QSec-RPL: Detection of version number attacks in RPL based mobile IoT using Q-Learning

Abstract

Internet of Things (IoT) has revolutionized the networking by connecting the real world entities to the Internet. IoT connects the communication devices and has an incredible impact on perspective analytics on the massive volume of data produced every day. An attacker may exploit vulnerabilities of IoT entities and compromise users’ security and privacy. Development of solutions to address security and privacy issues of IoT is in premature stage and considered as challenge. This challenge becomes more critical when the devices in the network are resource-constrained in terms of energy, processing and memory. The IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN) has emerged in recent years as an adaptation layer to carry IPv6 packets over IEEE 802.15.4. Many IoT applications use Routing Protocol for Low Power and Lossy Networks (RPL) as a network layer protocol developed for routing in 6LoWPAN. Security is challenging in resource constrained environment where encryption may not be a viable solution. Version number attack is one of the most common network layer attacks against RPL based 6LoWPAN. The RPL specification does not address the integrity of the version number and therefore leaves version number mechanism as a weak point in terms of security. This paper investigates the impact of version number attack in RPL networks while considering mobility of the sensor nodes. We propose a solution that utilizes Q-Learning strategy to detect the malicious nodes that are performing version number attack. The proposed approach detects malicious nodes with reasonable accuracy while imposing significantly less overhead on the nodes of low power and lossy networks. There are other approaches too like Message Authentication Codes (MAC) based on symmetric keys but these techniques have memory and communication overhead. So we propose different approach Q-Learning to detect the attacker nodes.