Security Concerns with IoT Routing: A Review of Attacks, Countermeasures, and Future Prospects

Today’s Internet of Things (IoT) application domains are widely distributed, which exposes them to several security risks and assaults, especially when data is being transferred between endpoints with constrained resources and the backbone network. Numerous researchers have put a lot of effort into addressing routing protocol security vulnerabilities, particularly regarding IoT RPL-based networks. Despite multiple studies on the security of IoT routing protocols, routing attacks remain a major focus of ongoing research in IoT contexts. This paper examines the different types of routing attacks, how they affect Internet of Things networks, and how to mitigate them. Then, it provides an overview of recently published work on routing threats, primarily focusing on countermeasures, highlighting noteworthy security contributions, and drawing conclusions. Consequently, it achieves the study’s main objectives by summarizing intriguing current research trends in IoT routing security, pointing out knowledge gaps in this field, and suggesting directions and recommendations for future research on IoT routing security.

Towards Blockchain-Based Secure BGP Routing,Challenges and Future Research Directions

Border Gateway Protocol(BGP)is a standard inter-domain routing protocol for the Internet that conveys network layer reachability information and establishes routes to different destinations.The BGP protocol exhibits security design defects,such as an unconditional trust mechanism and the default acceptance of BGP route announcements from peers by BGP neighboring nodes,easily triggering prefix hijacking,path forgery,route leakage,and other BGP security threats.Meanwhile,the traditional BGP security mechanism,relying on a public key infrastructure,faces issues like a single point of failure and a single point of trust.The decentralization,anti-tampering,and traceability advantages of blockchain offer new solution ideas for constructing secure and trusted inter-domain routing mechanisms.In this paper,we summarize the characteristics of BGP protocol in detail,sort out the BGP security threats and their causes.Additionally,we analyze the shortcomings of the traditional BGP security mechanism and comprehensively evaluate existing blockchain-based solutions to address the above problems and validate the reliability and effectiveness of blockchain-based BGP security methods in mitigating BGP security threats.Finally,we discuss the challenges posed by BGP security problems and outline prospects for future research.

Trust-based co-operative routing for secure communication in mobile ad hoc networks

The working of a Mobile Ad hoc NETwork(MANET)relies on the supportive cooperation among the network nodes.But due to its intrinsic features,a misbehaving node can easily lead to a routing disorder.This paper presents two trust-based routing schemes,namely Trust-based Self-Detection Routing(TSDR)and Trust-based Cooperative Routing(TCOR)designed with an Ad hoc On-demand Distance Vector(AODV)protocol.The proposed work covers a wide range of security challenges,including malicious node identification and prevention,accurate trust quantification,secure trust data sharing,and trusted route maintenance.This brings a prominent solution for mitigating misbehaving nodes and establishing efficient communication in MANET.It is empirically validated based on a performance comparison with the current Evolutionary Self-Cooperative Trust(ESCT)scheme,Generalized Trust Model(GTM),and the conventional AODV protocol.The extensive simulations are conducted against three different varying network scenarios.The results affirm the improved values of eight popular performance metrics overcoming the existing routing schemes.Among the two proposed works,TCOR is more suitable for highly scalable networks;TSDR suits,however,the MANET application better with its small size.This work thus makes a significant contribution to the research community,in contrast to many previous works focusing solely on specific security aspects,and results in a trade-off in the expected values of evaluation parameters and asserts their efficiency.

A multipath routing protocol for wireless sensor network for mine security monitoring

Underground mining is a hazardous industrial activity. In order to provide a safe working environment for miners, a Wireless Sensor Network (WSN) technology has been used for security monitoring. It can provide a wide range of surveillance with a relatively low cost. In this study, an Energy-Based Multipath Routing (EBMR) protocol is proposed, which considers residual energy capacity and link quality in choosing hops and routing paths. Hops and paths with a high residual energy capacity and link quality will have the best chance to be selected to transmit data packages. Since the EBMR stores several routes in the routing table, when the current path fails, another path will be chosen to fulfill the task immediately. In this way, EBMR improves reliability and decrease time latency. Compared to AOMDV and REAR, EBMR decreases time latency by 51% and 12%.

