Resilient against spoofing in 6LoWPAN networks by temporary-private IPv6 addresses

  • Monali MavaniEmail author
  • Krishna Asawa


An attacker can disrupt the network operations in the 6LoWPANs by spoofing the IPv6 address while evading the detection. Despite many existing spoofing prevention techniques, spoofing threat still persists. Thus, it becomes necessary to devise a method which can offer resilience against spoofing by reducing the attack disruption time. This study aims at reducing IPv6 spoofing attack disruption time in 6LoWPANs. Hence, it provides the resiliency against IPv6 spoofing threat. The time complexity analysis of the attack tree for the spoofing attack is performed to analyze the attack disruption time. The analytical results show that attack disruption window is directly proportional to the lifetime of the node addresses. The lower lifetime of node addresses ensure the reduction of the attack disruption window. Thus, the use of temporary node addresses can be a solution for reducing the spoofing attack disruption window. Node’s IPv6 address can be changed periodically to dissociate a node from its permanent identity. Hence, an attacker has to re-perform the attack to gain significant benefits. Corrupted routing table as a result of spoofing attack and its countermeasure is simulated in Cooja running Contiki operating system. The length of the attack window depends upon the periodicity of the address change. The higher frequency of address change decreases the attack disruption time with an increase in the communication cost. Simulations have been performed to compare the optimum value of address change periodicity concerning the communication cost for two private addressing schemes proposed in the literature.


