Detection and Mitigation of DoS and DDoS Attacks in IoT-Based Stateful SDN: An Experimental Approach

Jesús Galeano-Brajones; Javier Carmona-Murillo; Juan F. Valenzuela-Valdés; Francisco Luna-Valero

doi:10.3390/s20030816

Detection and Mitigation of DoS and DDoS Attacks in IoT-Based Stateful SDN: An Experimental Approach

Sensors ◽

10.3390/s20030816 ◽

2020 ◽

Vol 20 (3) ◽

pp. 816 ◽

Cited By ~ 15

Author(s):

Jesús Galeano-Brajones ◽

Javier Carmona-Murillo ◽

Juan F. Valenzuela-Valdés ◽

Francisco Luna-Valero

Keyword(s):

Denial Of Service ◽

Network Capacity ◽

Mobile Systems ◽

Data Traffic ◽

Ddos Attacks ◽

Sensors And Actuators ◽

Embedded Devices ◽

Fifth Generation ◽

Iot Devices ◽

First Time

The expected advent of the Internet of Things (IoT) has triggered a large demand of embedded devices, which envisions the autonomous interaction of sensors and actuators while offering all sort of smart services. However, these IoT devices are limited in computation, storage, and network capacity, which makes them easy to hack and compromise. To achieve secure development of IoT, it is necessary to engineer scalable security solutions optimized for the IoT ecosystem. To this end, Software Defined Networking (SDN) is a promising paradigm that serves as a pillar in the fifth generation of mobile systems (5G) that could help to detect and mitigate Denial of Service (DoS) and Distributed DoS (DDoS) threats. In this work, we propose to experimentally evaluate an entropy-based solution to detect and mitigate DoS and DDoS attacks in IoT scenarios using a stateful SDN data plane. The obtained results demonstrate for the first time the effectiveness of this technique targeting real IoT data traffic.

Download Full-text

Mathematical model on distributed denial of service attack through Internet of things in a network

Nonlinear Engineering ◽

10.1515/nleng-2017-0094 ◽

2019 ◽

Vol 8 (1) ◽

pp. 486-495 ◽

Cited By ~ 3

Author(s):

Bimal Kumar Mishra ◽

Ajit Kumar Keshri ◽

Dheeresh Kumar Mallick ◽

Binay Kumar Mishra

Keyword(s):

Mathematical Model ◽

Internet Of Things ◽

Equilibrium Points ◽

Denial Of Service ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Denial Of Service Attack ◽

Different Types ◽

Service Attack ◽

Iot Devices

Abstract Internet of Things (IoT) opens up the possibility of agglomerations of different types of devices, Internet and human elements to provide extreme interconnectivity among them towards achieving a completely connected world of things. The mainstream adaptation of IoT technology and its widespread use has also opened up a whole new platform for cyber perpetrators mostly used for distributed denial of service (DDoS) attacks. In this paper, under the influence of internal and external nodes, a two - fold epidemic model is developed where attack on IoT devices is first achieved and then IoT based distributed attack of malicious objects on targeted resources in a network has been established. This model is mainly based on Mirai botnet made of IoT devices which came into the limelight with three major DDoS attacks in 2016. The model is analyzed at equilibrium points to find the conditions for their local and global stability. Impact of external nodes on the over-all model is critically analyzed. Numerical simulations are performed to validate the vitality of the model developed.

Download Full-text

AntibIoTic: Protecting IoT Devices Against DDoS Attacks

10.31224/osf.io/vh8ka ◽

2017 ◽

Cited By ~ 3

Author(s):

Michele De Donno ◽

Nicola Dragoni ◽

Alberto Giaretta ◽

Manuel Mazzara

Keyword(s):

Denial Of Service ◽

Main Idea ◽

Denial Of Service Attacks ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Dos Attacks ◽

The World ◽

Iot Devices

The 2016 is remembered as the year that showed to the world how dangerous distributed Denial of Service attacks can be. Gauge of the disruptiveness of DDoS attacks is the number of bots involved: the bigger the botnet, the more powerful the attack. This character, along with the increasing availability of connected and insecure IoT devices, makes DDoS and IoT the perfect pair for the malware industry. In this paper we present the main idea behind AntibIoTic, a palliative solution to prevent DoS attacks perpetrated through IoT devices.

