Intrusion detection system for RPL from routing choice intrusion

RPL is specifically designed for Low power and Lossy Networks (LLNs). With the expansion of LLNs applications, security of RPL becomes one of the major concerns. This paper mainly addresses the security aspect of RPL. We first analyze the vulnerability of RPL self-organising properties, and identify a new RPL internal intrusion, named routing choice (RC) intrusion. We specially analyze the harm of a type RC intrusion in RPL using ETX metric, which further validates the effectiveness of our work. Second, we design IDSs for RPL to defense intrusions. Our design discusses detection methodologies, system architectures, detection data and intrusion respose with some promotions. To satisfy the energy efficiency requirements, we propose three type Monitor Nodes (MNs) devices for different RPL applications. To explicitly show the design of IDSs, we apply our IDS to defense the type of RC intrusion in RPL using ETX metric on Contiki OS, and the results verify the effectiveness of our IDSs. Finally, we theoretically analyzed the applicability of IDSs for RPL.