Fortifying RPL-Based 6LoWPAN in IoT: A Comprehensive Review of Emerging Attack Vectors and Defense Mechanisms using Machine Learning

This paper proposes a DNS Name Autoconfiguration (called DNSNA) for not only the global DNS names, but also the local DNS names of Internet of Things (IoT) devices. Since there exist so many devices in the IoT environments, it is inefficient to manually configure the Domain Name System (DNS) names of such IoT devices. By this scheme, the DNS names of IoT devices can be autoconfigured with the device's category and model in IPv6-based IoT environments. This DNS name lets user easily identify each IoT device for monitoring and remote-controlling in IoT environments. In the procedure to generate and register an IoT device's DNS name, the standard protocols of Internet Engineering Task Force (IETF) are used. Since the proposed scheme resolves an IoT device's DNS name into an IPv6 address in unicast through an authoritative DNS server, it generates less traffic than Multicast DNS (mDNS), which is a legacy DNS application for the DNS name service in IoT environments. Thus, the proposed scheme is more appropriate in global IoT networks than mDNS. This paper explains the design of the proposed scheme and its service scenario, such as smart road and smart home. The results of the simulation prove that our proposal outperforms the legacy scheme in terms of energy consumption.

Content Centric Networking (CCN) and Named Data Networking (NDN) are popular ICN proposals that are widely accepted in the ICN community; however, they do not provide an efficient pub/sub mechanism. Hence, a content oriented pub/sub system named COPSS was developed to enhance the CCN/NDN protocols with efficient pub/sub capabilities. Internet houses powerful devices like routers and servers that can operate with the full-fledged implementation of such ICN protocols. However, Internet of Things (IoT) has become a growing topic of interest in recent years with billions of resource constrained devices expected to connect to the Internet in the near future. The current design to support IoT relies mainly on IP which has limited address space and hence cannot accommodate the increasing number of devices. Even though, IPv6 provides a large address space, IoT devices operate with constrained resources and hence, IPv6 protocol and its headers will induce additional overhead for their operation. Interestingly, we observed that IoTs are information centric in nature and therefore, ICN could be the more suitable candidate to support IoT environments. Although NDN and COPSS are designed for the Internet, their current full fledged implementations cannot be used by the resource constrained IoT devices. Therefore, CCN-lite was designed to provide a light weight, inter-operable version of the CCNx protocol to support the IoT devices. However, we show that communication in the IoT networks resemble pub/sub communication paradigm. However, CCN-lite like its ancestors (CCN/NDN) lacks the support for an efficient pub/sub mechanism while COPSS cannot be directly applied to the constrained IoT networks. Therefore, in this work, we develop COPSS-lite, an efficient and light weight implementation of pub/sub along with multi-hop routing to support the IoT networks. Essentially, COPSS-lite enhances CCN-lite with pub/sub capability with minimal overhead and further enables multi-hop connections by incorporating the famous RPL protocol for low power and lossy networks. Through evaluation using the real world sensor devices from the IoT Lab, we demonstrate the benefits of COPSS-lite in comparison with stand alone CCN-lite. Our results show that COPSS-lite is compact, operates on all platforms that support CCN-lite and significantly improves the performance of constrained devices in the IoT environments.