Download Full-text

Survey of DoS/DDoS attacks in IoT

Sustainable Engineering and Innovation, ISSN 2712-0562 ◽

10.37868/sei.v3i1.124 ◽

2021 ◽

Vol 3 (1) ◽

pp. 23-28

Author(s):

Rozan Khader ◽

Derar Eleyan

Keyword(s):

Smart Cities ◽

Denial Of Service ◽

Wearable Devices ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Iot Security ◽

Counter Measures ◽

Security Issues ◽

Iot Devices ◽

Internet Of Thing

The term internet of thing (IoT) has gained much popularity in the last decade. Which can be defined as various connected devices over the internet. IoT has rapidly spread to include all aspects of our lives. For instance, smart houses, smart cities, and variant wearable devices. IoT devices work to do their desired goals, which is to develop a person life with his/her minimal involvement. At the same time, IoT devices have many weaknesses, which attackers exploit to affect these devices security. Denial of Service (DoS) and Distributed Denial of Service (DDoS) are considered the most common attacks that strike IoT security. The main aim of these attacks is to make victim systems down and inaccessible for legitimate users by malicious malware. This paper objective is to discuss and review security issues related to DoS/DDoS Attacks and their counter measures i.e. prevention based on IoT devices layers structure.

Download Full-text

Mitigating DDoS Attacks in SDN-Based IoT Networks Leveraging Secure Control and Data Plane Algorithm

Applied Sciences ◽

10.3390/app11030929 ◽

2021 ◽

Vol 11 (3) ◽

pp. 929

Author(s):

Song Wang ◽

Karina Gomez ◽

Kandeepan Sithamparanathan ◽

Muhammad Rizwan Asghar ◽

Giovanni Russello ◽

...

Keyword(s):

Denial Of Service ◽

Network Connectivity ◽

Network Evolution ◽

Ddos Attacks ◽

Level Control ◽

Secure Control ◽

Data Plane ◽

Upper Level ◽

Iot Devices ◽

The One

Software-Defined Networking (SDN) and Internet of Things (IoT) are the trends of network evolution. SDN mainly focuses on the upper level control and management of networks, while IoT aims to bring devices together to enable sharing and monitoring of real-time behaviours through network connectivity. On the one hand, IoT enables us to gather status of devices and networks and to control them remotely. On the other hand, the rapidly growing number of devices challenges the management at the access and backbone layer and raises security concerns of network attacks, such as Distributed Denial of Service (DDoS). The combination of SDN and IoT leads to a promising approach that could alleviate the management issue. Indeed, the flexibility and programmability of SDN could help in simplifying the network setup. However, there is a need to make a security enhancement in the SDN-based IoT network for mitigating attacks involving IoT devices. In this article, we discuss and analyse state-of-the-art DDoS attacks under SDN-based IoT scenarios. Furthermore, we verify our SDN sEcure COntrol and Data plane (SECOD) algorithm to resist DDoS attacks on the real SDN-based IoT testbed. Our results demonstrate that DDoS attacks in the SDN-based IoT network are easier to detect than in the traditional network due to IoT traffic predictability. We observed that random traffic (UDP or TCP) is more affected during DDoS attacks. Our results also show that the probability of a controller becoming halt is 10%, while the probability of a switch getting unresponsive is 40%.

Download Full-text

Cyber-Physical System and Internet of Things Security

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch018 ◽

2021 ◽

pp. 328-357

Author(s):

Thomas Ulz ◽

Sarah Haas ◽

Christian Steger

Keyword(s):

Internet Of Things ◽

Public Awareness ◽

Denial Of Service ◽

The Internet ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Industrial Iot ◽

Confidential Data ◽

Iot Devices ◽

The Internet Of Things

An increase of distributed denial-of-service (DDoS) attacks launched by botnets such as Mirai has raised public awareness regarding potential security weaknesses in the Internet of Things (IoT). Devices are an attractive target for attackers because of their large number and due to most devices being online 24/7. In addition, many traditional security mechanisms are not applicable for resource constraint IoT devices. The importance of security for cyber-physical systems (CPS) is even higher, as most systems process confidential data or control a physical process that could be harmed by attackers. While industrial IoT is a hot topic in research, not much focus is put on ensuring information security. Therefore, this paper intends to give an overview of current research regarding the security of data in industrial CPS. In contrast to other surveys, this work will provide an overview of the big CPS security picture and not focus on special aspects.

