scholarly journals ABS-DDoS: An Agent-Based Simulator about Strategies of Both DDoS Attacks and Their Defenses, to Achieve Efficient Data Forwarding in Sensor Networks and IoT Devices

2018 ◽  
Vol 2018 ◽  
pp. 1-11 ◽  
Author(s):  
Franks González-Landero ◽  
Iván García-Magariño ◽  
Raquel Lacuesta ◽  
Jaime Lloret
Keyword(s):  
Sensor Networks ◽  
Precision Agriculture ◽  
Denial Of Service ◽  
Ambient Assisted Living ◽  
Current Approach ◽  
Ddos Attacks ◽  
Data Forwarding ◽  
Defense Strategies ◽  
Agent Based ◽  
Iot Devices

Sensor networks and Internet of Things (IoT) are useful for many purposes such as military defense, sensing in smart homes, precision agriculture, underwater monitoring in aquaculture, and ambient-assisted living for healthcare. Efficient and secure data forwarding is essential to maintain seamless communications and to provide fast services. However, IoT devices and sensors usually have low processing capabilities and vulnerabilities. For example, attacks such as the Distributed Denial of Service (DDoS) can easily hinder sensor networks and IoT devices. In this context, the current approach presents an agent-based simulation solution for exploring strategies for defending from different DDoS attacks. The current work focuses on obtaining low-consuming defense strategies in terms of processing capabilities, so that these can be applied in sensor networks and IoT devices. The experimental results show that the simulator was useful for (a) defining defense and attack strategies, (b) assessing the effectiveness of defense strategies against attack ones, and (c) defining efficient defense strategies with low response times.

scholarly journals Mathematical model on distributed denial of service attack through Internet of things in a network

2019 ◽  
Vol 8 (1) ◽  
pp. 486-495 ◽  
Author(s):  
Bimal Kumar Mishra ◽  
Ajit Kumar Keshri ◽  
Dheeresh Kumar Mallick ◽  
Binay Kumar Mishra
Keyword(s):  
Mathematical Model ◽  
Internet Of Things ◽  
Equilibrium Points ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Denial Of Service Attack ◽  
Different Types ◽  
Service Attack ◽  
Iot Devices

Abstract Internet of Things (IoT) opens up the possibility of agglomerations of different types of devices, Internet and human elements to provide extreme interconnectivity among them towards achieving a completely connected world of things. The mainstream adaptation of IoT technology and its widespread use has also opened up a whole new platform for cyber perpetrators mostly used for distributed denial of service (DDoS) attacks. In this paper, under the influence of internal and external nodes, a two - fold epidemic model is developed where attack on IoT devices is first achieved and then IoT based distributed attack of malicious objects on targeted resources in a network has been established. This model is mainly based on Mirai botnet made of IoT devices which came into the limelight with three major DDoS attacks in 2016. The model is analyzed at equilibrium points to find the conditions for their local and global stability. Impact of external nodes on the over-all model is critically analyzed. Numerical simulations are performed to validate the vitality of the model developed.

scholarly journals An Adaptive Protection of Flooding Attacks Model for Complex Network Environments

2021 ◽  
Vol 2021 ◽  
pp. 1-17
Author(s):  
Bashar Ahmad Khalaf ◽  
Salama A. Mostafa ◽  
Aida Mustapha ◽  
Mazin Abed Mohammed ◽  
Moamin A. Mahmoud ◽  
...  
Keyword(s):  
Denial Of Service ◽  
Attack Behavior ◽  
Ddos Attacks ◽  
Ip Address ◽  
Agent Based ◽  
Ddos Attack ◽  
Adaptive Protection ◽  
Adaptive Agent ◽  
Processing Power ◽  
Flooding Attacks

