The Internet of Things (IoT) is becoming the future Internet where most day-to-day devices are connected to the Internet. These devices are often resource constrained and use low-power wireless communication. Hence networks of them are called low-power and lossy networks (LLNs). LLN devices may be used in critical applications such as health care, traffic and industrial plants that concern privacy and security, thus their communication has to be protected from malicious activities. LLNs face threats at different levels ranging from transmitting bits wirelessly to applications.
In this thesis, we primarily explore LLN security issues related to application protocols and attacks that target the availability of LLNs. Particularly, we investigate compressing messages of a transport security protocol, DTLS, to make it efficient for LLNs. The IETF proposes to use DTLS for securing CoAP, a specialized web protocol for constrained devices. Furthermore, we experimentally study disrupting the communication of one of the state of the art LLN protocols, Glossy, by attacking its core mechanism.
Secondarily, we aim at improving the performance of TCP in LLNs with mobility over a reliable data link protocol. To this end, we use a Glossy-based communication protocol, LWB, as a reliable data link protocol. We plan to use the evaluation of this work as a stepping stone towards comparing the performance of secure Glossy-based communication protocols.
The main contributions of this thesis are threefold. We propose novel message compression mechanisms for DTLS messages. We also present novel attacks on Glossy, evaluate the effectiveness of them experimentally, and propose potential counter measures. Finally, we show that a reliable data link protocol can improve the performance of TCP in static and mobile settings.
Uppsala universitet, 2016.