Introduction: The widespread adoption of Internet of Things (IoT) devices has transformed multiple industries, enhancing operational efficiency and convenience. However, the rapid expansion of IoT ecosystems also brings forth significant security challenges. Traditional security frameworks often fail to adequately protect these systems due to their large scale, diversity, and limited resources. In response, cloud-based security solutions have emerged as a promising alternative, offering centralized management, advanced authentication techniques, and real-time threat monitoring. Problem Statement: IoT environments are vulnerable to various security risks, including unauthorized access, data breaches, and device manipulation. Existing security mechanisms often fall short when it comes to defending against sophisticated cyber-attacks targeting IoT devices and networks. The resource-constrained nature of many IoT devices further limits the implementation of robust local security measures. As a result, there is an urgent need for effective, cloud-based security solutions designed specifically for the unique demands of IoT systems. Objective: This research aims to explore the effectiveness of cloud-based security solutions in mitigating the security challenges faced by IoT environments and devices. The study focuses on evaluating the performance of cloud-based authentication mechanisms, intrusion detection systems, and encryption techniques in strengthening the security and privacy of IoT ecosystems. Methodology: A comprehensive approach is employed, combining a literature review, case studies, and empirical research to assess the current landscape of IoT security in smart environments. Data collection includes unstructured interviews with industry experts and stakeholders, offering insights into current practices and emerging security trends. The research framework incorporates threat modeling, risk assessments, and the development of proactive security strategies. Results: Initial findings indicate that cloud-based security solutions offer several benefits for protecting IoT environments and devices. Centralized management enhances integration and scalability, while advanced authentication methods, such as multi-factor and biometric authentication, improve access control. Real-time threat detection and response capabilities further bolster security by enabling timely interventions to prevent breaches and attacks. Conclusion: Cloud-based security solutions present a highly effective approach to addressing the unique security concerns of IoT environments and devices. By leveraging the scalability, flexibility, and computational power of cloud platforms, organizations can enhance the resilience of their IoT deployments against evolving cyber threats. However, further research is needed to optimize cloud-based security tools to better serve diverse IoT applications and use cases.

Internet of Things (IoT) devices are widely used in many industries including smart cities, smart agriculture, smart medical, smart logistics, etc. However, Distributed Denial of Service (DDoS) attacks pose a serious threat to the security of IoT. Attackers can easily exploit the vulnerabilities of IoT devices and control them as part of botnets to launch DDoS attacks. This is because IoT devices are resource-constrained with limited memory and computing resources. As an emerging technology, Blockchain has the potential to solve the security issues in IoT. Therefore, it is important to analyse various Blockchain-based solutions to mitigate DDoS attacks in IoT. In this survey, a detailed survey of various Blockchain-based solutions to mitigate DDoS attacks in IoT is carried out. First, we discuss how the IoT networks are vulnerable to DDoS attacks, its impact over IoT networks and associated services, the use of Blockchain as a potential technology to address DDoS attacks, in addition to challenges of Blockchain implementation in IoT. We then discuss various existing Blockchain-based solutions to mitigate the DDoS attacks in the IoT environment. Then, we classify existing Blockchain-based solutions into four categories i.e., Distributed Architecture-based solutions, Access Management-based solutions, Traffic Control-based solutions and the Ethereum Platform-based solutions. All the solutions are critically evaluated in terms of their working principles, the DDoS defense mechanism (i.e., prevention, detection, reaction), strengths and weaknesses. Finally, we discuss future research directions that can be explored to design and develop better Blockchain-based solutions to mitigate DDoS attacks in IoT.

Recently, IETF (Internet Engineering Task Force) presented CoAP (Constrained Application Protocol) for the communication between sensor and actuator nodes in a constrained environment such as small amount of memory and low power. IETF CoAP protocol can convert easily, and can use to monitor or control infrastructure utilities through low-power sensor and actuator networks in IoT (Internet of Things) and M2M (Machine-to-Machine) environment. IETF CoAP protocol provides the special requirements of this constrained environment, especially considering energy, automation, and other IoT applications. In this paper, we design and implement a node registration and discovering based CoAP in IoT environment. The node is a CoAP node which is designed for working in constrained environment. For node registration in IoT, we used CoRE RD (Resource Directory) functionalities to register CoAP node’s information which works in IoT environment.

