Pro­gram­ming IPv6 Pro­to­cols Us­ing Con­tiki and Cooja

Con­tiki is a widely used IoT en­abled op­er­at­ing sys­tem that is free and open source. Cooja is the Con­tiki network sim­u­la­tor and is also used to pro­gram sen­sor de­vices. Read on to learn how IPv6 pro­to­cols can be pro­grammed with Con­tiki and Cooja.

OpenSource For You - - Contents - By: Dr Gau­rav Ku­mar The au­thor is the MD of Magma Re­search and Con­sul­tancy Pvt Ltd, Am­bala. He is associated with var­i­ous aca­demic and re­search in­sti­tutes, where he de­liv­ers lec­tures and con­ducts tech­ni­cal work­shops on the lat­est tech­nolo­gies and tools. Y

Cur­rently, tech­nol­ogy has de­vel­oped to the ex­tent that var­i­ous de­vices and gad­gets are able to in­ter­act with each other, with­out hu­man in­ter­fer­ence. This com­mu­ni­ca­tion tech­nol­ogy is today known as the In­ter­net of Things (IoT). IoT based com­mu­ni­ca­tion is used in a num­ber of ap­pli­ca­tions, in­clud­ing de­fence equip­ment, smart cities, smart of­fices, high­way pa­trolling, smart toll col­lec­tion, busi­ness com­mu­ni­ca­tions, satel­lite tele­vi­sions, and traf­fic sys­tems or in­ter­con­nected Web cams for se­cu­rity. IoT is also known and associated with other terms, in­clud­ing ubiq­ui­tous com­put­ing (UbiComp), per­va­sive com­put­ing or am­bi­ent com­put­ing, us­ing which a num­ber of de­vices and ob­jects are vir­tu­ally con­nected for re­mote mon­i­tor­ing and de­ci­sion mak­ing.

The se­cu­rity as­pects of the In­ter­net of Things (IoT)

As so many de­vices and so much equip­ment are in­ter­con­nected via a vir­tual en­vi­ron­ment, there are se­ri­ous is­sues re­lated to se­cu­rity, pri­vacy and the over­all per­for­mance of IoT net­works. These net­works are be­com­ing in­creas­ingly vul­ner­a­ble to at­tacks from as­sorted sources.

Dif­fer­ent types of at­tacks are used to con­trol and dam­age the IoT en­vi­ron­ment at dif­fer­ent lay­ers. The at­tack­ers can dam­age and con­trol the IoT network by send­ing ma­li­cious pack­ets and sig­nals, and in­fras­truc­ture can be vir­tu­ally de­stroyed. Such at­tacks are the most wor­ri­some, as they af­fect the en­tire network.

De­nial of Ser­vice (DoS) at­tacks: In a DoS at­tack, network avail­abil­ity is jammed by the at­tacker node or ma­li­cious pack­ets, by cap­tur­ing the band­width or com­mu­ni­ca­tion chan­nel. Here, au­then­tic and le­git­i­mate users are not able to ac­cess the network ser­vices. This is a no­to­ri­ous at­tack that works on the network layer of an IoT based sce­nario, and gets more dan­ger­ous when it be­comes a Distributed De­nial of Ser­vice (DDoS) at­tack, whereby the at­tacker or ma­li­cious node at­tacks a network from mul­ti­ple and dif­fer­ent lo­ca­tions.

The Sy­bil at­tack: This af­fects the network layer of a ve­hic­u­lar network a lot. In this at­tack, the iden­tity of the nodes is ma­nip­u­lated. The ma­li­cious node at­tempts to fab­ri­cate its iden­tity by pre­tend­ing to be a reg­is­tered or orig­i­nal source node. In a Sy­bil at­tack, the at­tacker node cre­ates as­sorted ve­hi­cles or nodes of the same iden­tity by repli­ca­tion, and forces

other nodes to leave or move off the network faster. These at­tacks can be de­tected with re­source test­ing, based on the as­sump­tion that ve­hi­cles have lim­ited re­sources. Sy­bil at­tacks can be ad­dressed us­ing pub­lic key cryp­tog­ra­phy, where pub­lic keys are used to au­then­ti­cate ve­hi­cles.

A node imi­ta­tion at­tack: In this type of at­tack, mes­sages can be trans­mit­ted by a ma­li­cious node that has im­i­tated an­other au­then­tic one, by mim­ick­ing the lat­ter’s iden­tity. In this way, the im­i­tat­ing at­tacker can send out ma­li­cious mes­sages to any node by chang­ing its own iden­tity. The IoT node that has dis­guised its iden­tity in this at­tack can cap­ture au­then­tic and se­cured pack­ets, which can be dis­as­trous for the en­tire network.

