Abstract

RPL is a routing protocol for Low-Power and Lossy Networks, which is the routing protocol standardized for the Internet of Things (IoT). However, RPL has many serious vulnerabilities which can be exploited by attackers. In this paper, we adopt an finite state machines(FSM) based vulnerability discovering approach to analyze the security vulnerabilities of RPL, which can successfully discover sinkhole attack, selective-forwarding attack and hello flood attack. Then we propose some security countermeasures to defend against the attacks. Finally, we run a thorough set of simulations to assess the impact of the sinkhole attack and the effectiveness of proposed countermeasure. The results show that the attack can significantly damage the RPL and the countermeasure can successfully detect the malicious node.