Professional Documents
Culture Documents
Journal Pre-proof
PII: S0167-4048(23)00256-0
DOI: https://doi.org/10.1016/j.cose.2023.103346
Reference: COSE 103346
Please cite this article as: Shefali Goel, Abhishek Verma, Vinod Kumar Jain, CRA-RPL: A Novel
Lightweight Challenge-Response Authentication-based Technique for Securing RPL Against Dropped
DAO Attacks, Computers & Security (2023), doi: https://doi.org/10.1016/j.cose.2023.103346
This is a PDF file of an article that has undergone enhancements after acceptance, such as the addition
of a cover page and metadata, and formatting for readability, but it is not yet the definitive version of
record. This version will undergo additional copyediting, typesetting and review before it is published
in its final form, but we are providing this version to give early visibility of the article. Please note that,
during the production process, errors may be discovered which could affect the content, and all legal
disclaimers that apply to the journal pertain.
1
Highlights
2
3
4
5 CRA-RPL: A Novel Lightweight Challenge-Response Authentication-based Technique for Secur-
6 ing RPL Against Dropped DAO Attacks
7 Shefali Goel, Abhishek Verma,Vinod Kumar Jain
8
9
10 • Implementation and analysis of DDAO attack in the non-storing mode of Contiki-NG operating system.
11
12 • Design and implementation of a lightweight defense technique (CRA-RPL) to address DDAO attack in RPL.
13
14 • Performance analysis of the proposed defense technique to show its effectiveness in detection and mitigation of DDAO
15 attack in both static and mobile scenarios.
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
Highlights
CRA-RPL: A Novel Lightweight Challenge-Response Authentication-based Technique for Secur-
ing RPL Against Dropped DAO Attacks
Shefali Goel, Abhishek Verma,Vinod Kumar Jain
• Implementation and analysis of DDAO attack in the non-storing mode of Contiki-NG operating system.
• Design and implementation of a lightweight defense technique (CRA-RPL) to address DDAO attack in RPL.
• Performance analysis of the proposed defense technique to show its effectiveness in detection and mitigation of DDAO
attack in both static and mobile scenarios.
CRA-RPL: A Novel Lightweight Challenge-Response
Authentication-based Technique for Securing RPL Against Dropped
DAO Attacks
Shefali Goela,1 , Abhishek Vermaa,∗,2 and Vinod Kumar Jaina,3
a organization=Computer Science & Engineering Discipline, PDPM Indian Institute of Information Technology, Design and Manufacturing,
addressline=Jabalpur, city=Madhya Pradesh, postcode=482005, country=India
Table 1
List of Abbreviations
APPLICATION LAYER Abbreviations Definition
Desktop
6LoWPAN IPv6 over Low-Power Wireless Personal
Area Networks
IoT Internet of Things
NETWORK LAYER
AODV Adhoc On-Demand Distance Vector
DSR mobile Source Routing
OSPF Open Shortest Path First
PERCEPTION LAYER
IETF Internet Engineering Task Force
Sensor Actuator RPL Routing Protocol for Low power and
Lossy Networks
Figure 1: Architecture view of IoT DDAO Dropped Destination Advertisement Ob-
ject
OF Objective Functions
teristics, including the ability to control the transmission of CPS Cyber-Physical Systems
control messages by dynamically changing the packet trans- IIOT Industrial Internet of Things
mission time using trickle algorithm [32], routing metrics DODAG Destination Oriented Directed Acyclic
and Objective Functions (OFs) to support dynamic connec-
Graph
tions [6].
DIS DODAG Information Solicitation
DIO DODAG Information Object
All these characteristics make RPL appropriate for a wide DAO Destination Advertisement Object
range of 6LoWPAN-based IoT applications.[23]. However, DAO-ACK Destination Advertisement Object-
it is vulnerable to several cyberattacks which compromise Acknowledgment
users’ security and privacy [7, 37]. One such common cy- MC Metric Container
berattack in 6LoWPAN is termed as routing attack (insider ETX Expected Transmission Count
or outsider). In a routing attack, the routing protocol is ex- MRHOF Minimum Rank with Hysteresis Objec-
ploited to perform attacks on legitimate nodes [8]. Such tive Function
attacks may significantly affect the overall network perfor-
mance [33]. This paper aims to explore the DDAO attack,
one of the newly identified routing attacks against 6LoWPAN-
1.1. Contributions
In brief, the major contributions of this paper are men-
based IoT. DDAO attack exploits the RPL’s inability to ver-
tioned below.
ify the forwarding nature of nodes. This inability is basi-
cally a vulnerability in RPL, which may be exploited by the • Implementation and analysis of DDAO attack in the
attacker to drop the control messages sent by child nodes non-storing mode of Contiki-NG operating system.
to register themselves with the server or gateway node [31].
This paper shows that a DDAO attack induces a drastic de- • Design and implementation of a lightweight defense
crease in the packet delivery ratio of the network. Because technique (CRA-RPL) to address DDAO attack in RPL.
many critical IoT applications like healthcare, industrial and
• Performance analysis of the proposed defense tech-
power industries, environmental early warning, etc., demand
nique to show its effectiveness in detection and mit-
the packet delivery ratio of the network to be significantly
igation of DDAO attack in both static and mobile sce-
good, in such cases, packet loss cannot be tolerated. There-
narios.
fore, the packet delivery ratio of 6LoWPAN needs to be re-
stored in attack scenarios. To address the DDAO attack in 1.2. Organization of the paper
RPL, we have proposed a challenge-response based authen- Further, the paper is organized in the following man-
tication technique (CRA-RPL) capable of detection and mit- ner. Section 2 provides an overview of RPL and discusses
igation. Major advantages of the proposed CRA-RPL tech- DDAO attack. Then, Section 3 focuses on the literature in
nique include: (1) it detects the attack with 100% accuracy; the concerned area. Section 4 discusses system and adver-
(2) it mitigates the attack and improves the network’s packet sary frameworks. Further, our proposed CRA-RPL tech-
delivery ratio up to 102% in static, and upto 66% in the mo- nique is presented and explained in Section 5. Section 6 de-
bile scenario; (3) it does not impose significant overhead on scribes the experimental details and discusses the key find-
the network performance parameters; (4) it is a lightweight ings in terms of various prominent network performance met-
technique and does not induce significant overhead on resource- rics. Lastly, Section 7 summarises and concludes the paper.
