VeRA - Version Number and Rank Authentication in RPL

Dvir, Amit; Holczer, Tamás; Buttyán, Levente

doi:10.1109/mass.2011.76

Cited by 192 publications

(121 citation statements)

References 19 publications

Supporting

Mentioning

119

Contrasting

Unclassified

Order By: Relevance

“…On the other side, in the case of rank attack an adversary can attract the large traffic by advertising false rank value, so non-optimal routes might be established. Solutions to address this problem are given in [60] and [61].…”

Section: B Security and Attacks In Rplmentioning

confidence: 99%

“…Separate keys for network segments [48] PS The solution was not implemented/simulated yet; Merkel trees authentication [54] PS Node uses a key to encrypt its messages; High jitter and E2E delay until tree has been established; Graph theoretic approach [55] PS Cryptographic techniques based on local broadcast keys; Low overhead, no synchronization needed; Sybil attack, Clone ID Distributed hash tables (DHT) to store the graphical location of nodes [48], [56] PS Problem in how to securely verify the node location; Might not scale well with large networks; DAG/DAO inconsistency attack Limit the rate of tickle timer resets [57] PS Threshold value is fixed, no network or node characteristics are taken into account; Adaptive threshold [58] PS Takes into account the network characteristics; Dynamic approach [59] PS Improved version as node specific parameters are used; Rank attack VeRa [60] PS Authentication mechanism based on hash operations; Low time overhead, but still vulnerable to rank attacks by forgery and replay; TRAIL [61] PS Improvement of VeRa, requires almost no cryptography, but shows dependency on network sizes; choose to selectively forward data or drop all received packets. In both scenarios the network operation would be disturbed.…”

Section: Psmentioning

confidence: 99%

See 1 more Smart Citation

A Survey of Potential Security Issues in Existing Wireless Sensor Network Protocols

Tomić

McCann

2017

IEEE Internet Things J.

232

115

View full text Add to dashboard Cite

Abstract-The increasing pervasiveness of Wireless Sensor Networks (WSNs) in diverse application domains including critical infrastructure systems, sets an extremely high security bar in the design of WSN systems to exploit their full benefits, increasing trust while avoiding loss. Nevertheless, a combination of resource restrictions and the physical exposure of sensor devices inevitably cause such networks to be vulnerable to security threats, both external and internal. While several researchers have provided a set of open problems and challenges in WSN security and privacy, there is a gap in the systematic study of the security implications arising from the nature of existing communication protocols in WSNs. Therefore, we have carried out a deep-dive into the main security mechanisms and their effects on the most popular protocols and standards used in WSN deployments i.e. IEEE 802.15.4, B-MAC, 6LoWPAN, RPL, BCP, CTP, and CoAP, where potential security threats and existing countermeasures are discussed at each layer of WSN stack. This work culminates in a deeper analysis of network layer attacks deployed against the RPL routing protocol. We quantify the impact of individual attacks on the performance of a network using the Cooja network simulator. Finally, we discuss new research opportunities in network layer security and how to use Cooja as a benchmark for developing new defenses for WSN systems.

show abstract

Section: B Security and Attacks In Rplmentioning

confidence: 99%

Section: Psmentioning

confidence: 99%

A Survey of Potential Security Issues in Existing Wireless Sensor Network Protocols

Tomić

McCann

2017

IEEE Internet Things J.

232

115

View full text Add to dashboard Cite

show abstract

“…In this section, readers can find the studies which either propose a security solution or mitigate the effect of the attacks. Dvir et al proposed VeRA [16], a security solution for the crucial version number and rank parameters carried in DIO messages in 2011. Their solution makes use of hash chains and message authentication codes in order to securely exchange these RPL parameters in DIO messages.…”

Section: Mitigation Systems and Protocol Security Solutions For Intermentioning

confidence: 99%

Security of Internet of Things for a Reliable Internet of Services

Arış

Oktuğ

Voigt

2018

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. The Internet of Things (IoT) consists of resource-constrained devices (e.g., sensors and actuators) which form low power and lossy networks to connect to the Internet. With billions of devices deployed in various environments, IoT is one of the main building blocks of future Internet of Services (IoS). Limited power, processing, storage and radio dictate extremely efficient usage of these resources to achieve high reliability and availability in IoS. Denial of Service (DoS) and Distributed DoS (DDoS) attacks aim to misuse the resources and cause interruptions, delays, losses and degrade the offered services in IoT. DoS attacks are clearly threats for availability and reliability of IoT, and thus of IoS. For highly reliable and available IoS, such attacks have to be prevented, detected or mitigated autonomously. In this study, we propose a comprehensive investigation of Internet of Things security for reliable Internet of Services. We review the characteristics of IoT environments, cryptography-based security mechanisms and D/DoS attacks targeting IoT networks. In addition to these, we extensively analyze the intrusion detection and mitigation mechanisms proposed for IoT and evaluate them from various points of view. Lastly, we consider and discuss the open issues yet to be researched for more reliable and available IoT and IoS.

show abstract

“…Version number attacks have also been suggested previously [12,13], but their effects have not been analyzed to understand whether it would be prudent to mitigate such attacks or not. The Version Number and Rank Authentication (VeRA) [13] approach provides integrity of version numbers and ranks advertised in control messages via hash and signature operations.…”

Section: Related Workmentioning

confidence: 99%

“…The Version Number and Rank Authentication (VeRA) [13] approach provides integrity of version numbers and ranks advertised in control messages via hash and signature operations. Their approach is not only shown to be faulty by the authors of [14], but another mechanism called TRAIL that uses the root as a trust anchor and monotonically increases node ranks is also proposed by them.…”

Section: Related Workmentioning

confidence: 99%

A Study of RPL DODAG Version Attacks

Mayzaud

Sehgal

Badonnel

et al. 2014

Monitoring and Securing Virtualized Networks and Services

View full text Add to dashboard Cite

Abstract. The IETF designed the Routing Protocol for Low power and Lossy Networks (RPL) as a candidate for use in constrained networks. Keeping in mind the different requirements of such networks, the protocol was designed to support multiple routing topologies, called DODAGs, constructed using different objective functions, so as to optimize routing based on divergent metrics. A DODAG versioning system is incorporated into RPL in order to ensure that the topology does not become stale and that loops are not formed over time. However, an attacker can exploit this versioning system to gain an advantage in the topology and also acquire children that would be forced to route packets via this node. In this paper we present a study of possible attacks that exploit the DODAG version system. The impact on overhead, delivery ratio, end-to-end delay, rank inconsistencies and loops is studied.

show abstract

VeRA - Version Number and Rank Authentication in RPL

Cited by 192 publications

References 19 publications

A Survey of Potential Security Issues in Existing Wireless Sensor Network Protocols

A Survey of Potential Security Issues in Existing Wireless Sensor Network Protocols

Security of Internet of Things for a Reliable Internet of Services

A Study of RPL DODAG Version Attacks

Contact Info

Product

Resources

About