Materials Today: Proceedings xxx (xxxx) xxx

Contents lists available at ScienceDirect

Materials Today: Proceedings

journal homepage: www.elsevier.com/locate/matpr

A study on network routing attacks in IoT

Shrikant D. Mali ⇑, K. Govinda
SCOPE, VIT University, Vellore, TN, India

a r t i c l e i n f o a b s t r a c t

Article history: IoT (IoTs) is a collection of autonomous things. IoTs is a new pattern that includes the existing presence of
Available online xxxx different devices. It is one of the latest technologies that provide global connectivity, management of sen-
sors, users and information. The connectivity helps devices to be connected in a ubiquitous manner.
Keywords: Therefore, it can be deployed in different domains such as smart home, health, city, retail, logistics, indus-
Internet of things tries and farming. This has brought a new dimension to connect with objects. There are many issues asso-
Computer networks ciated with IoTs such as fading, energy consumption, data security, network security, etc. The ultimate
Network security
aim of this assessment is to show the different kinds of routing methods to solve the problem of network
Routing
Attacks
routing attacks in IoTs. This paper categorizes the attacks in terms of sinkhole, black hole and wormhole
attacks in tabular format.
Ó 2021 Elsevier Ltd. All rights reserved.
Selection and peer-review under responsibility of the scientific committee of the International Confer-
ence on Nanoelectronics, Nanophotonics, Nanomaterials, Nanobioscience & Nanotechnology.

1. Introduction sensors, and everyday items that aren’t usually thought of as

The phrase ‘‘IoT” was coined by the founders of the MIT Auto-ID
Centre, with special regard to Kevin Ashton in 1999. The term
‘‘Toward a worldwide IoT” was employed by Steve Meloan, Sun
Microsystems in 2003 [1]. The concept came into limelight in
2005 when the International Telecommunication Union (ITU) pub-
lished the primary testimony on the topic i.e., ‘IoT’. In 2010, the
Chinese government announced that it might make the web of
Things a deliberate precedence in their Five-Year-Plan. The novel
evolution of Internet interacts and also provides information for
further decision [2]. This revolution led to an unprecedented scale
and pace which creates a sensible environment. In 2011, the
amount of interconnected things overtook the particular number
of individuals. Consistent with Gartner, Inc. 20.4 billion devices
are going to be connected to the web by 2020.
 The network of physical objects that contain embedded tech-
nology to talk, sense, or interact with their internal states or
the external environment [3] is described by Gartner as ‘‘IoTs.”
‘‘The IoT” is described by the Web Society as ‘‘scenarios in which
network connectivity and computing capability reach artifacts,
ity and management of sensors, user and information.
computers, allowing these devices to obtain, share, and con-
sume data with minimal human intervention” [4].
 The IoT is visualized by the RFID community since the global
network of interconnected objects that are uniquely address-
able supports common communication protocols. ‘‘The IoT” is
described as ‘‘a system of interconnected computing devices,
mechanical and digital machines, objects, animals, or people
with unique identifiers and thus the ability to transmit data
over a network without requiring human-to-human or
human-to-computer interaction.” Cisco describes IoTs as ‘‘the
Internet of All” (IoE). IoTs are also known as ‘‘Embedded Inter-
net” by Intel, and other words for IoTs include,
 M2M (Machine to machine) communication
 Web of Things
 Industry 4.0
 Industrial internet (of Things)
 Smart systems
 Pervasive computing
 Intelligent systems
It is one of the latest technologies that provide global connectiv-

2. Characteristics of IoTs
⇑ Corresponding author.
E-mail address: shrikantmalicse@gmail.com (S.D. Mali). The characteristics of IoTs are described as follows:

https://doi.org/10.1016/j.matpr.2021.07.092
2214-7853/Ó 2021 Elsevier Ltd. All rights reserved.
Selection and peer-review under responsibility of the scientific committee of the International Conference on Nanoelectronics, Nanophotonics, Nanomaterials,
Nanobioscience & Nanotechnology.

