct observation for detecting
malicious activities and hence it is vulnerable to trust-based
attacks. The authors in [15] proposed the novel link reliable and
trust-aware RPL routing protocol, which aims to ensure trust
among IoT entities. The disadvantage of the scheme is that the
scheme does not focus on providing preventive measures for
other security attacks that target network traffic and network
resources.
III. O
VERVIEW OF
P
ROPOSED
M
ETHODOLOGY
The proposed work aims to provide a secure RPL routing by
detecting and mitigating the Rank attack and Sybil attack.
Direct and indirect trust values are estimated for both parent
nodes and child nodes based on the parameters that help in
detecting the Rank attack and Sybil attackers concurrently in
the IoT network. The block diagram of the proposed scheme is
shown in Figure 1.
Direct Trust Calculation: The direct trust calculation for
parent nodes in the proposed methodology is calculated based
on the factors such as node behavior, residual energy,
unselfishness, and Rank value which influence in detecting the
Rank attacker. The direct trust value calculation for child nodes
considers the energy depletion as the parameter since the Sybil
attacker nodes lose more energy compared to normal nodes.
The direct trust calculation for parent nodes and child nodes are
explicitly designed for detecting the Rank attack and Sybil
attack simultaneously in an IoT network.
Final Direct Trust Updation: The direct trust calculation is
modified for a particular scenario, where the Sybil attacker
mistakes the Rank attacker node as a normal node and forwards
fake data packets. The detection of Rank attacker becomes
difficult, and the solution for this issue is to consider both
forwarded packets and dropped packets while calculating trust
for each node. Thus, the direct trust calculation is done based
on the type of node and scenario condition.
Indirect Trust Calculation: The indirect trust calculation
considers the direct trust parameters and neighbor list for
obtaining a trust value of the trustee, and then the truster gets
the trust value information through a recommender. The
indirect trust calculation also varies based on the node as the
direct trust calculation is used as a parameter.
Fig. 1. Block Diagram Representation of Proposed Methodology
Overall Trust Estimation: The overall trust estimation for
every node is done by including both direct trust value and
indirect trust values. The overall trust value is used for
determining the trustworthiness of the node and detecting the
Rank attacker and Sybil attacker in the RPL protocol.
Detection of Rank Attack and Sybil Attack: The overall
trust value of the attacker node is less compared to the trust
value of normal nodes as the parameters considered are based
on the factors that show abnormal variations when the Rank
attack and Sybil attack is launched. Since the Rank attackers
pose as parent nodes and Sybil attacker uses the identity of child
nodes, the trustworthiness of the node helps in identification of
these malicious attackers.
Construction of Secure DODAG: The attacker nodes that
are detected using trust values are removed from the network.
The nodes with the highest trust value are selected, and these
nodes are used in the construction of a secure route.
Secure Routing: After the construction of secure DODAG
in the RPL protocol, the child nodes can forward the data
packets to the parent nodes securely. The efficiency in data
transmission is achieved with data forwarding through trust-
worthy nodes.
A. System Model
The IoT network is modeled in the form of graph G (V,
E) where V is the set of all nodes and E denotes the set of all
edges, where each edge denotes that two nodes are within the
transmission range. Since the proposed scheme is built on an
RPL protocol, the nodes involved are Root Node (RN), Parent
Node (PN), and Child Node (CN). The PN is selected based on
the lowest Rank value, and they collect the data forwarded from
the CNs. The CNs sends the sensed data to their respective PNs.
Initially, all the nodes in the IoT network are assumed to have
one as the trust value. Let M number of malicious nodes that are
included in the network. In the proposed methodology, the trust-
aware mechanism against Rank Attack (RA) and Sybil Attack
(SA) is constructed in the RPL protocol to achieve efficient data
transmission. The trust calculation of nodes is done by
estimating the Direct Trust (DT) and Indirect Trust (IT) of both
PN and CN. The DT of PN considers the parameters such as
Routing Behavior (RB), residual energy, unselfishness, Current
Rank, and Threshold. The DT of CN considers the energy
depletion as a parameter. The IT considers the DT of neighbors
using the neighbor list.
