Distributed Denial of Service Attack in the Internet of Things
Keywords:
IoT, DDoS, attack detection, security, mitigation techniquesAbstract
The Internet of Things (IoT) connects intelligent devices without human intervention, enabling applications like smart homes and healthcare. However, its rapid expansion introduces significant security challenges, particularly in the form of Distributed Denial of Service (DDoS) attacks. These attacks exploit IoT devices to flood networks, disrupting services and compromising availability. Due to their distributed nature, DDoS attacks are difficult to detect and mitigate, making them a critical research focus. This paper provides a comprehensive analysis of DDoS attacks in IoT, covering their mechanisms, types (e.g., SYN flood, UDP flood), and vulnerabilities in IoT ecosystems. Additionally, it reviews detection and mitigation techniques, including artificial intelligence, blockchain, and machine learning, and proposes a hybrid AI-blockchain framework for enhanced defense. The study highlights current gaps and outlines future directions for securing IoT networks against evolving DDoS threats.
References
M. Aamir and M. A. Zaidi, "A survey on DDoS attack and defense strategies: From traditional schemes to current techniques," Interdisciplinary Information Sciences, vol. 19, no. 2, pp. 173–200, 2013. DOI: 10.4036/iis.2013.173.
M. E. Ahmed and H. Kim, "DDoS attack mitigation in Internet of Things using software defined networking," in Proc. IEEE Int. Conf. Big Data Comput. Serv. (BigDataService), 2017, pp. 271–276. DOI: 10.1109/BigDataService.2017.41.
M. H. Ali et al., "Threat analysis and distributed denial of service (DDoS) attack recognition in the Internet of Things (IoT)," Electronics, vol. 11, no. 3, p. 494, 2022. DOI: 10.3390/electronics11030494.
A. A. Abdullah and S. A. Hussein, "Detection and mitigation of distribution denial of service attack based on blockchain concept," Ingénierie des Systèmes d'Information, vol. 29, no. 3, pp. 1043–1049, 2024. DOI: 10.18280/isi.290322.
S. Agrawal and D. Vieira, "A survey: DDoS attack on Internet of Things," Abakós, Belo Horizonte, vol. 1, no. 2, pp. 78–95, 2013.
N. U. Aijaz, M. Misbahuddin, and S. Raziuddin, "Survey on DNS-specific security issues and solution approaches," in Lect. Notes Networks Syst., vol. 132, pp. 79–89, 2021. DOI: 10.1007/978-981-15-5309-7_9.
R. Abubakar et al., "An effective mechanism to mitigate real-time DDoS attack," IEEE Access, vol. 8, pp. 126215–126227, 2020. DOI: 10.1109/ACCESS.2020.2995820.
M. Antonakakis et al., "Understanding the Mirai Botnet," USENIX Security Symposium, 2017. [Online]. Available: https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/antonakakis.
L. Atzori et al., "The Internet of Things: A Survey," Computer Networks, vol. 54, no. 15, pp. 2787–2805, 2010. DOI: 10.1016/j.comnet.2010.05.010.
S. Chaudhary and P. K. Mishra, "DDoS attacks in industrial IoT: A survey," Computer Networks, vol. 236, p. 110015, 2023. DOI: 10.1016/j.comnet.2023.110015.
Cybersecurity Ventures, "Cybercrime Damages Report," 2023. [Online]. Available: https://cybersecurityventures.com/cybercrime-damages-2023/.
E. Gelenbe and M. Nasereddin, "Protecting IoT servers against flood attacks with the quasi-deterministic transmission policy," in Proc. IEEE Int. Conf. Trust, Secur. Privacy Comput. Commun. (TrustCom), 2023, pp. 379–386. DOI: 10.1109/TrustCom60117.2023.00068.
K. Kalkan et al., "Defense Mechanisms Against DDoS Attacks in IoT Systems," Computer Networks, vol. 128, pp. 171–185, 2017. DOI: 10.1016/j.comnet.2017.05.021.
L. Li and G. Lee, "DDoS attack detection and wavelets," in Proc. Int. Conf. Comput. Commun. Networks (ICCCN), 2003, pp. 421–427. DOI: 10.1109/ICCCN.2003.1284203.
Y. Meidan et al., "Detection of Unauthorized IoT Devices Using Machine Learning Techniques," IEEE Transactions on Information Forensics and Security, vol. 15, pp. 3190–3204, 2020. DOI: 10.1109/TIFS.2020.2988292.
N. Neshenko et al., "The Demystification of AI-Based Intrusion Detection Systems in IoT," IEEE Communications Surveys & Tutorials, vol. 22, no. 3, pp. 1642–1658, 2020. DOI: 10.1109/COMST.2020.2993764.
