Tackling DDOS Attacks in IoT: Asynthesis of Literature 2018 to 2022

Authors

  • Syaifuddin Department of Electrical and Information Technology, Jl. Grafika 2, Universitas Gadjah Mada, Yogyakarta 55281, Indonesia
  • Sri Suning Kusumawardani Department of Information Technology, Jl. Raya Tlogomas 246, Universitas Muhammadiyah Malang, Malang 65144, Indonesia
  • Widyawan Department of Electrical Engineering and Information Technology, Jl. Grafika No.2, Universitas Gadjah Mada, Daerah Istimewa Yogyakarta 55281, Indonesia

Keywords:

Detecting, Identifying, DDOS, IoT

Abstract

Currently, the Internet of Things is expanding into all computing-reliant domains. Fog computing is a key ally of the Internet of Things. It brings cloud computing and services to the network's edge. IoT makes smart surroundings a reality and a possibility. However, they are not immune to security weaknesses and threats. Therefore, specialized security measures are necessary. Security is one of the greatest obstacles to achieving an ideal IoT and Fog environment. This reality, coupled with the enormous harm caused by application attacks, necessitates the concentration of efforts in this area. Existing studies of the state of the art have demonstrated this requirement by highlighting a number of unresolved issues requiring additional investigation. This article presents a Systematic Literature Review (SLR) that takes into account the context of intrusion detection and prevention in IoT-based environments. This review examines more than 73 papers that passed a rigorous inclusion/exclusion procedure with well stated criteria. Information was gathered from these studies to construct a picture of the present state of the art and answer the study's research goals. Thus, we identify the state of the art, outstanding questions, and future potential.

Downloads

Download data is not yet available.

References

O. Vermesan et al., “Internet of robotic things-converging sensing/actuating, hyperconnectivity, artificial intelligence and IoT platforms,” in Cognitive hyperconnected digital transformation: Internet of things intelligence evolution, 2017. doi: 10.1201/9781003337584-4.

A. Nag, A. Kesharwani, B. Sharma, I. Gupta, A. Tiwari, and A. K. Singh, “Potential and Extention of Internet of Things,” in Lecture Notes on Data Engineering and Communications Technologies, vol. 44, 2020. doi: 10.1007/978-3-030-37051-0_61.

S. Selvaraj and S. Sundaravaradhan, “Challenges and opportunities in IoT healthcare systems: a systematic review,” SN Applied Sciences, vol. 2, no. 1. 2020. doi: 10.1007/s42452-019-1925-y.

Y. Liu, C. Yang, L. Jiang, S. Xie, and Y. Zhang, “Intelligent Edge Computing for IoT-Based Energy Management in Smart Cities,” IEEE Netw., vol. 33, no. 2, 2019, doi: 10.1109/MNET.2019.1800254.

J. Arshad, M. A. Azad, M. M. Abdeltaif, and K. Salah, “An intrusion detection framework for energy constrained IoT devices,” Mech. Syst. Signal Process., vol. 136, 2020, doi: 10.1016/j.ymssp.2019.106436.

M. D. Lytras, K. T. Chui, and A. Visvizi, “Data analytics in smart healthcare: The recent developments and beyond,” Applied Sciences (Switzerland), vol. 9, no. 14. 2019. doi: 10.3390/app9142812.

D. Yin, L. Zhang, and K. Yang, “A DDoS Attack Detection and Mitigation with Software-Defined Internet of Things Framework,” IEEE Access, vol. 6, 2018, doi: 10.1109/ACCESS.2018.2831284.

M. Begović, S. Čaušević, B. Memić, and A. Hasković, “AI-aided traffic differentiated qos routing and dynamic offloading in distributed fragmentation optimized SDN-IoT,” Int. J. Eng. Res. Technol., vol. 13, no. 8, 2020, doi: 10.37624/ijert/13.8.2020.1880-1895.

X. You, Y. Feng, and K. Sakurai, “Packet in Message Based DDoS Attack Detection in SDN Network Using OpenFlow,” in Proceedings - 2017 5th International Symposium on Computing and Networking, CANDAR 2017, 2018, vol. 2018-January. doi: 10.1109/CANDAR.2017.93.

P. J. B. Pajila, J. P, K. C, A. V. Sweet, and R. M. Lakshmi, “Software Defined Networking Based Protection against DDOS in IoT,” Int. J. Innov. Technol. Explor. Eng., vol. 9, no. 5, pp. 739–745, 2020, doi: 10.35940/ijitee.e2521.039520.