Attacker Model:
In the attacker model, RA uses the PN for launching the attack
on the network and SA steals the identity of CNs to exhibit the
attack in the network. The RA node displays itself with the lowest
Rank value to the neighbors to become a PN, as the PN plays an
important role in forwarding the collected data packets from CNs.
When the attacker node becomes a PN, it starts dropping the data
packets that are forwarded to it. In SA, the Sybil node steals the
identity of other CNs for forwarding multiple data packets with
the aim of affecting the network traffic and increasing the energy
consumption of the nodes.
B. PROTECT Mechanism
In any trust-based routing scheme, the four steps involved are
information collection, trust calculation, information
propagation, and detection. In the trust calculation, the direct trust
is calculated based on the interaction with neighbor nodes, and it
ensures that the neighbor node has successfully received the data
packets and forwarded the packets following the designated
routing honestly. When the number of interactions between two
nodes is less, the direct trust information alone cannot determine
the actual situations of nodes. Hence, the in- direct trust
calculation is done based on the recommendations obtained from
neighbors, and these recommendations help in building trust
consistent with the network. The proposed trust-based scheme
aims to detect both the RA and SA by considering the overall
trust value, which is calculated based on the parameters discussed
in direct and indirect trust calculation for different nodes in the
RPL protocol.
1) Direct trust Measurement: In the proposed work, the DT
calculation is designed for detecting RA and SA nodes in the
network. The RA is a specific internal attack that makes use of
Rank property, as it plays a key role in determining the optimal
path in the network. As the RA node aims to pose as a PN, it
broadcasts its Rank value as the lowest. The metrics that help
in detecting RA are RB, residual energy, unselfishness, the
Rank threshold (R
T
). As the RA node aims to drop the data
packets after it is elected as a PN, parameters such as RB and
unselfishness can be used in the trust calculation. The parameter
R
T
is used to avoid malicious nodes that portray as good parent
candidates. The direct trust calculation for CNs is used in the
detection of SA nodes, and it considers energy depletion as a
parameter. The role of SA is to fake the identities of other nodes
and forward data packets to disturb the network traffic. Since
the same malicious code poses with fake node identities, the
energy depletion value will be abnormal for SA nodes
compared to normal nodes, and it helps in the detection of SA
nodes in the IoT network.
Rank Attacker Detection:
In RPL protocol, the PNs are selected based on the Rank
values with the neighboring nodes, where the Rank value of PN
must be less than its CNs. In RPL, the nodes are assumed to be
reliable and node behavior is not taken into consideration. This
drawback is taken as an advantage for RA to launch attacks on
the network. In the proposed methodology, the RA is detected
based on the metrics such as Forwarding data packet, received
data packets, and a current Rank value. The DT for the parent
node is given in equation 1 and the parameters considered are as
follows.
Routing Behavior (RB): The RB gives the ratio of for-
warded data packets (FDPs) by a node by received data packets
(RDPs) by the same node.
Energy (E): The energy value is obtained by taking the ratio
of the residual energy (RE) and initial energy (IE) of the node.
RE is defined as the remaining energy value of a node after
forwarding or receiving data packets in the network.
Unselfishness (U): The unselfishness is used to determine
whether a particular node follows the intended protocol. It is
also defined as the ratio of the forwarded data packet as a router
by the received data packet.
Rank Threshold (R
T
): The Rank value of the proposed work
is calculated by the ratio of current Rank (CR) by the threshold
value (T) is determined for every node. The R
max
and R
avg
used
in finding threshold are the maximum Rank value among
neighbor nodes and average Rank values of the neighbor nodes
respectively. The R
T
value is assumed to be between 0 and 1,
and the R
T
value above 1 is taken as 1. The DT calculation for
RA detection in the proposed scheme is evaluated by
substituting equations (2), (3), (4) and (5) and (6) in Equation (1)
(the equation assumes all four factors have equal weightage in
determining the direct trust value for a particular node).