Enhancement in Ad hoc on Demand Distance Vector (AODV) Routing Protocol Security

Ad-hoc networking has mainly been associated with military battlefield networks. Security has received considerably less attention and the issue needs to be addressed before any successful applications will appear. Due to the insecure nature of the wireless link and their dynamically changing topology, wireless ad-hoc networks require a careful and security-oriented approach for designing routing protocols. In this paper, an AODV-based secure routing protocol- ENAODV is presented. A speed-optimized digital signature algorithm is integrated into the routing protocol. The protocol algorithm is implemented with NS-2. The security of the protocol is analyzed. The simulating results show that the performances of ENAODV protocol, such as average node energy consumption, packet delay and packet delivery is nearly the same as standard AODV protocol.

Managing Smart Technologies with Software-Defined Networks for Routing and Security Challenges: A Survey

Smart environments offer various services,including smart cities,ehealthcare,transportation,and wearable devices,generating multiple traffic flows with different Quality of Service(QoS)demands.Achieving the desired QoS with security in this heterogeneous environment can be challenging due to traffic flows and device management,unoptimized routing with resource awareness,and security threats.Software Defined Networks(SDN)can help manage these devices through centralized SDN controllers and address these challenges.Various schemes have been proposed to integrate SDN with emerging technologies for better resource utilization and security.Software Defined Wireless Body Area Networks(SDWBAN)and Software Defined Internet of Things(SDIoT)are the recently introduced frameworks to overcome these challenges.This study surveys the existing SDWBAN and SDIoT routing and security challenges.The paper discusses each solution in detail and analyses its weaknesses.It covers SDWBAN frameworks for efficient management of WBAN networks,management of IoT devices,and proposed security mechanisms for IoT and data security in WBAN.The survey provides insights into the state-of-the-art in SDWBAN and SDIoT routing with resource awareness and security threats.Finally,this study highlights potential areas for future research.

A Partially Non-Cryptographic Security Routing Protocol in Mobile Ad Hoc Networks

In this paper, we propose a partially non-cryptographic security routing protocol （PNCSR） that protects both routing and data forwarding operations through the same reactive approach. PNCSR only apply public-key cryptographic system in managing token, but it doesn＇t utilize any cryptographic primitives on the routing messages. In PNCSR, each node is fair. Local neighboring nodes collaboratively monitor each other and sustain each other. It also uses a novel credit strategy which additively increases the token lifetime each time a node renews its token. We also analyze the storage, computation, and communication overhead of PNCSR, and provide a simple yet meaningful overhead comparison. Finally, the simulation results show the effectiveness of PNCSR in various situations.

Enhanced Security with Improved Defensive Routing Mechanism in Wireless Sensor Networks

In recent scenario of Wireless Sensor Networks(WSNs),there are many application developed for handling sensitive and private data such as military information,surveillance data,tracking,etc.Hence,the sensor nodes of WSNs are distributed in an intimidating region,which is non-rigid to attacks.The recent research domains of WSN deal with models to handle the WSN communications against malicious attacks and threats.In traditional models,the solution has been made for defending the networks,only to specific attacks.However,in real-time applications,the kind of attack that is launched by the adversary is not known.Additionally,on developing a security mechanism for WSN,the resource constraints of sensor nodes are also to be considered.With that note,this paper presents an Enhanced Security Model with Improved Defensive Routing Mechanism(IDRM)for defending the sensor network from various attacks.Moreover,for efficient model design,the work includes the part of feature evaluation of some general attacks of WSNs.The IDRM also includes determination of optimal secure paths and Node security for secure routing operations.The performance of the proposed model is evaluated with respect to several factors;it is found that the model has achieved better security levels and is efficient than other existing models in WSN communications.It is proven that the proposed IDRM produces 74%of PDR in average and a minimized packet drop of 38%when comparing with the existing works.

A Novel Review on Security and Routing Protocols in MANET

The origin of Mobile ad hoc network (MANET) was started in 1970 as packet radio network (PRNET), later on different researches were made on it in different ages. MANET works under no fixed infrastructure in which every node works likes a router that stores and forwards packet to final destination. Due to its dynamic topology, MANET can be created anywhere, anytime. As there are limited resources in MANET so it faces many problems such as security, limited bandwidth, range and power constraints. Due to this, many new routing protocols are proposed. This article examines different techniques to manage congestion control, security issues, different layers attacks, routing protocols and challenges that are faced by MANET.