J. David and C. Thomas, “DDoS attack detection using fast entropy approach on flow-based network traffic,” in Procedia Computer Science, 2015, vol. 50. doi: 10.1016/j.procs.2015.04.007.

N. Ravi and S. M. Shalinie, “Learning-Driven Detection and Mitigation of DDoS Attack in IoT via SDN-Cloud Architecture,” IEEE Internet of Things Journal, vol. 7, no. 4. Institute of Electrical and Electronics Engineers (IEEE), pp. 3559–3570, 2020. doi: 10.1109/jiot.2020.2973176.

G. C. Fernandez and S. Xu, “A Case Study on using Deep Learning for Network Intrusion Detection,” in Proceedings - IEEE Military Communications Conference MILCOM, 2019, vol. 2019-November. doi: 10.1109/MILCOM47813.2019.9020824.

R. M. A. Ujjan, Z. Pervez, K. Dahal, A. K. Bashir, R. Mumtaz, and J. González, “Towards sFlow and adaptive polling sampling for deep learning based DDoS detection in SDN,” Futur. Gener. Comput. Syst., vol. 111, 2020, doi: 10.1016/j.future.2019.10.015.

J. A. Perez-Diaz, I. A. Valdovinos, K. K. R. Choo, and D. Zhu, “A Flexible SDN-Based Architecture for Identifying and Mitigating Low-Rate DDoS Attacks Using Machine Learning,” IEEE Access, vol. 8, 2020, doi: 10.1109/ACCESS.2020.3019330.

L. Van Efferen and A. M. T. Ali-Eldin, “A multi-layer perceptron approach for flow-based anomaly detection,” in 2017 International Symposium on Networks, Computers and Communications, ISNCC 2017, 2017. doi: 10.1109/ISNCC.2017.8072036.

M. Campbell et al., “Synthesis without meta-analysis (SWiM) in systematic reviews: Reporting guideline,” BMJ, vol. 368, pp. 1–6, 2020, doi: 10.1136/bmj.l6890.

A. Mihoub, O. Ben Fredj, O. Cheikhrouhou, A. Derhab, and M. Krichen, “Denial of service attack detection and mitigation for internet of things using looking-back-enabled machine learning techniques,” Comput. Electr. Eng., vol. 98, no. June 2021, p. 107716, 2022, doi: 10.1016/j.compeleceng.2022.107716.

M. Al-Fawa’reh, M. Al-Fayoumi, S. Nashwan, and S. Fraihat, “Cyber threat intelligence using PCA-DNN model to detect abnormal network behavior,” Egypt. Informatics J., vol. 23, no. 2, pp. 173–185, 2022, doi: 10.1016/j.eij.2021.12.001.

N. Mahajan, A. Chauhan, H. Kumar, S. Kaushal, and A. K. Sangaiah, “A Deep Learning Approach to Detection and Mitigation of Distributed Denial of Service Attacks in High Availability Intelligent Transport Systems,” Mob. Networks Appl., vol. 27, no. 4, pp. 1423–1443, 2022, doi: 10.1007/s11036-022-01973-z.

I. Cvitić, D. Peraković, M. Periša, and M. Botica, “Novel approach for detection of IoT generated DDoS traffic,” Wirel. Networks, vol. 27, no. 3, pp. 1573–1586, 2021, doi: 10.1007/s11276-019-02043-1.

W. Li, Y. Wang, and J. Li, “Enhancing blockchain-based filtration mechanism via IPFS for collaborative intrusion detection in IoT networks,” J. Syst. Archit., vol. 127, no. April, p. 102510, 2022, doi: 10.1016/j.sysarc.2022.102510.

H. Moudoud, L. Khoukhi, and S. Cherkaoui, “Prediction and Detection of FDIA and DDoS Attacks in 5G Enabled IoT,” IEEE Netw., vol. 35, no. 2, pp. 194–201, 2021, doi: 10.1109/MNET.011.2000449.

J. G. Almaraz-Rivera, J. A. Perez-Diaz, and J. A. Cantoral-Ceballos, “Transport and Application Layer DDoS Attacks Detection to IoT Devices by Using Machine Learning and Deep Learning Models,” Sensors, vol. 22, no. 9, 2022, doi: 10.3390/s22093367.

Z. Shah, I. Ullah, H. Li, A. Levula, and K. Khurshid, “Blockchain Based Solutions to Mitigate Distributed Denial of Service (DDoS) Attacks in the Internet of Things (IoT): A Survey,” Sensors, vol. 22, no. 3, 2022, doi: 10.3390/s22031094.

