Traffic flow features as metrics (TFFM): detection of application layer level DDOS attack scope of IOT traffic flows

The concept of IoT (Internet of Things) assumes a continuous increase in the number of devices, which raises the problem of classifying them for different purposes. Based on their semantic characteristics, meaning, functionality or domain of usage, the system classes have been identified so far. This research purpose is to identify devices classes based on traffic flow characteristics such as the coefficient of variation of the received and sent data ratio. Such specified classes can combine devices based on behavior predictability and can serve as the basis for the creation of network management or network anomaly detection classification models. Four generic classes of IoT devices where defined by using the classification of the coefficient of variation method.

Download Full-text

Novel Classification of IoT Devices Based on Traffic Flow Features

Journal of Organizational and End User Computing ◽

10.4018/joeuc.20211101.oa12 ◽

2021 ◽

Vol 33 (6) ◽

pp. 1-20

Author(s):

Ivan Cvitić ◽

Dragan Peraković ◽

Marko Periša ◽

Mirjana D. Stojanović

Keyword(s):

Traffic Flow ◽

Coefficient Of Variation ◽

Flow Characteristics ◽

Variation Method ◽

Continuous Increase ◽

Flow Features ◽

Traffic Flow Characteristics ◽

Iot Devices ◽

Network Anomaly Detection

The concept of IoT (Internet of Things) assumes a continuous increase in the number of devices, which raises the problem of classifying them for different purposes. Based on their semantic characteristics, meaning, functionality or domain of usage, the system classes have been identified so far. This research purpose is to identify devices classes based on traffic flow characteristics such as the coefficient of variation of the received and sent data ratio. Such specified classes can combine devices based on behavior predictability and can serve as the basis for the creation of network management or network anomaly detection classification models. Four generic classes of IoT devices where defined by using the classification of the coefficient of variation method.

Download Full-text

An Investigation into the Application of Deep Learning in the Detection and Mitigation of DDOS Attack on SDN Controllers

Technologies ◽

10.3390/technologies9010014 ◽

2021 ◽

Vol 9 (1) ◽

pp. 14

Author(s):

James Dzisi Gadze ◽

Akua Acheampomaa Bamfo-Asante ◽

Justice Owusu Agyemang ◽

Henry Nunoo-Mensah ◽

Kwasi Adu-Boahen Opare

Keyword(s):

Deep Learning ◽

Network Architecture ◽

Learning Algorithm ◽

Single Point ◽

Denial Of Service ◽

Specific Work ◽

Learning Models ◽

Ddos Attack ◽

Deep Learning Algorithm ◽

Proposed Model

Software-Defined Networking (SDN) is a new paradigm that revolutionizes the idea of a software-driven network through the separation of control and data planes. It addresses the problems of traditional network architecture. Nevertheless, this brilliant architecture is exposed to several security threats, e.g., the distributed denial of service (DDoS) attack, which is hard to contain in such software-based networks. The concept of a centralized controller in SDN makes it a single point of attack as well as a single point of failure. In this paper, deep learning-based models, long-short term memory (LSTM) and convolutional neural network (CNN), are investigated. It illustrates their possibility and efficiency in being used in detecting and mitigating DDoS attack. The paper focuses on TCP, UDP, and ICMP flood attacks that target the controller. The performance of the models was evaluated based on the accuracy, recall, and true negative rate. We compared the performance of the deep learning models with classical machine learning models. We further provide details on the time taken to detect and mitigate the attack. Our results show that RNN LSTM is a viable deep learning algorithm that can be applied in the detection and mitigation of DDoS in the SDN controller. Our proposed model produced an accuracy of 89.63%, which outperformed linear-based models such as SVM (86.85%) and Naive Bayes (82.61%). Although KNN, which is a linear-based model, outperformed our proposed model (achieving an accuracy of 99.4%), our proposed model provides a good trade-off between precision and recall, which makes it suitable for DDoS classification. In addition, it was realized that the split ratio of the training and testing datasets can give different results in the performance of a deep learning algorithm used in a specific work. The model achieved the best performance when a split of 70/30 was used in comparison to 80/20 and 60/40 split ratios.

Download Full-text

Misactivation detection and user identification in smart home speakers using traffic flow features

Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks ◽

10.1145/3448300.3468289 ◽

2021 ◽

Author(s):

Batyr Charyyev ◽

Mehmet Hadi Gunes

Keyword(s):

Traffic Flow ◽

Smart Home ◽

User Identification ◽

Flow Features

Download Full-text

TripRes

ACM Transactions on Multimedia Computing Communications and Applications ◽

10.1145/3401979 ◽

2021 ◽

Vol 17 (2) ◽

pp. 1-21

Author(s):

Xiaolong Xu ◽

Zijie Fang ◽

Lianyong Qi ◽

Xuyun Zhang ◽

Qiang He ◽

...

Keyword(s):

Traffic Flow ◽

Discrete Distribution ◽

Resource Provisioning ◽

Path Selection ◽

Urban Traffic ◽

Traffic Flows ◽

Multimedia Services ◽

Traffic Flow Prediction ◽

The City ◽

Multimedia Surveillance

The Internet of Vehicles (IoV) connects vehicles, roadside units (RSUs) and other intelligent objects, enabling data sharing among them, thereby improving the efficiency of urban traffic and safety. Currently, collections of multimedia content, generated by multimedia surveillance equipment, vehicles, and so on, are transmitted to edge servers for implementation, because edge computing is a formidable paradigm for accommodating multimedia services with low-latency resource provisioning. However, the uneven or discrete distribution of the traffic flow covered by edge servers negatively affects the service performance (e.g., overload and underload) of edge servers in multimedia IoV systems. Therefore, how to accurately schedule and dynamically reserve proper numbers of resources for multimedia services in edge servers is still challenging. To address this challenge, a traffic flow prediction driven resource reservation method, called TripRes, is developed in this article. Specifically, the city map is divided into different regions, and the edge servers in a region are treated as a “big edge server” to simplify the complex distribution of edge servers. Then, future traffic flows are predicted using the deep spatiotemporal residual network (ST-ResNet), and future traffic flows are used to estimate the amount of multimedia services each region needs to offload to the edge servers. With the number of services to be offloaded in each region, their offloading destinations are determined through latency-sensitive transmission path selection. Finally, the performance of TripRes is evaluated using real-world big data with over 100M multimedia surveillance records from RSUs in Nanjing China.

Download Full-text

IMSC-EIoTD: Identity Management and Secure Communication for Edge IoT Devices

Sensors ◽

10.3390/s20226546 ◽

2020 ◽

Vol 20 (22) ◽

pp. 6546

Author(s):

Kazi Masum Sadique ◽

Rahim Rahmani ◽

Paul Johannesson

Keyword(s):

Secure Communication ◽

Identity Management ◽

Security Protocols ◽

Spin Model ◽

The Internet ◽

Human Society ◽

Proposed Model ◽

Authentication And Authorization ◽

Quality Of Living ◽

Iot Devices

The Internet of things (IoT) will accommodate several billions of devices to the Internet to enhance human society as well as to improve the quality of living. A huge number of sensors, actuators, gateways, servers, and related end-user applications will be connected to the Internet. All these entities require identities to communicate with each other. The communicating devices may have mobility and currently, the only main identity solution is IP based identity management which is not suitable for the authentication and authorization of the heterogeneous IoT devices. Sometimes devices and applications need to communicate in real-time to make decisions within very short times. Most of the recently proposed solutions for identity management are cloud-based. Those cloud-based identity management solutions are not feasible for heterogeneous IoT devices. In this paper, we have proposed an edge-fog based decentralized identity management and authentication solution for IoT devices (IoTD) and edge IoT gateways (EIoTG). We have also presented a secure communication protocol for communication between edge IoT devices and edge IoT gateways. The proposed security protocols are verified using Scyther formal verification tool, which is a popular tool for automated verification of security protocols. The proposed model is specified using the PROMELA language. SPIN model checker is used to confirm the specification of the proposed model. The results show different message flows without any error.

Download Full-text

Investigation on Evaluation of Terminal Departure Capacity Based on Route Intersection

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.655-657.2262 ◽

2013 ◽

Vol 655-657 ◽

pp. 2262-2265

Author(s):

Jian Guo Kong

Keyword(s):

Mathematical Model ◽

Traffic Flow ◽

Air Traffic ◽

Flow Management ◽

Air Traffic Flow Management ◽

Flight Data ◽

Proposed Model ◽

Combining Data ◽

Traffic Flow Management ◽

Airport Terminal

Air traffic flow management is the key to evaluate airspace capacity reasonably and accurately. Based on the flight features of terminal route intersection, this paper builds a mathematical model for scattered flight of departure aircraft, and then evaluates the terminal capacity based on this model. By combining data from Flight Data Recorder (FDR) and flight schedule with the model, an example-runway 02R of Guangzhou Baiyun airport terminal was given to show the effectiveness of the proposed model.

Download Full-text

FEATURES OF MOLECULAR ANALYSIS AS A REAL-TIME INTERNET SERVICE

Электросвязь ◽

10.34832/elsv.2021.24.11.002 ◽

2021 ◽

Author(s):

М.В. ЗАХАРОВ

Keyword(s):

Traffic Flow ◽

Simulation Modeling ◽

General Purpose ◽

Service Delivery Model ◽

State University ◽

Network Delay ◽

Software Environment ◽

Internet Service ◽

Saint Petersburg ◽

Proposed Model

Приведен обзор особенностей применения портативныхNIR спектрометров общего назначения, используемых для анализа состава продуктов питания и лекарственных средств. Представлена модель агрегированного потока сетевого трафика от нескольких спектрометров и модель предоставления услуги, обеспечивающая снижение сетевой задержки и объема передаваемых данных. Рассмотрен метод построения сети на основе граничных вычислений для снижения сетевой задержки. Для проверки предложенной модели и метода проведено имитационное моделирование в среде AnyLogic. The Bonch-Bruevich Saint-Petersburg State University of Telecommunications The article provides an overview of the features of the use of portable general-purpose NIR spectrometers to analyze the composition of food or medicines. A model of the aggregated network traffic flow of several spectrometers and a service delivery model, which provides the reduction of network delay and amount of transmitted data, are presented. A method of constructing a network based on edge computing for reduction of network delay is considered. To verify the proposed model and method simulation modeling was carried out in the software environment AnyLogic.

Download Full-text

Survey on DDoS Attacks and Defense Mechanisms in Cloud and Fog Computing

International Journal of E-Services and Mobile Applications ◽

10.4018/ijesma.2018070104 ◽

2018 ◽

Vol 10 (3) ◽

pp. 61-83 ◽

Cited By ~ 10

Author(s):

Deepali Chaudhary ◽

Kriti Bhushan ◽

B.B. Gupta

Keyword(s):

Cloud Computing ◽

Defense Mechanisms ◽

Low Cost ◽

Fog Computing ◽

Smart Devices ◽

Cloud Environment ◽

Security Issue ◽

Process Data ◽

Ddos Attack ◽

Iot Devices

This article describes how cloud computing has emerged as a strong competitor against traditional IT platforms by offering low-cost and “pay-as-you-go” computing potential and on-demand provisioning of services. Governments, as well as organizations, have migrated their entire or most of the IT infrastructure to the cloud. With the emergence of IoT devices and big data, the amount of data forwarded to the cloud has increased to a huge extent. Therefore, the paradigm of cloud computing is no longer sufficient. Furthermore, with the growth of demand for IoT solutions in organizations, it has become essential to process data quickly, substantially and on-site. Hence, Fog computing is introduced to overcome these drawbacks of cloud computing by bringing intelligence to the edge of the network using smart devices. One major security issue related to the cloud is the DDoS attack. This article discusses in detail about the DDoS attack, cloud computing, fog computing, how DDoS affect cloud environment and how fog computing can be used in a cloud environment to solve a variety of problems.

Download Full-text

An extended optimal velocity difference model in a cooperative driving system

International Journal of Modern Physics C ◽

10.1142/s0129183115500540 ◽

2015 ◽

Vol 26 (05) ◽

pp. 1550054

Author(s):

Jinliang Cao ◽

Zhongke Shi ◽

Jie Zhou

Keyword(s):

Traffic Flow ◽

Linear Stability Theory ◽

Difference Model ◽

Optimal Velocity ◽

Driving System ◽

Cooperative Driving ◽

Proposed Model ◽

De Vries ◽

The Stability ◽

Theoretical Results

An extended optimal velocity (OV) difference model is proposed in a cooperative driving system by considering multiple OV differences. The stability condition of the proposed model is obtained by applying the linear stability theory. The results show that the increase in number of cars that precede and their OV differences lead to the more stable traffic flow. The Burgers, Korteweg–de Vries (KdV) and modified Korteweg–de Vries (mKdV) equations are derived to describe the density waves in the stable, metastable and unstable regions, respectively. To verify these theoretical results, the numerical simulation is carried out. The theoretical and numerical results show that the stabilization of traffic flow is enhanced by considering multiple OV differences. The traffic jams can be suppressed by taking more information of cars ahead.

Download Full-text