,
=
+++
/4
(1)
Where,
=() ()
⁄
(2)
=() ()
⁄
(3)
=−
(
()
(4)
=
(5)
=
−
×,ℎ0<<1
(6)
The Rank values are essential for determining the role of
nodes in the RPL protocol and Rank attacker nodes, target the
parent nodes which forward the collected data packets from child
nodes. Thus, the Rank value of the parent node is considered for
detecting a Rank attack by setting a threshold for Rank value. The
routing behavior and unselfishness are considered as one of the
parameters as the Rank attack drops the data during data
forwarding.
Sybil Attacker Detection:
In the proposed methodology, SA is assumed to fake the
child node’s identity for sending multiple fake data packets with
the goal of disturbing the network traffic. This identity theft
attack exploits the vulnerabilities of IoT devices through the
promiscuous mode to get the identity details of legitimate
nodes. These identities are utilized for launching further attacks.
The DT calculation for detecting SA is given in Equation (7) and
parameter used is energy depletion (ED), and this ED of a node
is defined as the energy that is lost while transmitting their data
packets or forwarding other nodes’ data packets.
The DT calculation for child nodes for detecting SA nodes
considering ED as a parameter is given by:
,
=
1−
(−
(
×
)
)
(
(7)
The ED is utilized as a parameter for calculating DT for child
nodes as the SA nodes lose more energy compared to normal
nodes. The reason is that as the same attacker node forwards the
multiple data packets by posing with fake identities and the
variation in energy depletion helps in detecting the SA nodes.
Here FPs = Forwarded Packets.
2) Indirect Trust Management: The IT calculation of any
neighbor node is done based on the indirect information about
other neighbor nodes. The IT calculation is employed when the
number of transactions between the two nodes is less, and
therefore the common neighboring nodes between these two
nodes are used for determining the trustworthiness of its
neighbor. Consider node i and node j has a minimum number of
transactions and the common neighboring nodes between i and
j be N
C
, where N
C
=N
1
, N
2
, N
3
. Then, the DT of node i and N
C
and direct trust of node N
C
and j are calculated, and if one of the
trust values is less, then IT trust value of node decreases, and in
turn, the node is detected as a malicious node (Equation (8)).
,
=
∑
(
,
×
,
)
=4
=1
∑
(
,
)
=4
=1
(8)
Overall Trust (OT) Calculation: The OT of each node is
calculated by the weighted summation of the DT value of the
node and IT value of the node. For instance, as shown in
Figure 2, when the trust value for node j is evaluated, the node i not
only gets the direct trust value of j directly but also through other
neighboring nodes N
1
, N
2
, N
3
indirectly. These direct and
indirect trust values are integrated as the overall trust value of
the node i for finding the trustworthiness of node j. Let W1 be
the weight associated with direct trust and W2 be the weight
associated with indirect trust such that, W1+W2=1. The overall
trust value for each node is calculated using Equation (9) and is
given as follows
,
=1 ×
,
+2 ×
,
(9)
Where, W1 = 0.6, W2 = 0.4
Fig. 2. The Trust Evaluation in Proposed Scheme
The trustworthiness of nodes plays a vital role in forwarding data
packets securely. The nodes with minimum trust value are listed as
suspicious, and the information about the trust value of the nodes
with suspicious activity is informed to neighboring nodes by
attaching the information along with DODAG Information Object
(DIO) messages [3]. These malicious nodes are removed and not
included in achieving secure routing.
C. Simultaneous Detection of Sybil Attacker and Rank
Attacker nodes
The existing schemes introduced for detecting multiple
attacks do not give a proper procedure for detecting attacks
when they are launched concurrently. In the proposed scheme,
the simultaneous detection of Sybil attacker and Rank attacker
nodes is done to achieve secure RPL routing. Considering a
particular scenario in which the Sybil attacker nodes assume a
Rank attacker node as a normal node and takes its identity to
forward multiple fake data packets. Due to this, during the
detection of Rank attacker nodes, the possibility of not detecting
the attacker node is high. This problem can be resolved by
considering both the forwarded data packets of the nodes and
dropped data packets of the nodes as a parameter during the
trust calculation. The problem of mistaking the selfish nodes as
malicious nodes can also be avoided through this method. The
DT calculation for avoiding misidentification of the Rank
attacker node as a normal node during a Sybil attack is given
by:
,
=
×
(10)
Here DDPs = Dropped Data Packets, RDPs = Received Data
Packets and FDPs = Forwarded Data Packets.
