RPL (Routing Protocol for Low-power and lossy networks) is a specific routing protocol designed to optimize 6LoWPAN (IPv6 over Low power Wireless Personal Area Network) operation. As 6LoWPAN suffers from resource constraints on battery, processor, memory and bandwidth, it affects the performance of the RPL protocol. From security point of view, this will make RPL vulnerable to several threats directly or indirectly. Thus, cryptographic systems are not sufficient to protect the RPL from internal

more »

... attacks; a compromised node from the network may cause undesired operation without being detected by these systems. An intrusion detection system (IDS) should be used, but it is not easy given the nature of 6LoWPAN; on a side its resource constraints, and on the other side its opening to the outside world through the Internet. In this paper we focus on denial of service (DoS) attacks, we determine the elements to be taken into account in selecting a compatible IDS and we give some solutions that we consider effective and valid for 6LoWPAN-RPL based networks. (Low power Wireless Personal Area Networks) like limited processing power, very dynamic topologies, node mobility, link failures, high loss rates, low data rates and instability. To deal with this challenge, IETF create a new protocol compatible to LoWPAN networks under the name of RPL (Routing Protocol for Low-power and lossy network) [7] . RPL deal with limited memory resources of low-power nodes, link failures, traffic control cost, and its takes into consideration node and link properties when choosing routes. Having a resource-constrained network implementing new protocols and connected to the Internet; makes it security a big challenge that must be addressed carefully [8] . Even if it implement known protocols and standards like IPv6 and 802.15.4, which possess many security solutions; it does not solve the problem. On the contrary, it aggravates the situation. Combining between two different networks; i.e. IP and 802.15.4 networks, means that we will combine their issues too. Their solution are not compatible to 6LoWPAN networks. IPv6 security protocols are very heavy and consume a lot of energy, and 802.15.4 security solutions does not deal with IP communications. Moreover, the new routing protocol RPL was designed without security metrics, knowing that the majority of attacks aim to perturb network routing to cause its dysfunction, totally or partially [9] . Several attacks can target 6LoWPAN, among these threats are whose called denial of service (DoS) attacks [10]. This type target the availability of the network, it aims to make it unavailable for an indefinite period. The main goal of such an attack is to damage the network and affect its performance. Its purpose is not to eavesdrop or alter data. A cryptography system cannot alone defend against DoS attack, even from an insider malicious node or from the internet side. An adversary may compromise some nodes, retrieve cryptographic materiel from them and modify their system to use them for malicious purposes. That why an intrusion detection system (IDS) should be used because it monitors nodes behavior and gives alerts in case of a doubt of an attack. 6LoWPAN-RPL security problems are multiple and varied against each layer [11] , differs from passive and active attacks, even from the inside or the outside. This paper provides a state-of-the-art of the attacks targeting the availability of 6LoWPAN aiming to disrupt its routing protocol RPL, with the concentration on the denial of service attacks, their types and their damages. Moreover, this paper provides security solutions requirements to deal with DoS attacks, focusing on the IDS approach, by giving recommendations and directions of our vision of the IDS design that will be compatible to 6LoWPAN-RPL networks. The structure of the paper is as follows: Section gives an overview of 6LoWPAN network and its underlying RPL, Section 3 gives more detail on RPL operation, Section 4 discusses denial of service issues and attacks, Section 5 reviews the main countermeasures to secure network routing, Section 6 focus on the IDS approach and techniques and Section 7 concludes the paper.