Keywords

48.1 Introduction

Internet of Things can be simply referred to as Internet of entirety which is the network of things enclosed with software, sensors, electronics that allow them to gather and transmit the data. Smart homes and cities, connected cars, health care, smart farming, industrial Internet, manufacturing, smart retail are some of the applications of IoT [1]. There are many advantages of IoT: It provides more reliable communication and it is very efficient and saves time and money, increases business opportunities, increases productivity, and gives better quality of life. Not only advantages but there are some disadvantages in IoT: less privacy and low security, compatibility, and over-reliance on technology [2]. The major issue and challenge in IoT is security. Some of the security challenges in IoT are authentication, access control, confidentiality of data, trust, secure middleware, and privacy [3]. It is very important that the transmission of the data between IoT devices must be very secured [4]. The communication is possible by the routing protocols, and the data should be secured during the routing (Fig. 48.1).

Fig. 48.1
figure 1

Basic IoT architecture

Full size image

Routing is a crucial factor in IoT which helps for communication between the devices and also transmission of data [5]. The execution of a good routing protocol can improve the performance of low power and lossy networks which are in short known as LLNs [6]. To evaluate the performance of a protocol, we can include the factors like energy utilization, control overhead, throughput, packet delivery ratio, and latency [7]. Routing is the main factor of complete IPV6 network for IoT. The routing protocols will make the IoT into reality [8].

In this research work, the idea is examining the security in routing protocols in IoT mainly in the network layer and the detailed description about the attacks on these routing protocols and some of their countermeasures and performance evaluation of these routing protocols when attack happens [9]. To address and route the data packets is the main goal of this layer. At this layer, using IP address the datagram from transport layer is enclosed to data packets, granted to their destinations [10, 11]. In this research work, Sect. 48.2 discusses the literature survey; Sect. 48.3 discusses the secure routing mechanism; Sect. 48.4 illustrates the experimental evaluation; and Sect. 48.5 concludes the research work.

48.2 Related Work

Montenegro et al. [1] proposed “Intrusion Detection System to Detect Sinkhole Attack on RPL Protocol in Internet of Things.” IoT is primarily connected with wireless sensing networks and is subject to security problems like sinkhole attacks. The proposed IDS mechanism identifies such attacks on RPL and prompts the leaf nodes (sensor nodes) with a view to decrease the value of the packet loss. Here, the proposed mechanism calculates the intrusion ratio to identify the malicious nodes in the network.

Hui and Thubert [2] proposed “Review on Mechanisms for Detecting Sinkhole Attacks on RPLs.” In this research work, major security challenges were centered around network layer and every method was examined and considered, and their uses and downsides and resource utilization are featured. At long last, a brief correlation was given, which demonstrates the historical organization of detecting methods for attacks like sinkhole, subsequently watching latest efficient technique.

Pongle and Chavan [5] proposed “Implementation of a Wormhole Attack Against a RPL Network: Challenges and Effects” and framed an attack in opposition to IEEE 802.15.4 WSAN by giving a wormhole execution. The proposed attack was applied to a genuine RPL topology. The analyses said the proposed attack can be compelling to undergo different attacks like a DoS. In the long run, we investigated the possibility of conceivable countermeasures.

Wallgren et al. [6] proposed “Performance Evaluation of RPL Protocol Under Mobile Sybil Attacks.” Here, a trust-based IDS (T-IDS) solution was proposed in order to reduce sybil attacks under mobility in RPL. When RPL undergoes SybM, it is observed that the control overhead and the energy utilization were increased and the packet delivery ratio was decreased. The proposed T-IDS handles the issues that develop when RPL undergoes sybil attacks under mobility.

48.3 Proposed Work

Our structure expects that the client determines which router(s) fills in as the monitor(s); however, it is not clear how to pick the router(s) for this reason. In this part, we propose an approach to pick the area of the monitor(s) astutely so as to get a high precision rate. The terms DIO and DODAG refer to DODAG Information Object and Destination Oriented Directed Acyclic Graph, respectively.

Algorithm for Working of Router in RPL

  • Step 1: Receive a DIO (DODAG Information Object)

  • Step 2: Receive DIO the 1st time

  •       If yes then follow the steps

  •                       Add the sender to the list of parent

  •                       Calculate the rank on the basis of objective function

  •                       Forward DIO’s to others in multicast

  •       If no then follow the steps

  •             Satisfy criteria

  •             If no

  •                        Then discard the packets

  •             If yes

  •                        Then process the DIO

  •                                 If rank not less than own_rank

  •                                    Maintain the location in the DODAG

  •                                    (Destination Oriented Directed Acyclic Graph)

  •                                    Go to 3rd condition in step 2

  •                                 If rank less than own_rank

  •                                            Then improves the location and get lesser rank

  •                                            The parents with the less rank will be denied

  •                                            Go to 3rd condition in step 2

  • Step 3: End.