I. Ullah, B. Raza, S. Ali, I. A. Abbasi, S. Baseer, and A. Irshad, “Software Defined Network Enabled Fog-to-Things Hybrid Deep Learning Driven Cyber Threat Detection System,” Secur. Commun. Networks, vol. 2021, 2021, doi: 10.1155/2021/6136670.

Y. Labiod, A. Amara Korba, and N. Ghoualmi, “Fog Computing-Based Intrusion Detection Architecture to Protect IoT Networks,” Wirel. Pers. Commun., vol. 125, no. 1, pp. 231–259, 2022, doi: 10.1007/s11277-022-09548-7.

N. Mazhar, R. Saleh, R. Zaba, M. Zeeshan, M. Muzaffar Hameed, and N. Khan, “R-IDPS: Real Time SDN-Based IDPS System for IoT Security,” Comput. Mater. Contin., vol. 73, no. 2, pp. 3099–3118, 2022, doi: 10.32604/cmc.2022.028285.

M. A. Haq, M. A. R. Khan, and T. AL-Harbi, “Development of pccnn-based network intrusion detection system for edge computing,” Comput. Mater. Contin., vol. 71, no. 1, pp. 1769–1788, 2022, doi: 10.32604/cmc.2022.018708.

T. Gaber, A. El-Ghamry, and A. E. Hassanien, “Injection attack detection using machine learning for smart IoT applications,” Physical Communication, vol. 52. Elsevier BV, p. 101685, 2022. doi: 10.1016/j.phycom.2022.101685.

P. Kumar, H. Bagga, B. S. Netam, and V. Uduthalapally, “SAD-IoT: Security Analysis of DDoS Attacks in IoT Networks,” Wirel. Pers. Commun., vol. 122, no. 1, pp. 87–108, 2022, doi: 10.1007/s11277-021-08890-6.

S. P. K. Gudla, S. K. Bhoi, S. R. Nayak, and A. Verma, “DI-ADS: A Deep Intelligent Distributed Denial of Service Attack Detection Scheme for Fog-Based IoT Applications,” Mathematical Problems in Engineering, vol. 2022. Hindawi Limited, pp. 1–17, 2022. doi: 10.1155/2022/3747302.

M. Aslam et al., “Adaptive Machine Learning Based Distributed Denial-of-Services Attacks Detection and Mitigation System for SDN-Enabled IoT†,” Sensors, vol. 22, no. 7, 2022, doi: 10.3390/s22072697.

J. Ashraf et al., “IoTBoT-IDS: A novel statistical learning-enabled botnet detection framework for protecting networks of smart cities,” Sustain. Cities Soc., vol. 72, no. April, p. 103041, 2021, doi: 10.1016/j.scs.2021.103041.

M. Roopak, G. Y. Tian, and J. Chambers, “Multi‐objective‐based feature selection for DDoS attack detection in IoT networks,” IET Networks, vol. 9, no. 3. Institution of Engineering and Technology (IET), pp. 120–127, 2020. doi: 10.1049/iet-net.2018.5206.

A. Mehmood, M. Mukherjee, S. H. Ahmed, H. Song, and K. M. Malik, “NBC-MAIDS: Naïve Bayesian classification technique in multi-agent system-enriched IDS for securing IoT against DDoS attacks,” J. Supercomput., vol. 74, no. 10, pp. 5156–5170, 2018, doi: 10.1007/s11227-018-2413-7.

R. Kalathiripi and N. Venkatram, “Regression coefficients of traffic flow metrics (RCTFM) for DDOS defense in IoT networks,” Int. J. Commun. Syst., vol. 34, no. 6, pp. 1–14, 2021, doi: 10.1002/dac.4330.

K. Doshi, Y. Yilmaz, and S. Uludag, “Timely Detection and Mitigation of Stealthy DDoS Attacks via IoT Networks,” IEEE Trans. Dependable Secur. Comput., vol. 18, no. 5, pp. 2164–2176, 2021, doi: 10.1109/TDSC.2021.3049942.

T. Liu, F. Sabrina, J. Jang-Jaccard, W. Xu, and Y. Wei, “Artificial intelligence-enabled ddos detection for blockchain-based smart transport systems,” Sensors, vol. 22, no. 1, pp. 1–22, 2022, doi: 10.3390/s22010032.

M. Ibrahim et al., “SDN based DDos mitigating approach using traffic entropy for IoT network,” Comput. Mater. Contin., vol. 70, no. 3, pp. 5651–5665, 2022, doi: 10.32604/cmc.2022.017772.

