Feasibility Review of DDoS Attack Mitigation on CoAP for IoT Networks
Keywords:
Attacks, Denial of Service attacks, Distributed Denial of Service attacks, IoT, Networks, Security, Security aspectsAbstract
Due to the rapid development of the Internet of Things (IoT) and the rise of linked devices, the necessity for quick and impermeable communication protocols has assumed critical importance. The Constrained Application Protocol (CoAP), which is specifically designed for IoT devices, places a high priority on compactness and energy economy. Despite its preference for these characteristics, it stands out for its vulnerability to impending Distributed Denial of Service (DDoS) attacks brought on by its weak security characteristics. This paper examines CoAP in detail and explores its suitability as a defense against DDoS attacks. Our main goal is to provide insights into the difficulties and likely directions for bolstering CoAP's security framework in order to effectively combat DDoS attacks. To achieve this, a thorough investigation into the advantages and disadvantages of CoAP will be meticulously carried out.
Downloads
References
Matta, P., & Pant, B. (2019). Internet of things: Genesis, challenges and applications. Journal of Engineering Science and Technology, 14(3), 1717-1750.
Vermesan, O., Friess, P., Guillemin, P., Sundmaeker, H., Eisenhauer, M., Moessner, K., ... & Cousin, P. (2022). Internet of things strategic research and innovation agenda. In Internet of things (pp. 7-151). River Publishers.
Babayigit, B., & Abubaker, M. (2023). Industrial internet of things: A review of improvements over traditional scada systems for industrial automation. IEEE Systems Journal.
Hao, X., Ren, W., Fei, Y., Zhu, T., & Choo, K. K. R. (2022). A blockchain-based cross-domain and autonomous access control scheme for internet of things. IEEE Transactions on Services Computing, 16(2), 773-786.
Greengard, S. (2021). The internet of things. MIT press.
Cvitić, I., Peraković, D., Periša, M., & Botica, M. (2018, December). Smart home IoT traffic characteristics as a basis for DDoS traffic detection. In 3rd EAI International Conference on Management of Manufacturing Systems.
Soori, M., Arezoo, B., & Dastres, R. (2023). Internet of things for smart factories in industry 4.0, a review. Internet of Things and Cyber-Physical Systems.
Margam, R. (2024). SMART INHALERS: HARNESSING IOT FOR PRECISE ASTHMA MANAGEMENT. International Education and Research Journal, 10.
Bibri, S. E., Krogstie, J., Kaboli, A., & Alahi, A. (2024). Smarter eco-cities and their leading-edge artificial intelligence of things solutions for environmental sustainability: A comprehensive systematic review. Environmental Science and Ecotechnology, 19, 100330.
Khan, A., Hassan, M., & Shahriyar, A. K. (2023). Optimizing onion crop management: A smart agriculture framework with iot sensors and cloud technology. Applied Research in Artificial Intelligence and Cloud Computing, 6(1), 49-67.
Oladimeji, D., Gupta, K., Kose, N. A., Gundogan, K., Ge, L., & Liang, F. (2023). Smart transportation: an overview of technologies and applications. Sensors, 23(8), 3880.
Gunnarsson, M. (2023). Efficient Security Protocols for Constrained Devices. Department of Electridal and Information Technology, Faculty of Engineering,? LTH, Lund University.
Rana, B., Singh, Y., & Singh, P. K. (2021). A systematic survey on internet of things: Energy efficiency and interoperability perspective. Transactions on Emerging Telecommunications Technologies, 32(8), e4166.
Chiu, Y. H., Liao, C. F., & Chen, K. (2021, August). Transparent web of things discovery in constrained networks based on mDNS/DNS-SD. In 2021 International Conference on Platform Technology and Service (PlatCon) (pp. 1-6). IEEE.
Bayılmış, C., Ebleme, M. A., Çavuşoğlu, Ü., Kücük, K., & Sevin, A. (2022). A survey on communication protocols and performance evaluations for Internet of Things. Digital Communications and Networks, 8(6), 1094-1104.
Babun, L., Denney, K., Celik, Z. B., McDaniel, P., & Uluagac, A. S. (2021). A survey on IoT platforms: Communication, security, and privacy perspectives. Computer Networks, 192, 108040.
Valdovinos, I. A., Millán, P. E. F., Guerrero-Ibáñez, J. A., & Valdez, R. E. C. (2024). Design, Implementation and Evaluation of an Embedded CoAP Proxy Server for 6LoWPAN. IEEE Access.
