Detection of RPL-based Routing Attacks Using Machine Learning Algorithms


Aydın B., Aydın H., Görmüş S., Mollahasanoğlu E.

Dicle Üniversitesi Mühendislik Fakültesi Mühendislik Dergisi, cilt.15, sa.4, ss.783-796, 2024 (Hakemli Dergi)

Özet

This study analyzes various machine learning techniques for detecting attacks against Routing Protocol for Low-Power and Lossy Networks (RPL), a routing protocol commonly used in Internet of Things (IoT) applications. RPL is often employed in IPv6-based IoT applications that require low power consumption and limited bandwidth. The research reviews recent literature examining attacks on RPL-based networks and utilizes the ROUT-4-2023 dataset for detecting routing attacks. This dataset, created using the Cooja simulator, encompasses four types of routing attacks: Blackhole Attack, Flooding Attack, DODAG Version Number Attack, and Decreased Rank Attack. The attack types are detected using machine learning techniques. In the combined dataset, the Decision Tree and Bagging algorithm exhibited the highest performance with a 99.99% accuracy. To create a more accurate representation of the real world, we incorporate a 10% level of noise into the dataset. On the noisy dataset, Random Forest algorithm performed the best with about 84.80% accuracy. The high accuracy show that the employed methods can be effectively used as an Intrusion Detection System (IDS) to protect IoT networks. As a result, this study demonstrates that machine learning techniques offer a promising approach for detecting routing attacks in the RPL protocol.