scholarly journals Botnet Attack Detection Using Local Global Best Bat Algorithm for Industrial Internet of Things

Electronics ◽  
2021 ◽  
Vol 10 (11) ◽  
pp. 1341
Author(s):  
Abdullah Alharbi ◽  
Wael Alosaimi ◽  
Hashem Alyami ◽  
Hafiz Tayyab Rauf ◽  
Robertas Damaševičius
Keyword(s):  
Internet Of Things ◽  
Denial Of Service ◽  
Bat Algorithm ◽  
Attack Detection ◽  
Weight Optimization ◽  
Target Class ◽  
Data Set ◽  
Efficient Detection ◽  
Gaussian Density ◽  
Iot Devices

The need for timely identification of Distributed Denial-of-Service (DDoS) attacks in the Internet of Things (IoT) has become critical in minimizing security risks as the number of IoT devices deployed rapidly grows globally and the volume of such attacks rises to unprecedented levels. Instant detection facilitates network security by speeding up warning and disconnection from the network of infected IoT devices, thereby preventing the botnet from propagating and thereby stopping additional attacks. Several methods have been developed for detecting botnet attacks, such as Swarm Intelligence (SI) and Evolutionary Computing (EC)-based algorithms. In this study, we propose a Local-Global best Bat Algorithm for Neural Networks (LGBA-NN) to select both feature subsets and hyperparameters for efficient detection of botnet attacks, inferred from 9 commercial IoT devices infected by two botnets: Gafgyt and Mirai. The proposed Bat Algorithm (BA) adopted the local-global best-based inertia weight to update the bat’s velocity in the swarm. To tackle with swarm diversity of BA, we proposed Gaussian distribution used in the population initialization. Furthermore, the local search mechanism was followed by the Gaussian density function and local-global best function to achieve better exploration during each generation. Enhanced BA was further employed for neural network hyperparameter tuning and weight optimization to classify ten different botnet attacks with an additional one benign target class. The proposed LGBA-NN algorithm was tested on an N-BaIoT data set with extensive real traffic data with benign and malicious target classes. The performance of LGBA-NN was compared with several recent advanced approaches such as weight optimization using Particle Swarm Optimization (PSO-NN) and BA-NN. The experimental results revealed the superiority of LGBA-NN with 90% accuracy over other variants, i.e., BA-NN (85.5% accuracy) and PSO-NN (85.2% accuracy) in multi-class botnet attack detection.

scholarly journals IFACNN: efficient DDoS attack detection based on improved firefly algorithm to optimize convolutional neural networks

2021 ◽  
Vol 19 (2) ◽  
pp. 1280-1303
Author(s):  
Jiushuang Wang ◽  
◽  
Ying Liu ◽  
Huifen Feng
Keyword(s):  
Internet Of Things ◽  
Firefly Algorithm ◽  
Denial Of Service ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Detection Scheme ◽  
Ddos Attack ◽  
Improved Firefly Algorithm ◽  
Iot Devices ◽  
Ddos Attack Detection

<abstract><p>Network security has become considerably essential because of the expansion of internet of things (IoT) devices. One of the greatest hazards of today's networks is distributed denial of service (DDoS) attacks, which could destroy critical network services. Recent numerous IoT devices are unsuspectingly attacked by DDoS. To securely manage IoT equipment, researchers have introduced software-defined networks (SDN). Therefore, we propose a DDoS attack detection scheme to secure the real-time in the software-defined the internet of things (SD-IoT) environment. In this article, we utilize improved firefly algorithm to optimize the convolutional neural network (CNN), to provide detection for DDoS attacks in our proposed SD-IoT framework. Our results demonstrate that our scheme can achieve higher than 99% DDoS behavior and benign traffic detection accuracy.</p></abstract>

scholarly journals Análise de Características do Tráfego de Rede para Detecção de Ataques DDoS em Ambientes IoT

2021 ◽  
Author(s):  
Wanderson Leonardo Costa ◽  
Ariel Lima de Carvalho Portela ◽  
Rafael Lopes Gomes
Keyword(s):  
Internet Of Things ◽  
New Technologies ◽  
Denial Of Service ◽  
Real Data ◽  
Distributed Denial Of Service ◽  
Detection Mechanism ◽  
Security Vulnerabilities ◽  
Data Set ◽  
Iot Devices ◽  
Definition Of

