Countermeasures against large-scale reflection DDoS attacks using exploit IoT devices

We now use the Internet of things (IoT) in our everyday lives. The novel IoT devices collect cyber–physical data and provide information on the environment. Hence, IoT traffic will count for a major part of Internet traffic; however, its impact on the network is still widely unknown. IoT devices are prone to cyberattacks because of constrained resources or misconfigurations. It is essential to characterize IoT traffic and identify each device to monitor the IoT network and discriminate among legitimate and anomalous IoT traffic. In this study, we deployed a smart-home testbed comprising several IoT devices to study IoT traffic. We performed extensive measurement experiments using a novel IoT traffic generator tool called IoTTGen. This tool can generate traffic from multiple devices, emulating large-scale scenarios with different devices under different network conditions. We analyzed the IoT traffic properties by computing the entropy value of traffic parameters and visually observing the traffic on behavior shape graphs. We propose a new method for identifying traffic entropy-based devices, computing the entropy values of traffic features. The method relies on machine learning to classify the traffic. The proposed method succeeded in identifying devices with a performance accuracy up to 94% and is robust with unpredictable network behavior with traffic anomalies spreading in the network.

Download Full-text

SpecTalk: Conforming IoT Implementations to Sensor Specifications

Sensors ◽

10.3390/s21165260 ◽

2021 ◽

Vol 21 (16) ◽

pp. 5260

Author(s):

Yi-Bing Lin ◽

Sheng-Lin Chou

Keyword(s):

Large Scale ◽

Application Programming Interface ◽

Signal Frequency ◽

Visual Test ◽

Gray Area ◽

Control Signals ◽

Information And Communication ◽

Monitoring Camera ◽

Self Test ◽

Iot Devices

Due to the fast evolution of Sensor and Internet of Things (IoT) technologies, several large-scale smart city applications have been commercially developed in recent years. In these developments, the contracts are often disputed in the acceptance due to the fact that the contract specification is not clear, resulting in a great deal of discussion of the gray area. Such disputes often occur in the acceptance processes of smart buildings, mainly because most intelligent building systems are expensive and the operations of the sub-systems are very complex. This paper proposes SpecTalk, a platform that automatically generates the code to conform IoT applications to the Taiwan Association of Information and Communication Standards (TAICS) specifications. SpecTalk generates a program to accommodate the application programming interface of the IoT devices under test (DUTs). Then, the devices can be tested by SpecTalk following the TAICS data formats. We describe three types of tests: self-test, mutual-test, and visual test. A self-test involves the sensors and the actuators of the same DUT. A mutual-test involves the sensors and the actuators of different DUTs. A visual-test uses a monitoring camera to investigate the actuators of multiple DUTs. We conducted these types of tests in commercially deployed applications of smart campus constructions. Our experiments in the tests proved that SpecTalk is feasible and can effectively conform IoT implementations to TACIS specifications. We also propose a simple analytic model to select the frequency of the control signals for the input patterns in a SpecTalk test. Our study indicates that it is appropriate to select the control signal frequency, such that the inter-arrival time between two control signals is larger than 10 times the activation delay of the DUT.

Download Full-text

A Proximal Algorithm for Fork-Choice in Distributed Ledger Technology for Context-Based Clustering on Edge Computing

Engineering Proceedings ◽

10.3390/ecsa-7-08261 ◽

2020 ◽

Vol 2 (1) ◽

pp. 92

Author(s):

Rahim Rahmani ◽

Ramin Firouzi ◽

Sachiko Lim ◽

Mahbub Alam

Keyword(s):

Large Scale ◽

Cluster Head ◽

Edge Computing ◽

Computing Technology ◽

Proximal Algorithm ◽

Data Intensive ◽

Distributed Ledger ◽

Smart Contract ◽

Distributed Ledger Technology ◽

Iot Devices

The major challenges of operating data-intensive of Distributed Ledger Technology (DLT) are (1) to reach consensus on the main chain as a set of validators cast public votes to decide on which blocks to finalize and (2) scalability on how to increase the number of chains which will be running in parallel. In this paper, we introduce a new proximal algorithm that scales DLT in a large-scale Internet of Things (IoT) devices network. We discuss how the algorithm benefits the integrating DLT in IoT by using edge computing technology, taking the scalability and heterogeneous capability of IoT devices into consideration. IoT devices are clustered dynamically into groups based on proximity context information. A cluster head is used to bridge the IoT devices with the DLT network where a smart contract is deployed. In this way, the security of the IoT is improved and the scalability and latency are solved. We elaborate on our mechanism and discuss issues that should be considered and implemented when using the proposed algorithm, we even show how it behaves with varying parameters like latency or when clustering.

