Research Article
BibTex RIS Cite

RPL Tabanlı Atakların Ağ Adli Bilişimi

Year 2020, , 2366 - 2376, 29.10.2020
https://doi.org/10.29130/dubited.788006

Abstract

Her geçen gün hızla artan IoT cihazları artık hayatımızın her yerindedir. WSN'ler (Kablosuz sensor ağları), gerçek ortamları izlemek için IoT cihazlarıyla birlikte kullanılır. Bu çalışmada WSN’lere yönelik saldırılar gerçekleştirilmiştir. Bu çalışma için seçilen saldırı sel saldırısıdır. Ayrıca sonuçta bu saldırıya yönelik çözüm önerileri sunulmuştur. Bu kapsamda önce referans ve saldırı paketleri toplanmış, ardından toplanan paketler referans paketlerle karşılaştırılarak adli incelemeler yapılmıştır. Değerlendirme sonucu, saldırıları önlemek için 7/24 bazında sürekli izleme ve ağ adli bilişim analizi ile IoT trafiğindeki anormal davranışları tespit etmenin önemini göstermiştir.

References

  • [1] Z. Sun, M. Wei, Z. Zhang, G. Qu, “Secure Routing Protocol Based on Multi-Objective Ant-Colony-Optimization for Wireless Sensor Networks,” Applied Soft Computing, vol. 77, pp. 366-375, 2019.
  • [2] D. Evans, “How the Next Evolution of the Internet Is Changing Everything,” 2011. [Online]. Available: https://www.cisco.com/c/dam/en_us/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf. Accessed: 17.09.2020.
  • [3] S. Görmüş, H. Aydın, G. Ulutaş, “Security for the Internet of Things: A Survey of Existing Mechanisms, Protocols and Open Research Issues,” Journal of the Faculty of Engineering and Architecture of Gazi University, vol. 33, no. 4, pp. 1247-1272, 2018.
  • [4] H. Lamaazi, N. Benamar and A. J. Jara, “RPL-Based Networks in Static and Mobile Environment: A Performance Assessment Analysis,” Journal of King Saud University-Computer and Information Sciences, vol. 30, no. 3, pp. 320-333, 2018.
  • [5] H. Lamaazi, N. Benamar, “A Comprehensive Survey on Enhancements and Limitations of the RPL Protocol: A Focus on the Objective Function,” Ad Hoc Networks, vol. 96, 2020.
  • [6] I. Butun, P. Österberg and H. Song, "Security of the Internet of Things: Vulnerabilities, Attacks, and Countermeasures," IEEE Communications Surveys & Tutorials, vol. 22, no. 1, pp. 616-644, 2020.
  • [7] I. Wadhaj, B. Ghaleb, C. Thomson, A. Al-Dubai and W. J. Buchanan, “Mitigation Mechanisms Against the DAO Attack on the Routing Protocol for Low Power and Lossy Networks (RPL),” IEEE Access, vol. 8, pp. 43665-43675, 2020.
  • [8] C. Pu, “Sybil Attack in RPL-Based Internet of Things: Analysis and Defenses,” IEEE Internet of Things Journal, 2020.
