{"title":"Security-aware RPL: Designing a novel objective function for risk-based routing with rank evaluation","authors":"Ferhat Arat , Sedat Akleylek","doi":"10.1016/j.comnet.2025.111122","DOIUrl":null,"url":null,"abstract":"<div><div>Routing Protocol for Low-Power and Lossy Networks (RPL) is a widely used routing protocol in the Internet of Things (IoT) environments due to its suitability for resource-constrained devices and lossy network conditions. However, the inherent vulnerabilities in RPL pose significant security risks to IoT deployments. To address these challenges, we propose a security-aware routing approach that modifies objective functions (OFs) in terms of risk and vulnerability aspects. Among these vulnerabilities, rank attacks are particularly critical, as they exploit RPL’s core mechanism for route optimization by manipulating rank values to disrupt network performance. Detecting such attacks is crucial, as they can lead to suboptimal routing, increased energy consumption, and network instability, severely impacting IoT operations. To the best of our knowledge, it is the first approach to making the RPL algorithm security-aware by conducting a risk- and vulnerability-focused routing. In our approach, a step-by-step vulnerability-oriented security model is applied. First, we establish the IoT topology using communication range metrics to connect devices. We identify and analyze potential security vulnerabilities in RPL using established databases such as the National Vulnerability Database (NVD) and the Common Vulnerability Scoring System (CVSS). Based on these analyses, a set of OFs is defined to guide RPL routing decisions. The OF formulation incorporates factors such as CVSS values, vulnerability severity, and network topology. Risk levels are measured at device, path, and network-levels, leveraging these OFs. The proposed security-aware routing procedure dynamically adapts routing behavior based on the defined OFs, integrating risk assessment mechanisms into the routing process. This enables the protocol to prioritize routes with lower security risks while avoiding those vulnerable to potential attacks. Additionally, rank attacks are detected by identifying malicious nodes that manipulate rank values. To evaluate the proposed method, comparisons are made with existing procedures regarding running time and asymptotic complexity. The results demonstrate better performance in parent selection and rank attack detection, highlighting the effectiveness of our approach in enhancing the security of RPL-based IoT networks.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"260 ","pages":"Article 111122"},"PeriodicalIF":4.4000,"publicationDate":"2025-02-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128625000908","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0
Abstract
Routing Protocol for Low-Power and Lossy Networks (RPL) is a widely used routing protocol in the Internet of Things (IoT) environments due to its suitability for resource-constrained devices and lossy network conditions. However, the inherent vulnerabilities in RPL pose significant security risks to IoT deployments. To address these challenges, we propose a security-aware routing approach that modifies objective functions (OFs) in terms of risk and vulnerability aspects. Among these vulnerabilities, rank attacks are particularly critical, as they exploit RPL’s core mechanism for route optimization by manipulating rank values to disrupt network performance. Detecting such attacks is crucial, as they can lead to suboptimal routing, increased energy consumption, and network instability, severely impacting IoT operations. To the best of our knowledge, it is the first approach to making the RPL algorithm security-aware by conducting a risk- and vulnerability-focused routing. In our approach, a step-by-step vulnerability-oriented security model is applied. First, we establish the IoT topology using communication range metrics to connect devices. We identify and analyze potential security vulnerabilities in RPL using established databases such as the National Vulnerability Database (NVD) and the Common Vulnerability Scoring System (CVSS). Based on these analyses, a set of OFs is defined to guide RPL routing decisions. The OF formulation incorporates factors such as CVSS values, vulnerability severity, and network topology. Risk levels are measured at device, path, and network-levels, leveraging these OFs. The proposed security-aware routing procedure dynamically adapts routing behavior based on the defined OFs, integrating risk assessment mechanisms into the routing process. This enables the protocol to prioritize routes with lower security risks while avoiding those vulnerable to potential attacks. Additionally, rank attacks are detected by identifying malicious nodes that manipulate rank values. To evaluate the proposed method, comparisons are made with existing procedures regarding running time and asymptotic complexity. The results demonstrate better performance in parent selection and rank attack detection, highlighting the effectiveness of our approach in enhancing the security of RPL-based IoT networks.
期刊介绍:
Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