Please cite this article as: S.D. Mali and K. Govinda, A study on network routing attacks in IoT, Materials Today: Proceedings, https://doi.org/10.1016/j.
matpr.2021.07.092
S.D. Mali and K. Govinda
 Ambient Intelligence: IoTs contain a mix of algorithms and
computations that allow devices to function intelligently. Ambi-
ent intelligence in IoTs improves the items’ capabilities, allow-
ing them to react intelligently to a particular situation and
support specific tasks.
 Dynamic Nature & Self-Configuring: IoTs devices have the
potential to adopt dynamically with the changing context. The
first activity is to gather data and dynamically adopt the
changes that happen around the devices. The devices have
self-configuring capacity and thus allow an outsized number
of devices to figure together.
 Heterogeneity: IoT structures are heterogeneous, meaning they
use different hardware proposals and systems. Via various net-
works, they can communicate with other devices or service
platforms.
 Unique Identity: Devices will be identified with unique IP
address or an Uniform Resource Identifier (URI)
 Enormous scale: The number of devices that need to be han-
dled and converse with one another would be at least, which
is an order of magnitude greater than the number of devices
connected to the internet.
 Things-related services: Providing thing-related resources
while staying within the constraints of things, such as isolation
and permanence between physical and virtual things.
3. Routing protocols for IoTs
3.1. RPL protocol
RPL is intended to be LLN’s IPv6 routing procedure. The IETF’s
ROLL working group has published RPL as an RFC. The aim of RPL
is to concentrate on networks with thousands of nodes and limited
resources. Central gateway nodes control the network. RPL distin-
guishes between multipoint-to-point (M2P), point-to-multipoint
(P2M), and point-to-point (P2P) traffic (P2P). RPL is capable of deal-
ing with a wide range of traffic [6]. It’s well-suited to M2P and pro-
vides adequate P2M support. However, it only has basic P2P
functionality. RPL aspires to be a flexible protocol that can include
a variety of WSN application base mechanisms. Various RPL exten-
sions are available to meet a variety of IoT framework
specifications.
RPL may be a pragmatic distance-vector routing protocol. It
builds its routes at regular intervals. Multiple RPL Instances can
be run on the same physical network. As a result, network nodes
are permitted to be a part of only one RPL instance. From a root
node to a Destination-Oriented Directed Acyclic Graph, each
Instance constructs a tree-like routing structure (DODAG).
3.2. Topology formation
The development of an RPL topology begins with the designa-
tion of a special node as the basis node for one Instance. The net-
work’s configuration parameters are stored in a DODAG
Information Object (DIO), which is then used to disseminate data
across the network. A DIO can be configured in a variety of ways
to meet the needs of the application. However, RPL Instance ID,
which may be a unique identifier of RPL Instance during a network,
is required information during a DIO. DODAG ID is a unique iden-
tifier for a DODAG in an RPL Instance. The DODAG version number
is used to identify the DODAG. The rank of a node in the DODAG
defines the node’s logical distance from the DODAG’s base node [7].
Each node must choose parent nodes from its neighbours when
forming the DODAG, with the caveat that the node’s measured
rank must be higher than the rank of all its parents. The creation
of loops is prevented by this process. The rank of a node is deter-