  • [9] A. L. Imoize, T.R. Oyedare, C. G. Ezekafor, & S. Shetty, “Deployment of An Energy Efficient Routing Protocol for Wireless Sensor Networks Operating in A Resource Constrained Environment,” Transactions on Networks and Communications, vol. 7, no. 1, pp. 41-41, 2019.
  • [10] K. N. Qureshi, S. S. Rana, A. Ahmed, & G. Jeon, “A Novel and Secure Attacks Detection Framework for Smart Cities Industrial Internet of Things,” Sustainable Cities and Society, vol. 61, 2020.
  • [11] X. Sun, W. Liu, T. Wang, Q. Deng, A. Liu, N. N. Xiong, & S. Zhang, “Two-Hop Neighborhood Information Joint Double Broadcast Radius for Effective Code Dissemination in WSNs,” IEEE Access, vol. 7, pp. 88547-88569, 2019.
  • [12] A. Verma & V. Ranga, “Addressing Flooding Attacks in IPv6-Based Low Power and Lossy Networks,” TENCON 2019-2019 IEEE Region 10 Conference (TENCON), pp. 552-557, 2019.
  • [13] Y. Meidan, M. Bohadana, Y. Mathov, Y. Mirsky, A. Shabtai, D. Breitenbacher, & Y. Elovici, “N-Baiot—Network-Based Detection of Iot Botnet Attacks Using Deep Autoencoders,” IEEE Pervasive Computing, vol. 17, no. 3, pp. 12-22, 2018.
  • [14] X. Zhang, O. Upton, N. L. Beebe & K. K. R. Choo, “IoT Botnet Forensics: A Comprehensive Digital Forensic Case Study on Mirai Botnet Servers,” Forensic Science International: Digital Investigation, vol. 32, 2020.
  • [15] A. Dunkels, B. Gronvall, & T. Voigt, “Contiki-A Lightweight and Flexible Operating System for Tiny Networked Sensors,” IEEE International Conference on Local Computer Networks, pp. 455-462, 2004.
  • [16] E. Sesli & G. Hacıoğlu, “Contiki OS Usage in Wireless Sensor Networks (WSNs),” Turk J Electrom Energy, vol. 2, no. 2, pp. 1-6, 2017.
  • [17] L. Wallgren, S. Raza & T. Voigt, “Routing Attacks and Countermeasures in the RPL-Based Internet of Things,” International Journal of Distributed Sensor Networks, vol. 9, no. 8, pp. 794326, 2013.
  • [18] V. Hassija, V. Chamola, V. Saxena, D. Jain, P. Goyal & B. Sikdar, “A Survey on IoT Security: Application Areas, Security Threats, and Solution Architectures,” IEEE Access, vol. 7, pp. 82721-82743, 2019.
  • [19] T. Kothmayr, C. Schmitt, W. Hu, M. Brünig & G. Carle, “DTLS Based Security and Two-Way Authentication for the Internet of Things,” Ad Hoc Networks, vol. 11, no. 8, pp. 2710-2723, 2013.
  • [20] S. Raza, S. Duquennoy, J. Höglund, U. Roedig & T. Voigt, “Secure Communication for the Internet of Things—A Comparison of Link‐Layer Security and IPsec for 6LoWPAN,” Security and Communication Networks, vol. 7, no. 12, pp. 2654-2668, 2014.