The evolution of computing devices has allowed the evolution ofservice provision in society, applying new technologies based onthe Internet of Things (IoT). Most IoT devices have security vulnerabilities,making them susceptible to Distributed Denial of Service(DDoS) Attacks. Thus, it is necessary to apply solutions that candetect this type of attack in IoT networks from the information ofthe network traffic. However, there is still no definition of whichtraffic characteristics should be used for detection, since the useof inappropriate characteristics tend to make detection difficult.Within this context, this article presents an analysis of the most importanttraffic characteristics for detecting DDoS in IoT networks,in order to support a detection mechanism based on Machine Learning.Experiments using a real data set suggest that the proposedmechanism has an accuracy close to 99 % when the most suitablecharacteristics are selected.

scholarly journals Mathematical model on distributed denial of service attack through Internet of things in a network

2019 ◽  
Vol 8 (1) ◽  
pp. 486-495 ◽  
Author(s):  
Bimal Kumar Mishra ◽  
Ajit Kumar Keshri ◽  
Dheeresh Kumar Mallick ◽  
Binay Kumar Mishra
Keyword(s):  
Mathematical Model ◽  
Internet Of Things ◽  
Equilibrium Points ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Denial Of Service Attack ◽  
Different Types ◽  
Service Attack ◽  
Iot Devices

Abstract Internet of Things (IoT) opens up the possibility of agglomerations of different types of devices, Internet and human elements to provide extreme interconnectivity among them towards achieving a completely connected world of things. The mainstream adaptation of IoT technology and its widespread use has also opened up a whole new platform for cyber perpetrators mostly used for distributed denial of service (DDoS) attacks. In this paper, under the influence of internal and external nodes, a two - fold epidemic model is developed where attack on IoT devices is first achieved and then IoT based distributed attack of malicious objects on targeted resources in a network has been established. This model is mainly based on Mirai botnet made of IoT devices which came into the limelight with three major DDoS attacks in 2016. The model is analyzed at equilibrium points to find the conditions for their local and global stability. Impact of external nodes on the over-all model is critically analyzed. Numerical simulations are performed to validate the vitality of the model developed.

scholarly journals Recent Advancements in Intrusion Detection Systems for the Internet of Things

2019 ◽  
Vol 2019 ◽  
pp. 1-19 ◽  
Author(s):  
Zeeshan Ali Khan ◽  
Peter Herrmann
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Ad Hoc ◽  
Denial Of Service ◽  
Research Work ◽  
Intrusion Detection Systems ◽  
Future Research ◽  
Detection Systems ◽  
Iot Applications ◽  
Iot Devices

Many Internet of Things (IoT) systems run on tiny connected devices that have to deal with severe processor and energy restrictions. Often, the limited processing resources do not allow the use of standard security mechanisms on the nodes, making IoT applications quite vulnerable to different types of attacks. This holds particularly for intrusion detection systems (IDS) that are usually too resource-heavy to be handled by small IoT devices. Thus, many IoT systems are not sufficiently protected against typical network attacks like Denial-of-Service (DoS) and routing attacks. On the other side, IDSs have already been successfully used in adjacent network types like Mobile Ad hoc Networks (MANET), Wireless Sensor Networks (WSN), and Cyber-Physical Systems (CPS) which, in part, face limitations similar to those of IoT applications. Moreover, there is research work ongoing that promises IDSs that may better fit to the limitations of IoT devices. In this article, we will give an overview about IDSs suited for IoT networks. Besides looking on approaches developed particularly for IoT, we introduce also work for the three similar network types mentioned above and discuss if they are also suitable for IoT systems. In addition, we present some suggestions for future research work that could be useful to make IoT networks more secure.

The HTTP Flooding Attack Detection to Secure and Safeguard Online Applications in the Cloud

2019 ◽  
Vol 10 (3) ◽  
pp. 41-58
Author(s):  
Dhanapal A ◽  
Nithyanandam P
Keyword(s):  
Linear Prediction ◽  
Denial Of Service ◽  
Attack Detection ◽  
Healthcare Applications ◽  
Normal Behaviour ◽  
Data Set ◽  
Denial Of Service Attack ◽  
Flooding Attack ◽  
Cloud Properties ◽  
Service Attack

