10. IOT Security

Question 1

What is IOT

Answer 1

1. consumer wearables, household appliances
2. assigned with IP
3. less human intervention, greater machine autonomy
   - better accuracy
   - better efficiency
   - higher productivity

Question 2

Types of IOT applications

Answer 2

1. consumer
2. commercial
3. industrial
4. infrastructure
5. military

Question 3

security challenges for IOT

Answer 3

1. IOT network implies that device connects to the outside world. World has access to device and everything it is connected to
2. IOT devices are resources limited. Do not contain resources to implement strong security
3. manufacturer may not build security as it may interfere with functionality and increase cost
4. IOT devices are ‘set and forget’. Hardly receive security patches
5. IOT devices has no security against modern threats
6. No single agreed framework
7. IOT exploits use device as entry point into network

Question 4

Routing protocol for low power lossy network

Answer 4

iot devices have limited energy and computing resources. Often face unfavourable environmental factors. –> constrained nodes

constrained nodes optimise energy and network bandwidth usage –> constrained networks

constrained networks have:

• low throughput
• high packet loss
• assymetric link

Question 5

RPL

Answer 5

1. protocol that provides IPv6 connection to low power lossy network(LLN)
2. manipulates vectors of distance to other networks
3. periodic update neighbours of topology changes
   - known as distance-vector protocol
   - based on direction and distance

Question 6

direction oriented directed acyclic graph (DODAG)

Answer 6

supports storing/ non storing mode

storing mode:

• downward routing table kept at each node
• travels as far as common parent

non storing mode:

• reduce memory usage
• non root node do not have routing table
• use root node/ src node to transmit data

Question 7

DODAG network organisation

Answer 7

1. only has directed cycles, with no cycles

2. OBJECTIVE FUNCTIONS determines which link to be used in selecting optimised route

Question 8

Objective functions

Answer 8

defines how nodes select parents
provides node rank(lower better)
variables:
 - energy consumption
 - expected transmission count
 - packet delivery ratio

Question 9

RPL collection and configuration

Answer 9

multipoint to point
- data collection from sensors(up)

point to multipoint
- network sensors configuration (down)

point to point
- RPL does not support point to point well

Question 10

RPL rank computation ETX

Answer 10

rank

• 16 bit integer
• defines node position
• takes floor of number

rank(x) = rank(parent) + expected transmission count(x, parent)

Question 11

RPL rank computation Residual Energy

Answer 11

high link quality = low link cost = higher residual energy

rank(x) = rank(parent) + (max energy - x energy)

Question 12

Theory of rank computation DODAG

Answer 12

rank = floor(rank(node))/Min Hop Rank Increase

rank(A) < rank(B)
if floor(rank(A)/ MinHopRankIncrease)
is less than
floor(rank(B)/ MinHopRankIncrease)

eg
MHRI = 32
rank = 953
rank 928 to 959 will be siblings

MHRI can be used to detect sibling nodes

Question 13

RPL rank computation Min Hop Rank Increase

Answer 13

once node has chosen its parents, node will compute its own rank. Preferred parent need not have lowest rank.

rank(x) = rank(parents) + rank_increase
rank_increase = step + MHRI(Max Energy)
step = Root_energy - Node_energy

therefore
rank(x) = rank(parents) +
floor(((Root_energy - Node_energy) + MHRI)/ MHRI)

Question 14

RPL MHROF

Answer 14

finds path with minimum rank(lowest cost)

Question 15

3 types of control messages

Answer 15

DODAG information object DIO

DODAG information solicitation DIS

Destination advertisement object DAO

Question 16

DODAG information object

Answer 16

carries information that allows node to

• be discovered
• learn configuration parameters
• select parent
• maintain DODAG

Question 17

DODAG information solicitation

Answer 17

probe for DIO from RPL nodes for discovery
8 bit flag initialised to 0 to be ignored
8 bit reserved initlialised to 0 to be ignored

Question 18

Destination advertisement object

Answer 18

propagate destination information upwards
storing mode - unicast to select parents
non storing mode - unicast to root

Question 19

DODAG construction messages

Answer 19

root creates RPL instance and let other nodes join

DIS broadcasted by new nodes to obtain info to join

neighbours reply with DIO

each node calculate rank based using OF and neighbours rank

lowest rank selected as preferred parent, informed via DAO

preferred parent reply with DAO acknowledgement

upwards routes created by DIO(nodes sends DIO upwards)

downward routes created by DAO, leaf nodes send DAO to inform parent

Question 20

RPL reconstruction and self healing

Answer 20

nodes may disappear (run out of battery etc..)
alternates routes through other parents to repair network

DODAG version number maintained by ROOT. global repair = +1

version number ensures that no loops, routing table not obsolete, no inconsistency and allow nodes to choose new parents without past influence.

on local link failure, select alternate parent
if more local failures, root initiates global repair

Question 21

trickle timer

Answer 21

used to manage control traffic overhead

increase send rate if inconsistency detected to resolve problem quickly.

Question 22

DODAG upwards construction

Answer 22

install upwards routes first
roots broadcasts DIO
neighbours receives, send DAO to add as parents
then broadcast DIO to other nodes

Question 23

DODAG downwards construction non storing

Answer 23

new node sends DAO, transmitted to root

root use DAO to route and join new node

Question 24

DODAG downwards construction storing

Answer 24

new node sends DAO

preferred parent acknowledges

Question 25

RPL types of attacks

Answer 25

1. resources
   - direct
   - indirect
2. topology
   - sub optimal
   - isolation
3. traffic
   - eaves dropping
   - misappropriation

Question 26

resources: direct: flooding

Answer 26

malicious node can be outsider/insider
generate large amount of traffic through DIS
cause other nodes to send DIO

Question 27

resources: indirect: routing table overload

Answer 27

malicious node send multiple forged DAO with false destination to parent. parent node routing table will be overloaded, unable to log legit entries

Question 28

resources: indirect: increased rank

Answer 28

malicious node increase own rank, removes parents and chooses one of its children as parent. causing a loop. children will not be able to connect to root

Question 29

resources: indirect: version number modification

Answer 29

attacker generates DIO with false version number
root attempts to global repair and removes all children
roots gets separated and attacker takes over

Question 30

topology: sub optimisation: sink hole

Answer 30

attacker attracts traffic

drops packets and send bogus info to root

Question 31

topology: sub optimisation: worm hole

Answer 31

…

Question 32

topology: sub optimisation: replay

Answer 32

records valid info
forwards later
cause nodes to update routing table with outdated data

Question 33

topology: isolation: black hole

Answer 33

nodes advertise as best route

drops all packet

Question 34

traffic: eavesdropping: sniffing

Answer 34

passive listening
difficult to detect
data protection: encryption
compromise routing information: encryption useless

Question 35

traffic: misappropriation: decreased rank

Answer 35

attacker advertise false rank
packets gets sent through attacker.
access to info passing through