Research Article
Fortifying RPL-Based 6LoWPAN in IoT: A Comprehensive Review of Emerging Attack Vectors and Defense Mechanisms using Machine Learning
@ARTICLE{10.4108/eetiot.9694, author={Sudha Rani Unnam and Kareemulla Shaik}, title={Fortifying RPL-Based 6LoWPAN in IoT: A Comprehensive Review of Emerging Attack Vectors and Defense Mechanisms using Machine Learning}, journal={EAI Endorsed Transactions on Internet of Things}, volume={11}, number={1}, publisher={EAI}, journal_a={IOT}, year={2025}, month={12}, keywords={Routing Protocol for Low-power and Lossy Networks (RPL), Internet of Things (IoT), IPv6 Over Low-power Wireless Personal Area Network (6LoWPAN) protocol, Multiple Attacks, Security Mechanism, Routing Protocols}, doi={10.4108/eetiot.9694} }- Sudha Rani Unnam
Kareemulla Shaik
Year: 2025
Fortifying RPL-Based 6LoWPAN in IoT: A Comprehensive Review of Emerging Attack Vectors and Defense Mechanisms using Machine Learning
IOT
EAI
DOI: 10.4108/eetiot.9694
Abstract
Internet of Things (IoT) is a system of interconnected digital tools, including sensing elements and communication modules, that enables seamless data transfer over the Internet. These devices, though, run with resource limitations in terms of power, memory, and computational capabilities. Therefore, scientists created the IPv6 Over Low-power Wireless Personal Area Network (6LoWPAN) protocol, which allows for wireless communication among IoT devices while ensuring efficient use of resources. The Internet Engineering Task Force (IETF) has formally ratified 6LoWPAN, and its ROLL working group presented the Routing Protocol for Low-power and Lossy Networks (RPL), standardized as IETF RFC 6550, as a fundamental part of the 6LoWPAN stack. Although beneficial, RPL-based routing within IoT networks is particularly exposed to various security risks. This survey offers an in-depth overview of RPL-specific attacks and their defense mechanisms, as published in top-tier journals between 2015 and 2025. Based on a conceptual analysis of routing-based attacks in RPL, we introduce a new attack taxonomy that categorizes these attacks into 12 fundamental categories based on intrinsic features and behavior. Furthermore, we discuss the impact of every attack on network performance and describe actual cases in which these vulnerabilities have been targeted. Aside from attack classification, this survey proposes a novel taxonomy of defense mechanisms that categorizes them into 8 fundamental categories depending on their strategic method of routing attack mitigation. Every defense method is extensively studied concerning its applicability in actual IoT implementations. Furthermore, we critically study and evaluate different evaluation platforms, such as testbeds and simulators, used in investigating RPL-based security attacks and countermeasures, highlighting their applicability and usefulness in real-world environments. Lastly, we identify open research challenges by examining current literature gaps and outline future research opportunities for both researchers and practitioners. In addition, the survey notes a clear shift toward sequence-based and graph-driven learning models, supported by optimization with meta-heuristic techniques, which increasingly guide the design of modern IDS frameworks for RPL-enabled IoT networks. Our research is intended to offer valuable understanding and a strong platform for investigators to create more efficient security measures in response to evolving RPL-based attacks in the IoT environment.
Copyright © 2025 Unnam Sudha Rani et al., licensed to EAI. This is an open access article distributed under the terms of the CC BY-NC-SA 4.0, which permits copying, redistributing, remixing, transformation, and building upon the material in any medium so long as the original work is properly cited.
