DDoS Attack and Detection Methods in Internet-Enabled Networks: Concept, Research Perspectives, and Challenges

Adedeji, Kazeem B.; Abu‐Mahfouz, Adnan M.; Kurien, Anish Mathew

doi:10.3390/jsan12040051

Cited by 24 publications

(4 citation statements)

References 194 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Kazeem et al [9] reviewed methods used to detect and mitigate DDoS attacks on many Internet-enabled networks, including NDN, SDN, and IoT. In addition, it presented attack scenarios in some domains, such as the Internet of Drones, routing protocol-based IoT, and named-data networking.…”

Section: Related Work On Icn-based Iot With Machine Learning Technolo...mentioning

confidence: 99%

See 1 more Smart Citation

Detection of DoS Attacks for IoT in Information-Centric Networks Using Machine Learning: Opportunities, Challenges, and Future Research Directions

Bukhowah,

Aljughaiman,

Rahman

2024

Electronics

View full text Add to dashboard Cite

The Internet of Things (IoT) is a rapidly growing network that shares information over the Internet via interconnected devices. In addition, this network has led to new security challenges in recent years. One of the biggest challenges is the impact of denial-of-service (DoS) attacks on the IoT. The Information-Centric Network (ICN) infrastructure is a critical component of the IoT. The ICN has gained recognition as a promising networking solution for the IoT by supporting IoT devices to be able to communicate and exchange data with each other over the Internet. Moreover, the ICN provides easy access and straightforward security to IoT content. However, the integration of IoT devices into the ICN introduces new security challenges, particularly in the form of DoS attacks. These attacks aim to disrupt or disable the normal operation of the ICN, potentially leading to severe consequences for IoT applications. Machine learning (ML) is a powerful technology. This paper proposes a new approach for developing a robust and efficient solution for detecting DoS attacks in ICN-IoT networks using ML technology. ML is a subset of artificial intelligence (AI) that focuses on the development of algorithms. While several ML algorithms have been explored in the literature, including neural networks, decision trees (DTs), clustering algorithms, XGBoost, J48, multilayer perceptron (MLP) with backpropagation (BP), deep neural networks (DNNs), MLP-BP, RBF-PSO, RBF-JAYA, and RBF-TLBO, researchers compare these detection approaches using classification metrics such as accuracy. This classification metric indicates that SVM, RF, and KNN demonstrate superior performance compared to other alternatives. The proposed approach was carried out on the NDN architecture because, based on our findings, it is the most used one and has a high percentage of various types of cyberattacks. The proposed approach can be evaluated using an ndnSIM simulation and a synthetic dataset for detecting DoS attacks in ICN-IoT networks using ML algorithms.

show abstract

Section: Related Work On Icn-based Iot With Machine Learning Technolo...mentioning

confidence: 99%

“…These methods are significant methods to detect and mitigate DoS attacks such as the interest flooding attack (IFA). Other methods are recommended by [9], including the statistical approach, heuristic approach, machine learning (ML), and deep learning (DL). Consequently, there are various anomaly-based attack detection techniques to use.…”

Section: Introductionmentioning

confidence: 99%

Detection of DoS Attacks for IoT in Information-Centric Networks Using Machine Learning: Opportunities, Challenges, and Future Research Directions

Bukhowah,

Aljughaiman,

Rahman

2024

Electronics

View full text Add to dashboard Cite

show abstract

“…DDoS attacks present a significant and escalating threat to the Internet [8]. Attackers continually adapt their tactics to evade security systems, prompting researchers to consistently refine their approaches to counter new attack strategies.…”

Section: Motivationmentioning

confidence: 99%

Distributed Denial of Service Classification for Software-Defined Networking Using Grammatical Evolution