mined in order to support the target Function (OF) and its related
2
Materials Today: Proceedings xxx (xxxx) xxx
metric, which is defined in accordance with the DODAG’s applica-
tion requirements. Note that the goal feature of each network can
differ, and it may use metrics such as hop distance or physical dis-
tance. The goal function can also take into account the desirability
of a single neighbouring node being chosen as a parent.
RPL generates a routing topology in the form of a DODAG
(Distribution-Oriented Directed Acyclic Graph) [8]. There are three
messages in all. DIO, DAO, and DIS are their names. The DAG Infor-
mation Object (DIO) contains data that allows a node to obtain an
RPL Instance, learn its configuration parameters, and select DODAG
parents. Destination Advertisement Object (DAO) – this object is
responsible for propagating destination information upwards
along the DODAG, as seen in Fig. 1. Solicit a DODAG Information
Object from an RPL node using DAG Information Solicitation
(DIS). The basis node broadcasts DIOs at first. Nodes listen for DIOs
and use that information to find a replacement DODAG and keep it
running. Node chooses parents with the lowest path cost to the
basis, based on the information. RPL determines downward routes
using a DAO post. A node can send a DIS message to an RPL node to
request a DIO, or a node can use DIS to look for DODAGs in its
vicinity.
3.3. Loading protocol
Effortless HIPERCOM, EDF, ERDF, Hitachi, and Fujitsu collabo-
rated on the On-demand Ad-hoc Distance Vector Routing – Next
Generation (LOADng) reactive routing protocol. It’s a simplified
on-demand reactive routing protocol derived from AODV that’s
designed for IEEE 802.15.4 devices in aIPv6 powered LLNs. In
6LoWPan, its behaviour is based on multi-hop routing between
devices in order to evaluate and maintain on-demand routes.
LOADng is based on the LOAD protocol [9]. The LOAD algorithm
is ideal for LLN because of its simplicity and low memory capacity
requirements. The aim of LOADing, a simple routing protocol for
sensor and IoT networks, is to obtain bi-directional paths. RREQ,
RREP, RREP–ACK, and RERR messages are produced and processed
by each LOADing Router [10]. Routes are defined only if data needs
to be sent in a reactive protocol. Routes are kept up to date as long
as there is traffic (active data packets) on them.
A source node tries to launch a packet of information to the
intention. If there is no active path to the intention, it starts the
route discovery process. This source node then generates and
broadcasts an RREQ packet across the network. The neighbouring
nodes that receive such RREQ are processed on their reverse route
back to the RREQ originator during this step. After receiving the
RREQ, the intention sends a unicast RREP packet to the RREQ orig-
inator to decide the forward route. The route is modified in the
Routing table [11] when the originator of the RREQ receives the
correspondent RREP.
3.4. Topology formation
The intermediate nodes are implicitly prohibited to respond to
RREQ, even if it has an active path towards the destination in the
route discovery phase. Compared to other protocols, LOADng
reduced the control message size. When a forward route towards
destination is identified, the intermediate nodes do not maintain
a routing table as maintained in AODV. When data packet that for-
warding to the next hop towards destination fails, a Route ERRor
(RERR) packet is sent only to the destination of the RREP, whereas
it was multicasting to all the neighboring nodes in AODV [12] as
depicted in Fig. 2.
S.D. Mali and K. Govinda Materials Today: Proceedings xxx (xxxx) xxx