Currently, online organizational resources and assets are potential targets of several types of attack, the most common being flooding attacks. We consider the Distributed Denial of Service (DDoS) as the most dangerous type of flooding attack that could target those resources. The DDoS attack consumes network available resources such as bandwidth, processing power, and memory, thereby limiting or withholding accessibility to users. The Flash Crowd (FC) is quite similar to the DDoS attack whereby many legitimate users concurrently access a particular service, the number of which results in the denial of service. Researchers have proposed many different models to eliminate the risk of DDoS attacks, but only few efforts have been made to differentiate it from FC flooding as FC flooding also causes the denial of service and usually misleads the detection of the DDoS attacks. In this paper, an adaptive agent-based model, known as an Adaptive Protection of Flooding Attacks (APFA) model, is proposed to protect the Network Application Layer (NAL) against DDoS flooding attacks and FC flooding traffics. The APFA model, with the aid of an adaptive analyst agent, distinguishes between DDoS and FC abnormal traffics. It then separates DDoS botnet from Demons and Zombies to apply suitable attack handling methodology. There are three parameters on which the agent relies, normal traffic intensity, traffic attack behavior, and IP address history log, to decide on the operation of two traffic filters. We test and evaluate the APFA model via a simulation system using CIDDS as a standard dataset. The model successfully adapts to the simulated attack scenarios’ changes and determines 303,024 request conditions for the tested 135,583 IP addresses. It achieves an accuracy of 0.9964, a precision of 0.9962, and a sensitivity of 0.9996, and outperforms three tested similar models. In addition, the APFA model contributes to identifying and handling the actual trigger of DDoS attack and differentiates it from FC flooding, which is rarely implemented in one model.

scholarly journals AntibIoTic: Protecting IoT Devices Against DDoS Attacks

2017 ◽  
Author(s):  
Michele De Donno ◽  
Nicola Dragoni ◽  
Alberto Giaretta ◽  
Manuel Mazzara
Keyword(s):  
Denial Of Service ◽  
Main Idea ◽  
Denial Of Service Attacks ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
The World ◽  
Iot Devices

The 2016 is remembered as the year that showed to the world how dangerous distributed Denial of Service attacks can be. Gauge of the disruptiveness of DDoS attacks is the number of bots involved: the bigger the botnet, the more powerful the attack. This character, along with the increasing availability of connected and insecure IoT devices, makes DDoS and IoT the perfect pair for the malware industry. In this paper we present the main idea behind AntibIoTic, a palliative solution to prevent DoS attacks perpetrated through IoT devices.

scholarly journals Survey of DoS/DDoS attacks in IoT

2021 ◽  
Vol 3 (1) ◽  
pp. 23-28
Author(s):  
Rozan Khader ◽  
Derar Eleyan
Keyword(s):  
Smart Cities ◽  
Denial Of Service ◽  
Wearable Devices ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Iot Security ◽  
Counter Measures ◽  
Security Issues ◽  
Iot Devices ◽  
Internet Of Thing

The term internet of thing (IoT) has gained much popularity in the last decade. Which can be defined as various connected devices over the internet. IoT has rapidly  spread to include all aspects of our lives. For instance, smart houses, smart cities, and variant wearable devices. IoT devices work to do their desired goals, which is to develop a person life with his/her minimal involvement. At the same time, IoT devices have many weaknesses, which attackers exploit to affect these devices security. Denial of Service (DoS) and Distributed Denial of Service (DDoS) are considered the most common attacks that strike IoT security. The main aim of these attacks is to make victim systems down and inaccessible for legitimate users by malicious malware. This paper objective is to discuss and review security issues related to DoS/DDoS Attacks and their counter measures i.e. prevention based on IoT devices layers structure.

scholarly journals Mitigating DDoS Attacks in SDN-Based IoT Networks Leveraging Secure Control and Data Plane Algorithm

2021 ◽  
Vol 11 (3) ◽  
pp. 929
Author(s):  
Song Wang ◽  
Karina Gomez ◽  
Kandeepan Sithamparanathan ◽  
Muhammad Rizwan Asghar ◽  
Giovanni Russello ◽  
...  
Keyword(s):  
Denial Of Service ◽  
Network Connectivity ◽  
Network Evolution ◽  
Ddos Attacks ◽  
Level Control ◽  
Secure Control ◽  
Data Plane ◽  
Upper Level ◽  
Iot Devices ◽  
The One