constrained nodes; (5) CRA-RPL can be easily deployed in
any other embedded operating system which supports RPL,
e.g., OpenWSN, RIOT, TinyOS, LiteOS, etc. 2. Background
2.1. Overview of the RPL protocol
RPL is a network layer protocol and operates on top of
IEEE 802.15.4 PHY/MAC layer [36, 35]. It is based on the
concept of distance vectors and source routing. RPL forms node must register itself at the root node after successfully
a network of logically interlinked devices (i.e., nodes) us- joining the DODAG and establishing a parent-child relation-
ing mesh and tree topology. RPL organizes the devices into ship. A child node registers itself at root node by sending a
a special tree-like structure, which is known as a Destina- DAO control message through its preferred parent node. In
tion Oriented Directed Acyclic Graph (DODAG) [27]. In response to the DAO control message, the root node sends
DODAG, all the nodes are rooted towards one node called back the DAO-ACK control message to the corresponding
the root node. A network may contain multiple DODAG to child node. In RPL, there are two operating modes namely
satisfy the fault tolerance of the network [11]. As shown storing and non-storing. In storing mode of RPL, the DAO
in Figure 2, the root node (gateway) in DODAG serves as message is unicast by the child node to the preferred par-
an interface between sensor nodes and the Internet. Each ent node (which is selected by the OF). Upon receiving a
DODAG is identified by its RPL instance ID and the corre- DAO from child, the parent node unicasts a DAO-ACK in
sponding DODAG ID. RPL uses four types of control mes- response. However, in non-storing mode, the child node
sages to build and maintain the topology: “DODAG Infor- unicasts a DAO packet destined to the root through its pre-
mation Solicitation" (DIS), “DODAG Information Object" ferred parent node. All the intermediate nodes append their
(DIO), “Destination Advertisement Object" (DAO), and “Des- IP address in the DAO header and forward the message to
tination Advertisement Object Acknowledgement" (DAO- their corresponding parent until message is delivered to root.
ACK). A new node can join an existing network by send- Root node responds to DAO originator node with a DAO-
ing a DIS message and requesting DIO messages contain- ACK message. This normal DAO processing and forwarding
ing essential information such as the DODAG Instance ID, mechanism of RPL may be exploited by the attacker node to
DODAG ID, rank, version number, and DAG metric con- perform DDAO attack. A legitimate node may be captured
tainer (MC) [6, 11, 36]. Nodes collect frequently transmitted and reprogrammed to perform such an attack. This is pos-
DIO messages from their neighbors to maintain and update sible in scenarios where nodes are physically accessible by
the topology from time to time. After gathering all essen- intruders or attackers. If we consider the case of attack in
tial information from the received DIO packet, a node adds storing mode, an attacker node upon receiving the child’s
the sender to its neighbor table list [1]. The selection of the DAO drops the packet and responds with fake DAO-ACK.
parent node is based on the rank value concept. The rank Whereas, in case of non-storing DDAO attack, an attacker
value of a node in RPL is a numerical representation of its drops the child’s DAO and responds to DAO originator with
position w.r.t. the root node. A lower rank value indicates fake DAO-ACK containing a spoofed source IP address of
that the node is closer to the root, while a higher rank value DODAG root which it learns from multicast DIO messages.
indicates the opposite [36]. The node having a lower rank DDAO attack is introduced in Sheibani et al. [31]. This pa-
among all neighbors is chosen as the preferred parent. The per primarily focuses on the non-storing mode of RPL due
key idea behind using the rank concept is to detect and avoid to its applicability in wide range of 6LoWPAN-based criti-
routing loops, build parent-child relationships, and provide cal IoT applications, simplicity and reliability. Non-storing
a mechanism for nodes to differentiate among themselves. mode based DDAO attack scenario is depicted in Figure 3.
An Objective Function (OF) is employed to select the pre- First, we will go through the RPL’s normal DAO processing
ferred parent [17]. OF describes the method for choosing the and forwarding. Node G unicast the DAO to its preferred
best routes in DODAG and determining rank using routing parent Node C. Then, Node C forwards the DAO packet to
metrics. Depending on the application’s requirements, RPL Node A. Node A forwards the DAO packet to the root node
may implement various OF. Some examples of OF are ETX R. Upon receiving the DAO, the root node R responds with a
(Expected Transmission Count) Objective Function, Mini- unicast DAO-ACK to the DAO originator node through the
mum Rank with Hysteresis Objective Function (MRHOF), same path. Source routing is used to make sure that DAO-
and Objective Function Zero (OF0) [13, 14]. After identi- ACK reaches to the DAO originator or sender node. Now,
fying the best route, a DAO control message is sent to the using the same example, we will understand how the DDAO
root via the optimal path. If the ACK message is enabled, attack works. As shown in Figure 3, the child Node H and I
the DAO-ACK message is sent using unicast propagation to unicast the DAO packet to the root node R through its pre-
notify the corresponding sender node that the DAO message ferred parent Node E. Assume Node E is an attacker. Upon
has been received at the root. RPL has two modes of oper- receiving DAO from childs H and I, the attacker Node E dis-
ation: Storing and Non-storing [36]. In Storing mode, each cards the DAO packet and responds with a fake DAO-ACK
node keeps its record of the downward routing table, which containing the IP address of the root node as the source IP.
the network uses for traffic control. In Non-storing, all traffic The child Node H and I consider the received DAO-ACK
is routed through the root node to the destination node. packet as a legitimate response by the root node and assume
that they have been registered at the DODAG root. Then,
2.2. Dropped Destination Advertisement Object Node H and I start sending data packets toward the root,
Attack (DDAO) which are dropped by an attacker, which ultimately causes
RPL uses DAO control messages to configure downward the network to have a low packet delivery ratio.