D. Secure DODAG Construction and Secure Data
Forwarding
The purpose of the PROTECT scheme is to create a secure RPL
routing by detecting RA and SA nodes in the IoT environment.
In DODAG construction, nodes are selected based on the Rank
value and the trust value obtained. The t r u s t calculation is
performed depending on the role of the node, and then the trust
value of each node is shared with the neighbor nodes through
the DIO messages used in RPL routing. This way of sharing the
calculated trust values avoids the extra control messages needed
for transmitting the trust values of the nodes. The nodes with the
highest trust value are used in the construction of a secure path
for data forwarding. The flowchart for the proposed PROTECT
scheme is shown in Figure 3.
Fig. 3. The Flowchart for PROTECT Mechanism
IV. P
ERFORMANCE
E
VALUATION
The PROTECT scheme is evaluated in the Contiki OS, and
the RPL implementation is done using the Cooja simulator. The
PROTECT scheme uses WiseMote nodes for the nodes in RPL,
and they are sink node and client nodes. The simulation scenario
of the proposed scheme is constructed by varying the number of
nodes as 30, 40, 50, and 60 in a 100m×100m area with each node
assumed to have a communication range of 50m. The number of
attacking nodes present in the network is assumed to be present
as 10% of varying nodes 30, 40, 50, and 60. The simulation
parameters of the proposed scheme are given in Table I.
A. Performance Metrics
The performance of PROTECT scheme is compared with an
existing SecTrust scheme [11] in terms of attack detection
accuracy, throughput, and energy efficiency. The performance
metrics that are considered to prove the advantages of the
proposed scheme by comparing with SecTrust protocol is given
by:
Detection Accuracy: The detection accuracy is defined as
the ratio of the number of attacker nodes that are detected to the
total number of attacker nodes present in the network.
TABLE I. T
HE
S
IMULATIO N
P
ARAMETERS OF THE
P
ROPOSED
PROTECT
S
CHEME
Parameters Values
Simulator Cooja
Number of nodes 30, 40, 50, 60
Area 100m × 100m
Communication Range 50m
Data Packet Size 127 bytes
Transport Layer Agent UDP
Routing Protocol PROTECT, SecTrust
MAC IEEE 802.15.4
Simulation Time 5 minutes
Energy Consumption: The energy consumption is defined
as the average energy consumed by the nodes in the network.
Throughput: The throughput is defined as the rate of data
delivered successfully at the destination. It is expressed as bits
per second.
B. Simulation Results
The simulation result is obtained using performance metrics
such as detection accuracy, energy consumption, and throughput
for both proposed PROTECT scheme and SecTrust scheme. The
different values of performance metrics are obtained by varying
the nodes in the range of 30, 40, 50, and 60.
1) Number of Nodes vs. Throughput: Initially, when the
number of nodes is less, both PROTECT and SecTrust schemes
exhibit similar performance in terms of throughput due to the
least congestion in the network. As the number of node
increases, there is a noticeable difference of the throughput
value between both the schemes due to the better attack
detection accuracy and routing through secure path avoiding
attacker nodes such as a Rank attacker, and Sybil attacker
nodes. The throughput gets a slight fluctuation when the number
of nodes is increased due to the involvement of selfish nodes
and the requirement of certain time to observe and detect these
nodes. When the number of nodes increases to 30, the
throughput for PROTECT scheme is 70.53 bps, and the
throughput for existing SecTrust scheme is 58.88bps. As the
network extends to 40 nodes, the throughput of the PROTECT
scheme and the existing SecTrust scheme are 88.32 bps and
70.53bps respectively. The proposed PROTECT scheme attains
a high throughput value as 112.85 bps while the throughput for
the existing scheme is 88.93 bps, as the number of nodes is
increased to 60 nodes. The network extension from 30 nodes to
60 nodes gives the difference in throughput between the
proposed PROTECT scheme and SecTrust scheme from
11.65bps to 23.92bps. The PROTECT scheme attains high
throughput for an increasing number of nodes compared to the
SecTrust scheme.