This work is fulfilled in the context of the optimized monitoring of Internet of Things (IoT) networks. IoT networks are faulty; Things are resource-constrained in terms of energy and computational capabilities; they are also connected via lossy links. For IoT systems performing a critical mission, it is crucial to ensure connectivity, availability, and network reliability, which requires proactive network monitoring. The idea is to oversee the network state and functioning of the nodes and links; to ensure the early detection of faults and decrease node-unreachability times. It is imperative to minimize the resulting monitoring energy consumption to allow the IoT network to perform its functions. Furthermore, to realize the integration of the monitoring mechanism with IoT services, this latter should work in tandem with the IoT standardized protocols, especially the IPv6 for Low-power Wireless Personal Area Networks (6LoWPAN) and the Routing Protocol for Low-power and lossy networks (RPL). In this paper, an optimized, proactive, passive monitoring system is proposed for IoT networks. The proposition ensures the optimal placement of monitoring nodes (monitors). Leveraging the graph built by RPL for routing (the DODAG), minimal sets of monitors are optimally placed to cover a given domain. The monitoring activity is optimally scheduled between several subsets of nodes to prolong longevity while minimizing the energy consumption for monitoring, communication, and state transitions. Our proposition provides the exact solution to the defined monitoring placement and scheduling problem via a Binary Integer Program. The model serves as a benchmark for the performance evaluation of contemporary models. Experimentation is designed using network instances of different topologies. Results demonstrate the proposed model’s effectiveness in realizing full monitoring coverage with minimum energy consumption and communication overhead and a balanced distributed monitoring role.

Under unreliable constrained wireless networks for Internet of Things (IoT) environments, the loss of the signaling message may frequently occur. Mobile Internet Protocol version 6 (MIPv6) and its variants do not consider this situation. Consequently, as a constrained device moves around different wireless networks, its Internet Protocol (IP) connectivity may be frequently disrupted and power can be drained rapidly. This can result in the loss of important sensing data or a large delay for time-critical IoT services such as healthcare monitoring and disaster management. This paper presents a reliable mobility management mechanism in Internet of Things environments with lossy low-power constrained device and network characteristics. The idea is to use the Internet Engineering Task Force (IETF) Constrained Application Protocol (CoAP) retransmission mechanism to achieve both reliability and simplicity for reliable IoT mobility management. Detailed architecture, algorithms, and message extensions for reliable mobility management are presented. Finally, performance is evaluated using both mathematical analysis and simulation.

In the past decade, it has been observed that the number of devices is increasing at an exponential rate all around the world. In such a case, there is a need for networking across the globe, irrespective of real-time constraints. As a result, long-range communication gets affected on a large scale. In this context, the Internet of Things (IoT) environment provides a platform where different types of devices coexist to perform various operations. Since the IoT devices at the physical layer have very small memory footprints, it becomes extremely difficult for them to perform heavy computation locally. The cloud provides a platform to reduce this limitation. The integration of the IoT with the cloud can be considered a cost-effective solution for businesses, wherein there is a flexibility for managing and analyzing the data gathered by the connected devices. Moreover, fog computing plays a major role in nullifying the gap between the cloud and IoT devices. This chapter discusses the promising role of an IoT environment to fulfill the needs of real-time computation and communication in the current era. Additionally, the idea behind utilizing cloud and fog computing, their architectural frameworks, design, implementation potential, and applications with respect to the IoT environment are also discussed. Finally, the significance of integrating IoT, cloud and fog computing is explored with the use of a few case studies.

The rapid adoption of Internet of Things (IoT) devices has significantly increased cybersecurity risks, making them vulnerable to anomalies, attacks, and unauthorized access. Traditional security mechanisms struggle to handle the massive data flow, real-time processing requirements, and evolving cyber threats in IoT networks. This paper presents an integrated approach using Deep Neural Networks and Blockchain technology (DNNs-BCT) to enhance anomaly detection and prevention in IoT environments. Our proposed framework employs DNNs for intelligent anomaly detection, leveraging multi-layer feature extraction and adaptive learning mechanisms. The DNN model is trained on IoT traffic datasets to classify network behavior as normal or anomalous, effectively detecting threats such as Distributed Denial of Service (DDoS) attacks, malware injections, and insider threats. Unlike traditional rule-based intrusion detection systems (IDS), the DNN continuously learns and adapts to new attack patterns, improving detection accuracy and false-positive reduction. This study integrates Blockchain technology into the IoT ecosystem to ensure data integrity, transparency, and decentralized security. Each IoT device logs its activity onto a private blockchain network, preventing data tampering, unauthorized access, and single points of failure. The blockchain employs smart contracts for automated threat response, instantly mitigating malicious activity without human intervention. This distributed ledger approach enhances trust, authentication, and secure communication across IoT devices. The synergy between DNN-based anomaly detection and Blockchain-based security provides a robust, scalable, and adaptive solution for real-time cybersecurity threats in IoT networks. With a low false-positive rate of 15.42% and a strong detection accuracy of 99.18%, the proposed model successfully identifies malicious activity, including malware injections and Distributed Denial of Service (DDoS) assaults. Blockchain technology replaces single points of failure and forbids illegal changes by providing data integrity, openness, and decentralizing powers. Furthermore, smart contracts allow autonomous, real-time attack responses, enhancing reaction time efficiency (95.25%) and general system scalability (94.96%).

