The document presents a security scheme called SecuPAN to mitigate fragmentation-based network attacks in 6LoWPAN. It proposes using cryptographically generated IPv6 addresses to prevent spoofing, adding nonce and MAC fields to packet fragments for integrity and freshness verification, and a reputation-based buffer management system to protect devices from buffer exhaustion attacks. The scheme was evaluated and shown to improve packet delivery ratio, end-to-end delay, throughput and energy efficiency while enhancing security against replay, alteration, spoofing, and duplication attacks.