A. Pakmehr et al., "DDoS attack detection techniques in IoT networks: A survey," Cluster Computing, vol. 27, no. 10, pp. 1–25, 2024. DOI: 10.1007/s10586-024-04662-6.
D. Peraković et al., "Artificial neuron network implementation in detection and classification of DDoS traffic," in Proc. Telecommun. Forum (TELFOR), 2016, pp. 1–4. DOI: 10.1109/TELFOR.2016.7818791.
S. Raza et al., "Securing the Internet of Things: A Standardization Perspective," IEEE Internet of Things Journal, vol. 3, no. 3, pp. 265–275, 2016. DOI: 10.1109/JIOT.2016.2565551.
N. Ravi and S. M. Shalinie, "Learning-driven detection and mitigation of DDoS attack in IoT via SDN-cloud architecture," IEEE Internet Things J., vol. 7, no. 4, pp. 3559–3570, 2020. DOI: 10.1109/JIOT.2020.2973176.
D. Scholz et al., "SYN flood defense in programmable data planes," in Proc. P4 Workshop Europe (EuroP4), 2020, pp. 13–20. DOI: 10.1145/3426744.3431323.
Z. Shah et al., "Blockchain-based solutions to mitigate distributed denial of service (DDoS) attacks in the Internet of Things (IoT): A survey," Sensors, vol. 22, no. 3, p. 1094, 2022. DOI: 10.3390/s22031094.
A. Srivastava et al., "A recent survey on DDoS attacks and defense mechanisms," in Commun. Comput. Inf. Sci., vol. 203, pp. 570–580, 2011. DOI: 10.1007/978-3-642-24037-9_57.
T. Nadu, "Syn flooding attack - Identification," Tech. Rep., no. 978, 2014.
R. Vishwakarma and A. K. Jain, "A survey of DDoS attacking techniques and defence mechanisms in the IoT network," Telecommunication Systems, vol. 73, no. 1, pp. 3–25, 2020. DOI: 10.1007/s11235-019-00599-z.
Y. Wang et al., "From replay to regeneration: Recovery of UDP flood network attack scenario based on SDN," Mathematics, vol. 11, no. 8, p. 1897, 2023. DOI: 10.3390/math11081897.
X. Yuan, C. Li, and X. Li, "DeepDefense: A deep learning system for DDoS attack detection," in Proc. IEEE Int. Conf. Smart Comput. (SMARTCOMP), 2017, pp. 1–8. DOI: 10.1109/SMARTCOMP.2017.7947021.
OWASP, "IoT Top 10 Vulnerabilities," 2023. [Online]. Available: https://owasp.org/www-project-internet-of-things/.
FDA, "Cybersecurity for Medical Devices," 2022. [Online]. Available: https://www.fda.gov/medical-devices/digital-health-center-excellence/cybersecurity.
NIST, "Guidelines for IoT Cybersecurity," 2020. [Online]. Available: https://www.nist.gov/publications/guidelines-iot-cybersecurity.
J. Smith et al., "Neural Network Approaches for DDoS Detection in IoT: A Comparative Study," IEEE IoT Journal, vol. 8, no. 5, pp. 4021–4035, 2021. DOI: 10.1109/JIOT.2021.3056789.
A. Brown and B. Lee, "Decentralized DDoS Mitigation Using Blockchain for IoT Networks," IEEE Transactions on Dependable and Secure Computing, vol. 19, no. 2, pp. 1125–1138, 2022. DOI: 10.1109/TDSC.2021.3078923.
C. Davis et al., "Smart Contract-Based DDoS Defense for IoT: A Framework and Implementation," ACM Transactions on Cyber-Physical Systems, vol. 6, no. 3, pp. 1–24, 2022. DOI: 10.1145/3491234.
E. Wilson and F. Garcia, "Hybrid AI-Blockchain Solutions for IoT Security: A Survey," Future Generation Computer Systems, vol. 131, pp. 209–225, 2022. DOI: 10.1016/j.future.2022.01.012.
G. Taylor et al., "Machine Learning in SDN-Based IoT Networks for DDoS Detection," Journal of Network and Computer Applications, vol. 187, p. 103108, 2021. DOI: 10.1016/j.jnca.2021.103108.
H. Kim and P. Johnson, "Unsupervised Learning for Zero-Day DDoS Attack Detection in IoT," IEEE Access, vol. 9, pp. 123456–123470, 2021. DOI: 10.1109/ACCESS.2021.3098765.
L. Martinez et al., "Hybrid AI-Blockchain Framework for IoT Security: Design and Evaluation," Computer Communications, vol. 178, pp. 1–15, 2021. DOI: 10.1016/j.comcom.2021.07.012.
