10. IOT Security Flashcards

1
Q

What is IOT

A
  1. consumer wearables, household appliances
  2. assigned with IP
  3. less human intervention, greater machine autonomy
    - better accuracy
    - better efficiency
    - higher productivity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Types of IOT applications

A
  1. consumer
  2. commercial
  3. industrial
  4. infrastructure
  5. military
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

security challenges for IOT

A
  1. IOT network implies that device connects to the outside world. World has access to device and everything it is connected to
  2. IOT devices are resources limited. Do not contain resources to implement strong security
  3. manufacturer may not build security as it may interfere with functionality and increase cost
  4. IOT devices are ‘set and forget’. Hardly receive security patches
  5. IOT devices has no security against modern threats
  6. No single agreed framework
  7. IOT exploits use device as entry point into network
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Routing protocol for low power lossy network

A

iot devices have limited energy and computing resources. Often face unfavourable environmental factors. –> constrained nodes

constrained nodes optimise energy and network bandwidth usage –> constrained networks

constrained networks have:

  • low throughput
  • high packet loss
  • assymetric link
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

RPL

A
  1. protocol that provides IPv6 connection to low power lossy network(LLN)
  2. manipulates vectors of distance to other networks
  3. periodic update neighbours of topology changes
    - known as distance-vector protocol
    - based on direction and distance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

direction oriented directed acyclic graph (DODAG)

A

supports storing/ non storing mode

storing mode:

  • downward routing table kept at each node
  • travels as far as common parent

non storing mode:

  • reduce memory usage
  • non root node do not have routing table
  • use root node/ src node to transmit data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

DODAG network organisation

A
  1. only has directed cycles, with no cycles

2. OBJECTIVE FUNCTIONS determines which link to be used in selecting optimised route

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Objective functions

A
defines how nodes select parents
provides node rank(lower better)
variables:
 - energy consumption
 - expected transmission count
 - packet delivery ratio
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

RPL collection and configuration

A

multipoint to point
- data collection from sensors(up)

point to multipoint
- network sensors configuration (down)

point to point
- RPL does not support point to point well

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

RPL rank computation ETX

A

rank

  • 16 bit integer
  • defines node position
  • takes floor of number

rank(x) = rank(parent) + expected transmission count(x, parent)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

RPL rank computation Residual Energy

A

high link quality = low link cost = higher residual energy

rank(x) = rank(parent) + (max energy - x energy)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Theory of rank computation DODAG

A

rank = floor(rank(node))/Min Hop Rank Increase

rank(A) < rank(B)
if floor(rank(A)/ MinHopRankIncrease)
is less than
floor(rank(B)/ MinHopRankIncrease)

eg
MHRI = 32
rank = 953
rank 928 to 959 will be siblings

MHRI can be used to detect sibling nodes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

RPL rank computation Min Hop Rank Increase

A

once node has chosen its parents, node will compute its own rank. Preferred parent need not have lowest rank.

rank(x) = rank(parents) + rank_increase
rank_increase = step + MHRI(Max Energy)
step = Root_energy - Node_energy

therefore
rank(x) = rank(parents) +
floor(((Root_energy - Node_energy) + MHRI)/ MHRI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

RPL MHROF

A

finds path with minimum rank(lowest cost)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

3 types of control messages

A

DODAG information object DIO

DODAG information solicitation DIS

Destination advertisement object DAO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

DODAG information object

A

carries information that allows node to

  • be discovered
  • learn configuration parameters
  • select parent
  • maintain DODAG
17
Q

DODAG information solicitation

A

probe for DIO from RPL nodes for discovery
8 bit flag initialised to 0 to be ignored
8 bit reserved initlialised to 0 to be ignored

18
Q

Destination advertisement object

A

propagate destination information upwards
storing mode - unicast to select parents
non storing mode - unicast to root

19
Q

DODAG construction messages

A

root creates RPL instance and let other nodes join

DIS broadcasted by new nodes to obtain info to join

neighbours reply with DIO

each node calculate rank based using OF and neighbours rank

lowest rank selected as preferred parent, informed via DAO

preferred parent reply with DAO acknowledgement

upwards routes created by DIO(nodes sends DIO upwards)

downward routes created by DAO, leaf nodes send DAO to inform parent

20
Q

RPL reconstruction and self healing

A

nodes may disappear (run out of battery etc..)
alternates routes through other parents to repair network

DODAG version number maintained by ROOT. global repair = +1

version number ensures that no loops, routing table not obsolete, no inconsistency and allow nodes to choose new parents without past influence.

on local link failure, select alternate parent
if more local failures, root initiates global repair

21
Q

trickle timer

A

used to manage control traffic overhead

increase send rate if inconsistency detected to resolve problem quickly.

22
Q

DODAG upwards construction

A

install upwards routes first
roots broadcasts DIO
neighbours receives, send DAO to add as parents
then broadcast DIO to other nodes

23
Q

DODAG downwards construction non storing

A

new node sends DAO, transmitted to root

root use DAO to route and join new node

24
Q

DODAG downwards construction storing

A

new node sends DAO

preferred parent acknowledges

25
Q

RPL types of attacks

A
  1. resources
    - direct
    - indirect
  2. topology
    - sub optimal
    - isolation
  3. traffic
    - eaves dropping
    - misappropriation
26
Q

resources: direct: flooding

A

malicious node can be outsider/insider
generate large amount of traffic through DIS
cause other nodes to send DIO

27
Q

resources: indirect: routing table overload

A

malicious node send multiple forged DAO with false destination to parent. parent node routing table will be overloaded, unable to log legit entries

28
Q

resources: indirect: increased rank

A

malicious node increase own rank, removes parents and chooses one of its children as parent. causing a loop. children will not be able to connect to root

29
Q

resources: indirect: version number modification

A

attacker generates DIO with false version number
root attempts to global repair and removes all children
roots gets separated and attacker takes over

30
Q

topology: sub optimisation: sink hole

A

attacker attracts traffic

drops packets and send bogus info to root

31
Q

topology: sub optimisation: worm hole

A

32
Q

topology: sub optimisation: replay

A

records valid info
forwards later
cause nodes to update routing table with outdated data

33
Q

topology: isolation: black hole

A

nodes advertise as best route

drops all packet

34
Q

traffic: eavesdropping: sniffing

A

passive listening
difficult to detect
data protection: encryption
compromise routing information: encryption useless

35
Q

traffic: misappropriation: decreased rank

A

attacker advertise false rank
packets gets sent through attacker.
access to info passing through