2) Number of Nodes vs. Energy consumption: The energy
consumption of the overall network is estimated during the
states such as Low Power Mode (LPM), transmission reception,
and Central Processing Unit (CPU) state. The proposed
PROTECT scheme maintains a better performance in terms of
energy consumption as no separate control messages are
allocated for exchanging trust values estimated for each node.
Fig. 4. Number of Nodes vs. Throughput
The energy consumption of the existing scheme is high as
the periodic updation of trust values is done to all one- hop
neighbors. In PROTECT, the trust values are updated during the
detection of attacker nodes. Taking 30 number of nodes, the
energy consumption of the PROTECT scheme and SecTrust
scheme are 0.46114 Joules and 0.4632 Joules respectively.
Increasing the number of nodes to 40 gives the energy
consumption of the PROTECT scheme as 0.4612 Joules, and the
energy consumption of the SecTrust scheme as 0.4645 Joules.
The energy consumption of the PROTECT scheme is 0.4611
Joules, whereas the energy consumption of SecTrust scheme is
0.4636 Joules, as the number of nodes is increased to 50 nodes.
As the network is extended to 60 nodes, the energy consumption
of the PROTECT scheme further decreases to 0.4605 Joules,
while the energy consumption of SecTrust scheme increases to
0.4652 Joules. The variation in energy consumption between the
proposed PROTECT scheme and SecTrust scheme by taking the
number of nodes as 30 and 60 are 0.002 joules and 0.005 joules
respectively. The existing SecTrust scheme has more energy
consumption than the proposed PROTECT scheme.
Fig. 5. Number of Nodes vs. Energy consumption
3) Number of Nodes vs. Detection Accuracy: The context-
aware trust calculation in the PROTECT scheme improves the
detection accuracy of Rank attack and Sybil attack in the protect
scheme. The detection accuracy is initially almost same for both
PROTECT scheme and existing scheme due to the efficient use
of both direct trust and indirect trust for calculating overall trust
of nodes. The proposed scheme is better in handling incorrect
recommendation of the third party.
The indirect trust calculation in an existing scheme
considers the neighbor nodes trust values, whereas in
PROTECT scheme the trust value of common neighboring
nodes between the two nodes is considered. At the point of 30
nodes, the detection accuracy difference between the proposed
PROTECT scheme and SecTrust scheme is 33.34%. Extending
the network to 40 nodes gives the detection accuracy difference
between the proposed PROTECT scheme and SecTrust
scheme as 19.26%. Increasing the number of nodes to 50 nodes
provides a drastic increase in the detection accuracy difference
between the proposed PROTECT scheme and SecTrust scheme,
and the PROTECT scheme provides 23.27 % more detection
accuracy compared to the SecTrust scheme. The detection
accuracy difference between the proposed PROTECT scheme
and SecTrust scheme is 21.22 % as the network is extended to
60 nodes.
Fig. 6. Number of Nodes vs. Detection Accuracy
V. C
ONCLUSION
In this work, the PROTECT scheme is introduced for
providing a secure RPL routing by detecting the rank attack and
Sybil attack simultaneously in the network. The trust is
evaluated for each node in the network, and the attacker nodes
are identified based on the overall trust value obtained. The trust
calculation based on parameters such as node behavior, residual
energy, unselfishness, and rank value is considered for
determining rank attacker node that poses as a parent node.
Thus, the malicious nodes that alter the rank value to drop data
packets during data forwarding can be detected and removed
from the network. The trust calculation for child nodes is done
using different parameters such as energy depletion, which helps
in detecting Sybil attacker node that poses as child nodes for
implementing attacks. Thus, the fake identities of the Sybil
attacker node that forwards multiple data packets for disturbing
the network traffic are identified and removed from the RPL
protocol. The problem of un-recognizing the rank attacker nodes
during the cross path with Sybil attacker nodes is solved in the
proposed scheme. The experimental comparison of the
PROTECT with the SecTrust protocol shows the proposed
scheme superiority in providing efficient and secure routing.
Improved performance in terms of detection accuracy, energy
consumption, and throughput is achieved in the PROTECT
scheme.
