DPLPLN: Detection and Prevention from Flooding Attack in IoT

Gajbhiye, A.; Sen, Devkant; Bhatt, Abhishek; Soni, Gaurav

doi:10.1109/icosec49089.2020.9215381

Cited by 9 publications

(8 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Then, SDHoneyNet deploys the honey topology to mimic complex networks. In [ 4 ], the authors propose an attack detection scheme, Woodpecker, upgrading several nodes to SDN switches called SDN-enabled nodes. When the packets come into the SDN-enabled node 30 s later, the SDN-enabled node checks the statistical information over the predefined condition threshold to locate the attack.…”

Section: Related Workmentioning

confidence: 99%

“…The previous work focusing on mitigating LFA can be classified into two types: traffic rerouting [ 1 , 10 ] and blacklist [ 4 , 5 , 8 , 11 , 12 , 13 ]. When LFA occurs, the target links are congested continuously.…”

Section: Related Workmentioning

confidence: 99%

“…The category of blacklist involves collecting suspicious flows into a blacklist and drop packets based on this blacklist when the LFA have been detected. In [ 4 ], once the LFA are detected, the centralized traffic engineering is activated. The traffic engineer broadcasts the “block route message” to all routers.…”

Section: Related Workmentioning

confidence: 99%

“…First, the detecting step sets rules to observe flow or packet information and to judge whether LFA happen. The conventional defending LFA methodology can be classified into types of flow metric threshold [ 1 , 3 , 4 , 5 , 6 , 7 , 8 ] and traceroute packet monitoring [ 9 , 10 ]. The flow metric threshold methods determine whether LFA happen according to specific flow metrics exceeding their corresponding thresholds.…”

Section: Introductionmentioning

confidence: 99%

“…On the other hand, in [ 9 , 10 ] the authors attempt to monitor the traceroute packets, which are launched by the attacker to acquire the topology and attacks on target links. The second LFA defending step is to mitigate LFA by rerouting traffic [ 1 , 10 ] or blocking malicious traffic [ 4 , 5 , 8 , 11 , 12 , 13 ] in order to deter the attack, to relieve the harm, and to recover the attacked network to a normal status. The traffic rerouting methods reroute flows that originally travel through the target links to relieve their congestions.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

A Spatiotemporal-Oriented Deep Ensemble Learning Model to Defend Link Flooding Attacks in IoT Network

Chen

Lai

Jan

et al. 2021

Sensors

View full text Add to dashboard Cite

(1) Background: Link flooding attacks (LFA) are a spatiotemporal attack pattern of distributed denial-of-service (DDoS) that arranges bots to send low-speed traffic to backbone links and paralyze servers in the target area. (2) Problem: The traditional methods to defend against LFA are heuristic and cannot reflect the changing characteristics of LFA over time; the AI-based methods only detect the presence of LFA without considering the spatiotemporal series attack pattern and defense suggestion. (3) Methods: This study designs a deep ensemble learning model (Stacking-based integrated Convolutional neural network–Long short term memory model, SCL) to defend against LFA: (a) combining continuous network status as an input to represent “continuous/combination attacking action” and to help CNN operation to extract features of spatiotemporal attack pattern; (b) applying LSTM to periodically review the current evolved LFA patterns and drop the obsolete ones to ensure decision accuracy and confidence; (c) stacking System Detector and LFA Mitigator module instead of only one module to couple with LFA detection and mediation at the same time. (4) Results: The simulation results show that the accuracy rate of SCL successfully blocking LFA is 92.95%, which is 60.81% higher than the traditional method. (5) Outcomes: This study demonstrates the potential and suggested development trait of deep ensemble learning on network security.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A Spatiotemporal-Oriented Deep Ensemble Learning Model to Defend Link Flooding Attacks in IoT Network

Chen

Lai

Jan

et al. 2021

Sensors

View full text Add to dashboard Cite

show abstract

RETRACTED: Internet of Things security framework based on near field communication with Otway Rees protocol

Jaber

Yussof

Ali³

et al. 2022

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Internet of Things (IoT) devices are crucial in different industries because they provide high‐functioning services to the IoT network connectivity. The IoT devices collect sensitive data, which comes under potential risk while transmitting data from one location to another. The data transmission is performed using various communication protocols that give security to the data. The intermediate attacks such as jamming, collision, flooding, worm‐hole, black‐hole and so forth create several security‐related issues. These intermediate attacks affect data privacy, trust, user identity, which completely affects the IoT device performance. So, this article introduces the near field communication (NFC) protocol with the Otway Rees protocol for making the secure communication process. In IoT applications based on short‐range communication, intermediate attacker issues have been reduced by combining NFC protocol features with Otway Rees protocol features. The NFC protocol provides baseline security trustworthiness while making the communication in the IoT environment cost‐effective. IoT communication is protected while cost‐effective using the security model, ensuring data integrity and confidentiality. In addition to this, the user and servers are authenticated for every session, which provides data security. Moreover, the discussed system is implemented using the NS2 simulation tool, ensuring security and trust with minimum complexity. Even in abnormal traffic conditions, our proposed method resulted in data transmission speeds (up to 289 Kb/s), and this feature can improve processing times.

show abstract