Spyrou,

Tsoulos,

Stylios

2023

Future Internet

View full text Add to dashboard Cite

Software-Defined Networking (SDN) stands as a pivotal paradigm in network implementation, exerting a profound influence on the trajectory of technological advancement. The critical role of security within SDN cannot be overstated, with distributed denial of service (DDoS) emerging as a particularly disruptive threat, capable of causing large-scale disruptions. DDoS operates by generating malicious traffic that mimics normal network activity, leading to service disruptions. It becomes imperative to deploy mechanisms capable of distinguishing between benign and malicious traffic, serving as the initial line of defense against DDoS challenges. In addressing this concern, we propose the utilization of traffic classification as a foundational strategy for combatting DDoS. By categorizing traffic into malicious and normal streams, we establish a crucial first step in the development of effective DDoS mitigation strategies. The deleterious effects of DDoS extend to the point of potentially overwhelming networked servers, resulting in service failures and SDN server downtimes. To investigate and address this issue, our research employs a dataset encompassing both benign and malicious traffic within the SDN environment. A set of 23 features is harnessed for classification purposes, forming the basis for a comprehensive analysis and the development of robust defense mechanisms against DDoS in SDN. Initially, we compare GenClass with three common classification methods, namely the Bayes, K-Nearest Neighbours (KNN), and Random Forest methods. The proposed solution improves the average class error, demonstrating 6.58% error as opposed to the Bayes method error of 32.59%, KNN error of 18.45%, and Random Forest error of 30.70%. Moreover, we utilize classification procedures based on three methods based on grammatical evolution, which are applied to the aforementioned data. In particular, in terms of average class error, GenClass exhibits 6.58%, while NNC and FC2GEN exhibit average class errors of 12.51% and 15.86%, respectively.

show abstract

“…These include the HTTP flood attack at the application layer [19] as well as the TCP-SYN and UDP flooding attacks at the transport layer [20][21][22]. The flood attack can also be performed at the network layer by flooding the network with ICMP messages [23,24]. The emergence of such attacks is driven by the lack of full adherence to strict security requirements.…”

Section: Introductionmentioning

confidence: 99%

A Lightweight Mitigation Approach against a New Inundation Attack in RPL-Based IoT Networks

Rouissat,

Belkheir,

Alsukayti

et al. 2023

Applied Sciences

View full text Add to dashboard Cite

Internet of Things (IoT) networks are being widely deployed for a broad range of critical applications. Without effective security support, such a trend would open the doors to notable security challenges. Due to their inherent constrained characteristics, IoT networks are highly vulnerable to the adverse impacts of a wide scope of IoT attacks. Among these, flooding attacks would cause great damage given the limited computational and energy capacity of IoT devices. However, IETF-standardized IoT routing protocols, such as the IPv6 Routing Protocol for Low Power and Lossy Networks (RPL), have no relevant security-provision mechanism. Different variants of the flooding attack can be easily initiated in RPL networks to exhaust network resources and degrade overall network performance. In this paper, a novel variant referred to as the Destination Information Object Flooding (DIOF) attack is introduced. The DIOF attack involves an internal malicious node disseminating falsified information to instigate excessive transmissions of DIO control messages. The results of the experimental evaluation demonstrated the significant adverse impact of DIOF attacks on control overhead and energy consumption, which increased by more than 500% and 210%, respectively. A reduction of more than 32% in Packet Delivery Ratio (PDR) and an increase of more than 192% in latency were also experienced. These were more evident in cases in which the malicious node was in close proximity to the sink node. To effectively address the DIOF attack, we propose a new lightweight approach based on a collaborative and distributed security scheme referred to as DIOF-Secure RPL (DSRPL). It provides an effective solution, enhancing RPL network resilience against DIOF attacks with only simple in-protocol modifications. As the experimental results indicated, DSRPL guaranteed responsive detection and mitigation of the DIOF attacks in a matter of a few seconds. Compared to RPL attack scenarios, it also succeeded in reducing network overhead and energy consumption by more than 80% while maintaining QoS performance at satisfactory levels.

show abstract

DDoS Attack and Detection Methods in Internet-Enabled Networks: Concept, Research Perspectives, and Challenges

Cited by 24 publications

References 194 publications

Detection of DoS Attacks for IoT in Information-Centric Networks Using Machine Learning: Opportunities, Challenges, and Future Research Directions

Detection of DoS Attacks for IoT in Information-Centric Networks Using Machine Learning: Opportunities, Challenges, and Future Research Directions

Distributed Denial of Service Classification for Software-Defined Networking Using Grammatical Evolution

A Lightweight Mitigation Approach against a New Inundation Attack in RPL-Based IoT Networks

Contact Info

Product

Resources

About