Cloud computing is the cutting edge and has become inevitable in all forms of computing. This is due to its nature of elasticity, cost-effectiveness, availability, etc. The online applications like e-commerce, and e-healthcare applications are moving to the cloud to reduce their operational cost. These applications have the vulnerability of a HTTP flooding Distributed Denial of Service attack in the cloud. This flooding attack aims to overload the application, making it unable to process genuine requests and bring it down. So, these applications need to be secured and safeguarded against such attacks. This HTTP flooding attack is one of the key challenging issues as it shows normal behaviour with regard to all lower networking layers like TCP 3-way handshaking by mimicking genuine requests and it is even harder in the cloud due to the cloud properties. This article offers a solution for detecting a HTTP flooding attack in the cloud by using the novel TriZonal Linear Prediction (TLP) model. The solution was implemented using OpenStack and the FIFA Worldcup '98 data set for experimentation.

scholarly journals SlowITe, a Novel Denial of Service Attack Affecting MQTT

Sensors ◽  
2020 ◽  
Vol 20 (10) ◽  
pp. 2932
Author(s):  
Ivan Vaccari ◽  
Maurizio Aiello ◽  
Enrico Cambiaso
Keyword(s):  
Internet Of Things ◽  
Denial Of Service ◽  
The Internet ◽  
Message Queue ◽  
Plain Text ◽  
Denial Of Service Attack ◽  
Service Attack ◽  
Iot Devices ◽  
The Internet Of Things ◽  
Low Rate

Security of the Internet of Things is a crucial topic, due to the criticality of the networks and the sensitivity of exchanged data. In this paper, we target the Message Queue Telemetry Transport (MQTT) protocol used in IoT environments for communication between IoT devices. We exploit a specific weakness of MQTT which was identified during our research, allowing the client to configure the behavior of the server. In order to validate the possibility to exploit such vulnerability, we propose SlowITe, a novel low-rate denial of service attack aimed to target MQTT through low-rate techniques. We validate SlowITe against real MQTT services, considering both plain text and encrypted communications and comparing the effects of the threat when targeting different daemons. Results show that the attack is successful and it is able to exploit the identified vulnerability to lead a DoS on the victim with limited attack resources.

scholarly journals A Classification Detection Algorithm Based on Joint Entropy Vector against Application-Layer DDoS Attack

2018 ◽  
Vol 2018 ◽  
pp. 1-8 ◽  
Author(s):  
Yuntao Zhao ◽  
Wenbo Zhang ◽  
Yongxin Feng ◽  
Bo Yu
Keyword(s):  
Denial Of Service ◽  
Detection Algorithm ◽  
Attack Detection ◽  
Training Data ◽  
Joint Entropy ◽  
Application Layer ◽  
Accurate Identification ◽  
Data Set ◽  
Ddos Attack ◽  
The Web

The application-layer distributed denial of service (AL-DDoS) attack makes a great threat against cyberspace security. The attack detection is an important part of the security protection, which provides effective support for defense system through the rapid and accurate identification of attacks. According to the attacker’s different URL of the Web service, the AL-DDoS attack is divided into three categories, including a random URL attack and a fixed and a traverse one. In order to realize identification of attacks, a mapping matrix of the joint entropy vector is constructed. By defining and computing the value of EUPI and jEIPU, a visual coordinate discrimination diagram of entropy vector is proposed, which also realizes data dimension reduction from N to two. In terms of boundary discrimination and the region where the entropy vectors fall in, the class of AL-DDoS attack can be distinguished. Through the study of training data set and classification, the results show that the novel algorithm can effectively distinguish the web server DDoS attack from normal burst traffic.

scholarly journals Architecture for Secure Communication Among IoT Devices with Ethereum Blockchain

2021 ◽  
Author(s):  
Bawankar Chetan D ◽  
Sanjeev Kumar Sharma
Keyword(s):  
Internet Of Things ◽  
Information Transmission ◽  
Open System ◽  
Secure Communication ◽  
Denial Of Service ◽  
Peer To Peer ◽  
System Innovation ◽  
Distributed Denial Of Service ◽  
Iot Devices ◽  
The Relationship