R
EFERENCES
[1] M. A. Razzaq, S. H. Gill, M. A. Qureshi, and S. Ullah, “Security issues in
the Internet of Things (IoT): a comprehensive study,” International
Journal of Advanced Computer Science and Applications (IJACSA), vol.
8, no. 6, pp. 383–388, 2017.
[2] J. Granjal, E. Monteiro, and J. S. Silva, “Security for the internet of things:
a survey of existing protocols and open research issues,” IEEE
Communications Surveys & Tutorials, vol. 1 7, no. 3, pp. 1294– 1312,
2015.
[3] T. Winter, P. Thubert, A. Brandt, J. Hui, R. Kelsey, P. Levis, K. Pister,
R. Struik, J.-P. Vasseur, and R. Alexander, “RPL: IPv6 routing protocol
for low-power and lossy networks,” 2012.
[4] A. Mayzaud, R. Badonnel, and I. Chrisment, “A Taxonomy of Attacks in
RPL-based Internet of Things,” International Journal of Network
Security, vol. 18, no. 3, pp. 459–473, 2016.
[5] A. Le, J. Loo, A. Lasebae, A. Vinel, Y. Chen, and M. Chai, “The impact
of rank attack on network topology of routing protocol for low-power and
lossy networks,” IEEE Sensors Journal, vol. 13, no. 10, pp. 3685– 3692,
2013.
[6] K. Iuchi, T. Matsunaga, K. Toyoda, and I. Sasase, “Secure parent node
selection scheme in route construction to exclude attacking nodes from
RPL network,” in 2015 21st Asia-Pacific Conference on Communications
(APCC), 2015, pp. 299–303.
[7] N. Djedjig, D. Tandjaoui, F. Medjek, and I. Romdhani, “New trust metric
for the RPL routing protocol,” in 2017 8th International Conference on
Information and Communication Systems (ICICS), 2017, pp. 328–335.
[8] A. Dvir, L. Buttyan et al., “VeRA-version number and rank authentica-
tion in rpl,” in 2011 IEEE Eighth International Conference on Mobile Ad-
Hoc and Sensor Systems, 2011, pp. 709–714.
[9] H. Perrey, M. Landsmann, O. Ugus, T. C. Schmidt, and M. Wäh- lisch,
“TRAIL: Topology authentication in RPL,” arXiv preprint
arXiv:1312.0984, 2013.
[10] R. Stephen and L. Arockiam, “E2V: Techniques for Detecting and
Mitigating Rank Inconsistency Attack (RInA) in RPL based Internet of
Things,” in Journal of Physics: Conference Series, vol. 1142, 2018, p.
012009.
[11] D. Airehrour, J. Gutierrez, and S. K. Ray, “A lightweight trust de- sign
for IoT routing,” in 2016 IEEE 14th Intl Conf on Depend- able,
Autonomic and Secure Computing, 14th Intl Conf on Perva- sive
Intelligence and Computing, 2nd Intl Conf on Big Data Intelli- gence and
Computing and Cyber Science and Technology Congress
(DASC/PiCom/DataCom/CyberSciTech), 2016, pp. 552–557.
[12] M. Conti, P. Kaliyar, M. M. Rabbani, and S. Ranise, “SPLIT: A Secure
and Scalable RPL routing protocol for Internet of Things,” in 2018 14th
International Conference on Wireless and Mobile Computing, Networking
and Communications (WiMob), 2018, pp. 1–8.
[13] S. Shin, S. Kim, and J. K. Choi, “A Study on Detection and Detour
Methods against Packet Dropping Attacks,” in IPv6-based IoT”, IT
CoNvergence PRActice (INPRA), vol. 4, 2016, pp. 20–27.
[14] Z. A. Kh an, J. Ullrich, A. G. Voyiatzis, and P. Herrmann, “A trust -based
resilient routing mechanism for the internet of things,” in Proceedings of
the 12th International Conference on Availability, Reliability and
Security, 2017, p. 27.
[15] A. Lahbib, K. Toumi, S. Elleuch, A. Laouiti, and S. Martin, “Link reliable
and trust aware RPL routing protocol for Internet of Things,” in 2017
IEEE 16th International Symposium on Network Computing and
Applications (NCA), 2017, pp. 1–5.
