Türkçe için buraya tıklayın

Comparison of Machine Learning Algorithms to Detect RPL-Based IoT Devices Vulnerability

D’Hondt’s RPL Framework

Studies on the Simulation of Attacks on RPL Protocol Attacks

In an academic report by D’Hondt et al. (2015) ¹, they were able to simulate Flooding Attacks, Version Number Increase Attacks, and Decreased Rank Attacks on the RPL protocol using the Cooja IoT simulator.

This work and the arrangements for the attack simulations are in https://github.com/dhondta/rpl-attacks repository created by D’Hondt et al. (2015).

For the thesis study, by following the instructions in the Github repository, the operating system with attack scenarios on a real computer with Linux operating system was installed in a virtual environment (virtualbox).

Here is my video on how to install the Contiki Cooja operating system created by D’Hondt et al. (2015) regarding RPL attacks.

With this study by D’Hondt et al. (2015), normal and malicious nodes will be created to be used in the Cooja IoT simulator.

The Linux Scripts for Installation

To begin with, if you do not have “git” software, install it.

				
					sudo apt install git

Then clone this repo below

				
					git clone https://github.com/dhondta/rpl-attacks

If you do not have “vagrant” software, install it. (Vagrant is an open source product for building and maintaining portable virtual software developments e.g. VirtualBox, VMware, KVM, AWS etc.) This repo uses “VirtualBox” You can find detailed information here : https://www.vagrantup.com/

				
					sudo apt install vagrant

If you do not have “VirtualBox” software, install it.

				
					sudo apt-get install virtualbox

We will try to download virtualBox image with this command below. (We should be in rpl-attacks directory)

				
					cd rpl-attacks 
vagrant up

There is a “Vagrantfile” in that directory. With this file, it will be possible to download image of OS. You do not need to log in vagrant account.

When downloading the VirtualBox image, if this error occurs, you should install Virtual Box Extension pack.

There was an error while executing `VBoxManage`, a CLI used by Vagrant for controlling VirtualBox. The command and stderr is shown below.

Command: [“startvm”, “babf7b04-48ef-4682-a5b2-2ca8156ef406”, “–type”, “gui”]

Stderr: VBoxManage: error: Implementation of the USB 2.0 controller not found! VBoxManage: error: Because the USB 2.0 controller state is part of the saved VM state, the VM cannot be started. To fix this problem, either install the ‘Oracle VM VirtualBox Extension Pack’ or disable USB 2.0 support in the VM settings. VBoxManage: error: Note! This error could also mean that an incompatible version of the ‘Oracle VM VirtualBox Extension Pack’ is installed (VERR_NOT_FOUND) VBoxManage: error: Details: code NS_ERROR_FAILURE (0x80004005), component ConsoleWrap, interface IConsole

				
					sudo apt install virtualbox-ext-pack

Then press “esc” button and chose yes.

Then apply this command

				
					sudo modprobe vboxdrv

Ardından bu komutu çalıştırın. Do not forget that you should be in rpl-attacks folder.

				
					vagrant up

In my next blog post, I will tell you how normal and vulnerable IoT nodes are produced with this study.

Blog summary

In an academic report by D'Hondt et al. (2015), they were able to simulate Flooding Attacks, Version Number Increase Attacks, and Decreased Rank Attacks on the RPL protocol using the Cooja IoT simulator. Here you can find information about how to set up D'Hondt's RPL Attack Framework.

About the Author

Murat Ugur KIRAZ

Self-disciplined, systematic, productive, hardworking, adaptable, and focused web programmer who has gained all these abilities while working as a military electronics communication officer for 12 years in real operations and multinational areas, offering 10 years of software development experience and more than three years of experience providing high-impact web development solutions with React, Angular, JavaScript, UX, UI, Django, Flask, .NET Core, and .NET. Skilled in designing, developing, and testing web-based applications.

Other Posts

Python Programming

Export Tables from Access to PostgreSQL

This article describes how to export a table from Access DB to postgresql via excel and python.

March 14, 2023 No Comments

My Thesis

Conclusion

In this blog post, the Flooding Attack, Decreased Rank Attack and Version Number Increase Attack in the RPL protocol were trained and detected by “Decision Tree”, “Logistic Regression”, “Random Forest”, “Naive Bayes”, “K Nearest Neighbor” and “Artificial Neural Networks” algorithms.

The test results for the attacks were compared, as a result of the comparison, the Artificial Neural Networks algorithm with an accuracy rate of 97.2% in the detection of Flooding Attacks, the K Nearest Neighbor algorithm with an accuracy rate of 81% in the detection of Version Number Increase Attacks, and the Artificial Neural Networks with an accuracy rate of 58% in the detection of Decreased Rank attacks algorithm has been found to show success.

October 3, 2022 No Comments

My Thesis

Interpretation of Machine Learning Values

I continue to share how I did my master’s thesis titled Comparison of Machine Learning Algorithms for the Detection of Vulnerability of RPL-Based IoT Devices, my experiences in this process, and the codes in this thesis in a series of articles on my blog.

So far, I have provided detailed information about the RPL protocol and the attacks that take place in the RPL protocol. Then, I experimented with Flooding Attacks, Version Number Increased Attack, and Decreased Rank Attack, extracting the raw data and making sense of that raw data. I compared the results of experiments with weak knots with statistical methods.

In this section, I will interpret the numerical results of the attacks we detect with machine learning algorithms.

September 4, 2022 No Comments