Poster Abstract: Real-Time DDoS Detection Based on Complex Event Processing for IoT

Cardoso, Adeilson Marques da Silva; Lopes, Regina Lúcia Mendonça; Teles, Ariel Soares; Magalhães, Fernando B. V.

doi:10.1109/iotdi.2018.00036

Cited by 20 publications

(23 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The IDS studies [5,[19][20][21][22][23][24][25][26][27] also have proposed attack detection based on Raspberry Pi. In the work of [18], the anomaly-based detection method was proposed by capturing the previous traffic patterns asbenign data for attack detection system construction.…”

Section: Raspberry Pi-based Idsmentioning

confidence: 99%

“…In the work of [18], the anomaly-based detection method was proposed by capturing the previous traffic patterns asbenign data for attack detection system construction. The work of [21] has implemented a real-time DDoS detection architecture using the complex event processing (CEP) algorithm, and it allowed for real-time analysis of continuous data-streams. Some other studies [14,20,23] have used public IDSs, such as Snort and Bro, to implement the detection system on Raspberry Pi.…”

Section: Raspberry Pi-based Idsmentioning

confidence: 99%

See 1 more Smart Citation

Towards a Lightweight Detection System for Cyber Attacks in the IoT Environment Using Corresponding Features

et al. 2020

View full text Add to dashboard Cite

The application of a large number of Internet of Things (IoT) devices makes our life more convenient and industries more efficient. However, it also makes cyber-attacks much easier to occur because so many IoT devices are deployed and most of them do not have enough resources (i.e., computation and storage capacity) to carry out ordinary intrusion detection systems (IDSs). In this study, a lightweight machine learning-based IDS using a new feature selection algorithm is designed and implemented on Raspberry Pi, and its performance is verified using a public dataset collected from an IoT environment. To make the system lightweight, we propose a new algorithm for feature selection, called the correlated-set thresholding on gain-ratio (CST-GR) algorithm, to select really necessary features. Because the feature selection is conducted on three specific kinds of cyber-attacks, the number of selected features can be significantly reduced, which makes the classifiers very small and fast. Thus, our detection system is lightweight enough to be implemented and carried out in a Raspberry Pi system. More importantly, as the really necessary features corresponding to each kind of attack are exploited, good detection performance can be expected. The performance of our proposal is examined in detail with different machine learning algorithms, in order to learn which of them is the best option for our system. The experiment results indicate that the new feature selection algorithm can select only very few features for each kind of attack. Thus, the detection system is lightweight enough to be implemented in the Raspberry Pi environment with almost no sacrifice on detection performance.

show abstract

Section: Raspberry Pi-based Idsmentioning

confidence: 99%

Section: Raspberry Pi-based Idsmentioning

confidence: 99%

Towards a Lightweight Detection System for Cyber Attacks in the IoT Environment Using Corresponding Features

et al. 2020

View full text Add to dashboard Cite

show abstract

“…The authors in [13] proposed a Distributed Denial of Service (DDoS) detection system and evaluated its performance on the Raspberry Pi platform. Their results show that the system detects DDoS attacks in IoT environments, but the scenario they use does not represent a real scenario.…”

Section: Related Workmentioning

confidence: 99%

“…From a carefully analysis of these works, we observe critical issues on them when applied to IoT networks, such as either they are so generic or so specific. For instance, the work [13] presents a solution to the big class of DDoS attacks, resulting in high false positive and false negative rates. Another example is the work [8], where a solution is presented specifically to a WSN medical IoT.…”

Section: Related Workmentioning

confidence: 99%

“…The neighbors number is computed through the control messages received by the node. After knowing the number of neighbors, nodes broadcast such information to their neighboring nodes (l. [10][11][12][13][14][15][16][17][18][19] to run the leader election. For that, the node with the largest number of neighbors is chosen as the leader node, and its category is changed to leader (l. [20][21][22].…”

Section: The Thatachi Idsmentioning

confidence: 99%

See 1 more Smart Citation

Clustering and reliability-driven mitigation of routing attacks in massive IoT systems

Santos

Cervantes

Nogueira

et al. 2019

J Internet Serv Appl

View full text Add to dashboard Cite

As an integral component of the 5G communications, the massive Internet of Things (IoT) are vulnerable to various routing attacks due to their dynamic infrastructure, distinct computing resources, and heterogeneity of mobile objects. The sinkhole and selective forwarding attacks stand out among the most destructive ones for infrastructureless networks. Despite the countermeasures introduced by legacy intrusion detection systems (IDS), the massive IoT seeks novel solutions to address their unique requirements. This paper introduces DeTection of SinkHole And SelecTive ForwArding for Supporting SeCure routing for Internet of THIngs (THATACHI), a new IDS against sinkhole and selective forwarding attacks that target routing mechanism in massive and mobile IoT networks. To cope with the density and mobility challenges in the detection of attackers and ensuring reliability, THATACHI exploits watchdog, reputation and trust strategies. Our performance evaluation under an urban scenario shows that THATACHI can perform with a 99% detection rate, 6% of false negative and false positive rates. Moreover, when compared to its closest predecessor against sinkhole attacks for IoT, THATACHI runs with at least 50% less energy consumption.

show abstract

A Detailed Review on Security Issues in Layered Architectures and Distributed Denial Service of Attacks Over IoT Environment

Ganesarathinam,

Singaravelu,

Padma Pooja

2022

Cyber‐Physical Systems

View full text Add to dashboard Cite

Poster Abstract: Real-Time DDoS Detection Based on Complex Event Processing for IoT

Cited by 20 publications

References 4 publications

Towards a Lightweight Detection System for Cyber Attacks in the IoT Environment Using Corresponding Features

Towards a Lightweight Detection System for Cyber Attacks in the IoT Environment Using Corresponding Features

Clustering and reliability-driven mitigation of routing attacks in massive IoT systems

A Detailed Review on Security Issues in Layered Architectures and Distributed Denial Service of Attacks Over IoT Environment

Contact Info

Product

Resources

About