{"title":"Enhancing IoT security: A competitive coevolutionary strategy for detecting RPL attacks in challenging attack environments","authors":"Selim Yılmaz","doi":"10.1016/j.comnet.2025.111185","DOIUrl":null,"url":null,"abstract":"<div><div>Internet of Things (IoT) is a recent technology that allows heterogeneous devices to communicate with each other and the Internet. Designed specifically for IoT-enabled networks, the IPv6 Routing Protocol for Low Power Lossy Network (RPL) is adopted as standard routing protocol today. While RPL facilitates efficient routing between IoT devices, it is very susceptible to attacks, leading to numerous threats targeting different aspects of the nodes and network. Consequently, several efforts have been made to develop intrusion detection systems to secure RPL-operated networks. However, many existing solutions are tailored to specific attacks, making them unsuitable for other RPL attacks. Additionally, they depend on fixed simulations with specific scenarios, neglecting the influence of attack environments on detection system performance. The impact of RPL attacks varies with factors such as attacker density and position in the network. Consequently, it is crucial to design IDS that can effectively handle these dynamic conditions. This study addresses these challenges by proposing a competitive coevolution-based intrusion detection system that focuses on the most challenging attack environments. To achieve this, the intrusion detection algorithm and challenging attack environments are competitively evolved. Targeting the network’s topology, traffic, and resources through the exploitation of control packets, this study investigates 11 RPL attacks: blackhole, DIS flooding, DAG inconsistency, DAO inconsistency, decreased rank, energy depletion, forwarding misbehavior, increased version, spam DIS, selective forwarding, and worst parent. To assess detection performance, a wide range of evaluation metrics such as accuracy, precision, recall, false alarm rate, and F1-score are used. The findings demonstrate that the proposed system ensures strong detection performance with very low memory and power consumption, suggesting its effectiveness against the attacks threatening the multiple aspects of the network and its applicability on resource-constrained nodes.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"262 ","pages":"Article 111185"},"PeriodicalIF":4.4000,"publicationDate":"2025-03-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128625001537","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0
Abstract
Internet of Things (IoT) is a recent technology that allows heterogeneous devices to communicate with each other and the Internet. Designed specifically for IoT-enabled networks, the IPv6 Routing Protocol for Low Power Lossy Network (RPL) is adopted as standard routing protocol today. While RPL facilitates efficient routing between IoT devices, it is very susceptible to attacks, leading to numerous threats targeting different aspects of the nodes and network. Consequently, several efforts have been made to develop intrusion detection systems to secure RPL-operated networks. However, many existing solutions are tailored to specific attacks, making them unsuitable for other RPL attacks. Additionally, they depend on fixed simulations with specific scenarios, neglecting the influence of attack environments on detection system performance. The impact of RPL attacks varies with factors such as attacker density and position in the network. Consequently, it is crucial to design IDS that can effectively handle these dynamic conditions. This study addresses these challenges by proposing a competitive coevolution-based intrusion detection system that focuses on the most challenging attack environments. To achieve this, the intrusion detection algorithm and challenging attack environments are competitively evolved. Targeting the network’s topology, traffic, and resources through the exploitation of control packets, this study investigates 11 RPL attacks: blackhole, DIS flooding, DAG inconsistency, DAO inconsistency, decreased rank, energy depletion, forwarding misbehavior, increased version, spam DIS, selective forwarding, and worst parent. To assess detection performance, a wide range of evaluation metrics such as accuracy, precision, recall, false alarm rate, and F1-score are used. The findings demonstrate that the proposed system ensures strong detection performance with very low memory and power consumption, suggesting its effectiveness against the attacks threatening the multiple aspects of the network and its applicability on resource-constrained nodes.
期刊介绍:
Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
