Simulating Attacks for RPL and Generating Multi-class Dataset for Supervised Machine Learning

Routing protocol for low power and lossy network (RPL) is one of the most common routing protocols used at the physical layer of the Cyber Physical Systems (CPS). This paper focuses on analyzing the security threats in RPL and the possible attacks that could affect the CPS network. The paper presents a new framework to simulate RPL attacks using contiki-Cooja. We have simulated four different attacks using this framework. Also, through the experimental work, this paper analyzes the features extracted from the network traffic packets and proposes a new machine learning model. Using several feature reduction techniques, the number of features required for the classification of the attacks are reduced from 58 to 21 i.e. 63.7% reduction to save processing and communication energy.The dataset generated using the feature engineering is used to develop a machine learning model that can detect those four different attacks on the CPS network. Our experimental results show that we can achieve a classification accuracy of 99.33% using RandomForest classifier.