Skip to main content
Erschienen in:
Buchtitelbild

2019 | OriginalPaper | Buchkapitel

IoT-Based DDoS Attack Detection and Mitigation Using the Edge of SDN

verfasst von : Yinqi Yang, Jian Wang, Baoqin Zhai, Jiqiang Liu

Erschienen in: Cyberspace Safety and Security

Verlag: Springer International Publishing

Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Nowadays, the Internet of Things (IoT) has developed rapidly and changed people’s life into a more convenient style. However, a huge number of vulnerable IoT devices are exploited to constitute botnet by many attackers, which forms a serious problem for network security. To solve it, we propose a novel detection and mitigation mechanism. In our method, we use Software Defined Networking (SDN), a promising network architecture, for dropping malicious traffic in propagation path to avoid avalanche effect on the victim server in the traditional network. For the existing works, a lot of time and resources are wasted in using the controller of SDN to detect attacks. Unlike them, we take the features of IoT traffic into consideration and utilize the edge computing to provide local services by putting detection and mitigation method into the OpenFlow (OF) switches of IoT. This achieves a distributed anomaly detection to detect and respond IoT-based DDoS attacks in real time, and avoids the overload of the controller. Machine learning is used in the OF switches with around 99% precision. Experimental results demonstrate that our method is capable to mitigate IoT-based DDoS attacks in a short time.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
1.
Zurück zum Zitat Pettey, C.: The Internet of Things and the Enterprise. Gartner, August 2015 Pettey, C.: The Internet of Things and the Enterprise. Gartner, August 2015
3.
Zurück zum Zitat Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80–84 (2017)CrossRef Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80–84 (2017)CrossRef
4.
Zurück zum Zitat Bhunia, S.S., Gurusamy, M.: Dynamic attack detection and mitigation in IoT using SDN. In: 2017 27th International Telecommunication Networks and Applications Conference (ITNAC), pp. 1–6. IEEE, November 2017 Bhunia, S.S., Gurusamy, M.: Dynamic attack detection and mitigation in IoT using SDN. In: 2017 27th International Telecommunication Networks and Applications Conference (ITNAC), pp. 1–6. IEEE, November 2017
5.
Zurück zum Zitat Yin, D., Zhang, L., Yang, K.: A DDoS attack detection and mitigation with software-defined internet of things framework. IEEE Access 6, 24694–24705 (2018)CrossRef Yin, D., Zhang, L., Yang, K.: A DDoS attack detection and mitigation with software-defined internet of things framework. IEEE Access 6, 24694–24705 (2018)CrossRef
6.
Zurück zum Zitat Wang, R., Jia, Z., Ju, L.: An entropy-based distributed DDoS detection mechanism in software-defined networking. In: 2015 IEEE Trustcom/BigDataSE/ISPA, vol. 1, pp. 310–317. IEEE, August 2015 Wang, R., Jia, Z., Ju, L.: An entropy-based distributed DDoS detection mechanism in software-defined networking. In: 2015 IEEE Trustcom/BigDataSE/ISPA, vol. 1, pp. 310–317. IEEE, August 2015
7.
Zurück zum Zitat Ahmed, M.E., Kim, H., Park, M.: Mitigating DNS query-based DDoS attacks with machine learning on software-defined networking. In: MILCOM 2017–2017 IEEE Military Communications Conference (MILCOM), pp. 11–16. IEEE, October 2017 Ahmed, M.E., Kim, H., Park, M.: Mitigating DNS query-based DDoS attacks with machine learning on software-defined networking. In: MILCOM 2017–2017 IEEE Military Communications Conference (MILCOM), pp. 11–16. IEEE, October 2017
8.