An ap­pli­ca­tion level at­tack: This type of at­tack in the IoT en­vi­ron­ment tam­pers with the mes­sages and re­trans­mits them to an un­trusted non-se­cure des­ti­na­tion. For ex­am­ple, in In­ter­net of Ve­hi­cles (IoV) based im­ple­men­ta­tions, the high­traf­fic lane could get ma­li­ciously broad­cast as a ‘con­ges­tion­free lane’, lead­ing to chaos dur­ing rush hour.

The im­por­tance of IPv6 in IoT

Se­cu­rity and in­tegrity are the main is­sues in an IoT based network en­vi­ron­ment where in­ter­cep­tion-free se­cured com­mu­ni­ca­tion is re­quired. To en­force and in­te­grate higher de­grees of se­cu­rity, there is a need to im­ple­ment IPv6 for

IoT sce­nar­ios, with dy­namic hy­brid cryp­tog­ra­phy in key­gen­er­a­tion and au­then­ti­ca­tion. The IPv6 based ap­proach can be en­abled with fully se­cured al­go­rithms, which are not vul­ner­a­ble to in­ter­cep­tion. With the in­creas­ing im­ple­men­ta­tion of IoT in di­verse do­mains, it be­comes nec­es­sary to work out the se­cu­rity as­pects of IoT, by en­sur­ing the se­cured rout­ing of pack­ets to pre­vent in­tru­sions and en­sure all trans­mis­sions can be fully se­cured.

RPL (Rout­ing Pro­to­col for Low-power and Lossy net­works)

RPL is the IPv6 based pro­to­col for IoT. It is pri­mar­ily in­te­grated for IPv6 over low-power wire­less per­sonal area net­works (6LowPAN). It works with the dy­namic creation of Des­ti­na­tion-Ori­ented Di­rected Acyclic Graph (DODAG), and has uni­di­rec­tional as well as bidi­rec­tional com­mu­ni­ca­tion. It has mul­ti­ple in­stances with lo­calised be­hav­iour for higher op­ti­mi­sa­tion. RPL en­ables each node in the frame­work to choose whether pack­ets are to be sent up­wards to their root or down­wards to their child nodes.

Pro­gram­ming RPL with IPv6 in Cooja

Con­tiki is one of the widely used IoT en­abled op­er­at­ing sys­tems un­der free and open source dis­tri­bu­tion and is avail­able at http://www.con­tiki-os.org. Con­tiki is equipped with the Cooja sim­u­la­tor, which is used for sim­u­la­tion as well as the pro­gram­ming of sen­sor de­vices. It of­fers enor­mous op­tions to pro­gram the IoT nodes for real life im­ple­men­ta­tions. The Cooja sim­u­la­tor en­ables the pro­gram­mer to im­port and pro­gram enor­mous types of

IoT motes, and to get the re­sults from dif­fer­ent al­go­rithms. To pro­gram, con­trol and mon­i­tor the re­mote IoT de­vices, the back­end C pro­grams and re­lated header files can be cus­tomised and re­com­piled to get the de­sired re­sults. Con­tiki works on IPv4 as well as IPv6 net­work­ing with the in­te­gra­tion of light­weight pro­to­cols, so that low power chips and ra­dio fre­quency chips can be con­nected with­out per­for­mance is­sues.

Fig­ure 1 de­picts the sim­u­la­tion of mul­ti­ple IoT motes in the Cooja sim­u­la­tor with the in­te­gra­tion of dy­namic cryp­tog­ra­phy. The sim­u­la­tion re­sults can be an­a­lysed from the Mote Out­put in which there is an op­tion to fetch the ex­e­cu­tion logs. All the data com­mu­ni­ca­tion and sig­nals are logged in Mote Out­put which can be fur­ther in­ves­ti­gated us­ing dif­fer­ent types of graphs.

Once the sim­u­la­tion is com­plete, the network log files are an­a­lysed. This in­cludes the source and des­ti­na­tion motes, the time and the over­all ac­tiv­i­ties per­formed dur­ing sim­u­la­tion. In the Mote Out­put win­dow, the log data can be copied and fur­ther an­a­lysed us­ing data min­ing and ma­chine learn­ing tools for pre­dic­tive an­a­lyt­ics.

Fig­ure 2 rep­re­sents the Col­lect View in the Cooja sim­u­la­tor. It analy­ses the in­di­vid­ual IoT mote. The IoT mote an­a­lyt­ics can be viewed from the Tools menu of Cooja.

From Col­lect View, any of the IoT motes can be an­a­lysed on mul­ti­ple pa­ram­e­ters in­clud­ing la­tency, tem­per­a­ture, time and other im­por­tant pa­ram­e­ters, which con­trib­utes to bet­ter per­for­mance eval­u­a­tion.

Fig­ure 3 de­picts the dif­fer­ent op­tions by which IoT sim­u­la­tion can be an­a­lysed and pre­dic­tions on var­i­ous pa­ram­e­ters can be made. The network graph tab in the Col­lect View of

Cooja en­ables the re­searcher to view the dy­namic topol­ogy and con­nec­tions of sen­sor nodes, as shown in Fig­ure 4.