Network Forensics of RPL-Based Attacks

Year 2020, , 2366 - 2376, 29.10.2020
https://doi.org/10.29130/dubited.788006

Abstract

IoT devices, which are increasing in highly manner day by day, are now in everywhere in our life. WSNs are used together with IoT devices to monitor real environments. In this study, attacks against WSNs were carried out. The attack chosen for this study is a flood attack. In addition, solution suggestions for this attack are presented. In this context, firstly reference and attack packages have been collected, and then the collected packages have been compared with the reference packages and forensic investigations have been carried out. The result of the evaluation has shown the importance continuous monitoring on 24/7 basis and detecting abnormal behaviors in IoT traffic with forensics analysis for preventing attacks.

References

  • [1] Z. Sun, M. Wei, Z. Zhang, G. Qu, “Secure Routing Protocol Based on Multi-Objective Ant-Colony-Optimization for Wireless Sensor Networks,” Applied Soft Computing, vol. 77, pp. 366-375, 2019.
  • [2] D. Evans, “How the Next Evolution of the Internet Is Changing Everything,” 2011. [Online]. Available: https://www.cisco.com/c/dam/en_us/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf. Accessed: 17.09.2020.
  • [3] S. Görmüş, H. Aydın, G. Ulutaş, “Security for the Internet of Things: A Survey of Existing Mechanisms, Protocols and Open Research Issues,” Journal of the Faculty of Engineering and Architecture of Gazi University, vol. 33, no. 4, pp. 1247-1272, 2018.
  • [4] H. Lamaazi, N. Benamar and A. J. Jara, “RPL-Based Networks in Static and Mobile Environment: A Performance Assessment Analysis,” Journal of King Saud University-Computer and Information Sciences, vol. 30, no. 3, pp. 320-333, 2018.
  • [5] H. Lamaazi, N. Benamar, “A Comprehensive Survey on Enhancements and Limitations of the RPL Protocol: A Focus on the Objective Function,” Ad Hoc Networks, vol. 96, 2020.
  • [6] I. Butun, P. Österberg and H. Song, "Security of the Internet of Things: Vulnerabilities, Attacks, and Countermeasures," IEEE Communications Surveys & Tutorials, vol. 22, no. 1, pp. 616-644, 2020.
  • [7] I. Wadhaj, B. Ghaleb, C. Thomson, A. Al-Dubai and W. J. Buchanan, “Mitigation Mechanisms Against the DAO Attack on the Routing Protocol for Low Power and Lossy Networks (RPL),” IEEE Access, vol. 8, pp. 43665-43675, 2020.
  • [8] C. Pu, “Sybil Attack in RPL-Based Internet of Things: Analysis and Defenses,” IEEE Internet of Things Journal, 2020.
  • [9] A. L. Imoize, T.R. Oyedare, C. G. Ezekafor, & S. Shetty, “Deployment of An Energy Efficient Routing Protocol for Wireless Sensor Networks Operating in A Resource Constrained Environment,” Transactions on Networks and Communications, vol. 7, no. 1, pp. 41-41, 2019.
  • [10] K. N. Qureshi, S. S. Rana, A. Ahmed, & G. Jeon, “A Novel and Secure Attacks Detection Framework for Smart Cities Industrial Internet of Things,” Sustainable Cities and Society, vol. 61, 2020.
  • [11] X. Sun, W. Liu, T. Wang, Q. Deng, A. Liu, N. N. Xiong, & S. Zhang, “Two-Hop Neighborhood Information Joint Double Broadcast Radius for Effective Code Dissemination in WSNs,” IEEE Access, vol. 7, pp. 88547-88569, 2019.
  • [12] A. Verma & V. Ranga, “Addressing Flooding Attacks in IPv6-Based Low Power and Lossy Networks,” TENCON 2019-2019 IEEE Region 10 Conference (TENCON), pp. 552-557, 2019.
  • [13] Y. Meidan, M. Bohadana, Y. Mathov, Y. Mirsky, A. Shabtai, D. Breitenbacher, & Y. Elovici, “N-Baiot—Network-Based Detection of Iot Botnet Attacks Using Deep Autoencoders,” IEEE Pervasive Computing, vol. 17, no. 3, pp. 12-22, 2018.
  • [14] X. Zhang, O. Upton, N. L. Beebe & K. K. R. Choo, “IoT Botnet Forensics: A Comprehensive Digital Forensic Case Study on Mirai Botnet Servers,” Forensic Science International: Digital Investigation, vol. 32, 2020.
  • [15] A. Dunkels, B. Gronvall, & T. Voigt, “Contiki-A Lightweight and Flexible Operating System for Tiny Networked Sensors,” IEEE International Conference on Local Computer Networks, pp. 455-462, 2004.
  • [16] E. Sesli & G. Hacıoğlu, “Contiki OS Usage in Wireless Sensor Networks (WSNs),” Turk J Electrom Energy, vol. 2, no. 2, pp. 1-6, 2017.
  • [17] L. Wallgren, S. Raza & T. Voigt, “Routing Attacks and Countermeasures in the RPL-Based Internet of Things,” International Journal of Distributed Sensor Networks, vol. 9, no. 8, pp. 794326, 2013.
  • [18] V. Hassija, V. Chamola, V. Saxena, D. Jain, P. Goyal & B. Sikdar, “A Survey on IoT Security: Application Areas, Security Threats, and Solution Architectures,” IEEE Access, vol. 7, pp. 82721-82743, 2019.
  • [19] T. Kothmayr, C. Schmitt, W. Hu, M. Brünig & G. Carle, “DTLS Based Security and Two-Way Authentication for the Internet of Things,” Ad Hoc Networks, vol. 11, no. 8, pp. 2710-2723, 2013.
  • [20] S. Raza, S. Duquennoy, J. Höglund, U. Roedig & T. Voigt, “Secure Communication for the Internet of Things—A Comparison of Link‐Layer Security and IPsec for 6LoWPAN,” Security and Communication Networks, vol. 7, no. 12, pp. 2654-2668, 2014.
There are 20 citations in total.