Zurück zum Zitat Braga, R., Mota, E., Passito, A.: Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: IEEE Local Computer Network Conference, pp. 408–415. IEEE, October 2010 Braga, R., Mota, E., Passito, A.: Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: IEEE Local Computer Network Conference, pp. 408–415. IEEE, October 2010
9.
Zurück zum Zitat Zheng, J., Li, Q., Gu, G., Cao, J., Yau, D.K., Wu, J.: Realtime DDoS defense using COTS SDN switches via adaptive correlation analysis. IEEE Trans. Inf. Forensics Secur. 13(7), 1838–1853 (2018)CrossRef Zheng, J., Li, Q., Gu, G., Cao, J., Yau, D.K., Wu, J.: Realtime DDoS defense using COTS SDN switches via adaptive correlation analysis. IEEE Trans. Inf. Forensics Secur. 13(7), 1838–1853 (2018)CrossRef
10.
Zurück zum Zitat Yan, Q., Huang, W., Luo, X., Gong, Q., Yu, F.R.: A multi-level DDoS mitigation framework for the industrial internet of things. IEEE Commun. Mag. 56(2), 30–36 (2018)CrossRef Yan, Q., Huang, W., Luo, X., Gong, Q., Yu, F.R.: A multi-level DDoS mitigation framework for the industrial internet of things. IEEE Commun. Mag. 56(2), 30–36 (2018)CrossRef
11.
Zurück zum Zitat Hyun, D., Kim, J., Hong, D., Jeong, J.P.: SDN-based network security functions for effective DDoS attack mitigation. In: 2017 International Conference on Information and Communication Technology Convergence (ICTC), pp. 834–839. IEEE, October 2017 Hyun, D., Kim, J., Hong, D., Jeong, J.P.: SDN-based network security functions for effective DDoS attack mitigation. In: 2017 International Conference on Information and Communication Technology Convergence (ICTC), pp. 834–839. IEEE, October 2017
12.
Zurück zum Zitat Shin, S., Yegneswaran, V., Porras, P., Gu, G.: Avant-guard: scalable and vigilant switch flow management in software-defined networks. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 413–424. ACM, November 2013 Shin, S., Yegneswaran, V., Porras, P., Gu, G.: Avant-guard: scalable and vigilant switch flow management in software-defined networks. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 413–424. ACM, November 2013
13.
Zurück zum Zitat Ahmed, M.E., Kim, H.: DDoS attack mitigation in Internet of Things using software defined networking. In: 2017 IEEE Third International Conference on Big Data Computing Service and Applications (BigDataService), pp. 271–276. IEEE, April 2017 Ahmed, M.E., Kim, H.: DDoS attack mitigation in Internet of Things using software defined networking. In: 2017 IEEE Third International Conference on Big Data Computing Service and Applications (BigDataService), pp. 271–276. IEEE, April 2017
16.
Zurück zum Zitat Dolui, K., Datta, S.K.: Comparison of edge computing implementations: fog computing, cloudlet and mobile edge computing. In: 2017 Global Internet of Things Summit (GIoTS), pp. 1–6. IEEE, June 2017 Dolui, K., Datta, S.K.: Comparison of edge computing implementations: fog computing, cloudlet and mobile edge computing. In: 2017 Global Internet of Things Summit (GIoTS), pp. 1–6. IEEE, June 2017
17.
Zurück zum Zitat Doshi, R., Apthorpe, N., Feamster, N.: Machine learning DDoS detection for consumer internet of things devices. In: 2018 IEEE Security and Privacy Workshops (SPW), pp. 29–35. IEEE, May 2018 Doshi, R., Apthorpe, N., Feamster, N.: Machine learning DDoS detection for consumer internet of things devices. In: 2018 IEEE Security and Privacy Workshops (SPW), pp. 29–35. IEEE, May 2018
18.
Zurück zum Zitat Summerville, D.H., Zach, K.M., Chen, Y.: Ultra-lightweight deep packet anomaly detection for internet of things devices. In: 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC), pp. 1–8. IEEE, December 2015 Summerville, D.H., Zach, K.M., Chen, Y.: Ultra-lightweight deep packet anomaly detection for internet of things devices. In: 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC), pp. 1–8. IEEE, December 2015
