Attack model for VirGo’s IoT network
Attacks on sender and receiver
Sybil attack. The attacker spawns multiple fake devices in order to alter network voting power, message routing, resource allocation, or distributed data storages (51% attack).
Identity spoofing. The attacker pretends to be a known device in order to obtain its privileges. The attack can result in falsified data, injection of non-existent data und information loss.
(Distributed) Denial of Service. The attacker causes node outage by jamming its interface with useless packets.
Attacks on the message
Message alteration. The attacker intercepts and changes the transmitted messages, resulting in falsified data.
Message replay. The attacker retransmits a previous, valid message, causing falsified data und unaccountability.
Attacks on the route
Sinkhole attack. The attacker intercepts the communication (man-in-the-middle attack) and refuses to forward messages. This causes information loss und renders device communication unreliable.
Sniffing. The attacker eavesdrops on device communication and gains unauthorized access to restricted data, causing data leakage.
Jamming. Instead of a (D)DoS attack on a node, the attacker jams the network with useless traffic, causing package collisions, forcing data retransmission, and occupying network bandwidth. This results in energy drain on the sensor side and network unavailability.
Exhibit 1. Attack model for VirGo’s network.