Denial of service attack detection through machine learning for the IoT

Syed, Naeem Firdous; Baig, Zubair; Ibrahim, Ahmed; Valli, Craig

doi:10.1080/24751839.2020.1767484

Cited by 87 publications

(43 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Syed et al [48] applied an ML-based application layer DoS attack detection framework for the detection of DoS attack on Message Queuing Telemetry Transport (MQTT) data communication protocol. The ML models applied for the detection of attack were Decision Trees (C4.5), Multi-Layer Perceptron (MLP) and Average One-Dependence Estimator (AODE).…”

Section: Related Workmentioning

confidence: 99%

Real-Time DDoS Attack Detection System Using Big Data Approach

et al. 2021

View full text Add to dashboard Cite

Currently, the Distributed Denial of Service (DDoS) attack has become rampant, and shows up in various shapes and patterns, therefore it is not easy to detect and solve with previous solutions. Classification algorithms have been used in many studies and have aimed to detect and solve the DDoS attack. DDoS attacks are performed easily by using the weaknesses of networks and by generating requests for services for software. Real-time detection of DDoS attacks is difficult to detect and mitigate, but this solution holds significant value as these attacks can cause big issues. This paper addresses the prediction of application layer DDoS attacks in real-time with different machine learning models. We applied the two machine learning approaches Random Forest (RF) and Multi-Layer Perceptron (MLP) through the Scikit ML library and big data framework Spark ML library for the detection of Denial of Service (DoS) attacks. In addition to the detection of DoS attacks, we optimized the performance of the models by minimizing the prediction time as compared with other existing approaches using big data framework (Spark ML). We achieved a mean accuracy of 99.5% of the models both with and without big data approaches. However, in training and testing time, the big data approach outperforms the non-big data approach due to that the Spark computations in memory are in a distributed manner. The minimum average training and testing time in minutes was 14.08 and 0.04, respectively. Using a big data tool (Apache Spark), the maximum intermediate training and testing time in minutes was 34.11 and 0.46, respectively, using a non-big data approach. We also achieved these results using the big data approach. We can detect an attack in real-time in few milliseconds.

show abstract

Section: Related Workmentioning

confidence: 99%

Real-Time DDoS Attack Detection System Using Big Data Approach

et al. 2021

View full text Add to dashboard Cite

show abstract

“…This makes distinguishing between natural and malicious traffic impossible [49,50]. In recent years, a specific IoT botnet virus known as Mirai has been responsible for initiating disruptive DDoS attacks, causing thousands of IoT computers to malfunction due to interferences [30,51].  Spoofing and Sybil attacks: these types of attacks are mainly used to gain unauthorized access to IoT systems by targeting user identification (RFID and MAC address), as seen in Fig.…”

Section: Active Iot Attacksmentioning

confidence: 99%

“…5 [51].  Data Tampering: Data tampering is a severe threat not just to corporations but also to people's lives and property.…”

Section: Active Iot Attacksmentioning

confidence: 99%

Attack and Anomaly Detection in IoT Networks using Machine Learning Techniques: A Review

Haji

Ameen

2021

AJRCoS

View full text Add to dashboard Cite

The Internet of Things (IoT) is one of today's most rapidly growing technologies. It is a technology that allows billions of smart devices or objects known as "Things" to collect different types of data about themselves and their surroundings using various sensors. They may then share it with the authorized parties for various purposes, including controlling and monitoring industrial services or increasing business services or functions. However, the Internet of Things currently faces more security threats than ever before. Machine Learning (ML) has observed a critical technological breakthrough, which has opened several new research avenues to solve current and future IoT challenges. However, Machine Learning is a powerful technology to identify threats and suspected activities in intelligent devices and networks. In this paper, various ML algorithms have been compared in terms of attack detection and anomaly detection, following a thorough literature review on Machine Learning methods and the significance of IoT security in the context of various types of potential attacks. Furthermore, possible ML-based IoT protection technologies have been introduced.

show abstract

“…Syed et al [23], the authors proposed a machine learning framework for detecting and evaluating the denial-of-service attacks on the MQTT protocol. They designed and tested the attack to capture normal, offensive traffic, and statistical flow features based on dimension.…”

Section: Introductionmentioning

confidence: 99%

Physical cyber-security algorithm for wireless sensor networks

Khudhur

Croock

2021

TELKOMNIKA

View full text Add to dashboard Cite

Today, the wireless sensor network (WSN) plays an important role in our daily life. In addition, it is used in many applications such as military, medical, greenhouse, and transport. Due to the sending data between its nodes or to the base station requires a connection link, the sensor nodes can be exposed to the many attacks that exploit the weaknesses of the network. One of the most important types of these attacks is the denial of service (DoS). DoS attack exhausts the system's resources that lead the system to be out of service. In this paper, a cyber-security algorithm is proposed for physical level of WSN that adopts message queuing telemetry transport (MQTT) protocol for data transmission and networking. This algorithm predicts the DoS attacks at the first time of happening to be isolated from the WSN. It includes three stages of detecting the attack, predicting the effects of this attack and preventing the attacks by excluding the predicted nodes from the WSN. We applied a type of DoS attack that is a DoS injection attack (DoSIA) on the network protocol. The proposed algorithm is tested by adopting three case studies to cover the most common cases of attacks. The experiment results show the superior of the proposed algorithm in detecting and solving the cyber-attacks.

show abstract

Denial of service attack detection through machine learning for the IoT

Cited by 87 publications

References 36 publications

Real-Time DDoS Attack Detection System Using Big Data Approach

Real-Time DDoS Attack Detection System Using Big Data Approach

Attack and Anomaly Detection in IoT Networks using Machine Learning Techniques: A Review

Physical cyber-security algorithm for wireless sensor networks

Contact Info

Product

Resources

About