19.
Zurück zum Zitat Sedjelmaci, H., Senouci, S.M., Al-Bahri, M.: A lightweight anomaly detection technique for low-resource IoT devices: a game-theoretic methodology. In: 2016 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE, May 2016 Sedjelmaci, H., Senouci, S.M., Al-Bahri, M.: A lightweight anomaly detection technique for low-resource IoT devices: a game-theoretic methodology. In: 2016 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE, May 2016
20.
Zurück zum Zitat Özçelik, M., Chalabianloo, N., Gür, G.: Software-defined edge defense against IoT-based DDoS. In: 2017 IEEE International Conference on Computer and Information Technology (CIT), pp. 308–313. IEEE, August 2017 Özçelik, M., Chalabianloo, N., Gür, G.: Software-defined edge defense against IoT-based DDoS. In: 2017 IEEE International Conference on Computer and Information Technology (CIT), pp. 308–313. IEEE, August 2017
22.
Zurück zum Zitat Williamson, M.M.: Throttling viruses: restricting propagation to defeat malicious mobile code. In: 18th Annual Computer Security Applications Conference 2002 Proceedings, pp. 61–68. IEEE (2002) Williamson, M.M.: Throttling viruses: restricting propagation to defeat malicious mobile code. In: 18th Annual Computer Security Applications Conference 2002 Proceedings, pp. 61–68. IEEE (2002)
23.
Zurück zum Zitat Meidan, Y., et al.: N-BaIoT—network-based detection of IoT Botnet attacks using deep autoencoders. IEEE Pervasive Comput. 17(3), 12–22 (2018)CrossRef Meidan, Y., et al.: N-BaIoT—network-based detection of IoT Botnet attacks using deep autoencoders. IEEE Pervasive Comput. 17(3), 12–22 (2018)CrossRef
25.
Zurück zum Zitat Zhao, J.: Analysis of the characteristics of M2 M traffic. Master’s thesis, Southwest Jiaotong University (2014) Zhao, J.: Analysis of the characteristics of M2 M traffic. Master’s thesis, Southwest Jiaotong University (2014)
26.
Zurück zum Zitat Hou, S., Tan, X.: Research and analysis of traffic characteristics of typical internet of things. Internet Things Technol. 7(6), 40–42 (2017) Hou, S., Tan, X.: Research and analysis of traffic characteristics of typical internet of things. Internet Things Technol. 7(6), 40–42 (2017)
27.
Zurück zum Zitat Botta, A., Dainotti, A., Pescapé, A.: A tool for the generation of realistic network workload for emerging networking scenarios. Comput. Netw. 56(15), 3531–3547 (2012)CrossRef Botta, A., Dainotti, A., Pescapé, A.: A tool for the generation of realistic network workload for emerging networking scenarios. Comput. Netw. 56(15), 3531–3547 (2012)CrossRef
29.
Zurück zum Zitat Kang, M.S., Lee, S.B., Gligor, V.D.: The crossfire attack. In: 2013 IEEE Symposium on Security and Privacy, pp. 127–141. IEEE. May 2013 Kang, M.S., Lee, S.B., Gligor, V.D.: The crossfire attack. In: 2013 IEEE Symposium on Security and Privacy, pp. 127–141. IEEE. May 2013
30.
Zurück zum Zitat Rasti, R., Murthy, M., Weaver, N., Paxson, V.: Temporal lensing and its application in pulsing denial-of-service attacks. In: 2015 IEEE Symposium on Security and Privacy, pp. 187–198. IEEE, May 2015 Rasti, R., Murthy, M., Weaver, N., Paxson, V.: Temporal lensing and its application in pulsing denial-of-service attacks. In: 2015 IEEE Symposium on Security and Privacy, pp. 187–198. IEEE, May 2015
Metadaten
Titel
IoT-Based DDoS Attack Detection and Mitigation Using the Edge of SDN
verfasst von
Yinqi Yang
Jian Wang
Baoqin Zhai
Jiqiang Liu
Copyright-Jahr
2019
DOI
https://doi.org/10.1007/978-3-030-37352-8_1