Download Full-text

NovaGenesis Applied to Information-Centric, Service-Defined, Trustable IoT/WSAN Control Plane and Spectrum Management

Sensors ◽

10.3390/s18093160 ◽

2018 ◽

Vol 18 (9) ◽

pp. 3160 ◽

Cited By ~ 2

Author(s):

Antônio Alberti ◽

Marília Bontempo ◽

José dos Santos ◽

Arismar Sodré ◽

Rodrigo Righi

Keyword(s):

Ieee 802.15.4 ◽

Spectrum Management ◽

Control Plane ◽

Wireless Devices ◽

Sensors And Actuators ◽

Radio System ◽

Dynamic Spectrum Management ◽

Iot Devices ◽

Real Scenario ◽

First Time

We integrate, for the first time in the literature, the following ingredients to deal with emerging dynamic spectrum management (DSM) problem in heterogeneous wireless sensors and actuators networks (WSANs), Internet of things (IoT) and Wi-Fi: (i) named-based routing to provide provenance and location-independent access to control plane; (ii) temporary storage of control data for efficient and cohesive control dissemination, as well as asynchronous communication between software-controllers and devices; (iii) contract-based control to improve trust-ability of actions; (iv) service-defined configuration of wireless devices, approximating their configurations to real services needs. The work is implemented using NovaGenesis architecture and a proof-of-concept is evaluated in a real scenario, demonstrating our approach to automate radio frequency channel optimization in Wi-Fi and IEEE 802.15.4 networks in the 2.4 GHz bands. An integrated cognitive radio system provides the dual-mode best channel indications for novel DSM services in NovaGenesis. By reconfiguring Wi-Fi/IoT devices to best channels, the proposed solution more than doubles the network throughput, when compared to the case of mutual interference. Therefore, environments equipped with the proposal provide enhanced performance to their users.

Download Full-text

ABS-DDoS: An Agent-Based Simulator about Strategies of Both DDoS Attacks and Their Defenses, to Achieve Efficient Data Forwarding in Sensor Networks and IoT Devices

Wireless Communications and Mobile Computing ◽

10.1155/2018/7264269 ◽

2018 ◽

Vol 2018 ◽

pp. 1-11 ◽

Cited By ~ 2

Author(s):

Franks González-Landero ◽

Iván García-Magariño ◽

Raquel Lacuesta ◽

Jaime Lloret

Keyword(s):

Sensor Networks ◽

Precision Agriculture ◽

Denial Of Service ◽

Ambient Assisted Living ◽

Current Approach ◽

Ddos Attacks ◽

Data Forwarding ◽

Defense Strategies ◽

Agent Based ◽

Iot Devices

Sensor networks and Internet of Things (IoT) are useful for many purposes such as military defense, sensing in smart homes, precision agriculture, underwater monitoring in aquaculture, and ambient-assisted living for healthcare. Efficient and secure data forwarding is essential to maintain seamless communications and to provide fast services. However, IoT devices and sensors usually have low processing capabilities and vulnerabilities. For example, attacks such as the Distributed Denial of Service (DDoS) can easily hinder sensor networks and IoT devices. In this context, the current approach presents an agent-based simulation solution for exploring strategies for defending from different DDoS attacks. The current work focuses on obtaining low-consuming defense strategies in terms of processing capabilities, so that these can be applied in sensor networks and IoT devices. The experimental results show that the simulator was useful for (a) defining defense and attack strategies, (b) assessing the effectiveness of defense strategies against attack ones, and (c) defining efficient defense strategies with low response times.

Download Full-text

IFACNN: efficient DDoS attack detection based on improved firefly algorithm to optimize convolutional neural networks

Mathematical Biosciences and Engineering ◽

10.3934/mbe.2022059 ◽

2021 ◽

Vol 19 (2) ◽

pp. 1280-1303

Author(s):

Jiushuang Wang ◽

◽

Ying Liu ◽

Huifen Feng

Keyword(s):