Fig. 1. RPL DODAG construction.

Fig. 2. LOADng route discovery process.

4. Architecture of IoTs (3 Layer) incorporates a variety of link-layer technologies with transport

and application layer practices. The 6LoWPAN procedure stack is
The standard Internet protocol stack is built on a five-layer very similar to a standard IP stack. The LoWPAN adaptation layer
internet model. The ‘‘narrow waist” model is another name for was created to improve IPv6 performance over IEEE 802.15.4 and
the Internet model. The Internet Protocol (IP) is a protocol that a few other connection layers. The architecture of the IoT is made

3
S.D. Mali and K. Govinda Materials Today: Proceedings xxx (xxxx) xxx

Table 1
Classification of sink, worm and blackhole attacks.

Sr. Paper Title Author (s) Objective(s) of the Protocol(s)/ Metric(s)/Parameter(s) Used Result(s)
No. Work Algorithm(s)/
Technique(s)
14 Supporting Secure Routing on Christian To Identify and Watchdog, Detection Rate, Number of False Reduces in Delay and
6LoWPAN for IoT et al., Mitigate Sinkhole Reputation and Trust Positives and False Negatives are Increases in Security
Attack Strategies identified
15 SVELTE: Real-time intrusion Shahid et al., To see sinkhole attacks RPL and False Alarms Energy and Memory capacity Security attack is
detection and selective enhanced
forwarding
16 IDS for Detecting Attacks on Anhtuan Le To detect the sinkhole Object and True and False Positive Rate High Accuracy and
RPL et al., attack and rank attack Information Scalability
Solicitation
17 Avoiding Loop in the RPL Stephen To compute the rank RPL, DIO and DODAG Packet Delivery Ratio and Packet Improves in PDR
DODAG based on RIA et al., of attacks Delay Reduction in False
Positive Rate
18 RPL-connected 6LoWPAN Dharmini To identify intrusions RPL Expected Transmissions Improves in Security
Networks Shreenivas
et al.,
19 Wormhole Attack Detection Pavan et al., To identify the RPL Detection rate, energy, packet and High energy efficient.
wormhole attack memory.
20 Visual-Assisted Wormhole Niki et al., To detect the eye sim MDS VOW Color, shape and size Detects multiple
Attack Detection accuracy wormhole attacks.
21 Detecting and monitoring Nilima et al., Detecting and Vis IoT Shapes, sizes, colors Trusted monitoring and
monitoring finding the security
The malicious nodes threat
22 Trust based mechanism for Ruchi Mehta To detect warm hole RPL Energy, throughput packet loss Performed metrics
Wormhole Attacks attack trust based throughput and packet
loss rate
23 Machine Learning Approach Prachi To Detect Wormhole K-means and Detection Rate Eliminates False
to Detect Wormhole Attacks Attacks Decision Tree based Positives
Supervised
24 Wormhole attack detection Sneha et al., To detect the IOT Attacker Detection Neighbor Validation and Distance Detects Malicious
attack. And worm hole and Topology Calculation Nodes
attack Construction
25 Wormhole Attack prevention Faraz et al., To prevent from Merkle Tree based Throughput, Jitter Throughput is
mechanism for RPL Worm hole attack Approach improved
Decreases in delay
26 Implementation of Wormhole Chandra To Detect Worm Hole 6LOWPAN PDR and E-to-E Delay Increases in PDR and
Attack on RPL Protocol in IoT et al., Attack End-to-End Delay
27 Blackhole Attacks Using a David To detect Blackhole RPL Trust based Throughput and Packet loss Avoids incorrect control
Trust-based Mechanism Airehrour attack information
et al., Improves in security
28 Fingerprint Authentication Pooja To prevent from Finger Print Throughput, PDR, Delay and Energy Improves in
and Genetic Algorithm Chandel blackhole attack Authentication and Throughput and Packet
Optimization GA Delivery Ratio
Decreases in Delay and
Energy Consumption
29 A Root-based Defense Jun Jiang To detect blackhole RPL Energy and Throughput Improves in
Mechanism Against RPL et al., attack Throughput
Decreases in Energy
Consumption
30 Proactive Alleviation Rajesh Babu To handle blackhole Proactive alleviation Delay and PDR Increases in PDR and
Procedure to save from blck et al., attack procedure Decreases in Delay
hole
31 Solution against Black Hole Avijit et al., To detect and correct Cryptographic hashes Neighborhood watch and energy Increases in accuracy
and Selective Forwarding blackhole attack and threshold Enhances in security
Attacks and integrity
32 Mitigation of black hole Firoz et al., To mitigate from Local and global Packet Delivery Ratio Reduces Packet Loss
attacks blackhole attack verification process Increases in reliability

up of three layers and was first implemented during the early  Network Layer
stages of science. As shown in Fig. 3, there are three layers: sensing
The network layer is at the heart of the IoT. It communicates
layer, network layer, and device layer.
data from the sensor layer to the appliance layer. Information is
transmitted from the sensing layer using 802.15.4 standards. The
 Sensing Layer
site, on the other hand, uses the IPv6 protocol to receive data.
The 6LoWPAN working party of the IETF was formed in 2004 to
It’s possible that the sensing layer is a physical layer. This layer
design an adjustment layer for IPv6. In 2007, the comprehensive
is made up of elegant entities that have sensors built in. The sensor
specifications were released (RFC 4919). The 6LoWPAN adaptation
allows for the collection and processing of real-time data by con-
layer, which adds a selected layer and Ipv6 header firmness before
necting the physical and digital worlds. The perception/sensor
forwarding to a standard Ipv6 destination, is the main difference.
layer’s goal is to identify anything in the IoTs system. This layer
This layer allows an end-to-end IP network for a wide variety of
collects data from each object. RFID tags, sensors, cameras, and
functions by extending IPv6 into the 6LoWPAN domain. At the net-
other devices are included.