routing from the DODAG root node to the child (i.e., leaf or
router) nodes. In the non-storing mode of RPL, the child
U V
Rank=3
D Rank=4 4 5
F DODAG- 3
Rank=3
E G DIS
Rank=3 R DODAG- 5
Rank=4
Non-Storing
I DAO- R Mode
Rank value J N
ACK
decreases
W 6 7
O X
DAO-
Rank is calculate by ACK
Objective Function (OF) DAO L DAO
Y Z 8 9
Storing Mode
(1).pdf
Figure 2: Overview of RPL
and the collision issue when the number of sensor nodes in-
A B Rank=2
Root Node
Attacker Node
Figure 3: DDAO Attack Sybil attacker. It is established that the RPL-MRC technique
given by Medjek et al. [20] overcomes this problem. Re-
sponse Delay and Timer Readjustment are two complement-
3. Related Work ing mitigation strategies. In terms of control packet overhead
and power consumption, RPL-MRC enhances RPL perfor-
Bang et al. [6] proposed an objective Function named mance. ArÄśÅ§ et al. [3] proposed Elimination and Shield
Echelon Metric Based Objective Function (EMBOFâĂŞRPL) defense technique. This technique provides security against
for identifying rank attack. The receiver validates the au- version number attack. A trust-based extension of RPL was
thenticity of the received rank, when the sender multicast introduced by Airehrour et al. in [3] to mitigate rank and
the DIO packet before calculating its rank. It is confirmed Sybil attacks called SecTrust-RPL. The simulation results
through simulations that EMBOF-RPL performs better than have been implemented on a testbed. Ghaleb et al. [12]Âă
ContikiRPL. Sahay et al. [28] proposed a technique called addressed DAO insider attacks by restricting the number of
Enhanced RPL (ERPL) to mitigate the worst parent attack in DAO messages forwarded per destination. The proposed so-
RPL. ERPL uses the existing RPL standard and modifies the lution, named SecRPL, uses a threshold parameter and a
DIO control packet that populates the candidate neighbor set DAO counter that monitors the number of DAO received
using rank value. The candidate parent set is optimized using from child nodes. Sheibani et al. [31] proposed a detection
rank as a metric to create an optimal parent set, ensuring that approach against Dropped DAO (DDAO) attack. For mon-
the nodes only select the parent from this set. Cong Pu. et itoring the packet forwarding behavior of nodes, the author
al. [26] proposed a lightweight security solution named lite- used a technique known as a watchdog timer. The work of
SAD for addressing Sybil attack in RPL. The authors gave Sheibani et al. [31] is limited to the detection part, and de-
each node a special identification using a physical unclon- tails about mitigation are not presented in the paper. In addi-
able function (PUF), and that information was recorded in tion, their approach relies on a watchdog timer which forces
an array. liteSAD utilizes a Bloom filter rather of an array nodes to remain active for 500ms after every DAO trans-
Table 2 6LBR
Comparison of security solutions suggested in the literature L1 L2
with our proposed solution
N1
Authors Defense Mobility Mitigation N2
Last Octet
Table 3 IPv6 addresses
3fe8:1:1:1:0:5f3a:000b:0002 0002
Symbol Definition
3fe8:1:1:1:0:5f3a:000b:0003 0003
𝑁𝑀𝑎𝑙𝑖𝑐𝑖𝑜𝑢𝑠 Malicious node.
6LoWPAN Border
𝜌 Prime number. Router
3fe8:1:1:1:0:5f3a:000b:0004 0004
← [1, … , 𝑁𝑜𝑑𝑒𝑚𝑎𝑥 ]
Preferred parent list
Blacklist table
5.1. Formation of Prime Sequence Codes at root
ℵ𝑖 ← [<𝑏𝑙𝑠𝑟𝑐𝑖𝑝 >], Structure of a blacklisted node in node
𝑖 = 1,. . . , 𝑁𝑜𝑑𝑒𝑚𝑎𝑥 the blacklist table. Where 𝑏𝑙𝑠𝑟𝑐𝑖𝑝 A matrix consisting of unique sequence numbers is called
shows the IP address of the black- the Prime Sequence Code Matrix where elements in a row 𝛼
listed node. and a column 𝛽 are distinct i.e. (𝛼, 𝛽) [25].
sender𝑖𝑝 IP address of DAO sender. The following steps are taken into consideration for the gen-
eration of PSCM:
advertise a fake DAO-ACK message [31], which af- • Select a prime number 𝜌.
fects the network parameters.
• The element of the matrix on the 𝛼th row and the 𝛽th
column is based on the following eq. 1.
(1).pdf
Response of sender Response of receiver
Calculate
Calculate
respective
respective
response Challenge Computed Received
response Calculate Calculate
response
respective response
respective
response response
DAO-ACK
Reserved
K D Flags Reserved DAOSequence No
Sender RPLInstanceID Reserved
RPLInstanceID K D Flags Challenge DAOSequence Validate response Malicious control
Challenge
packet
DODAGID
Yes
Options
Options
Legitimate control
Modified DAO packet
control packet
Calculate
Calculate
respective
respective
response
response
DODAGID
Receiver DAO packet
Challenge
Reserved
Reserved
Options
Modified DAO-ACK
control packet
2. A child node transmits DAO with a random chal- response (𝜓) is calculated using eq. 4 matches the
lenge: The DAO control packet of the RPL protocol computed response (𝛾) calculated by using eq. 5. The
is modified by inserting the challenge (𝜒) value in the sender (sender𝑖𝑝 ) is satisfied that the DAO-ACK con-
RESERVED field, which is termed as a modified ver- trol packet sent by the designated (root) node and the
sion of DAO (𝐷𝐴𝑂𝑚𝑜𝑑𝑖𝑓 𝑖𝑒𝑑 ) illustrated in Figure 6 by transmission have been completed successfully. Oth-
using eq. 3. erwise, the sender placed the node ID (𝑏𝑙𝑠𝑟𝑐𝑖𝑝 ) in the
blacklist table () by using eq. 6.
𝜒 <𝜌 (3)
← 𝑏𝑙𝑠𝑟𝑐𝑖𝑝 ,
The child node arbitrarily chooses a number less than (6)
𝜌 as a challenge value (𝜒) while sending a DAO mes- ∀ ≤ 𝑁𝑜𝑑𝑒𝑚𝑎𝑥
sage to the root node through its preferred parent.