While the Internet of Things (IoT) becomes increasingly popular and ubiquitous, IoT devices often remain unprotected and can be exploited to launch large-scale distributed denial-of-service (DDoS) attacks. One could attempt to employ traditional DDoS defense solutions, but these solutions are hardly suitable in IoT environments since they seldom consider the resource constraints of IoT devices. We present FR-WARD, a system that defends against DDoS attacks launched from an IoT network. FR-WARD operates close to potential attack sources at the gateway of an IoT network and drops packets to throttle any DDoS traffic that attempts to leave the IoT network. However, in order to properly react to traffic too difficult to categorically label as good or bad, FR-WARD employs a novel response based on the fast retransmit and flow control mechanisms of the Transmission Control Protocol (TCP) which minimizes the energy consumption and network latency of benign IoT devices within the policed network. Based on our mathematical analysis, simulation, and experimental evaluation, FR-WARD not only effectively mitigates DDoS traffic, but also minimizes the number of retransmitted packets and the connection durations of benign IoT devices. In fact, FR-WARD can successfully mitigate both naive flood attacks and smarter DDoS attacks that follow TCP congestion control but still reduce overhead caused by retransmitted packets for benign IoT devices by a up to a factor of 150.

The vast expansion of the Internet of Things (IoT) devices and related applications has bridged the gap between the physical and digital world. Unfortunately, security remains a major challenge and the lack of secure links have fueled the increased attacks on IoT devices and networks. Due to its inherent scalability, Public Key Infrastructure (PKI) is the well-known and classic approach to bring public-key certificate based security to IoT. Even though the standard X.509 explicit certificates can be viable solution, they are inefficient and too large for resource constrained IoT networks and therefore, smaller, faster and more efficient Elliptic Curve Qu Vanstone (ECQV) implicit certificates can be employed for establishing authenticated connections in IoT. Moreover, the existing certificate-based authentication proposals in standardized IoT networks have either been deployed at the transport or physical layers. Thus, these proposals fail to provide true end-to-end security to messages at the application layer in the presence of intermediate CoAP proxies. This challenging aspect is addressed in this proposal by focusing on the certificate-based authentication at the application layer to ensure true end-to-end security of messages. Additionally, IoT application layer security protocols like EDHOC lacks mechanism for authenticated distribution of public keys and thus, there is a need for lightweight authentication based cryptographic primitive for establishing secure key agreement in IoT. This paper introduces a design and implementation of a lightweight ECQV implicit certificate and use them for authenticated key exchange in EDHOC at the application layer. We also design a lightweight profile with a novel encoding mechanism for ECQV implicit certificate, called L-ECQV. To prove its viability, L-ECQV has been implemented and evaluated on Contiki operating system. Our evaluation results show that the proposed L-ECQV certificate approach reduces energy consumption by 27%, message overhead of EDHOC handshake by 52%, and shows improvements in certificate validation time. The security analysis demonstrates that proposed L-ECQV certificates for EDHOC protocol is secure against a number of attack vectors present in the IoT network. This novel combination of ECQV certificates with EDHOC key exchange leads to a secure and lightweight authenticated key agreement in IoT networks.