Internet Of Things ◽

Firefly Algorithm ◽

Denial Of Service ◽

Attack Detection ◽

Ddos Attacks ◽

Detection Scheme ◽

Ddos Attack ◽

Improved Firefly Algorithm ◽

Iot Devices ◽

Ddos Attack Detection

<abstract>Network security has become considerably essential because of the expansion of internet of things (IoT) devices. One of the greatest hazards of today's networks is distributed denial of service (DDoS) attacks, which could destroy critical network services. Recent numerous IoT devices are unsuspectingly attacked by DDoS. To securely manage IoT equipment, researchers have introduced software-defined networks (SDN). Therefore, we propose a DDoS attack detection scheme to secure the real-time in the software-defined the internet of things (SD-IoT) environment. In this article, we utilize improved firefly algorithm to optimize the convolutional neural network (CNN), to provide detection for DDoS attacks in our proposed SD-IoT framework. Our results demonstrate that our scheme can achieve higher than 99% DDoS behavior and benign traffic detection accuracy.</abstract>

Download Full-text

DDoS attack detection using deep learning

IAES International Journal of Artificial Intelligence (IJ-AI) ◽

10.11591/ijai.v10.i2.pp382-388 ◽

2021 ◽

Vol 10 (2) ◽

pp. 382

Author(s):

Thapanarath Khempetch ◽

Pongpisit Wuttidittachotti

Keyword(s):

Deep Learning ◽

Short Term Memory ◽

Denial Of Service ◽

Attack Detection ◽

Ddos Attacks ◽

Ddos Attack ◽

Attack Surface ◽

Iot Devices ◽

Ddos Attack Detection ◽

Flow Of Information

Nowadays, IoT devices are widely used both in daily life and in corporate and industrial environments. The use of these devices has increased dramatically and by 2030 it is estimated that their usage will rise to 125 billion devices causing enormous flow of information. It is likely that it will also increase distributed denial-of-service (DDoS) attack surface. As IoT devices have limited resources, it is impossible to add additional security structures to it. Therefore, the risk of DDoS attacks by malicious people who can take control of IoT devices, remain extremely high. In this paper, we use the CICDDoS2019 dataset as a dataset that has improved the bugs and introducing a new taxonomy for DDoS attacks, including new classification based on flows network. We propose DDoS attack detection using the deep neural network (DNN) and long short-term memory (LSTM) algorithm. Our results show that it can detect more than 99.90% of all three types of DDoS attacks. The results indicate that deep learning is another option for detecting attacks that may cause disruptions in the future.

Download Full-text

A Wrapper based Feature Selection using Grey Wolf Optimization for Botnet Attack Detection

International Journal of Sensors Wireless Communications and Control ◽

10.2174/2210327911666210120124340 ◽

2021 ◽

Vol 11 ◽

Author(s):

Ravi Kiran Varma P ◽

S Kumar Reddy Mallidi ◽

Rohit Rishi Muni

Keyword(s):

Feature Selection ◽

Detection System ◽

Denial Of Service ◽

Attack Detection ◽

Feature Reduction ◽

Data Traffic ◽

Grey Wolf ◽

Grey Wolf Optimization ◽

Iot Devices ◽

And Control

Aim: To design and evaluate the performance of a Grey Wolf Optimization (GWO) based wrapper feature selection applied to the Botnet malware detection system. Background: A botnet is malicious software that is controlled by a master and used to compromise a distributed set of systems, in turn targeting a victim. Powerful attacks like Distributed Denial of Service (DDoS) can be triggered using a botnet. With the rapid growth of the Internet of Things (IoT) and its omnipresence, the vulnerable IoT devices are also under threat of being a victim or a zombie. Objective: To optimize the listed botnet data traffic features, Grey Wolf Optimization (GWO), in a wrapper model, is used to search the useful features without affecting the classification accuracy. Method: The Botnet dataset consists of a total of 192 command and control (C& C) botnet channels HTTP traffic features, and network traffic session-based features. GWO optimization algorithm is used as a wrapper for feature selection, and evaluated on three different classifiers, viz., SVM, KNN, and DT. Results: Decision Tree (DT) and GWO wrapper produced the best results when compared with other classifiers. The output of the research reduces the botnet traffic features to 19 from 192, with an accuracy of 99.73% post the reduction. Conclusion: The proposed DT-GWO wrapper turns out to be an excellent choice for feature reduction for botnet attack detection. The strength of the DT-GWO wrapper is that it is able to retain the near full-feature accuracy even after a massive reduction of 90.10% of the features.

Download Full-text