6LoWPAN fragmentation attacks and mitigation mechanisms

René Hummen, Jens Hiller, Hanno Wirtz, Martin Henze, Hossein Shafagh, Klaus Wehrle
2013 Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks - WiSec '13  
6LoWPAN is an IPv6 adaptation layer that defines mechanisms to make IP connectivity viable for tightly resourceconstrained devices that communicate over low power, lossy links such as IEEE 802.15.4. It is expected to be used in a variety of scenarios ranging from home automation to industrial control systems. To support the transmission of IPv6 packets exceeding the maximum frame size of the link layer, 6LoWPAN defines a packet fragmentation mechanism. However, the best effort semantics for
more » ... ment transmissions, the lack of authentication at the 6LoWPAN layer, and the scarce memory resources of the networked devices render the design of the fragmentation mechanism vulnerable. In this paper, we provide a detailed security analysis of the 6LoWPAN fragmentation mechanism. We identify two attacks at the 6LoWPAN design-level that enable an attacker to (selectively) prevent correct packet reassembly on a target node at considerably low cost. Specifically, an attacker can mount our identified attacks by only sending a single protocol-compliant 6LoWPAN fragment. To counter these attacks, we propose two complementary, lightweight defense mechanisms, the content chaining scheme and the split buffer approach. Our evaluation shows the practicality of the identified attacks as well as the effectiveness of our proposed defense mechanisms at modest trade-offs.
doi:10.1145/2462096.2462107 dblp:conf/wisec/HummenHWHSW13 fatcat:ixgj67bphnaxhkxoxytv3zlrw4