Download Full-text

Detection of DDOS attacks in distributed peer to peer networks

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.7.12227 ◽

2018 ◽

Vol 7 (2.7) ◽

pp. 1051

Author(s):

Gera Jaideep ◽

Bhanu Prakash Battula

Keyword(s):

High Risk ◽

Large Scale ◽

Peer To Peer ◽

P2p Network ◽

Ddos Attacks ◽

P2p Networks ◽

Distributed Environment ◽

Trace Back ◽

Peer To Peer Networks ◽

Direct Attack

Peer to Peer (P2P) network in the real world is a class of systems that are made up of thousands of nodes in distributed environments. The nodes are decentralized in nature. P2P networks are widely used for sharing resources and information with ease. Gnutella is one of the well known examples for such network. Since these networks spread across the globe with large scale deployment of nodes, adversaries use them as a vehicle to launch DDoS attacks. P2P networks are exploited to make attacks over hosts that provide critical services to large number of clients across the globe. As the attacker does not make a direct attack it is hard to detect such attacks and considered to be high risk threat to Internet based applications. Many techniques came into existence to defeat such attacks. Still, it is an open problem to be addressed as the flooding-based DDoS is difficult to handle as huge number of nodes are compromised to make attack and source address spoofing is employed. In this paper, we proposed a framework to identify and secure P2P communications from a DDoS attacks in distributed environment. Time-to-Live value and distance between source and victim are considered in the proposed framework. A special agent is used to handle information about nodes, their capacity, and bandwidth for efficient trace back. A Simulation study has been made using NS2 and the experimental results reveal the significance of the proposed framework in defending P2P network and target hosts from high risk DDoS attacks.

Download Full-text

Mathematical model on distributed denial of service attack through Internet of things in a network

Nonlinear Engineering ◽

10.1515/nleng-2017-0094 ◽

2019 ◽

Vol 8 (1) ◽

pp. 486-495 ◽

Cited By ~ 3

Author(s):

Bimal Kumar Mishra ◽

Ajit Kumar Keshri ◽

Dheeresh Kumar Mallick ◽

Binay Kumar Mishra

Keyword(s):

Mathematical Model ◽

Internet Of Things ◽

Equilibrium Points ◽

Denial Of Service ◽

Distributed Denial Of Service ◽

Ddos Attacks ◽

Denial Of Service Attack ◽

Different Types ◽

Service Attack ◽

Iot Devices

Abstract Internet of Things (IoT) opens up the possibility of agglomerations of different types of devices, Internet and human elements to provide extreme interconnectivity among them towards achieving a completely connected world of things. The mainstream adaptation of IoT technology and its widespread use has also opened up a whole new platform for cyber perpetrators mostly used for distributed denial of service (DDoS) attacks. In this paper, under the influence of internal and external nodes, a two - fold epidemic model is developed where attack on IoT devices is first achieved and then IoT based distributed attack of malicious objects on targeted resources in a network has been established. This model is mainly based on Mirai botnet made of IoT devices which came into the limelight with three major DDoS attacks in 2016. The model is analyzed at equilibrium points to find the conditions for their local and global stability. Impact of external nodes on the over-all model is critically analyzed. Numerical simulations are performed to validate the vitality of the model developed.

Download Full-text

DDoS Detection on Internet of Things using Unsupervised Algorithms

E3S Web of Conferences ◽

10.1051/e3sconf/202129701005 ◽

2021 ◽

Vol 297 ◽

pp. 01005

Author(s):

Hailyie Tekleselassie

Keyword(s):

Learning Algorithms ◽

Classification Performance ◽

Machine Learning Algorithms ◽

Transport Layer ◽

Accuracy Score ◽

Ddos Attacks ◽

Knowledge Based ◽

Ddos Detection ◽

Iot Devices ◽

Unsupervised Algorithms

Through the growth of the fifth-generation networks and artificial intelligence technologies, new threats and challenges have appeared to wireless communication system, especially in cybersecurity. And IoT networks are gradually attractive stages for introduction of DDoS attacks due to integral frailer security and resource-constrained nature of IoT devices. This paper emphases on detecting DDoS attack in wireless networks by categorizing inward network packets on the transport layer as either “abnormal” or “normal” using the integration of machine learning algorithms knowledge-based system. In this paper, deep learning algorithms and CNN were autonomously trained for mitigating DDoS attacks. This paper lays importance on misuse based DDOS attacks which comprise TCP SYN-Flood and ICMP flood. The researcher uses CICIDS2017 and NSL-KDD dataset in training and testing the algorithms (model) while the experimentation phase. accuracy score is used to measure the classification performance of the four algorithms. the results display that the 99.93 performance is recorded.