Software-Defined Networking (SDN) and Internet of Things (IoT) are the trends of network evolution. SDN mainly focuses on the upper level control and management of networks, while IoT aims to bring devices together to enable sharing and monitoring of real-time behaviours through network connectivity. On the one hand, IoT enables us to gather status of devices and networks and to control them remotely. On the other hand, the rapidly growing number of devices challenges the management at the access and backbone layer and raises security concerns of network attacks, such as Distributed Denial of Service (DDoS). The combination of SDN and IoT leads to a promising approach that could alleviate the management issue. Indeed, the flexibility and programmability of SDN could help in simplifying the network setup. However, there is a need to make a security enhancement in the SDN-based IoT network for mitigating attacks involving IoT devices. In this article, we discuss and analyse state-of-the-art DDoS attacks under SDN-based IoT scenarios. Furthermore, we verify our SDN sEcure COntrol and Data plane (SECOD) algorithm to resist DDoS attacks on the real SDN-based IoT testbed. Our results demonstrate that DDoS attacks in the SDN-based IoT network are easier to detect than in the traditional network due to IoT traffic predictability. We observed that random traffic (UDP or TCP) is more affected during DDoS attacks. Our results also show that the probability of a controller becoming halt is 10%, while the probability of a switch getting unresponsive is 40%.

Cyber-Physical System and Internet of Things Security

2021 ◽  
pp. 328-357
Author(s):  
Thomas Ulz ◽  
Sarah Haas ◽  
Christian Steger
Keyword(s):  
Internet Of Things ◽  
Public Awareness ◽  
Denial Of Service ◽  
The Internet ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Industrial Iot ◽  
Confidential Data ◽  
Iot Devices ◽  
The Internet Of Things

An increase of distributed denial-of-service (DDoS) attacks launched by botnets such as Mirai has raised public awareness regarding potential security weaknesses in the Internet of Things (IoT). Devices are an attractive target for attackers because of their large number and due to most devices being online 24/7. In addition, many traditional security mechanisms are not applicable for resource constraint IoT devices. The importance of security for cyber-physical systems (CPS) is even higher, as most systems process confidential data or control a physical process that could be harmed by attackers. While industrial IoT is a hot topic in research, not much focus is put on ensuring information security. Therefore, this paper intends to give an overview of current research regarding the security of data in industrial CPS. In contrast to other surveys, this work will provide an overview of the big CPS security picture and not focus on special aspects.

scholarly journals Multilevel Modeling of Distributed Denial of Service Attacks in Wireless Sensor Networks

2016 ◽  
Vol 2016 ◽  
pp. 1-13 ◽  
Author(s):  
Katarzyna Mazur ◽  
Bogdan Ksiezopolski ◽  
Radoslaw Nielek
Keyword(s):  
Wireless Sensor Networks ◽  
Sensor Networks ◽  
Denial Of Service ◽  
Monitoring Network ◽  
Wireless Sensor ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Denial Of Service Attack ◽  
Ddos Attack ◽  
Service Attack

The growing popularity of wireless sensor networks increases the risk of security attacks. One of the most common and dangerous types of attack that takes place these days in any electronic society is a distributed denial of service attack. Due to the resource constraint nature of mobile sensors, DDoS attacks have become a major threat to its stability. In this paper, we established a model of a structural health monitoring network, being disturbed by one of the most common types of DDoS attacks, the flooding attack. Through a set of simulations, we explore the scope of flood-based DDoS attack problem, assessing the performance and the lifetime of the network under the attack condition. To conduct our research, we utilized the Quality of Protection Modeling Language. With the proposed approach, it was possible to examine numerous network configurations, parameters, attack options, and scenarios. The results of the carefully performed multilevel analysis allowed us to identify a new kind of DDoS attack, the delayed distributed denial of service, by the authors, referred to as DDDoS attack. Multilevel approach to DDoS attack analysis confirmed that, examining endangered environments, it is significant to take into account many characteristics at once, just to not overlook any important aspect.

scholarly journals IFACNN: efficient DDoS attack detection based on improved firefly algorithm to optimize convolutional neural networks

