Intrusion Detection System to Detect Insider Attack on RPL Routing Protocol Based on Destination Advertisement Object

The increasing fascination with the Internet of Things has led to the extensive deployment of Low-power and Lossy Networks. IPv۶ Routing Protocol over Low Power and Lossy Networks serves as the ideal routing protocol proposed by IETF for routing in IoT-LLNs. Routing attacks are one of the IoT challenges that can lead to network performance problems and often denial of service. The Destination Advertisement Object (DAO) insider attack is one of the most notable attacks in RPLs, and previous studies have not developed a complete method for its detection so as to separate the malicious node from the normal node. Using an anomaly-based intrusion detection system, this paper suggests three methods based on random, fixed, and dynamic threshold adjustment to prevent DAO insider attack and identify malicious nodes. The results showed that the proposed model has a detection rate of ۱۰۰% and a very low rate of false alert.