(a) The child node also computes the right response Example: There is assumed to be a topology in which
(𝛾) for the respective 𝜒 value as illustrated in there exists a root node and five sensor nodes. According to
Figure 6 by using eq. 4. step 1, The PSCM is generated at the root using eq. 1 and
the prime number (𝜌) ‘7’ taken by using eq. 2. According
𝛾 = (𝜒 + 𝑅𝑁𝑠𝑒𝑛𝑑𝑒𝑟 ) 𝑚𝑜𝑑 𝜌 (4) to step 2, when the sensor node ID 3 sends a DAO control
packet to the root node, it adds ‘6’as a challenge (𝜒) value
3. DAO-ACK replied by the root with computed re-
by using eq. 3 ACK authentication with a response value.
sponse: After receiving the DAO, the root node com-
Using eq. 4, the sensor node calculates the correct response
putes the response (𝜓) value for the respective chal-
(𝛾).
lenge (𝜒) value sent by the sender node (sender𝑖𝑝 ) by
using eq. 5. For this purpose, it fetches the row num- 𝛾 = (6 + 3) 𝑚𝑜𝑑 7
ber of the sender node (𝑅𝑁𝑠𝑒𝑛𝑑𝑒𝑟 ) from the PSCM 𝛾 =2
present at the root node by using the last octet of the
sender address as shown in Figure 5. According to step 3, upon receiving the DAO control
packet at the root node, the root node extracts the challenge
𝜓 = (𝜒 + 𝑅𝑁𝑠𝑒𝑛𝑑𝑒𝑟 ) 𝑚𝑜𝑑 𝜌 (5) (𝜒) value and calculates the response (𝜓) value by using eq.
4. DAO-ACK packet authentication is done by the sender𝑖𝑝5. :
On receiving the DAO-ACK. The only intended recip-
𝜓 = (6 + 3) 𝑚𝑜𝑑 7
ient who informed about the 𝜌, 𝜒, and row number
𝜓 =2
of the sender 𝑅𝑁𝑠𝑒𝑛𝑑𝑒𝑟 can calculate the correct re-
sponse value. For validation purposes, if the received
5.3. Mitigation Technique • The row number of sender node (𝑅𝑁𝑠𝑒𝑛𝑑𝑒𝑟 ) retrieved
Our proposed approach is novel because the existing work from the first column of PSCM (𝑀𝛼×1 ) stored at the
[31] did not authenticate the Acknowledgment packet against root node.
the DDAO attack. Mitigation can be done in two ways to ad-
dress the DDAO attack. • Calculate the received response (𝜓) value.
• Local Repair: The sender node (sender𝑖𝑝 ) detects the • Encapsulate the 𝜓 value in the RESERVED field of
fake DAO-ACK control packet and places the 𝑏𝑙𝑠𝑟𝑐𝑖𝑝 in the modified version of DAO-ACK (𝐷𝐴𝑂−𝐴𝐶𝐾𝑚𝑜𝑑𝑖𝑓 𝑖𝑒𝑑 )
message.
the blacklist table (). Afterward, the sender (sender𝑖𝑝 )
calls the local repair mechanism. When the local re- The On_DAO-ACK_Receive procedure of Algorithm 1 is
pair mechanism invokes, more control messages are responsible for performing the following functions:
generated for topology maintenance. In this mecha-
nism, when the DIO message unicast/multicast by the • Extract the received response (𝜓) value from the RE-
𝑏𝑙𝑠𝑟𝑐𝑖𝑝 , then the message is discarded by the receiver SERVED field.
node. The limitations of using this technique are: (1)
• Compare both the response i.e., calculated response
it increases the overhead by generating more control
(𝛾) and received response (𝜓).
messages; (2) The local repair mechanism incurs the
local repair attack on the network. • If the response is similar, then it confirms that the DAO-
ACK message is genuinely sent by the root node and
• Isolation of Attacker node from Preferred Parent
continues the standard RPL mechanism.
list: After the detection of fake DAO-ACK message
by the sender node (sender𝑖𝑝 ), the sender placed 𝑏𝑙𝑠𝑟𝑐𝑖𝑝 • If the response is not the same, then we place the sender
in the blacklist table (). The sender node removes the IP (𝑏𝑙𝑠𝑟𝑐𝑖𝑝 ) in the blacklist table () and remove the en-
𝑏𝑙𝑠𝑟𝑐𝑖𝑝 from the preferred parent list (). The benefit try of 𝑏𝑙𝑠𝑟𝑐𝑖𝑝 from the preferred parent list () to block
of using this technique is that it does not significantly further communications.
induce any overhead on the network and mitigates the
attack.
Algorithm 1 Pseudocode of CRA-RPL
5.4. Description of CRA-RPL 1: procedure INITIALIZATION
The Algorithm 1 presents the pseudocode of CRA-RPL. 2: ← [1, … , 𝑁𝑜𝑑𝑒𝑚𝑎𝑥 ]
The code is incorporated in the DAO processing method of 3: ← [1, … , 𝑁𝑜𝑑𝑒𝑚𝑎𝑥 ]
𝑟𝑝𝑙 − 𝑖𝑐𝑚𝑝6.𝑐 file. DAO control message is responsible for 4: 𝑚(𝛼, 𝛽) = (𝛼 ×(𝛽 −1)) 𝑚𝑜𝑑 𝜌, ∀ 1 ≤ 𝛼 < 𝜌 & 1 ≤ 𝛽 ≤ 𝜌 …
by using eq. 1
route registration at the root node and for topology mainte-
5: end procedure
nance. CRA-RPL is executed whenever the sender unicasts 6: procedure AT_C LIENT_NODE(On_DAO_Send)
a DAO message to the root node through the preferred par- 7: Reserved_field ← ← 𝜒
ent for route registration and maintenance. 8: 𝛾 = (𝜒 + 𝑅𝑁𝑠𝑒𝑛𝑑𝑒𝑟 ) 𝑚𝑜𝑑 𝜌 ⋯ by eq. 4
The following tasks are carried out by the Initialization pro- 9: Send 𝐷𝐴𝑂𝑚𝑜𝑑𝑖𝑓 𝑖𝑒𝑑 to preferred parent
cedure in Algorithm 1: 10: end procedure
11: procedure AT_ROOT_NODE(On_DAO_Receive)
• Initialization of preferred parent list and blacklist ta- 12: 𝜒← ← Reserved_field
ble. 13: 𝑅𝑁𝑠𝑒𝑛𝑑𝑒𝑟 ← ← 𝑀𝛼×1
14: 𝜓 = (𝜒 + 𝑅𝑁𝑠𝑒𝑛𝑑𝑒𝑟 ) 𝑚𝑜𝑑 𝜌 ⋯ by eq. 5
• Initialization of PSCM at the root node. 15: Reserved_field ← ← 𝜓
16: Send 𝐷𝐴𝑂 − 𝐴𝐶𝐾𝑚𝑜𝑑𝑖𝑓 𝑖𝑒𝑑 to sender
The On_DAO_Send procedure of Algorithm 1 is responsible
17: end procedure
for performing the following functions: 18: procedure AT_C LIENT_NODE(On_DAO-ACK_Receive)
• When the modified version of DAO (𝐷𝐴𝑂𝑚𝑜𝑑𝑖𝑓 𝑖𝑒𝑑 ) 19: 𝜓← ← Reserved_field
20: if (𝛾 equals 𝜓) then
packet unicast, the sender encapsulate Challenge (𝜒)
21: return
value in the RESERVED field. 22: else
• The DAO sender also computes the actual response 23: ←
Remove 𝑏𝑙𝑠𝑟𝑐𝑖𝑝 from
← 𝑏𝑙𝑠𝑟𝑐𝑖𝑝
24:
(𝛾) value for the corresponding Challenge (𝜒).