2021 ◽  
Vol 19 (2) ◽  
pp. 1280-1303
Author(s):  
Jiushuang Wang ◽  
◽  
Ying Liu ◽  
Huifen Feng
Keyword(s):  
Internet Of Things ◽  
Firefly Algorithm ◽  
Denial Of Service ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Detection Scheme ◽  
Ddos Attack ◽  
Improved Firefly Algorithm ◽  
Iot Devices ◽  
Ddos Attack Detection

<abstract><p>Network security has become considerably essential because of the expansion of internet of things (IoT) devices. One of the greatest hazards of today's networks is distributed denial of service (DDoS) attacks, which could destroy critical network services. Recent numerous IoT devices are unsuspectingly attacked by DDoS. To securely manage IoT equipment, researchers have introduced software-defined networks (SDN). Therefore, we propose a DDoS attack detection scheme to secure the real-time in the software-defined the internet of things (SD-IoT) environment. In this article, we utilize improved firefly algorithm to optimize the convolutional neural network (CNN), to provide detection for DDoS attacks in our proposed SD-IoT framework. Our results demonstrate that our scheme can achieve higher than 99% DDoS behavior and benign traffic detection accuracy.</p></abstract>

scholarly journals PERFORMANCE ANALYSIS OF AGENT BASED DISTRIBUTED DEFENSE MECHANISMS AGAINST DDOS ATTACKS

2018 ◽  
pp. 15-24 ◽  
Author(s):  
Karanbir Singh ◽  
Kanwalvir Singh Dhindsa ◽  
Bharat Bhushan
Keyword(s):  
Defense Mechanisms ◽  
Denial Of Service ◽  
Detection Algorithm ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Defense System ◽  
Internet Service ◽  
Agent Based ◽  
Related Information ◽  
Edge Router

The current internet infrastructure is susceptible to distributed denial of service (DDoS) attacks and has no built in mechanism to defend against them. The research on these kinds of attacks and their defense is significant for the security and reliability of the internet. We have already proposed a collaborative agent based distributed DDoS defense scheme which detect and prevents against DDoS attacks in ISP (Internet Service Provider) boundaries. The actual task of defense is carried out by agents and coordinators in each ISP. The defense system works by inspecting incoming traffic on edge router and identify the happening of DDoS attacks. The agent’s implements an entropy-threshold based detection algorithm. The coordinators share attack related information with neighboring ISPs in order to achieve distributed defense. The performance of defense system is evaluated on the basis of some identified metrics. The effectiveness of the defense system is evaluated in the presence and absence of defense system. The result indicates that the proposed defense system does accurate attack detection with very few false positives and false negatives.

scholarly journals DDoS attack detection using deep learning

2021 ◽  
Vol 10 (2) ◽  
pp. 382
Author(s):  
Thapanarath Khempetch ◽  
Pongpisit Wuttidittachotti
Keyword(s):  
Deep Learning ◽  
Short Term Memory ◽  
Denial Of Service ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Ddos Attack ◽  
Attack Surface ◽  
Iot Devices ◽  
Ddos Attack Detection ◽  
Flow Of Information

<span id="docs-internal-guid-58e12f40-7fff-ea30-01f6-fbbed132b03c"><span>Nowadays, IoT devices are widely used both in daily life and in corporate and industrial environments. The use of these devices has increased dramatically and by 2030 it is estimated that their usage will rise to 125 billion devices causing enormous flow of information. It is likely that it will also increase distributed denial-of-service (DDoS) attack surface. As IoT devices have limited resources, it is impossible to add additional security structures to it. Therefore, the risk of DDoS attacks by malicious people who can take control of IoT devices, remain extremely high. In this paper, we use the CICDDoS2019 dataset as a dataset that has improved the bugs and introducing a new taxonomy for DDoS attacks, including new classification based on flows network. We propose DDoS attack detection using the deep neural network (DNN) and long short-term memory (LSTM) algorithm. Our results show that it can detect more than 99.90% of all three types of DDoS attacks. The results indicate that deep learning is another option for detecting attacks that may cause disruptions in the future.</span></span>

Sign in / Sign up

Export Citation Format

Share Document