Download Full-text

AntibIoTic: Protecting IoT Devices Against DDoS Attacks

Advances in Intelligent Systems and Computing - Proceedings of 5th International Conference in Software Engineering for Defence Applications ◽

10.1007/978-3-319-70578-1_7 ◽

2018 ◽

pp. 59-72 ◽

Cited By ~ 3

Author(s):

Michele De Donno ◽

Nicola Dragoni ◽

Alberto Giaretta ◽

Manuel Mazzara

Keyword(s):

Ddos Attacks ◽

Iot Devices

Download Full-text

Transcriptional Regulatory Network Topology with Applications to Bio-inspired Networking: A Survey

ACM Computing Surveys ◽

10.1145/3468266 ◽

2022 ◽

Vol 54 (8) ◽

pp. 1-36

Author(s):

Satyaki Roy ◽

Preetam Ghosh ◽

Nirnay Ghosh ◽

Sajal K. Das

Keyword(s):

Communication Networks ◽

Biological Networks ◽

Regulatory Network ◽

Large Scale ◽

Data Transfer ◽

Transcriptional Regulatory Network ◽

Future Research ◽

Transcriptional Regulatory ◽

Iot Devices ◽

Networking Protocols

The advent of the edge computing network paradigm places the computational and storage resources away from the data centers and closer to the edge of the network largely comprising the heterogeneous IoT devices collecting huge volumes of data. This paradigm has led to considerable improvement in network latency and bandwidth usage over the traditional cloud-centric paradigm. However, the next generation networks continue to be stymied by their inability to achieve adaptive, energy-efficient, timely data transfer in a dynamic and failure-prone environment—the very optimization challenges that are dealt with by biological networks as a consequence of millions of years of evolution. The transcriptional regulatory network (TRN) is a biological network whose innate topological robustness is a function of its underlying graph topology. In this article, we survey these properties of TRN and the metrics derived therefrom that lend themselves to the design of smart networking protocols and architectures. We then review a body of literature on bio-inspired networking solutions that leverage the stated properties of TRN. Finally, we present a vision for specific aspects of TRNs that may inspire future research directions in the fields of large-scale social and communication networks.

Download Full-text

Security in IoT Devices

Research Anthology on Combating Denial-of-Service Attacks ◽

10.4018/978-1-7998-5348-0.ch017 ◽

2021 ◽

pp. 312-327

Author(s):

N. JEYANTHI ◽

Shreyansh Banthia ◽

Akhil Sharma

Keyword(s):

Internet Of Things ◽

The Internet ◽

Ddos Attacks ◽

General Survey ◽

Internet Infrastructure ◽

Ddos Attack ◽

Comprehensive View ◽

Iot Devices

An attempt to do a comparison between the various DDoS attack types that exist by analysing them in various categories that can be formed, to provide a more comprehensive view of the problem that DDoS poses to the internet infrastructure today. Then DDoS and its relevance with respect to IoT (Internet of Things) devices are analysed where attack types have been explained and possible solutions available are analysed. This chapter does not propose any new solutions to mitigating the effects of DDoS attacks but just provides a general survey of the prevailing attack types along with analysis of the underlying structures that make these attacks possible, which would help researchers in understanding the DDoS problem better.

Download Full-text

Distributed Fusion of Sensor Data in a Constrained Wireless Network

Sensors ◽

10.3390/s19051006 ◽

2019 ◽

Vol 19 (5) ◽

pp. 1006 ◽

Cited By ~ 1

Author(s):

Charikleia Papatsimpa ◽

Jean-Paul Linnartz

Keyword(s):

Large Scale ◽

Sensor Nodes ◽

Sensor Data ◽

A Posteriori ◽

Likelihood Ratios ◽

Process Data ◽

Local Data ◽

Fusion Algorithm ◽

Distributed Information ◽

Iot Devices

Smart buildings with connected lighting and sensors are likely to become one of the first large-scale applications of the Internet of Things (IoT). However, as the number of interconnected IoT devices is expected to rise exponentially, the amount of collected data will be enormous but highly redundant. Devices will be required to pre-process data locally or at least in their vicinity. Thus, local data fusion, subject to constraint communications will become necessary. In that sense, distributed architectures will become increasingly unavoidable. Anticipating this trend, this paper addresses the problem of presence detection in a building as a distributed sensing of a hidden Markov model (DS-HMM) with limitations on the communication. The key idea in our work is the use of a posteriori probabilities or likelihood ratios (LR) as an appropriate “interface” between heterogeneous sensors with different error profiles. We propose an efficient transmission policy, jointly with a fusion algorithm, to merge data from various HMMs running separately on all sensor nodes but with all the models observing the same Markovian process. To test the feasibility of our DS-HMM concept, a simple proof-of-concept prototype was used in a typical office environment. The experimental results show full functionality and validate the benefits. Our proposed scheme achieved high accuracy while reducing the communication requirements. The concept of DS-HMM and a posteriori probabilities as an interface is suitable for many other applications for distributed information fusion in wireless sensor networks.

Download Full-text