Improved Secure Trust-based Location-Aided Routing Model for MANETs

In view of the security weakness in resisting the active attacks by malicious nodes in mobile ad hoc networks,the trust metric is introduced to defend those attacks by loading a trust model on the previously proposed Distance-Based LAR.The improved Secure Trust-based Location-Aided Routing algorithm utilizes direct trust and recommendation trust to prevent malicious nodes with low trust values from joining the forwarding.Simulation results reveal that ST-LAR can resist attacks by malicious nodes effectively;furthermore,it also achieves better performance than DBLAR in terms of average end-to-end delay,packet delivery success ratio and throughput.

QoS-Guaranteed Secure Multicast Routing Protocol for Satellite IP Networks Using Hierarchical Architecture

Most recent satellite network research has focused on providing routing services without considering security. In this paper, for the sake of better global coverage, we introduce a novel triple-layered satellite network architecture including Geostationary Earth Orbit (GEO), Highly Elliptical Orbit (HEO), and Low Earth Orbit (LEO) satellite layers, which provides the near-global coverage with 24 hour uninterrupted over the areas varying from 75° S to 90° N. On the basis of the hierarchical architecture, we propose a QoS-guaranteed secure multicast routing protocol (QGSMRP) for satellite IP networks using the logical location concept to isolate the mobility of LEO and HEO satellites. In QGSMRP, we employ the asymmetric cryptography to secure the control messages via the pairwise key pre-distribution, and present a least cost tree (LCT) strategy to construct the multicast tree under the condition that the QoS constraints are guaranteed, aiming to minimize the tree cost. Simulation results show that the performance benefits of the proposed QGSMRP in terms of the end-to-end tree delay, the tree cost, and the failure ratio of multicasting connections by comparison with the conventional shortest path tree (SPT) strategy.

A Novel Improved Artificial Bee Colony and Blockchain-Based Secure Clustering Routing Scheme for FANET

Flying Ad hoc Network(FANET)has drawn significant consideration due to its rapid advancements and extensive use in civil applications.However,the characteristics of FANET including high mobility,limited resources,and distributed nature,have posed a new challenge to develop a secure and ef-ficient routing scheme for FANET.To overcome these challenges,this paper proposes a novel cluster based secure routing scheme,which aims to solve the routing and data security problem of FANET.In this scheme,the optimal cluster head selection is based on residual energy,online time,reputation,blockchain transactions,mobility,and connectivity by using Improved Artificial Bee Colony Optimization(IABC).The proposed IABC utilizes two different search equations for employee bee and onlooker bee to enhance convergence rate and exploitation abilities.Further,a lightweight blockchain consensus algorithm,AI-Proof of Witness Consensus Algorithm(AI-PoWCA)is proposed,which utilizes the optimal cluster head for mining.In AI-PoWCA,the concept of the witness for block verification is also involved to make the proposed scheme resource efficient and highly resilient against 51%attack.Simulation results demonstrate that the proposed scheme outperforms its counterparts and achieves up to 90%packet delivery ratio,lowest end-to-end delay,highest throughput,resilience against security attacks,and superior in block processing time.

A Secure Routing Method for Detecting False Reports and Wormhole Attacks in Wireless Sensor Networks

Wireless sensor networks (WSNs) consist of a large number of sensor nodes that monitor the environment and a few base stations that collect the sensor readings. Individual sensor nodes are subject to compromised security because they may be deployed in hostile environments and each sensor node communicates wirelessly. An adversary can inject false reports into the networks via compromised nodes. Furthermore, an adversary can create a wormhole by directly linking two compromised nodes or using out-of-band channels. If these two kinds of attacks occur simultaneously in a network, existing methods cannot defend against them adequately. We thus propose a secure routing method for detecting false report injections and wormhole attacks in wireless sensor networks. The proposed method uses ACK messages for detecting wormholes and is based on a statistical en-route filtering (SEF) scheme for detecting false reports. Simulation results show that the proposed method reduces energy consumption by up to 20% and provide greater network security.

A Cumulative Authentication Method for Securing Source Routing Protocols in Ad Hoc Networks

Initial works in ad hoc routing have considered only the problem of providing efficient mechanisms for finding paths in such networks,without considering security as a major problem.In such a trusted environment,malicious behaviors can disturb routing process.We present the design and performance evaluation of a new secure on-demand routing protocol for ad hoc networks, called CASR.CASR is robust against attackers from outside of the network and even it prevents compromised nodes from tampering with uncompromised routes consisting of uncompromised nodes.Because of using symmetric cryptography in its structure,CASR is robust against large number of types of Denial-of -Service attacks.However,due to the applying of the random key predistributions method to the routing process our proposed scheme reaches a trade-off between the degree of security and complexity.

A Micro-Payment Based Isolation ofMisbehavior Secure Routing for Sensor Network

In this paper, we present a Micro-payment based Isolation of Misbehavior(MIM) secure routing protocol. The protocol contains three parts: micro-payment scheme, routingdiscovery and malicious nodes detection The micro-payment scheme proposed in MIM is the firstvirtual currency system that can be suit lor sensor network environment, Based on the micro-paymentscheme, we device an energy aware routing protocol, which forwards packets by auction. Furthermore,the base station can detect and isolate misbehave or non-cooptrare nodes according to the routinginformation.

A Secure Multi-Routing Platform for Ad Hoc Network

In an ad hoc network, it is usually difficult to optimize the assignment of network routing resources using a single type of routing protocol due to the differences in network scale, node moving mode and node distribution. Therefore, it is desirable to have nodes run multiple routing protocols simultaneously so that more than one protocols can be chosen to work jointly. For this purpose, a multiple routing platform for Ad hoc networks is proposed on a higher level of current routing protocols. In order to ensure the security of the platform, a security mechanism and its formal analysis by BAN logic is given. The simulation results of the network performance demonstrate that the proposed multi-routing platform is practicable in some complex applications.

OTP-Based Software-Defined Cloud Architecture for Secure Dynamic Routing

In the current era,anyone can freely access the Internet thanks to the development of information and communication technology.The cloud is attracting attention due to its ability to meet continuous user demands for resources.Additionally,Cloud is effective for systems with large data flow such as the Internet of Things(IoT)systems and Smart Cities.Nonetheless,the use of traditional networking technology in the cloud causes network traffic overload and network security problems.Therefore,the cloud requires efficient networking technology to solve the existing challenges.In this paper,we propose one-time password-based software-defined cloud architecture for secure dynamic routing to mitigating the above-mention issues.The proposed cloud architecture provides a secure data path through dynamic routing using One-Time Internet Protocol(OTIP)algorithm between each layer.On the network side,we use software-defined technology to provide efficient network management and data security.We introduce a software-defined cloud architecture that applies OTIP algorithms for secure dynamic routing.We conduct a comparative analysis between general IP communication and proposed OTIP communication architecture.It evaluates the performance of OTIP algorithms.Finally,we examine the proposed software-defined cloud architecture,including how to apply OTIP in secure dynamic routing according to the results of the comparative analysis.

An Enhanced Secure Heuristic-Stochastic Routing Arithmetic in MPLS Network

To improve routing security in MPLS network, base on the stochastic routing algorithm, we propose a proactive mechanism we call enhanced secure heuristic-stochastic routing (ESHSR) , which brings to bear Bayesian principle, explores the existence of multiple routes and forces packets to take alternate paths probabilistically. In this paper, we investigate game theoretic techniques to develop routing policies which make interception and eavesdropping maximally difficult. Through simulations, we validate our theoretical results and show how the resulting routing algorithms perform in terms of the security/delay/drop-rate, and we contrast them with the mechanism, secure stochastic routing (SSR). We observed that our scheme makes routing more secure than traditional secure stochastic routing, as they make use of the information of detecting the other side’s behavior.

Secure Interchange Routing

Locations that connect tracks from different rail-road companies—referred to as interchange points—ex- change crew, locomotives, and their associated consists. Because trains have a single degree of freedom in movement, that is, they can only operate along the tracks, any delay occurring at an interchange point causes cascading delays in connecting tracks. In addition, authentication and authorization that is expected to take place at interchanges in PTC controlled train movement may add extra delays due to mutual authentication between two security domains. In this paper we propose a model that can address safety and security con- cerns and their interrelationships that govern train movement through an interchange point. We show how a profile of safe operations can be computed for operating an interchange point.