Details

Primary Language English
Subjects Engineering
Journal Section Articles
Authors

Gökçe Karacayılmaz 0000-0001-8529-1721

Serkan Gönen This is me 0000-0002-1417-4461

Harun Artuner 0000-0002-6044-379X

Ercan Nurcan Yılmaz 0000-0001-9859-1600

Hasan Hüseyin Sayan 0000-0002-0692-172X

Erhan Sindiren This is me 0000-0003-1138-1913

Publication Date October 29, 2020
Published in Issue Year 2020

Cite

APA Karacayılmaz, G., Gönen, S., Artuner, H., Yılmaz, E. N., et al. (2020). Network Forensics of RPL-Based Attacks. Duzce University Journal of Science and Technology, 8(4), 2366-2376. https://doi.org/10.29130/dubited.788006
AMA Karacayılmaz G, Gönen S, Artuner H, Yılmaz EN, Sayan HH, Sindiren E. Network Forensics of RPL-Based Attacks. DÜBİTED. October 2020;8(4):2366-2376. doi:10.29130/dubited.788006
Chicago Karacayılmaz, Gökçe, Serkan Gönen, Harun Artuner, Ercan Nurcan Yılmaz, Hasan Hüseyin Sayan, and Erhan Sindiren. “Network Forensics of RPL-Based Attacks”. Duzce University Journal of Science and Technology 8, no. 4 (October 2020): 2366-76. https://doi.org/10.29130/dubited.788006.
EndNote Karacayılmaz G, Gönen S, Artuner H, Yılmaz EN, Sayan HH, Sindiren E (October 1, 2020) Network Forensics of RPL-Based Attacks. Duzce University Journal of Science and Technology 8 4 2366–2376.
IEEE G. Karacayılmaz, S. Gönen, H. Artuner, E. N. Yılmaz, H. H. Sayan, and E. Sindiren, “Network Forensics of RPL-Based Attacks”, DÜBİTED, vol. 8, no. 4, pp. 2366–2376, 2020, doi: 10.29130/dubited.788006.
ISNAD Karacayılmaz, Gökçe et al. “Network Forensics of RPL-Based Attacks”. Duzce University Journal of Science and Technology 8/4 (October 2020), 2366-2376. https://doi.org/10.29130/dubited.788006.
JAMA Karacayılmaz G, Gönen S, Artuner H, Yılmaz EN, Sayan HH, Sindiren E. Network Forensics of RPL-Based Attacks. DÜBİTED. 2020;8:2366–2376.
MLA Karacayılmaz, Gökçe et al. “Network Forensics of RPL-Based Attacks”. Duzce University Journal of Science and Technology, vol. 8, no. 4, 2020, pp. 2366-7, doi:10.29130/dubited.788006.
Vancouver Karacayılmaz G, Gönen S, Artuner H, Yılmaz EN, Sayan HH, Sindiren E. Network Forensics of RPL-Based Attacks. DÜBİTED. 2020;8(4):2366-7.