Fig­ure 5 shows the re­sults and pa­ram­e­ter based analysis of dif­fer­ent nodes in tab­u­lar for­mat. It en­ables the IoT pro­gram­mer to in­spect in­di­vid­ual nodes as well as many or all of them in groups, to an­a­lyse mul­ti­ple fac­tors.

The Se­rial Con­sole tab seen in Fig­ure 6 shows the data trans­mis­sion log, along with the re­sults re­lated to au­then­ti­ca­tion. In Fig­ure 6, the im­ple­men­ta­tion of the at­tack and au­then­ti­ca­tion process is de­picted, which as­sists the de­vel­oper in ex­am­in­ing the ef­fect of cus­tomised code on real-time sen­sors.

Plot­ting re­sults in the form of graphs

As de­picted in Fig­ure 7, there are a vast num­ber of pa­ram­e­ters, in­clud­ing LPM, CPU, Ra­dio Lis­ten and Ra­dio Trans­mit, which need to be looked at dur­ing the IoT sim­u­la­tion. The re­sults in the above cited graph are con­sis­tent and low-power mode is in the in­tegrity mode. In ad­di­tion, the Ra­dio Lis­ten pa­ram­e­ter is also con­sis­tent.

Network analysis us­ing Foren6

Foren6 (http://cetic.github.io/foren6/) is a pow­er­ful tool with a free and open source library. It is used for the analysis of 6LoWPAN net­works. It is in­te­grated with the sniff­ing mod­ules, be­sides be­ing able to plot the re­sults in as­sorted for­mats in­clud­ing text or graphs. Foren6 makes use of in­te­grated snif­fers for cap­tur­ing and analysing the traf­fic associated with 6LoWPAN in a graph­i­cal user in­ter­face (GUI). It is pow­er­ful enough to record and plot the RPL in­for­ma­tion with the deep an­a­lyt­ics of pack­ets in network trans­mis­sion.

In­stal­la­tion of Foren6 with Con­tiki

To con­fig­ure the de­pen­den­cies, type:

$ sudo apt-get in­stall -y qt4-qmake libqt4-dev make lib­ex­pat1-dev cmake libp­cap0.8-dev libc6-dev tshark gcc g++

To get the source code with GIT, type:

$ git clone https://github.com/cetic/foren6.git

Use the fol­low­ing com­mands to in­stall Foren6:

$ cd foren6

$ make

$ sudo make in­stall Con­fig­u­ra­tion of Snif­fer to ac­ti­vate real-time cap­tur­ing

To ac­cess and work on USB se­rial de­vices, the Linux Group ‘di­alout’ is used. Ini­tially, Foren6 is launched as the root user. If any other user ac­count is used, then the user should be as­signed the Linux Group ‘di­alout’ to use USB.

$ sudo ad­duser <user­name> di­alout Snif­fer Pro­gram­ming $ git clone https://github.com/cetic/con­tiki $ cd con­tiki

$ git check­out snif­fer

$ make TAR­GET=sky save­tar­get snif­fer.upload Scope of IoT based re­search sim­u­la­tions us­ing Cooja

The In­ter­net of Things is an emerg­ing do­main of re­search at var­i­ous aca­demic as well as cor­po­rate es­tab­lish­ments. Be­cause of the in­creas­ing num­ber of de­vices cur­rently con­nected un­der the IoT, there are vast ar­eas for re­search in this do­main.

The fol­low­ing are some of the ap­proaches with which novel and ef­fec­tual al­go­rithms can be de­vised and im­ple­mented us­ing Cooja:

In­ter­op­er­abil­ity and cross-pro­to­col com­pat­i­bil­ity De­vel­op­ment of en­ergy-aware IoT sce­nar­ios

Power aware sched­ul­ing and rout­ing

Pre­dic­tion and avoid­ance of en­ergy con­sump­tion at­tacks Life­time an­a­lyt­ics for ro­bust IoT en­vi­ron­ments Re­pro­ducible and multi-in­ter­face im­ple­men­ta­tions

Fig­ure 1: Fetch­ing the data and mes­sages for plot­ting graphs

Fig­ure 2: Col­lect View ac­ti­va­tion for de­tailed logs

Fig­ure 7: Av­er­age power con­sump­tion in the motes

Fig­ure 3: Network graph op­tion in Cooja

Fig­ure 4: View of the network graph for dy­namic topol­ogy

Fig­ure 5: Node in­for­ma­tion with re­lated pa­ram­e­ters

Fig­ure 6: Se­rial Con­sole to val­i­date the re­sults and key ex­change

Fig­ure 8: Tem­per­a­ture eval­u­a­tion in Cel­sius at the motes

Fig­ure 9: Foren6 as a 6LoWPAN anal­yser

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.