Intrusion detection systems for RPL security: A comparative analysis

Internet of Things (IoT) is an emerging technology that has seen remarkable blossom over the last years. The growing interest for IPv6 constrained networks has made the Routing Protocol for Low Power and Lossy Networks (RPL) the standard routing solution, which has gained significant attention and maturity in the literature. However, due to the net-works' open and possibly unattended environment of operation, as well as to the nodes' constraints, the security of the protocol is a challenging issue, currently under thorough investigation. New and innovative Intrusion Detection Systems (IDSs) have been proposed in the literature over the last years to address the protocol's security issues. In that regard, our survey paper: i) begins with extracting a set of design requirements for RPL-related IDSs based on discussing the diversity of attacks on the protocol and investigating their impact; ii) continues with identifying best practices and gaps in an IDS design which are derived by studying the evolution of the related bibliography (2013-2020); and iii) concludes with a number of guidelines extracted once we map the 22 IDSs under study to the attacks they en-counter and compare them in line with the design requirements we introduce. Our analysis considers feedback from the corresponding authors for a deeper investigation. (C) 2021 Elsevier Ltd. All rights reserved.