25: end if
The On_DAO_Receive procedure of Algorithm 1 is respon- 26: end procedure
sible for performing the following functions:
• When 𝐷𝐴𝑂𝑚𝑜𝑑𝑖𝑓 𝑖𝑒𝑑 packet received by the root, Re-
trieve the challenge ((𝜒)) value from the RESERVED
field.
The ratio of the total number of data packets obtained at where 𝑆𝑟𝑒𝑐𝑒𝑖𝑒𝑣𝑒𝑑 and 𝑆𝑠𝑒𝑛𝑡𝑖 denote the total number of data
the root node to the total number of data packets transmitted packets received at the root node and the total number of data
by the client nodes. packets sent by the non-root node i respectively.
𝑆𝑟𝑒𝑐𝑒𝑖𝑒𝑣𝑒𝑑
𝑃 𝐷𝑅 = ∑𝑁 (7) 6.2.5. Average Power Consumption (APC)
𝑖=1 𝑆𝑠𝑒𝑛𝑡𝑖
It is defined as the average of the total power consumed
by each non-root node over a given amount of time. Equa-
where 𝑆𝑟𝑒𝑐𝑒𝑖𝑒𝑣𝑒𝑑 and 𝑆𝑠𝑒𝑛𝑡𝑖 denote the total number of data tions 11 and 12 represent energy and power, respectively.
packets received at the root node and the total number of data
packets sent by the non-root node i respectively. 𝐸𝑛𝑒𝑟𝑔𝑦(𝑚𝐽 ) = (𝑇 𝑋 + 𝑅𝑋 + 𝐶𝑃 𝑈 + 𝐿𝑃 𝑀) (11)
6.2.2. Average End-to-End Delay (AE2ED) Where TX represents the transmission, RX represents the
The average time required for each sensor node to trans- receiving, LPM represents the low power mode, and CPU
mit data packets is successfully reached at the root node. represents CPU time [35].
𝐸𝑛𝑒𝑟𝑔𝑦
∑𝑁 𝑃 𝑜𝑤𝑒𝑟(𝑚𝑊 ) = (12)
𝑖=1 𝑆𝑟𝑒𝑐𝑒𝑖𝑣𝑒𝑑𝑖
𝐴𝐸2𝐸𝐷 = (8) 𝑇 𝑠𝑡
where 𝑇 𝑠𝑡 represents the total simulation time in seconds.
𝑆𝑁
RPL
RPL
RPL
RPL Under Attack
Under Attack
CRA-RPL
CRA-RPL
1.00 1.00
0.75 0.75
Packet Delivery Ratio
0.25 0.25
0.00 0.00
1 2 3 1 2 3
(a) Packet delivery ratio (nodes=18) (b) Packet delivery ratio (nodes=28)
1.0 1.0
RPL
RPL
Under Attack
RPL
0.8 0.8
CRA-RPL
RPL
Under Attack
CRA-RPL
Packet Delivery Ratio
0.4 0.4
0.2 0.2
0.0 0.0
1 2 3 1 2 3
(a) Packet delivery ratio (nodes=18) (b) Packet delivery ratio (nodes=28)
0.5 0.5
RPL
RPL
Under Attack RPL
Average End-to-End Delay (Seconds)
CRA-RPL
0.3 0.3
0.2 0.2
0.1 0.1
0.0 0.0
1 2 3 1 2 3
(a) Average End-to-End delay (nodes=18) (b) Average End-to-End delay (nodes=28)
network, and in case of DDAO attack (𝑅𝑃 𝐿𝑈 𝑛𝑑𝑒𝑟 𝐴𝑡𝑡𝑎𝑐𝑘 ), the of standard RPL increases by 1402 in limited network and by
number of control packets is in the range of 1204 to 1427 2264 in the dense network compared with the static nature
in limited network and 1350 to 1574 in the dense network. due to the mobile nature of the node because when the posi-
As compared to the standard RPL (𝑅𝑃 𝐿), the DDAO attack tion of the sensor node change, the number of control packets
(𝑅𝑃 𝐿𝑈 𝑛𝑑𝑒𝑟 𝐴𝑡𝑡𝑎𝑐𝑘 ) reduces the number of control packets be- are generated for topology creation and maintenance.
cause the attacker node does not forward the DAO packets to
the root node in the static scenario. But when we observed 6.3.4. Analysis on Packet Loss Ratio
the mobile scenario, the number of control packets generated In this paper, We calculate the packet loss ratio by us-
approx. to 3240 in limited and 4439 in the dense network, ing eq. 10. As we have seen, Figure 13a, 13b, 14a and 14b
and in case of a DDAO attack (𝑅𝑃 𝐿𝑈 𝑛𝑑𝑒𝑟 𝐴𝑡𝑡𝑎𝑐𝑘 ), the at- show the PLR on 𝑅𝑃 𝐿, 𝑅𝑃 𝐿𝑈 𝑛𝑑𝑒𝑟 𝐴𝑡𝑡𝑎𝑐𝑘 , 𝑅𝑃 𝐿𝐶𝑅𝐴−𝑅𝑃 𝐿 in
tacker generates more number of control packets that are re- a static and mobile scenario in both limited and dense net-
solved by our proposed technique 𝑅𝑃 𝐿𝐶𝑅𝐴−𝑅𝑃 𝐿 but slight work. As we need less packet loss for critical IoT applica-
increases when we compare with standard RPL (𝑅𝑃 𝐿). When tions. In standard RPL (𝑅𝑃 𝐿) of static scenario, the PLR
we remove the attacker node from the parent list, more con- values approx to 0 in both limited and dense network, and
trol packets are generated for parent selection and topology in case of a DDAO attack (𝑅𝑃 𝐿𝑈 𝑛𝑑𝑒𝑟 𝐴𝑡𝑡𝑎𝑐𝑘 ), the PLR value
maintenance. It has been observed that the mobile scenario range between 0.52 to 0.54 in limited network and 0.60 to
RPL
RPL
RPL
0.25 Under Attack
RPL
Under Attack
CRA-RPL
0.35
CRA-RPL
Average End-to-End Delay (Seconds)
0.25
0.15
0.20
0.15
0.10
0.10
0.05 0.05
1 2 3 1 2 3
(a) Average End-to-End delay (nodes=18) (b) Average End-to-End delay (nodes=28)
RPL
4000 RPL
Under Attack 4000 RPL
RPL
CRA-RPL Under Attack
CRA-RPL
3500 3500
Control Packet Overhead
3000 3000
2500 2500
2000 2000
1500 1500
1000 1000
1 2 3 1 2 3
Number of Attacker Number of Attacker
(a) Control packet overhead (nodes=18) (b) Control packet overhead (nodes=28)
0.73, which clearly says that more number of packet loss work.
