A Simple Approach for Mitigating a New Flooding Attack in RPL-Based IoT Networks

Mehdi Rouissat; Ibrahim S. Alsukayti; Mohammed Belkheir; Mohammed Alreshoodi; Allel Mokaddem; Djamila Ziani

doi:10.1109/ACCESS.2025.3525798

IEEE Access (Jan 2025)

A Simple Approach for Mitigating a New Flooding Attack in RPL-Based IoT Networks

Mehdi Rouissat,
Ibrahim S. Alsukayti,
Mohammed Belkheir,
Mohammed Alreshoodi,
Allel Mokaddem,
Djamila Ziani

Affiliations

Mehdi Rouissat: ORCiD; University Center of Nour Bachir El-Bayadh, STIC Laboratory, University Aboubekr Belkaid, Tlemcen, Algeria
Ibrahim S. Alsukayti: ORCiD; Department of Computer Science, College of Computer, Qassim University, Buraydah, Saudi Arabia
Mohammed Belkheir: LIMA Laboratory, University Center of Nour Bachir El-Bayadh, El-Bayadh, Algeria
Mohammed Alreshoodi: ORCiD; Unit of Scientific Research, Applied College, Qassim University, Buraydah, Saudi Arabia
Allel Mokaddem: LIMA Laboratory, University Center of Nour Bachir El-Bayadh, El-Bayadh, Algeria
Djamila Ziani: ORCiD; LIMA Laboratory, University Center of Nour Bachir El-Bayadh, El-Bayadh, Algeria

DOI: https://doi.org/10.1109/ACCESS.2025.3525798
Journal volume & issue: Vol. 13
pp. 5342 – 5358

Abstract

Read online

The growing deployment of Internet of Things (IoT) devices in diverse daily-life smart applications makes the security of IoT networks a critical requirement. However, efficient support of network security remains challenging even for a standardized IoT network protocol such as the IPv6 Routing Protocol for Low Power and Lossy Networks (RPL). It incorporates limited protection from external security attacks but stays considerably vulnerable to internal routing attacks. The inherent design of RPL, particularly its topology establishment and maintenance mechanism, makes it easy to initiate more damaging attacks such as flooding attacks. Given the constrained characteristics of IoT devices, flooding IoT networks can easily lead to resource exhaustion and network performance degradation. This paper introduces a new variant of the flooding attack namely the Destination Advertisement Object Flooding (DAOF) attack. It is based on using routing communications, particularly the DAO messages, to disseminate unnecessary routing traffic which instigate excessive transmissions of control messages across the network. As demonstrated by the experimental results of this study, the DAOF attack can increase network overhead by more than 65% even in a relatively small-scale setup. Additionally, it can notably lead to high energy consumption with an average increase of 36% and low QoS performance with an average latency increase of 150%. For effective mitigation of the DAOF attack, a new lightweight solution based on a simple collaboration among RPL nodes is presented in this paper. It is referred to as DAOF-Secure RPL (DAOF-SRPL). It is based on simple in-protocol modifications to provide RPL with effective security support against the DAOF attack. In contrast to RPL in the attack scenarios, DAOF-SRPL achieved a reduction of over 80% in the total transmission rates of control messages. Meanwhile, it was able to maintain energy consumption and latency at minimal levels while preserving the same PDR results.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords