Implementation of a wormhole attack against a RPL network: Challenges and effects

In the near future, the Internet of Things will cheaply connect smart devices, in such a way to form large Wireless Sensor and Actuator Networks (WSANs). For its characteristics, the Routing Protocol for Low-Power and Lossy Networks (RPL) is considered the standard choice for WSANs. Since they often carry sensitive or safety-critical data, securing these networks from cyberattacks is paramount. One of the subtlest security attacks in RPL WSANs is the wormhole attack, in which a malicious actor establishes and controls an out-of-band channel between two distant nodes of the network. Due to its convenience, RPL is induced to use such a channel to forward the traffic. As a result, the malicious actor can control a potentially large amount of traffic and can eavesdrop or discard it. The wormhole attack cannot be avoided by traditional cryptographic countermeasures, for example by encrypting and authenticating all the traffic. Nevertheless its importance, the wormhole attack has been studied exclusively by theory. The practical techniques to realize it on a WSAN have not been studied until now. The contribution of this paper is two-fold. First, we present an implementation of a wormhole capable of attacking an IEEE 802.15.4-based WSAN, using also a technique to increase its impact (proxy acker technique). We test the realized wormhole against a real WSAN, measuring its impact with respect to various parameters. As a second contribution, we discuss the various countermeasures proposed by the literature, and we test the feasibility of one of them in practice. We conclude that the most convenient way to counteract a wormhole attack in a WSAN may be to avoid subsequent attacks, i.e., traffic eavesdropping and selective packet dropping.