due to the attacker. As seen in Figure 13a and 13b, our
proposed approach 𝑅𝑃 𝐿𝐶𝑅𝐴−𝑅𝑃 𝐿 reduces the number of 6.3.5. Analysis on Average Power Consumption
packets being loose (0.02 to 0.12) in limited network and RPL is frequently used because it offers LLNs with energy-
(0.00 to 0.01) in the dense network as it isolates the attacker efficient routing. Therefore, it is essential to analyze the
nodes by identifying the fake DAO-ACK message unicast power consumption of nodes before implementing a new se-
by the attacker. In the mobile scenario of the network, the curity solution. We calculate APC by using eq. 12. Fig-
PLR values of the standard RPL (𝑅𝑃 𝐿) are approximately ure 15a, 15b, 16a and 16b represents the impact of APC
0.49 in limited network and 0.57 in the dense network due to on 𝑅𝑃 𝐿, 𝑅𝑃 𝐿𝑈 𝑛𝑑𝑒𝑟 𝐴𝑡𝑡𝑎𝑐𝑘 , 𝑅𝑃 𝐿𝐶𝑅𝐴−𝑅𝑃 𝐿 in a static and
the movable nature of sensor nodes, the packets being more mobile scenario in both limited and dense network with the
loose compared to the static scenario. In the case of the different number of attackers. In standard RPL (𝑅𝑃 𝐿), the
DDAO attack (𝑅𝑃 𝐿𝑈 𝑛𝑑𝑒𝑟 𝐴𝑡𝑡𝑎𝑐𝑘 ), the attacker increases the average power consumed is approx. to 4.08mW in limited
PLR values range between 0.57 to 0.68 in limited network network and 4.08mW in the dense network, and in case of
and 0.62 to 0.67 in the dense network. Our proposed tech- DDAO attack (𝑅𝑃 𝐿𝑈 𝑛𝑑𝑒𝑟 𝐴𝑡𝑡𝑎𝑐𝑘 ), the APC values varies be-
nique (𝑅𝑃 𝐿𝐶𝑅𝐴−𝑅𝑃 𝐿 ) improves the degeneration of packets tween 4.08 to 4.77(mW) in limited network and 2.10 to 2.30
range between 0.46 to 0.52 in both limited and dense net- (mW) in the dense network. According to the Figure 15a of
RPL
6000 RPL
Under Attack
RPL
CRA-RPL
RPL
6000 Under Attack
CRA-RPL
Control Packet Overhead
5000
4000
4000
3000 3000
1 2 3 1 2 3
Number of Attacker Number of Attacker
(a) Control packet overhead (nodes=18) (b) Control packet overhead (nodes=28)
Table 5
Efficiency Parameters
Number of Attacker TPR FNR FPR TNR Precision Recall Accuracy Fooling
rate
Number of nodes: 18
0 - - 0 1 - - 1 -
1 1 0 0 1 1 1 1 0
2 1 0 0 1 1 1 1 0
3 1 0 0 1 1 1 1 0
Number of nodes: 28
0 - - 0 1 - - 1 -
1 1 0 0 1 1 1 1 0
2 1 0 0 1 1 1 1 0
3 1 0 0 1 1 1 1 0
limited network, 𝑅𝑃 𝐿𝐶𝑅𝐴−𝑅𝑃 𝐿 increases the APC between solution for the random topology in the network of 200𝑚 ×
4.12 to 6.22(mW) due to generation of more control packets 200𝑚 area network. The results demonstrate that the our
for topology maintenance and the Figure 15b0, 𝑅𝑃 𝐿𝐶𝑅𝐴−𝑅𝑃 𝐿 proposed solution offers 100% accuracy for the limited and
consumes the APC between 2.10 to 2.27(mW) in the dense dense network scenario. The fooling rate is a ratio of black-
network. In the mobile scenario of the RPL network as shown listed parents as a trustworthy parents during DDAO attack
in Figure 16a, the standard RPL (𝑅𝑃 𝐿) consumes average over the total number of attacker nodes present in the net-
power 4.77mW in limited network and 2.37mW in the dense work. The fooling rate in both network scenario achieved as
network, and in the case of our proposed technique 0 also we have a high TPR and TNR but a low FPR and FNR,
(𝑅𝑃 𝐿𝐶𝑅𝐴−𝑅𝑃 𝐿 ) consume average power in the range of 4.08 that represent, our proposed solution detect fake DAO-ACK
to 4.76(mW) in limited network and 2.23 to 2.31(mW) in the message accurately unicast by the attacker node. By using
dense network . detection, we have incorporating mitigation technique to im-
prove network performance. Hence accessing the proposed
6.4. Detection strategy using CRA-RPL approach validate the optimality of CRA-RPL in both lim-
This subsection describes the metrics depicted in Table 5 ited and dense network.
obtained experimentally by implementing our proposed so-
lution to detect fake DAO-ACK message. We employ the 6.5. Analysis on Memory Overhead
metrics TPR, FNR, FNR, TNR, Precision, Recall Accuracy, It is not encouraged to use resource-intensive security so-
and Fooling Rate to estimate the results. Table 5 indicates lutions in RPL protocol. Therefore lightweight security so-
the confusion matrix for the various number of nodes ob- lutions are developed to make a resource-efficient network.