The Internet of Things (IoT) is an ever expanding discipline encompassing all orbits of life, and its development has resulted in enormous benefits. IoT has made it possible for simple electronic objects to participate in the Internet. However, the growth of IoT has also resulted in considerable security issues. Devices that build up an IoT network have constrained resources and battery power making it difficult to incorporate a proper security mechanism in an IoT environment. The devices in IoT are vulnerable to numerous threats, and the volume of these threats is ever increasing. Distributed Denial of Service (DDoS) is one of the attacks that have gained momentum with the growth of IoT. DDoS not only influences IoT network, but IoT botnets can also be used to launch voluminous DDoS attacks. Although numerous lightweight security protocols and mechanisms have been designed for improvement of security scenario in IoT networks, most of the security concerns are yet to be assuaged. In this paper, we propose a Software-Defined Network (SDN)-based security mechanism, for detection and alleviation of DDoS in IoT networks. SDN is a flexible method of managing and controlling a network that segregates data and control planes. It makes networks programmable which can be used to develop an efficient method to deal with catastrophic attacks in IoT networks.

The Internet of Things (IoT) makes everything as smart. IoT networks are considered Low Power and Lossy Networks (LLNs) because IoT devices are resource-constrained.The Internet Engineering Task Force (IETF) proposed a Routing Protocol for LLNs known as RPL. The RPL does not support multicast forwarding. So, this paper proposed Ensure Multicast Routing and Enable Secure Data (EMR-ESD) protocol for providing Multicast Data Transmission in RPL-based IoT networks. This EMR-EMD protocol is simulated in Cooja Simulator which belongs to Contiki Operating System. The simulation result shows that the proposed EMR-ESD protocol reduces the energy consumption and memory overhead of each node and also, increases the average packet delivery ratio and network lifetime of IoT networks than the existing RPL-based protocols.

The proliferation of Internet of Things (IoT) devices has introduced unprecedented connectivity and convenience but also heightened the vulnerability to botnet attacks. There are an increasing number of Internet of Things (IoT) devices connected to the network these days, and due to the advancement in technology, the security threads and cyberattacks, such as botnets, are emerging and evolving rapidly with high-risk attacks. These attacks disrupt IoT transition by disrupting networks and services for IoT devices. Many recent studies have proposed ML and DL techniques for detecting and classifying botnet attacks in the IoT environment. This project presents a straightforward approach to detect botnet activity within IoT networks through the utilization of machine learning techniques. By analyzing network traffic patterns and employing unsupervised learning algorithms, we demonstrate an effective method to identify and mitigate botnet threats in IoT environments. By this project we intend to offer a valuable contribution in enhancing the security of IoT ecosystem. Key Word: Internet of Things(IoT),cybersecurity, botnet attacks, machine learning(ML),UNSW-NB15 dataset, exploratory data analysis, XgBoost

The swift development of the Internet of Things (IoT) devices has created a pressing need for effective cybersecurity measures. They are vulnerable to different cyber threats that can compromise the functionality and security of urban systems. Distributed Denial of Service (DDoS) attacks are among IoT networks’ most challenging and destructive cyber threats. With the rapid growth in IoT devices and users, the vulnerability of IoT devices to such attacks has enhanced significantly, making DDoS attacks a predominant threat. This work introduces several approaches for effectively detecting IoT-based DDoS threats. Classical machine learning (ML) techniques mostly face difficulty in managing real-world traffic characteristics effectually, making them less appropriate for detecting DDoS attacks. In contrast, Artificial Intelligence (AI)-based methods have proven more effective in detecting cyber-attacks than conventional approaches. This manuscript proposes an effective Feature Pruning with Optimal Deep Learning-based DDoS Attack Detection (FPODL-DDoSAD) technique in the IoT framework. The FPODL-DDoSAD technique initially uses a min-max scalar for the data scaling into the standard layout. Besides, the feature pruning process is performed using an improved pelican optimization algorithm (IPOA), which enables the choice of an optimal subset of features. Meanwhile, DDoS attacks are recognized using a sparse denoising autoencoder (SDAE) model. Furthermore, the parameter tuning of the SDAE classifier is accomplished by utilizing the Fish Migration Optimizer (FMO) technique. The experimental values of the FPODL-DDoSAD approach are assessed on the benchmark BoT-IoT dataset. The comparison study of the FPODL-DDoSAD method demonstrates a superior accuracy value of 99.80% over existing techniques.