Another alternative is to utilize the proportion of between’s centrality, which is a proportion of centrality in a chart dependent on most brief ways. The between’s centrality of a hub v is given by the articulation g(v) = Σ = vƒ = t σst(v) σst, where σst is the complete number of most brief ways from hub s to hub t and σst(v) is the quantity of those ways that go through v. The proposed model framework is shown in Fig. 48.2.

Fig. 48.2
figure 2

Proposed model framework

Full size image

Our flexible framework allows us to design another interesting strategy for choosing a router for the monitor. We train the detector on each one of the possible routers and estimate its performance [12]. We then select the router that achieves the highest accuracy rate to be the monitor.

Here, our proposed algorithm works mainly with two phases. In the first phase, we are going to identify the highest flow routers. Then, we can distribute the traffic based on other routes and based on selecting node for traffic diversion.

  • Identifying the attacker nodes (max flow nodes, traffic).

  • {

  • If (node)

  • Max traffic > threshold;

  • Place in a suspected list;

  • Evaluate the parents of those nodes;

  • If(node contains fake parents);

  • Take the id of the node and place them in a blocked list;

  • }

48.4 Experimental Results

The proposed method is implemented in ANACONDA SPYDER that performs traffic analysis for secure data communication [13]. The proposed method is compared with the traditional methods, and the results depict that the proposed method exhibits better performance than traditional methods.

  1. 1.

    Throughput

The rate at which packets were successfully delivered through a network channel is known as network throughput [14]. So, for the calculation of the value for the small networks, we can sum the packets received by all nodes. There are several ways to measure throughput (instantaneous or average) in a wired or wireless network using network simulators [15].

Formula

Throughput = sum (total count of true packets) * (average size of the packet))/total time sent to deliver that amount of data.

  1. 2.

    Packet Delivery Ratio

PDR is simply defined as the ratio between the packets that were generated by the source and the packets that were received by the destination.

Formula

Algebraically, it can be defined as:

$${\text{PDR}} = N_{{1}} \div N_{{2}}$$

where N1 is the total sum of data packets which were received by the destination and N2 is the total sum of data packets produced by the source.

  1. 3.

    End-To-End Delay

It is the difference between the time at which the sender generated the packet and the receiver received the packet. The end-to-end delay is also known as one-way delay which was being referred to time taken for the packet to transmit across the network from sender to receiver.

Formula

End-to-End Delay = Sum of (Delay at sender + Delay at receiver + Delay at intermediate nodes).

The proposed method monitors every node and checks for attackers based on their behavior, whereas the existing method does not monitor every node for secure data communication. The throughput of the proposed method is high when compared to the traditional methods as the malicious users are effectively identified.

Here, Fig. 48.2 represents the throughput comparison between regular RPL protocol, existing secure RPL, and our proposed mechanism. Here, we simulate regular RPL protocol with different number of nodes varying from 100 to 500 without any attacker nodes. Existing and proposed mechanisms contain 5, 10, 20, 22, and 25 attacker nodes in each case. And we observe the performance, which is shown in Fig. 48.2. Here, regular RPL protocol has highest throughput compared to existing and proposed, but proposed is very near to standard RPL and more dominating than existing work.

Here, Fig. 48.3 represents the end-to-end delay comparison between regular RPL protocol, existing secure RPL [16], and our proposed mechanism. Here, we simulate regular RPL protocol with different number of nodes varying from 100 to 500 without any attacker nodes. And existing and proposed mechanisms contain 5, 10, 20, 22, and 25 attacker nodes in each case. And we observe the performance, which is shown in Fig. 48.2. Here, regular RPL protocol has very slight delay compared to existing and proposed, but proposed is closer delay to standard RPL and more dominating than existing work.

Fig. 48.3
figure 3

Throughput

Full size image

Here, Fig. 48.4 represents the packet delivery ratio comparison between regular RPL protocol, existing secure RPL, and our proposed mechanism. Here, we simulate regular RPL protocol with different number of nodes varying from 100 to 500 without any attacker nodes. And existing and proposed mechanisms contain 5, 10, 20, 22, and 25 attacker nodes in each case. And we observe the performance, which is shown in Fig. 48.2. Here, regular RPL protocol has highest delivery compared to existing and proposed, but proposed is very near to standard RPL and more dominating than existing work (Fig. 48.5).

Fig. 48.4
figure 4

E2E delay

Full size image
Fig. 48.5
figure 5

Packet delivery ratio

Full size image

48.5 Conclusion

Secure communication is a prime thing in any kind of network. IoT is a very huge network and in order to make secure communication is a very difficult thing. Many routing protocols are proposed in IoT for routing. But most of them are suffering from secure communication. This research work mainly focuses on secure communication between different IoT nodes, for that we use a monitor-based mechanism in a network, identify the malicious nodes, and made the communication secure. The proposed mechanism performs well when compared to literature mechanisms. In the future, the security of the devices can be improved by allotting an authority to monitor during data transmission.