M. M. Cherian and S. L. Varma, “Mitigation of DDOS and MiTM Attacks using Belief Based Secure Correlation Approach in SDN-Based IoT Networks,” Int. J. Comput. Netw. Inf. Secur., vol. 14, no. 1, pp. 52–68, 2022, doi: 10.5815/ijcnis.2022.01.05.

E. Chovancová and N. Ádám, “A clustered hybrid honeypot architecture,” Acta Polytech. Hungarica, vol. 16, no. 10, pp. 173–189, 2019, doi: 10.12700/APH.16.10.2019.10.11.

J. Li, L. Lyu, X. Liu, X. Zhang, and X. Lyu, “FLEAM: A Federated Learning Empowered Architecture to Mitigate DDoS in Industrial IoT,” IEEE Trans. Ind. Informatics, vol. 18, no. 6, pp. 4059–4068, 2022, doi: 10.1109/TII.2021.3088938.

B. Alotaibi and M. Alotaibi, “A Stacked Deep Learning Approach for IoT Cyberattack Detection,” J. Sensors, vol. 2020, 2020, doi: 10.1155/2020/8828591.

N. Chaabouni, M. Mosbah, A. Zemmari, C. Sauvignac, and P. Faruki, “Network intrusion detection for IoT security based on learning techniques,” IEEE Commun. Surv. Tutorials, vol. 21, no. 3, pp. 2671–2701, 2019.

B. Al-Duwairi, W. Al-Kahla, M. A. AlRefai, Y. Abdelqader, A. Rawash, and R. Fahmawi, “SIEM-based detection and mitigation of IoT-botnet DDoS attacks,” Int. J. Electr. Comput. Eng., vol. 10, no. 2, pp. 2182–2191, 2020, doi: 10.11591/ijece.v10i2.pp2182-2191.

Y. E. Kim, Y. S. Kim, and H. Kim, “Effective Feature Selection Methods to Detect IoT DDoS Attack in 5G Core Network,” Sensors, vol. 22, no. 10, 2022, doi: 10.3390/s22103819.

K. Malik, F. Rehman, T. Maqsood, S. Mustafa, O. Khalid, and A. Akhunzada, “Lightweight Internet of Things Botnet Detection Using One-Class Classification,” Sensors, vol. 22, no. 10, pp. 1–17, 2022, doi: 10.3390/s22103646.

P. Chaudhary, B. Gupta, and A. K. Singh, “Implementing attack detection system using filter-based feature selection methods for fog-enabled IoT networks,” Telecommunication Systems, vol. 81, no. 1. Springer Science and Business Media LLC, pp. 23–39, 2022. doi: 10.1007/s11235-022-00927-w.

R. F. Hayat, S. Aurangzeb, M. Aleem, G. Srivastava, and J. C. W. Lin, “ML-DDoS: A Blockchain-Based Multilevel DDoS Mitigation Mechanism for IoT Environments,” IEEE Trans. Eng. Manag., pp. 1–14, 2022, doi: 10.1109/TEM.2022.3170519.

W. Fan, Z. Du, M. Smith-Creasey, and D. Fernandez, “HoneyDOC: An Efficient Honeypot Architecture Enabling All-Round Design,” IEEE J. Sel. Areas Commun., vol. 37, no. 3, pp. 683–697, 2019, doi: 10.1109/JSAC.2019.2894307.

Y. Sun, Z. Tian, M. Li, S. Su, X. Du, and M. Guizani, “Honeypot Identification in Softwarized Industrial Cyber-Physical Systems,” IEEE Trans. Ind. Informatics, vol. 17, no. 8, pp. 5542–5551, 2021, doi: 10.1109/TII.2020.3044576.

M. Usama et al., “Unsupervised machine learning for networking: Techniques, applications and research challenges,” IEEE access, vol. 7, pp. 65579–65615, 2019.

B. Miller and X. Zhang, “A Multi-Layer Approach To Detecting And Preventing Iot-Based Botnet Attacks,” Issues Inf. Syst., vol. 21, no. 3, 2020.

Downloads

Published

25.12.2023

How to Cite

Syaifuddin, S., Kusumawardani, S. S. ., & Widyawan, W. (2023). Tackling DDOS Attacks in IoT: Asynthesis of Literature 2018 to 2022. International Journal of Intelligent Systems and Applications in Engineering, 12(1), 802–809. Retrieved from https://ijisae.org/index.php/IJISAE/article/view/4193

Issue

Vol. 12 No. 1 (2024)

Section

Research Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.

IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.