tained experimentally using the simulation setup. This paper investigated the CRA-RPL implementation im-
The Table 5 shows the predicted accuracy of the proposed pact in terms of RAM and ROM consumption using the msp-
RPL
RPL
RPL
1.0 Under Attack 1.0
RPL
Under Attack
CRA-RPL
CRA-RPL
0.8 0.8
Packet Loss Ratio
0.4 0.4
0.2 0.2
0.0 0.0
1 2 3 1 2 3
(a) Packet loss ratio (nodes=18) (b) Packet loss ratio (nodes=28)
1.0 1.0
RPL
RPL RPL
Under Attack
RPL CRA-RPL
Under Attack
CRA-RPL
0.8 0.8
Packet Loss Ratio
0.6 0.6
0.4 0.4
0.2 0.2
1 2 3 1 2 3
(a) Packet loss ratio (nodes=18) (b) Packet loss ratio (nodes=28)
430 size tool. Table 6 shows the comparison of RAM and Table 6
ROM requirement of 𝑀𝑜𝑡𝑒𝑅𝑃 𝐿 (Contiki-NG firmware with Memory Requirements
RPL implemented), 𝑀𝑜𝑡𝑒𝐶𝑅𝐴−𝑅𝑃 𝐿 (Contiki-NG firmware
with CRA-RPL implemented). It has been noted that the File RAM (Bytes) ROM
RAM and ROM needed for our proposed solution have in- (Bytes)
creased by 1%. The maximum capacity of standard Z1 Mote Contiki-NG RPL 6418 53185
is approximately 92𝐾𝐵. Therefore, our proposed technique Contiki-NG CRA-RPL 6418(+𝟕𝟔) 53185
is appropriate for Z1 motes without introducing significant (+𝟏𝟎𝟏𝟖)
overhead. CRA-RPL is a lightweight solution that is appro-
priate for networks that are resource constrained in nature.
mise network security. One newly developed attack against
RPL protocol is known as a DDAO attack. Using multiple
experiments, we have shown that a DDAO attack can neg-
7. Conclusion and Future Scope atively impact the network performance in terms of packet
As per RFC 6550, RPL is still developing and has sev- delivery ratio, which is not desirable. This paper introduces
eral vulnerabilities that an attacker may exploit to compro- a novel and effective technique named CRA-RPL for detect-
RPL
RPL
Under Attack 6.0
CRA-RPL RPL
7 RPL
Under Attack
Average Power Consumption (mW)
4.5
5 3.0
4
1.5
3
0.0
1 2 3 1 2 3
(a) Average power consumption (nodes=18) (b) Average power consumption (nodes=28)
6.0
RPL
RPL
RPL
Under Attack
RPL
Under Attack
CRA-RPL
Average Power Consumption (mW)
6.0 CRA-RPL
4.5
4.5
3.0
3.0 1.5
0.0
1.5
1 2 3 1 2 3
(a) Average power consumption (nodes=18) (b) Average power consumption (nodes=28)
ing and mitigating DDAO attacks. CRA-RPL technique in- ple simulation scenarios with a variable number of attacker
volves challenge-response-based acknowledgment authenti- nodes. In the future, we aim to extend CRA-RPL to mitigate
cation to identify the attacker’s fake or malformed DAO- other routing attacks as well.
ACK control messages and prevents legitimate nodes from
forwarding any further messages to the attacker node. Ma-
jor benefits of the CRA-RPL technique include: (1) attack CRediT authorship contribution statement
detection with 100% accuracy; (2) mitigates the attack and Shefali Goel: Conceptualization, Methodology, Valida-
improves the network’s PDR up to 102% in static, and 66% tion, Investigation, Writing - Original Draft, Software. Ab-
in the mobile scenario; (3) do not significantly affect criti- hishek Verma: Conceptualization, Resources, Validation,
cal network performance parameters; (4) do not induce sig- Visualization, Data curation, Writing - Original Draft, Su-
nificant overhead on resource-constrained nodes; (5) it can pervision. Vinod Kumar Jain: Formal analysis, Valida-
be easily deployed in any other embedded operating system tion, Supervision.
which supports RPL. We improved the existing RPL imple-
mentation of Contiki-NG to incorporate the attack detection
and mitigation logic of CRA-RPL. We tested the effective-
ness of CRA-RPL by performing experiments over multi-
Declaration of competing interest [21] Murali, S., Jamalipour, A., 2020. A Lightweight Intrusion Detection
for Sybil Attack Under Mobile RPL in the Internet of Things. IEEE
The authors declare that they have no known competing Internet of Things Journal 7, 379–388.
financial interests or personal relationships that could have [22] Musaddiq, A., Zikria, Y.B., Kim, S.W., et al., 2020. Routing proto-
appeared to influence the work reported in this paper. col for low-power and lossy networks for heterogeneous traffic net-
work. EURASIP Journal on Wireless Communications and Network-
ing 2020, 1–23.
[23] Muzammal, S.M., Murugesan, R.K., Jhanjhi, N., 2020. A comprehen-
References sive review on secure routing in internet of things: Mitigation meth-
[1] A. Almusaylim, Z., Jhanjhi, N., Alhumam, A., 2020. Detection and ods and trust-based approaches. IEEE Internet of Things Journal 8,
Mitigation of RPL Rank and Version Number Attacks in the Internet 4186–4210.
of Things: SRPL-RPL. Sensors 20. [24] Napiah, M.N., Bin Idris, M.Y.I., Ramli, R., Ahmedy, I., 2018. Com-
[2] Airehrour, D., Gutierrez, J., Ray, S.K., 2016. Secure routing for in- pression Header Analyzer Intrusion Detection System (CHA - IDS)
ternet of things: A survey. Journal of Network and Computer Appli- for 6LoWPAN Communication Protocol. IEEE Access 6, 16623–
cations 66, 198–213. 16638.
[3] Airehrour, D., Gutierrez, J.A., Ray, S.K., 2019. SecTrust-RPL: A [25] Park, M.H., 2012. Challenge-response based ACK message authen-
secure trust-aware RPL routing protocol for Internet of Things. Future tication. Electronics letters 48, 1021–1023.
Generation Computer Systems 93, 860–876. [26] Pu, C., Choo, K.K.R., 2022. Lightweight Sybil attack detection in IoT
[4] Arış, A., Yalçın, S.B.Ö., Oktuğ, S.F., 2019. New lightweight mitiga- based on bloom filter and physical unclonable function. Computers
tion techniques for RPL version number attacks. Ad Hoc Networks & Security 113, 102541.
