kth.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Intrusion Detection and light weight Firewall for the 6LoWPAN networks
KTH, School of Information and Communication Technology (ICT).
2014 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

IPv6 over Low power WPAN (6loWPAN) is an adaption layer introduced between the link layer and the network layer in the TCP/IP protocol stack to t the IPv6 datagrams over the IEEE 802.15.4 link layer. 6loWPAN networks comprise of internet enabled resource-constrained smart objects which are interconnected with each other through the Internet Protocol (IPv6). In Internet of Things (IoT), smart devices of the 6loWPAN networks are connected to the unsecured public Internet. RPL (Routing Protocol for Low-Power and Lossy Networks) is the standardized routing protocol dened for routing IP datagrams over the lossy links in LLN (Low-Power and Lossy Networks). In IoT, all devices have a global identity and could be accessed from anywhere in the globe. Hence, security is an important factor in protecting the devices and their informational resources from adversaries. Security solutions must be highly e ective for smart objects considering their limited resources. Despite the state of the art crypto solutions providing information security, IPv6 enabled smart objects are vulnerable to attacks from outside and inside the 6LoWPAN networks.

This thesis attempts to identify the intrusions aimed to disrupt 6LoWPAN networks and to prevent external adversaries taking advantage of the resource constrained 6LoWPAN environment. We review state of the art security attacks in conventional WSNs and the RPL-based LLNs. In order to improve the security within 6LoWPAN networks, we extend SVELTE (an IDS for the IoT) by adding ETX (Expected Transmissions) parameter in the 6Mapper. In RPL, ETX is a link reliability metric which indicates the number of successful IP datagram transmissions with respect to the Border Router. Monitoring the ETX value could prevent the Border Router and neighboring nodes to engage actively with the malicious intruder. We propose a geographic routing algorithm to identify the malicious node conducting attacks against ETX-based solutions. We also implement a lightweight rewall at the Border Router to prevent 6LoWPAN networks from external attackers. In this rewall we conduct a stateful deep packet inspection on the protocols adhering to the protocol stack for the 6LoWPAN networks. Our evaluation shows that the IDS module with ETX metric consumes negligible energy and very less CPU processing power. Our intrusion detection mechanisms improves the true positive rate of SVELTE.

Place, publisher, year, edition, pages
2014. , p. 51
Series
TRITA-ICT-EX ; 2014:175
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:kth:diva-177802OAI: oai:DiVA.org:kth-177802DiVA, id: diva2:874288
Examiners
Available from: 2015-12-01 Created: 2015-11-26 Last updated: 2022-06-23Bibliographically approved

Open Access in DiVA

fulltext(1455 kB)543 downloads
File information
File name FULLTEXT01.pdfFile size 1455 kBChecksum SHA-512
b95cb34a643565cf37c0510b8133f0676b1e86bf7b157ea2f9d76003f59e4c4331398fc15503d6006896f0e998b910c7f9d431073028ebc19d6d7b3427301927
Type fulltextMimetype application/pdf

By organisation
School of Information and Communication Technology (ICT)
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 543 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 842 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf