scholarly journals Mitigation against DDoS Attacks on an IoT-Based Production Line Using Machine Learning

2021 ◽  
Vol 11 (4) ◽  
pp. 1847
Author(s):  
Ladislav Huraj ◽  
Tibor Horak ◽  
Peter Strelec ◽  
Pavol Tanuska
Keyword(s):  
Production Process ◽  
Production Line ◽  
Production Efficiency ◽  
Denial Of Service ◽  
Basic Element ◽  
Ddos Attacks ◽  
Increase Production Efficiency ◽  
Denial Of Service Attack ◽  
Service Attack ◽  
Iot Devices

Industry 4.0 collects, exchanges, and analyzes data during the production process to increase production efficiency. Internet of Things (IoT) devices are among the basic technologies used for this purpose. However, the integration of IoT technology into the industrial environment faces new security challenges that need to be addressed. This is also true for a production line. The production line is a basic element of industrial production and integrating IoT equipment allows one to streamline the production process and thus reduce costs. On the other hand, IoT integration opens the way for network cyberattacks. One possible cyberattack is the increasingly widely used distributed denial-of-service attack. This article presents a case study that demonstrates the devastating effects of a DDOS attack on a real IoT-based production line and the entire production process. The emphasis was mainly on the integration of IoT devices, which could potentially be misused to run DDoS. Next, the verification of the proposed solution is described, which proves that it is possible to use the sampled flow (sFlow) stream to detect and protect against DDoS attacks on the running production line during the production process.

scholarly journals Mathematical model on distributed denial of service attack through Internet of things in a network

2019 ◽  
Vol 8 (1) ◽  
pp. 486-495 ◽  
Author(s):  
Bimal Kumar Mishra ◽  
Ajit Kumar Keshri ◽  
Dheeresh Kumar Mallick ◽  
Binay Kumar Mishra
Keyword(s):  
Mathematical Model ◽  
Internet Of Things ◽  
Equilibrium Points ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Denial Of Service Attack ◽  
Different Types ◽  
Service Attack ◽  
Iot Devices

Abstract Internet of Things (IoT) opens up the possibility of agglomerations of different types of devices, Internet and human elements to provide extreme interconnectivity among them towards achieving a completely connected world of things. The mainstream adaptation of IoT technology and its widespread use has also opened up a whole new platform for cyber perpetrators mostly used for distributed denial of service (DDoS) attacks. In this paper, under the influence of internal and external nodes, a two - fold epidemic model is developed where attack on IoT devices is first achieved and then IoT based distributed attack of malicious objects on targeted resources in a network has been established. This model is mainly based on Mirai botnet made of IoT devices which came into the limelight with three major DDoS attacks in 2016. The model is analyzed at equilibrium points to find the conditions for their local and global stability. Impact of external nodes on the over-all model is critically analyzed. Numerical simulations are performed to validate the vitality of the model developed.

scholarly journals SlowITe, a Novel Denial of Service Attack Affecting MQTT

Sensors ◽  
2020 ◽  
Vol 20 (10) ◽  
pp. 2932
Author(s):  
Ivan Vaccari ◽  
Maurizio Aiello ◽  
Enrico Cambiaso
Keyword(s):  
Internet Of Things ◽  
Denial Of Service ◽  
The Internet ◽  
Message Queue ◽  
Plain Text ◽  
Denial Of Service Attack ◽  
Service Attack ◽  
Iot Devices ◽  
The Internet Of Things ◽  
Low Rate

Security of the Internet of Things is a crucial topic, due to the criticality of the networks and the sensitivity of exchanged data. In this paper, we target the Message Queue Telemetry Transport (MQTT) protocol used in IoT environments for communication between IoT devices. We exploit a specific weakness of MQTT which was identified during our research, allowing the client to configure the behavior of the server. In order to validate the possibility to exploit such vulnerability, we propose SlowITe, a novel low-rate denial of service attack aimed to target MQTT through low-rate techniques. We validate SlowITe against real MQTT services, considering both plain text and encrypted communications and comparing the effects of the threat when targeting different daemons. Results show that the attack is successful and it is able to exploit the identified vulnerability to lead a DoS on the victim with limited attack resources.

A Novel Approach to Develop and Deploy Preventive Measures for Different Types of DDoS Attacks

2020 ◽  
Vol 14 (2) ◽  
pp. 1-19
Author(s):  
Khundrakpam Johnson Singh ◽  
Janggunlun Haokip ◽  
Usham Sanjota Chanu
Keyword(s):  
Preventive Measures ◽  
Denial Of Service ◽  
External Environment ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
New Era ◽  
Denial Of Service Attack ◽  
Novel Approach ◽  
Different Types ◽  
Service Attack

In the new era of computers, everyone relies on the internet for basic day-to-day activities to sophisticated and secret tasks. The cyber threats are increasing, not only theft and manipulation of someone's information, but also forcing the victim to deny other requests. A DDoS (Distributed Denial of Service) attack, which is one of the serious issues in today's cyber world needs to be detected and their advance towards the server should be blocked. In the article, the authors are focusing mainly on preventive measures of different types of DDoS attacks using multiple IPtables rules and Windows firewall advance security settings configuration, which would be feasibly free on any PC. The IPtables when appropriately selected and implemented can establish a relatively secure barrier for the system and the external environment.

scholarly journals Shield Advanced Mitigation System of Distributed Denial of Service Attack in Integration of Internet of Things and Cloud Computing Environment

2019 ◽  
Vol 9 (2) ◽  
pp. 1300-1306
Keyword(s):  
Cloud Computing ◽  
Internet Of Things ◽  
Denial Of Service ◽  
Cloud Services ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Denial Of Service Attack ◽  
Ddos Attack ◽  
Service Attack ◽  
Verification Process

Cloud services among public and business companies have become popular in recent years. For production activities, many companies rely on cloud technology. Distributed Denial of Services (DDoS) attack is an extremely damaging general and critical type of cloud attacks. Several efforts have been made in recent years to identify numerous types of DDoS attacks. This paper discusses the different types of DDoS attacks and their cloud computing consequences. Distributed Denial of Service attack (DDoS) is a malicious attempt to disrupt the normal movement of a targeted server, service or network through influx of internet traffic overwhelming the target or its infrastructure. The use of multiple affected computer systems as a source of attacks makes DDoS attacks effective. Computers and other networked tools, including IoT phones, may be included on exploited machines. A DDoS attack from a high level resembles a traffic jam that is caused by roads that prevents normal travel at their desired destination. So DDoS Attack is a major challenging problem in integrated Cloud and IoT. Hence, this paper proposes Shield Advanced Mitigation System of Distributed Denial of Service Attack in the integration of Internet of Things and Cloud Computing Environment. This secure architecture use two verification process to identify whether user is legitimate or malicious. Dynamic Captcha Testing with Equal Probability test for first verification process, moreover Zigsaw Image Puzzle Test is used for second verification process, and Intrusion Detection Prevention System is used to identify and prevent malicious user, moreover reverse proxy is used to hide server location. These functional components and flow could strengthen security in Client side network to provide cloud services furthermore to overcome distributed denial of service attack in the integration of Internet of Things and Cloud Environment.

scholarly journals Multilevel Modeling of Distributed Denial of Service Attacks in Wireless Sensor Networks

2016 ◽  
Vol 2016 ◽  
pp. 1-13 ◽  
Author(s):  
Katarzyna Mazur ◽  
Bogdan Ksiezopolski ◽  
Radoslaw Nielek
Keyword(s):  
Wireless Sensor Networks ◽  
Sensor Networks ◽  
Denial Of Service ◽  
Monitoring Network ◽  
Wireless Sensor ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Denial Of Service Attack ◽  
Ddos Attack ◽  
Service Attack

The growing popularity of wireless sensor networks increases the risk of security attacks. One of the most common and dangerous types of attack that takes place these days in any electronic society is a distributed denial of service attack. Due to the resource constraint nature of mobile sensors, DDoS attacks have become a major threat to its stability. In this paper, we established a model of a structural health monitoring network, being disturbed by one of the most common types of DDoS attacks, the flooding attack. Through a set of simulations, we explore the scope of flood-based DDoS attack problem, assessing the performance and the lifetime of the network under the attack condition. To conduct our research, we utilized the Quality of Protection Modeling Language. With the proposed approach, it was possible to examine numerous network configurations, parameters, attack options, and scenarios. The results of the carefully performed multilevel analysis allowed us to identify a new kind of DDoS attack, the delayed distributed denial of service, by the authors, referred to as DDDoS attack. Multilevel approach to DDoS attack analysis confirmed that, examining endangered environments, it is significant to take into account many characteristics at once, just to not overlook any important aspect.

scholarly journals An New Efficient Cluster Based Detection Mechanisms for Distributed Denial of Services (DDoS) Attacks

2021 ◽  
Vol 15 ◽  
pp. 147-152
Author(s):  
K. Saravanan ◽  
R. Asokan
Keyword(s):  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Host System ◽  
Denial Of Service Attack ◽  
Cluster Aggregation ◽  
The Core ◽  
Service Attack ◽  
Detection Mechanisms ◽  
Statistical Anomaly Detection

Cluster aggregation of statistical anomaly detection is a mechanism for defending against denial of service attack (dos) and distributed denial-of-service (DDoS) attacks. DDoS attacks are treated as a congestioncontrol problem; because most of the congestion is occurred in the malicious hosts not follow the normal endto- end congestion control. Upstream routers are also notified to drop such packets in order that the router’s resources are used to route legitimate traffic hence term cluster aggregation. If the victim suspects that the cluster aggregations are solved by most of the clients, it increases the complexity of the cluster aggregation. This aggregation solving technique allows the traversal of the attack traffic throughout the intermediate routers before reaching the destination. In this proposal, the aggregation solving mechanism is cluster aggregation to the core routers rather than having at the victim. The router based cluster aggregation mechanism checks the host system whether it is legitimate or not by providing a aggregation to be solved by the suspected host.

scholarly journals CoLL-IoT: A Collaborative Intruder Detection System for Internet of Things Devices

Electronics ◽  
2021 ◽  
Vol 10 (7) ◽  
pp. 848
Author(s):  
Hani Mohammed Alshahrani
Keyword(s):  
Internet Of Things ◽  
Detection System ◽  
Fog Computing ◽  
Denial Of Service ◽  
Sybil Attack ◽  
Replay Attack ◽  
Denial Of Service Attack ◽  
Intruder Detection ◽  
Service Attack ◽  
Iot Devices

The Internet of Things (IoT) and its applications are becoming popular among many users nowadays, as it makes their life easier. Because of its popularity, attacks that target these devices have increased dramatically, which might cause the entire system to be unavailable. Some of these attacks are denial of service attack, sybil attack, man in the middle attack, and replay attack. Therefore, as the attacks have increased, the detection solutions to detect malware in the IoT have also increased. Most of the current solutions often have very serious limitations, and malware is becoming more apt in taking advantage of them. Therefore, it is important to develop a tool to overcome the existing limitations of current detection systems. This paper presents CoLL-IoT, a CoLLaborative intruder detection system that detects malicious activities in IoT devices. CoLL-IoT consists of the following four main layers: IoT layer, network layer, fog layer, and cloud layer. All of the layers work collaboratively by monitoring and analyzing all of the network traffic generated and received by IoT devices. CoLL-IoT brings the detection system close to the IoT devices by taking the advantage of edge computing and fog computing paradigms. The proposed system was evaluated on the UNSW-NB15 dataset that has more than 175,000 records and achieved an accuracy of up to 98% with low type II error rate of 0.01. The evaluation results showed that CoLL-IoT outperformed the other existing tools, such as Dendron, which was also evaluated on the UNSW-NB15 dataset.

scholarly journals Optimal software-defined network topology for distributed denial of service attack mitigation

2020 ◽  
Vol 9 (6) ◽  
pp. 2588-2594
Author(s):  
Branislav Mladenov ◽  
Georgi Iliev
Keyword(s):  
Network Topology ◽  
Network Architecture ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Denial Of Service Attack ◽  
Optimal Network ◽  
Service Attack ◽  
Network Topologies ◽  
Sdn Controller

Distributed denial of service (DDoS) attacks are a major threat to all internet services. The main goal is to disrupt normal traffic and overwhelms the target. Software-defined networking (SDN) is a new type of network architecture where control and data plane are separated. A successful attack may block the SDN controller which may stop processing the new request and will lead to a total disruption of the whole network. The main goal of this paper is to find the optimal network topology and size which can handle Distributed denial of service attack without management channel bandwidth exhaustion or run out of SDN controller CPU and memory. Through simulations, it is shown that mesh topologies with more connections between switches are more resistant to DDoS attacks than liner type network topologies. 

Sign in / Sign up

Export Citation Format

Share Document