85, 81–91. [27] Safaei, B., Monazzah, A.M.H., Ejlali, A., 2021. ELITE: An Elab-
[5] Arvan, E., Dehkordi, M.K.H., Jalili, S., 2022. Secured location-aware orated Cross-Layer RPL Objective Function to Achieve Energy Effi-
mobility-enabled rpl. Journal of Network and Computer Applications ciency in Internet-of-Things Devices. IEEE Internet of Things Journal
, 103516. 8, 1169–1182.
[6] Bang, A.O., Rao, U.P., 2022. EMBOF-RPL: Improved RPL for early [28] Sahay, R., Geethakumari, G., Mitra, B., 2022a. Mitigating the worst
detection and isolation of rank attack in RPL-based internet of things. parent attack in RPL based internet of things. Cluster Computing 25,
Peer-to-Peer Networking and Applications 15, 642–665. 1303–1320.
[7] Butun, I., Österberg, P., Song, H., 2019. Security of the Internet of [29] Sahay, R., Geethakumari, G., Mitra, B., 2022b. Partitioning Attacks
Things: Vulnerabilities, attacks, and countermeasures. IEEE Com- Against RPL in the Internet of Things Environment, in: Edge Analyt-
munications Surveys & Tutorials 22, 616–644. ics. Springer, pp. 115–127.
[8] Cakir, S., Toklu, S., Yalcin, N., 2020. Rpl attack detection and preven- [30] Sharma, G., Grover, J., Verma, A., 2023. Performance evaluation of
tion in the internet of things networks using a gru based deep learning. mobile RPL-based IoT networks under version number attack. Com-
IEEE Access 8, 183678–183689. puter Communications 197, 12–22.
[9] Challa, S., Wazid, M., Das, A.K., Kumar, N., Reddy, A.G., Yoon, E.J., [31] Sheibani, M., Barekatein, B., Arvan, E., 2022. A lightweight dis-
Yoo, K.Y., 2017. Secure signature-based authenticated key establish- tributed detection algorithm for DDAO attack on RPL routing pro-
ment scheme for future iot applications. Ieee Access 5, 3028–3043. tocol in Internet of Things. Pervasive and Mobile Computing 80,
[10] Espinoza, H., Kling, G., McGroarty, F., O’Mahony, M., Ziouvelou, 101525.
X., 2020. Estimating the impact of the Internet of Things on produc- [32] Vasseur, J., Agarwal, N., Hui, J., Shelby, Z., Bertrand, P., Chauvenet,
tivity in Europe. Heliyon 6, e03935. C., 2011. RPL: The IP routing protocol designed for low power and
[11] Gaddour, O., Koubâa, A., 2012. RPL in a nutshell: A survey. Com- lossy networks. Internet Protocol for Smart Objects (IPSO) Alliance
puter Networks 56, 3163–3178. 36.
[12] Ghaleb, B., Al-Dubai, A., Ekonomou, E., Qasem, M., Romdhani, I., [33] Verma, A., Ranga, V., 2020a. CoSec-RPL: detection of copycat at-
Mackenzie, L., 2018. Addressing the DAO insider attack in RPLâĂŹs tacks in RPL based 6LoWPANs using outlier analysis. Telecommu-
Internet of Things networks. IEEE Communications Letters 23, 68– nication Systems 75, 43–61.
71. [34] Verma, A., Ranga, V., 2020b. Mitigation of DIS flooding attacks in
[13] Gnawali, O., Levis, P., 2010. The ETX objective function for RPL. RPL-based 6LoWPAN networks. Transactions on emerging telecom-
draft-gnawali-roll-etxof-01 . munications technologies 31, e3802.
[14] Gnawali, O., Levis, P., 2012. The minimum rank with hysteresis ob- [35] Verma, A., Ranga, V., 2020c. Security of RPL based 6LoWPAN Net-
jective function. RFC 6719 , 13. works in the Internet of Things: A Review. IEEE Sensors Journal 20,
[15] Ibrahimy, S., Lamaazi, H., Benamar, N., 2020. Rpl assessment us- 5666–5690.
ing the rank attack in static and mobile environments, in: 2020 Inter- [36] Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, R., Levis, P., Pis-
national Conference on Innovation and Intelligence for Informatics, ter, K., Struik, R., Vasseur, J.P., Alexander, R., 2012. RPL: IPv6 rout-
Computing and Technologies (3ICT), IEEE. pp. 1–6. ing protocol for low-power and lossy networks. Technical Report.
[16] Kaliyar, P., Jaballah, W.B., Conti, M., Lal, C., 2020. Lidl: localization [37] Zarpelão, B.B., Miani, R.S., Kawakani, C.T., de Alvarenga, S.C.,
with early detection of sybil and wormhole attacks in iot networks. 2017. A survey of intrusion detection in internet of things. Journal of
Computers & Security 94, 101849. Network and Computer Applications 84, 25–37.
[17] Kiran, U., 2022. Ids to detect worst parent selection attack in rpl-based
iot network, in: 2022 14th International Conference on COMmunica-
tion Systems & NETworkS (COMSNETS), IEEE. pp. 769–773.
[18] Lamaazi, H., Benamar, N., Jara, A.J., 2018. Rpl-based networks in
static and mobile environment: A performance assessment analysis.
Journal of King Saud University-Computer and Information Sciences
30, 320–333.
[19] Mayzaud, A., Badonnel, R., Chrisment, I., 2016. A Taxonomy of
Attacks in RPL-based Internet of Things. International Journal of
Network Security 18, 459–473.
[20] Medjek, F., Tandjaoui, D., Djedjig, N., Romdhani, I., 2021. Multicast
DIS attack mitigation in RPL-based IoT-LLNs. Journal of Informa-
tion Security and Applications 61, 102939.
Shefali Goel
Shefali Goel received the B.Tech. degree from the IPS College of
Technology and Management, Gwalior, Madhya Pradesh, India, in 2018,
and the M.Tech. degree from the Madhav Institute of Technology and
Science, Gwalior, Madhya Pradesh, India, in 2020. She is currently pursuing
the Ph.D. degree in computer science and engineering discipline from the
PDPM Indian Institute of Information Technology, Design and
Manufacturing, Jabalpur, Madhya Pradesh, India. Her research interests include IoT, Network
Security, and Intrusion Detection.
Declaration of interests
☒ The authors declare that they have no known competing financial interests or personal relationships
that could have appeared to influence the work reported in this paper.
☐The authors declare the following financial interests/personal relationships which may be considered
as potential competing interests:
Credit Author Statement