4
S.D. Mali and K. Govinda
Fig. 3. IoT architecture.
work layer, there are two routing processes that take place. Mesh
under and Route over, for example.
 Application Layer
The aim of the application layer is to bring the IoT’s social needs
and industrial technology together. This layer is in charge of pro-
viding the user with application-specific services.
5. Related works
In securing data, evaluating security and its availability in IoTs
is a critical feature to consider. Dynamic topology, resource con-
straints, and security are the key challenges in developing routing
protocols for IoTs. Different approaches to network security
research have been suggested by several scholars. The most signif-
icant flaws in the existing works are the use of unreliable parame-
ters that are prone to errors and variations. The complexity of
network security in IoTs has been the subject of numerous studies.
Routing attacks have been studied by a number of authors in order
to enhance the efficiency of IoTs, as follows:
 Related Works on Sinkhole Attack
In these papers [14–18] researchers tested sinkhole detection
systems on a variety of parameters and came up with some inter-
esting findings.
 Related Works on Wormhole Attack
Authors are in [19–26] highlighted on wormhole attacks to
recover from the wormhole issue
 Related Works on Blackhole Attack
Authors have researched for finding out blackhole attacks in
[27–32]. These algorithms are shown in a tabular format in the
table below. Table 1 illustrates how sink, worm, and black hole
attacks are classified.
6. Summary
IoTs are a new technical field that is generating a lot of attention
in the investigate community. This aim of this survey paper is to
learn about the key concepts in IoTs. According to the results of
5
Materials Today: Proceedings xxx (xxxx) xxx
this study, IoTs would be extremely useful in achieving next-
generation networks. Developing IoT procedures and purposes is
a difficult assignment due to resource constraints such as protec-
tion, bandwidth, and energy consumption, among others. This con-
fronts variables, properties, and connected works of IoTs
mentioned above will provide a new way for investigators to shape
enlargement in this field.
Declaration of Competing Interest
The authors declare that they have no known competing finan-
cial interests or personal relationships that could have appeared
to influence the work reported in this paper.
References
[1] J. Gubbi et al., IoT (IoT): A vision, architectural elements, and future directions,
Future Generation Comput. Syst. 29 (2013) 1645–1660.
[2] Kshetri Nir, The evolution of the IoT industry and market in China: an interplay
of institutions, demands and supply, Telecommun. Policy 41 (1) (2017) 49–67.
[3] Axelrod C. Warren, Enforcing security, safety and privacy for the IoT, in:
Systems, Applications and Technology Conference (LISAT), 2015 IEEE Long
Island, IEEE, 2015.
[4] P.B. Pathak, IoT: an overview of the emerging technology, Res. Comput. Sci.
Softw. Eng. 3 (1) (2016) 167–170.
[6] Olfa Gaddour, Anis Koubâa, Mohamed Abid, Quality-of-service aware routing
for static and mobile IPv6-based low-power and lossy sensor networks using
RPL, Ad Hoc Netw. 33 (2015) 233–256.
[7] Olfa Gaddour, Anis Koubâa, Nouha Baccour, Mohamed Abid, OF-FL: QoS aware
fuzzy logic objective function for the RPL routing protocol, in: Modeling and
Optimization in Mobile, Ad Hoc, and Wireless Networks (WiOpt), 2014 12th
International Symposium on IEEE, 2014.
[8] Bogdan Pavkovic, Andrzej Duda, Won-Joo Hwang, Fabrice Theoleyr, Efficient
topology construction for RPL over IEEE 802.15. 4 in wireless sensor networks,
Ad Hoc Netw. 15 (2014) 25–38.
[9] FlathagenJoakim, A routing and cross-layering approach for energy and
bandwidth efficiency in Wireless Sensor Networks, 2013.
[10] V.V. Sobral José, Joel J.P.C. Rodrigues, Kashif Saleem, Jalal Al-Muhtadi,