The paper aims to clarify the relationship between Internet-of-Things devices and Ethereum blockchain. It proposes the arrangement to ensure information transmission among parties in an open system of IoT must be secure using Ethereum. The accompanying joining strategy utilized terminal gadgets as system innovation and Ethereum blockchain stage that delivered back-end, which guarantees high security, accessibility, and protection, supplanting conventional back-end frameworks. The following issues should be considered to prevent the malicious hub from attacking, resist distributed denial-of-service attacks, and prevent firmware backdoor access. This paper proposed a system in which the Peer-to-Peer authentication model, where every IoT node in the system must be authenticated and verified by the proposed framework. The paper provides empirical insights into IoT nodes manufactured in bulk, and they are remaining with their default username and password.

scholarly journals Review on EM-CURE Algorithm for Detection DDOS Attack

2018 ◽  
Vol 7 (01) ◽  
pp. 23386-23489
Author(s):  
Miss Priyanka P. Narode ◽  
Prof I.R. Shaikh
Keyword(s):  
Data Mining ◽  
Network Flow ◽  
Denial Of Service ◽  
Attack Detection ◽  
Cyber Attack ◽  
Data Mining Technique ◽  
Network Resource ◽  
Data Mining Techniques ◽  
Ddos Attack ◽  
Efficient Detection

Distributed Denial of Service attack (DoS attack) is a cyber attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. It is necessary to analyze the fundamental features of DDoS attacks because these attacks can easily vary the used port/protocol, or operation method because they are designed to restricted applications on limited environments.DDoS attack detection very difficult because the non-existence of predefined rules to correctly identify the genuine network flow. A combination of unsupervised data mining techniques as IDS are introduced. The Entropy Method concept in term of windowing the incoming packets is applied with data mining technique using Clustering Using Representative (CURE) as cluster analysis to detect the DDoS attack in network flow. The data is mainly collected from datasets. The CURE DDoS attack detection technique based on entropy gives a promising way to analyze this attack and construct an efficient detection model using a clustering data mining techniques. This approach has been evaluated and compared with several existing approaches in terms of accuracy, false alarm rate, detection rate, F. measure and Phi coefficient.

Attack detection in medical Internet of things using optimized deep learning: enhanced security in healthcare sector

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
J Aruna Santhi ◽  
G Vijaya Saradhi
Keyword(s):  
Deep Learning ◽  
Internet Of Things ◽  
Hybrid Algorithm ◽  
Attack Detection ◽  
Hospital Environment ◽  
Healthcare Sector ◽  
Content Type ◽  
Accurate Detection ◽  
Iot Devices ◽  
Better Than

PurposeThis paper tactics to implement the attack detection in medical Internet of things (IoT) devices using improved deep learning architecture for accomplishing the concept bring your own device (BYOD). Here, a simulation-based hospital environment is modeled where many IoT devices or medical equipment are communicated with each other. The node or the device, which is creating the attack are recognized with the support of attribute collection. The dataset pertaining to the attack detection in medical IoT is gathered from each node that is considered as features. These features are subjected to a deep belief network (DBN), which is a part of deep learning algorithm. Despite the existing DBN, the number of hidden neurons of DBN is tuned or optimized correctly with the help of a hybrid meta-heuristic algorithm by merging grasshopper optimization algorithm (GOA) and spider monkey optimization (SMO) in order to enhance the accuracy of detection. The hybrid algorithm is termed as local leader phase-based GOA (LLP-GOA). The DBN is used to train the nodes by creating the data library with attack details, thus maintaining accurate detection during testing.Design/methodology/approachThis paper has presented novel attack detection in medical IoT devices using improved deep learning architecture as BYOD. With this, this paper aims to show the high convergence and better performance in detecting attacks in the hospital network.FindingsFrom the analysis, the overall performance analysis of the proposed LLP-GOA-based DBN in terms of accuracy was 0.25% better than particle swarm optimization (PSO)-DBN, 0.15% enhanced than grey wolf algorithm (GWO)-DBN, 0.26% enhanced than SMO-DBN and 0.43% enhanced than GOA-DBN. Similarly, the accuracy of the proposed LLP-GOA-DBN model was 13% better than support vector machine (SVM), 5.4% enhanced than k-nearest neighbor (KNN), 8.7% finer than neural network (NN) and 3.5% enhanced than DBN.Originality/valueThis paper adopts a hybrid algorithm termed as LLP-GOA for the accurate detection of attacks in medical IoT for improving the enhanced security in healthcare sector using the optimized deep learning. This is the first work which utilizes LLP-GOA algorithm for improving the performance of DBN for enhancing the security in the healthcare sector.

Sign in / Sign up

Export Citation Format

Share Document