Security Mechanisms for 6LoWPAN Network in Context of Internet of Things: A Survey

With the emergence of internet of things (IoT), the physical object belonging to our daily activity and to different domain as: home automation, industrial automation, monitoring environment and health care may be interacted and benefited from the world of internet. Thus, this communication provides several data that are circulate in the different networks as IPv6 network or the 6LoWPAN network. Since the 6LoWPAN network is the fundamental part of IoT, its security is challenge domain whether for the end-to-end security when the data are sent to the server outside the network or for the internal security with the intrusion detection system. In this paper, we present a survey about the proposed researches for the 6LoWPAN network security whether for inside or outside communication of network. The analysis of these proposed security mechanisms in the literature is discussed based on a taxonomy focusing on the following attributes: the selected internet security protocols as DTLS, HIP and IKE for the end-to-end security (out-side the 6LoWPAN network) and the attack detected as routing attack, DDoS attack,…etc. for the intrusion detection system (inside the 6LoWPAN network). We also give the Evaluation of these security mechanisms for 6LoWPAN network in term of different metrics. The aim of this work is to identify leading trends, open issues, and future research possibilities.

[1]  Jonathan Loo,et al.  A Specification-Based IDS for Detecting Attacks on RPL-Based Network Topology , 2016, Inf..

[2]  Michele Nogueira Lima,et al.  Detection of sinkhole attacks for supporting secure routing on 6LoWPAN for Internet of Things , 2015, 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM).

[3]  Imrich Chlamtac,et al.  Internet of things: Vision, applications and research challenges , 2012, Ad Hoc Networks.

[4]  Utz Roedig,et al.  Securing communication in 6LoWPAN with compressed IPsec , 2011, 2011 International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS).

[5]  Pavan Pongle,et al.  Real Time Intrusion and Wormhole Attack Detection in Internet of Things , 2015 .

[6]  Oscar Garcia-Morchon,et al.  Security Considerations in the IP-based Internet of Things , 2013 .

[7]  Utz Roedig,et al.  Secure communication for the Internet of Things - a comparison of link-layer security and IPsec for 6LoWPAN , 2014, Secur. Commun. Networks.

[8]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[9]  Jorge Sá Silva,et al.  End-to-end transport-layer security for Internet-integrated sensing applications with mutual and delegated ECC public-key authentication , 2013, 2013 IFIP Networking Conference.

[10]  Rabia Riaz,et al.  Security analysis survey and framework design for IP connected LoWPANs , 2009, 2009 International Symposium on Autonomous Decentralized Systems.

[11]  Maryline Laurent-Maknavicius,et al.  Survey on secure communication protocols for the Internet of Things , 2015, Ad Hoc Networks.

[12]  Mohamad Badra Pre-Shared Key Cipher Suites for Transport Layer Security (TLS) with SHA-256/384 and AES Galois Counter Mode , 2008 .

[13]  Rajeev Kumar Kanth,et al.  Distributed internal anomaly detection system for Internet-of-Things , 2016, 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[14]  Thiemo Voigt,et al.  Lithe: Lightweight Secure CoAP for the Internet of Things , 2013, IEEE Sensors Journal.

[15]  Thiemo Voigt,et al.  Lightweight IKEv2: A Key Management Solution for both Compressed IPsec and IEEE 802.15.4 Security , 2012 .

[16]  Mansour Sheikhan,et al.  Hybrid of anomaly-based and specification-based IDS for Internet of Things using unsupervised OPF based on MapReduce approach , 2017, Comput. Commun..

[17]  Sean Carlisto de Alvarenga,et al.  A survey of intrusion detection in Internet of Things , 2017, J. Netw. Comput. Appl..

[18]  Pascal Thubert,et al.  Compression Format for IPv6 Datagrams over IEEE 802.15.4-Based Networks , 2011, RFC.

[19]  Thiemo Voigt,et al.  Routing Attacks and Countermeasures in the RPL-Based Internet of Things , 2013, Int. J. Distributed Sens. Networks.

[20]  Mininath K. Nighot,et al.  Secure and Cost-effective Application Layer Protocol with Authentication Interoperability for IOT , 2016 .

[21]  Thiemo Voigt,et al.  SVELTE: Real-time intrusion detection in the Internet of Things , 2013, Ad Hoc Networks.

[22]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[23]  Hanno Wirtz,et al.  Tailoring end-to-end IP security protocols to the Internet of Things , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[24]  Gang Feng,et al.  Intrusion detection system for RPL from routing choice intrusion , 2015, 2015 IEEE International Conference on Communication Workshop (ICCW).

[25]  Thiemo Voigt,et al.  6LoWPAN Compressed DTLS for CoAP , 2012, 2012 IEEE 8th International Conference on Distributed Computing in Sensor Systems.

[26]  Thomas R. Henderson,et al.  Host Identity Protocol Version 2 (HIPv2) , 2015, RFC.

[27]  Maurizio A. Spirito,et al.  Denial-of-Service detection in 6LoWPAN based Internet of Things , 2013, 2013 IEEE 9th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[28]  Carsten Bormann,et al.  6LoWPAN: The Wireless Embedded Internet , 2009 .

[29]  P. Venkata Krishna,et al.  A Learning Automata Based Solution for Preventing Distributed Denial of Service in Internet of Things , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[30]  Georg Carle,et al.  A DTLS based end-to-end security architecture for the Internet of Things with two-way authentication , 2012, 37th Annual IEEE Conference on Local Computer Networks - Workshops.

[31]  Cristina Alcaraz,et al.  Key management systems for sensor networks in the context of the Internet of Things , 2011, Comput. Electr. Eng..

[32]  Charlie Kaufman,et al.  Internet Key Exchange (IKEv2) Protocol , 2005, RFC.

[33]  Guangjie Han,et al.  Policy and network-based intrusion detection system for IPv6-enabled wireless sensor networks , 2014, 2014 IEEE International Conference on Communications (ICC).

[34]  Stephen T. Kent IP Authentication Header (AH) , 2013 .

[35]  Eric Rescorla,et al.  Datagram Transport Layer Security Version 1.2 , 2012, RFC.

[36]  Alexis Olivereau,et al.  D-HIP: A distributed key exchange scheme for HIP-based Internet of Things , 2012, 2012 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM).

[37]  Tsung-Han Lee,et al.  A Lightweight Intrusion Detection Scheme Based on Energy Consumption Analysis in 6LowPAN , 2013, EMC/HumanCom.

[38]  Sayan Kumar Ray,et al.  Secure routing for internet of things: A survey , 2016, J. Netw. Comput. Appl..