Introduction:
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. It focuses on dependable (secure and reliable) low-power communication and standard protocols, such as IPv6/6LoWPAN, 6TiSCH, RPL, and CoAP. Contiki-NG comes with extensive documentation, tutorials, a roadmap, release cycle, and well-defined development flow for smooth integration of community contributions.
LSM-RPL, or Lightweight Security Mode RPL, is a security enhancement for the Routing Protocol for Low-Power and Lossy Networks (RPL) within the Contiki-NG environment. This innovative technique focuses on bolstering the integrity and authenticity of RPL control messages, crucial for safeguarding IoT networks against various external and internal threats.
The key tenets of LSM-RPL involve the utilization of secret keys - a private key (Kpr) and a shared key (Ksh) - assigned to individual sensor nodes. These keys serve as the foundation for authenticating RPL control messages, thereby fortifying the network against unauthorized access and manipulation by external adversaries. Moreover, LSM-RPL employs Hashed Message Authentication Code (HMAC) techniques to sign RPL control messages, ensuring both their integrity and authenticity during transmission.
By appending HMAC digests to these messages, LSM-RPL provides a robust mechanism for detecting and thwarting various forms of attacks, such as version and rank manipulation, which could compromise the stability and reliability of the RPL network.
These instructions guide you through the process of setting up and testing LSM-RPL on your system.
Prerequisites:
Ensure Contiki-NG OS and Cooja simulator are installed and functioning correctly.
System Setup Verification:
- Ensure that Contiki-NG OS and the Cooja simulator are installed and fully operational on your system.
- Launch the Cooja simulator.
- Open an existing simulation project to confirm functionality. For example, navigate to "\home\user\contiki-ng\examples\rpl-udp" and run the "rpl-udp-cooja.csc" file.
- If the simulation project runs without errors, it indicates that both Contiki-NG OS and the Cooja simulator are correctly installed and operational, and you're ready to proceed with using LSM-RPL.
Install and Test RPL-LSM:
- Copy the "LSM.rar" file to the directory "\home\user\contiki-ng".
- Extract the contents of the "LSM.rar" file into the same directory.
- When prompted, select "Yes to all" to replace existing Contiki-NG files with the updated code.
- Launch the Cooja simulator.
- Navigate to the directory "\home\user\contiki-ng\LSM-example\Visualization\15_nodes_LSM".
- Attempt to open the simulation project named "cooja.csc".
- If the simulation project opens and runs without errors, congratulations! The installation of LSM-RPL was successful.
Activation and Deactivation of LSM-RPL:
- Open the "project-conf.h" file located within the project directory.
- Locate the macro named "CONF_LSM".
- Set the value of "CONF_LSM" to either 1 or 0 to activate or deactivate security protection using LSM-RPL, respectively.
#define CONF_LSM 1 // Lightweight Security Mode
Activating Specific Attacks:
-
Enable Attack Macros:
- Open the "project-conf.h" file located within the project directory.
- Enable the corresponding macros related to the desired attacks by setting them to 1.
#define CONF_SFA 0 // Selective Forward Attack #define CONF_VNA 0 // Version Number Attack #define CONF_DRA 0 // Decrease Rank Attack #define CONF_IRA 0 // Increase Rank Attack
-
Set Attack Parameters in JavaScript Control Code:
- Open the "coojalogger.js" file that manages simulation execution in Cooja.
- Define the start and end time of the attack, as well as the number of target nodes, using the provided syntax.
attacks.push(new Attack("DRA_on", 16, 1, 3600000)); // Activate DRA for node 16 for 1 hour attacks.push(new Attack("VNA_on", 17, 1, 3600000)); // Activate VNA for node 17 for 1 hour
To compare network scenarios, adjust the network parameters for each scenario according to your requirements.
Execute the network simulation in Cooja's no-GUI mode using the provided Python script "run-cooja.py". Run the script in the terminal as follows:
python3 run-cooja.pyThe "run-cooja.py" script will execute the simulation file named "cooja.csc" and generate a log file named "COOJA.testlog" containing all the logs and events that occurred during the simulation.
From the generated log file ("COOJA.testlog"), extract all network performance evaluation metrics as explained in the next section.
Repeat the Steps for Different Scenarios: Repeat the above steps with different network parameters, such as varying the number of malicious nodes, to generate different log files for comparison.
Use the Python script "analysis.py" to extract numerical results representing network parameters from the generated log file.
python3 analysis.pyAfter running the above command, you will obtain several images representing results such as energy consumption, packet delivery rate, parent switches, total packets sent over time, and others.
To obtain additional numerical values from the log file, you can utilize the debug mode when running the "analysis.py" file.