Performance evaluation of LOADng routing protocol in IoT P2P and MP2P
applications, in: Computer and Energy Science (SpliTech), International
Multidisciplinary Conference on IEEE, 2016, pp. 1–6.
[11] Coelho Tiago, António Costa, Joaquim Macedo, Maria JoãoNicolau, Improving
Stability in QoS Routing for Ad-Hoc Networks, in: International Conference on
Ad Hoc Networks, Springer, Cham, 2014, pp. 121–133.
[12] Sasidharan Deepthi, Lillykutty Jacob, Energy and bandwidth efficient
multipath-enhanced LOADng routing protocol, in: Communication (NCC),
2016 Twenty Second National Conference on. IEEE, 2016, pp. 1–6.
[14] Christian Cervantes, Diego Poplade, Michele Nogueira, Aldri Santos, Detection
of Sinkhole Attacks for Supporting Secure Routing on 6LoWPAN for IoT, IEEE
International symposium on Integrated Network (2015) 606–611.
[15] Shahid Raza, Linus Wallgren, Thiemo Voigt, SVELTE: Real-time intrusion
detection in the IoT, pp. 1–13.
[16] Anhtuan Le, Jonathan Loo, Kok Keong Chai, Mahdi Aiash, A Specification-Based
IDS for Detecting Attacks on RPL-Based Network Topology, pp. 1–19.
S.D. Mali and K. Govinda
[17] R. Stephan, L. Arokiyam, RIAIDRPL: Rank Increased Attack (RIA) Identification
Algorithm for Avoiding Loop in the RPL DODAG, Int. J. Pure Appl. Math 1203–
1209.
[18] Dharmini shreenivas, Shahid Raza, Thiemo voigt, Intrusion Detection in the
RPL-connected 6LoWPAN Networks, pp. 31–38.
[19] Pavan pongle, gurunath chavan, Real Time Intrusion and Wormhole Attack
Detection in IoT, Int. J. Comput. Applications 121(9) (2015) 1–9.
[20] Niki tsitstiroudi, panagioties sarigiannidis, Eirini karapistoli, EyeSim: A Mobile
Application for Visual-Assisted Wormhole Attack Detection in IoT-enabled
WSNs, 9th Wireless and Mobile Networking Conference 2016, pp. 1–7.
[21] Nilima Nikam, Poorna R. Pimpale, Pranali Pawar, Anita Shirture, Detecting and
Monitoring Wormhole in IoT enabled WSNs Using EyeSim, Int. J. Eng. Techn.
Res. 7(6) (2017) 15–17.
[22] Ruchi Mehta, M.M. Parmar, Trust, based mechanism for Securing IoT Routing
Protocol RPL against Wormhole & Grayhole Attacks, IEEE (2018) 1–6.
[23] Prachi Shukla, ML-IDS: A Machine Learning Approach to Detect Wormhole
Attacks in IoT‘‘ IEEE, Intell. Syst. Conf. (2017) 234–240.
[24] Sneha Deshmukh Bhosale, S.S. Sonavane, Wormhole attack detection in
internet of things, Int. J. Eng. Technol. 749–751.
[25] V. Chandra Sekhar Reddy, K. Ramesh Reddy, Implementation of Wormhole
Attack on RPL Protocol in IoT, Int. J. Comput. Sci. Mobile Applications 6 (7)
(2018) 63–77.
[26] Faraz Idris Khan, Taeshik Shon, Taekkyeun Lee, Kihyung Kim, Wormhole
Attack prevention mechanism for RPL based LLN network, IEEE, pp. 149–154.
Materials Today: Proceedings xxx (xxxx) xxx
[27] David Airehrour, Sayan kumar ray, Securing RPL Routing Protocol from
Blackhole Attacks Using a Trust-based Mechanism, International
Telecommunication Networks and Applications Conference (2016) 115–120.
[28] Pooja Chandel, Rakesh kumar, IoT for the Prevention of Black Hole Using
Fingerprint Authentication and Genetic Algorithm Optimization, pp.17–26.
[29] Jun Jiang, Yuhong Liu, Behnam Dezfouli, A Root-based Defense Mechanism
Against RPL Blackhole Attacks in IoT Networks, pp.1194–1197.
[30] M. Rajesh Babu, S. Moses Dian, Siva Chelladurai, Mathiyalagan Palaniappan,
Proactive Alleviation Procedure to Handle Black Hole Attack and Its Version,
Sci. World J. 1–11.
[31] Avijit Mathur, Thomas Newe, Muzaffar Rao, Defense against Black Hole and
Selective Forwarding Attacks for Medical WSNs in the IoT, pp. 1–25.
[32] Firoz Ahmed, Young-Bae Ko, Mitigation of black hole attacks in Routing
Protocol for Low Power and Lossy Networks, 5143–5154.
Further Reading
[5] Luigi Atzori, Antonio Iera, Giacomo Morabito, The IoT: survey, Comput. Netw.
54 (15) (2010) 2787–2805.
[13] Sethi Pallavi, Smruti R. Sarangi, IoT: architectures, protocols and applications,
J. Electr. Comput. Eng. (2017), https://doi.org/10.1155/2017/9324035.