Replay attacks in RPL-based Internet of Things: Comparative and empirical study

Routing Protocol for Low-Power and Lossy Networks (RPL) is widely used to enable IP-based communication in constrained environments. However, RPL is vulnerable to several security threats, including replay attacks, which can compromise network performance. Malicious nodes can easily replay RPL control messages and hence disrupt network topology and operation. Although this issue is significant, current studies are constrained and mainly focus on replay attacks aimed at DIO messages. There is little discussion about other kinds of replay attacks, especially those involving DAO messages. To fill this gap, we offer an empirical analysis of different types of replay attacks, with a particular emphasis on DAO replay attacks, including the often-neglected route table falsification attack, which has not received much attention in the existing literature. Our research methodically examines the effects of various replay attacks on RPL network topology by conducting comprehensive experiments to assess their influence on packet delivery and network latency. Furthermore, we investigate how these attacks affect information security by applying the CIA triad, which encompasses confidentiality, integrity, and availability. We also emphasize security measures aimed at enhancing resilience against these attacks. Our research indicates that the majority of these attacks significantly affect availability and have a serious impact on integrity. DIO suppression and copycat attacks lead to a 36% reduction in the average delivery ratio and neighbor attacks cause a 50% increase in communication latency in specific attack scenarios. These findings highlight the impact of these attacks and underscore the necessity of developing countermeasures to address them.