IPv6 spoofing 6LoWPAN Time-To-Live Attack disruption window Privacy addressing 



  1. 1.
    Airehrour D, Gutierrez J, Ray SK (2016) Secure routing for internet of things: a survey. J Netw Comput Appl 66:198–213CrossRefGoogle Scholar
  2. 2.
    Aura T (2005) Cryptographically Generated Addresses (CGA). RFC 3972 (Proposed Standard). Updated by RFCs 4581, 4982
  3. 3.
    Badonnel AR, Mayzaud IC (2017) A distributed monitoring strategy for detecting version number attacks in rpl-based networks. IEEE Trans Netw Serv Manag 14(2):472–486. CrossRefGoogle Scholar
  4. 4.
    Barbir A, Murphy SL, Yang Y (2006) Generic Threats to Routing Protocols. Tech. Rep. 4593.
  5. 5.
    Camtepe SA, Yener B (2007) Modeling and detection of complex attacks. In: 2007 Third international conference on security and privacy in communications networks and the workshops - securecomm 2007, pp 234–243.
  6. 6.
    Choi J, In Y, Park C, Seok S, Seo H, Kim H (2018) Secure iot framework and 2d architecture for end-to-end security. J Supercomput 74(8):3521–3535. CrossRefGoogle Scholar
  7. 7.
    Chze PLR, Leong KS (2014) A secure multi-hop routing for iot communication. In: 2014 IEEE World forum on internet of things (WF-iot), pp 428–432.
  8. 8.
    Dunkels A, Grȯnvall B, Voigt T (2004) Contiki - A lightweight and flexible operating system for tiny networked sensors. In: Proceedings - conference on local computer networks, LCN, pp 455–462.
  9. 9.
    Ghosh U, Datta R (2011) A secure dynamic ip configuration scheme for mobile ad hoc networks. Ad Hoc Netw 9(7):1327–1342. CrossRefGoogle Scholar
  10. 10.
    Gomez C, Kim E, Kaspar D, Bormann C (2012) Problem statement and requirements for IPv6 over low-power wireless personal area network (6LoWPAN) routing. RFC 6606, RFC Editor.
  11. 11.
    Granjal J, Monteiro E, Silva JS (2010) Enabling network-layer security on ipv6 wireless sensor networks. In: 2010 IEEE Global telecommunications conference GLOBECOM 2010, pp 1–6.
  12. 12.
    Granjal J, Monteiro E, Silva JS (2015) Security for the internet of things: a survey of existing protocols and open research issues. IEEE Commun Surv Tutorials 17(3):1294–1312. CrossRefGoogle Scholar
  13. 13.
    Granjal J, Monteiro E, Silva JS (2015) Security in the integration of low-power wireless sensor networks with the internet: a survey. Ad Hoc Netw 24:264–287CrossRefGoogle Scholar
  14. 14.
    Gu T, Mohapatra P (2018) Bf-iot: Securing the iot networks via fingerprinting-based device authentication. In: 2018 IEEE 15Th international conference on mobile ad hoc and sensor systems (MASS), pp 254–262.
  15. 15.
    Halcu I, Stamatescu G, Sgarciu V (2015) Enabling security on 6lowpan / ipv6 wireless sensor networks. In: 2015 7Th international conference on electronics, computers and artificial intelligence (ECAI), pp SSS–29–SSS–32.
  16. 16.
    Hennebert C, Santos JD (2014) Security protocols and privacy issues into 6loWPAN stack: a synthesis. IEEE Internet J 1(5):384–398. CrossRefGoogle Scholar
  17. 17.
    Hossain M, Karim Y, Hasan R (2018) Secupan: a security scheme to mitigate fragmentation-based network attacks in 6lowpan. In: Proceedings of the eighth ACM conference on data and application security and privacy. ACM, pp 307–318Google Scholar
  18. 18.
    IEEE: Ieee 802.15.4 standard (2007) [Online]
  19. 19.
    Ikram M, Chowdhury AH, Zafar B, Cha HS, Kim K, Yoo SW, Kim D (2009) A simple lightweight authentic bootstrapping protocol for ipv6-based low rate wireless personal area networks (6lowpans). In: Proceedings of the 2009 international conference on wireless communications and mobile computing: connecting the world wirelessly, IWCMC ’09. ACM, New York, pp 937–941.
  20. 20.
    Jara AJ, Marin L, Skarmeta AF, Singh D, Bakul G, Kim D (2011) Mobility modeling and security validation of a mobility management scheme based on ecc for ip-based wireless sensor networks (6lowpan). In: 2011 Fifth international conference on innovative mobile and internet services in ubiquitous computing. IEEE, pp 491–496Google Scholar
  21. 21.
    Krentz KF, Rafiee H, Meinel C (2013) 6lowpan security: Adding compromise resilience to the 802.15.4 security sublayer. In: Proceedings of the international workshop on adaptive security, ASPI ’13. ACM, New York, pp 1:1–1:10.
  22. 22.
    Kushalnagar N, Montenegro G, Schumacher C (2007) Rfc 4919: Ipv6 over low-power wireless personal area networks (6lowpans): overview, assumptions, problem statement, and goals. IETF 31:45–75Google Scholar
  23. 23.
    Liu A, Ning P (2008) Tinyecc: a configurable library for elliptic curve cryptography in wireless sensor networks. In: Proceedings of the 7th international conference on information processing in sensor networks, IPSN ’08. IEEE Computer Society, Washington, pp 245–256.
  24. 24.
    Mavani M, Asawa K (2017) Modeling and analyses of ip spoofing attack in 6lowpan network. Comput Secur 70:95–110CrossRefGoogle Scholar
  25. 25.
    Mavani M, Asawa K (2018) Privacy enabled disjoint and dynamic address auto-configuration protocol for 6lowpan. Ad Hoc Netw 79:72–86. CrossRefGoogle Scholar
  26. 26.
    Mayzaud A, Badonnel R, Chrisment I (2016) A taxonomy of attacks in rpl-based internet of things. Int J Netw Secur 18(3):459–473Google Scholar
  27. 27.
    Mishra A, Dixit A (2018) Resolving threats in iot: Id spoofing to ddos. In: 2018 9Th international conference on computing, communication and networking technologies (ICCCNT), pp 1–7.
  28. 28.
    Mavani M, Asawa K (2017) Privacy preserving ipv6 address auto-configuration for internet of things. In: Intelligent communication and computational technologies. Springer, pp 577–584Google Scholar
  29. 29.
    Nikravan M, Movaghar A, Hosseinzadeh M (2019) A lightweight signcryption scheme for defense against fragment duplication attack in the 6lowpan networks. Peer-to-Peer Netw Appl 12(1):209–226. CrossRefGoogle Scholar
  30. 30.
    Oliveira LML, Rodrigues JJPC, Neto C, De sousa AF (2013) Network admission control solution for 6LoWPAN networks. Proceedings - 7th international conference on innovative mobile and internet services in ubiquitous computing, IMIS 2013, pp 472–477.
  31. 31.
    Osterlind F, Dunkels A, Eriksson J, Finne N, Voigt T (2006) Cross-level sensor network simulation with cooja. In: Proceedings 2006 31st IEEE conference on Local computer networks. IEEE, pp 641–648Google Scholar
  32. 32.
    Park S, Kim K, Haddad W, Chakrabarti S, Laganier J (2011) Ipv6 over low power wpan security analysis. IETF. ID draft-daniel-610wpan-security-analysis-05. Retrieved 10 May 2016Google Scholar
  33. 33.
    Pongle P, Chavan G (2015) A survey: attacks on rpl and 6lowpan in iot. In: 2015 International conference on pervasive computing (ICPC), pp 1–6.
  34. 34.
    Qiu Y, Ma M (2015) An authentication and key establishment scheme to enhance security for m2m in 6lowpans. In: 2015 IEEE International conference on communication workshop (ICCW), pp 2671–2676.
  35. 35.
    Sarikaya B, Thubert P (2016) Address protected neighbor discovery for low-power and lossy networks. Internet-Draft draft-sarikaya-6lo-ap-nd-02, IETF Secretariat.
  36. 36.
    Shelby C, Nordmark B (2012) Neighbor Discovery Optimization for IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs). RFC 6775, RFC Editor.
  37. 37.
  38. 38.
    Vasseur JP, Dunkels A (2010) Interconnecting smart objects with ip: The next internet. Morgan Kaufmann, San MateoGoogle Scholar
  39. 39.
    Wang X, Mu Y (2015) Addressing and privacy support for 6lowpan. IEEE Sens J 15(9):5193–5201. CrossRefGoogle Scholar
  40. 40.
    Wilhelm M, Martinovic I, Uzun E, Schmitt JB (2010) Sudoku: Secure and usable deployment of keys on wireless sensors. In: 2010 6Th IEEE workshop on secure network protocols, pp 1–6.
  41. 41.
    Winter T, Brandt H (2012) RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks. RFC 6550, RFC Editor.
  42. 42.
    Xiong K, Zhang Y, Zhang Z, Wang S, Zhong Z (2014) Pa-nemo: Proxy mobile ipv6-aided network mobility management scheme for 6lowpan. Elektron Elektrotechn 20(3):98–103Google Scholar
  43. 43.
    Yu H, He J (2012) Trust-based mutual authentication for bootstrapping in 6lowpan. JCM 7(8):634–642CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Jaypee Institute of Information TechnologyNoidaIndia

Personalised recommendations