Lone, A. N., Mustajab, S., & Alam, M. (2023). A comprehensive study on cybersecurity challenges and opportunities in the IoT world. Security and Privacy, 6(6), e318.
Al-Masri, E., Kalyanam, K. R., Batts, J., Kim, J., Singh, S., Vo, T., & Yan, C. (2020). Investigating messaging protocols for the Internet of Things (IoT). IEEE Access, 8, 94880-94911.
Oliver, S. G., & Purusothaman, T. (2022). Lightweight and Secure Mutual Authentication Scheme for IoT Devices Using CoAP Protocol. Computer Systems Science & Engineering, 41(2).
Shah, Z., Ullah, I., Li, H., Levula, A., & Khurshid, K. (2022). Blockchain based solutions to mitigate distributed denial of service (DDoS) attacks in the Internet of Things (IoT): A survey. Sensors, 22(3), 1094.
Syaifuddin, S., Kusumawardani, S. S., & Widyawan, W. (2024). Tackling DDOS Attacks in IoT: Asynthesis of Literature 2018 to 2022. International Journal of Intelligent Systems and Applications in Engineering, 12(1), 802-809.
Using a multicast group and short CoAP requests with fictitious source addresses, the attackers leverages CoAP's multicast communication feature to send traffic towards the target that is amplified significantly because all devices in the group respond to the victim.
Al-Masri, E., Kalyanam, K. R., Batts, J., Kim, J., Singh, S., Vo, T., & Yan, C. (2020). Investigating messaging protocols for the Internet of Things (IoT). IEEE Access, 8, 94880-94911.
Zhao, Q., Shu, L., Li, K., Ferrag, M. A., Liu, X., & Li, Y. (2024). Security and Privacy in Solar Insecticidal Lamps Internet of Things: Requirements and Challenges. IEEE/CAA Journal of Automatica Sinica, 11(1), 58-73.
Mengistu, T. M., Kim, T., & Lin, J. W. (2024). A Survey on Heterogeneity Taxonomy, Security and Privacy Preservation in the Integration of IoT, Wireless Sensor Networks and Federated Learning. Sensors, 24(3), 968.
Salas, J. (2021). IoTFC: A Secure and Privacy Preserving Architecture for Smart Buildings.
Gill, S. S., Wu, H., Patros, P., Ottaviani, C., Arora, P., Pujol, V. C., ... & Buyya, R. (2024). Modern computing: Vision and challenges. Telematics and Informatics Reports, 100116.
Hossain, M., Kayas, G., Hasan, R., Skjellum, A., Noor, S., & Islam, S. R. (2024). A Holistic Analysis of Internet of Things (IoT) Security: Principles, Practices, and New Perspectives. Future Internet, 16(2), 40.
Hintaw, A. J., Manickam, S., Aboalmaaly, M. F., & Karuppayah, S. (2023). MQTT vulnerabilities, attack vectors and solutions in the internet of things (IoT). IETE Journal of Research, 69(6), 3368-3397.
Gupta, B. B., & Dahiya, A. (2021). Distributed Denial of Service (DDoS) Attacks: Classification, Attacks, Challenges and Countermeasures. CRC press.
Salim, M. M., Rathore, S., & Park, J. H. (2020). Distributed denial of service attacks and its defenses in IoT: a survey. The Journal of Supercomputing, 76, 5320-5363.
Batmaz, B., & Doğan, A. (2021). CoAP acceleration on FPSoC for resource constrained Internet of Things devices. IEEE Internet of Things Journal, 8(24), 17790-17801.
Bhardwaj, A., Mangat, V., Vig, R., Halder, S., & Conti, M. (2021). Distributed denial of service attacks in cloud: State-of-the-art of scientific and commercial solutions. Computer Science Review, 39, 100332.
Trajanovski, T., & Zhang, N. (2021). An automated and comprehensive framework for IoT botnet detection and analysis (IoT-BDA). IEEE Access, 9, 124360-124383.
Ahvanooey, M. T., Zhu, M. X., Li, Q., Mazurczyk, W., Choo, K. K. R., Gupta, B. B., & Conti, M. (2021). Modern authentication schemes in smartphones and IoT devices: An empirical survey. IEEE Internet of Things Journal, 9(10), 7639-7663.
Bhattacharjya, A., Zhong, X., Wang, J., & Li, X. (2020). CoAP—application layer connection-less lightweight protocol for the Internet of Things (IoT) and CoAP-IPSEC Security with DTLS Supporting CoAP. Digital twin technologies and smart cities, 151-175.
Tariq, U., Ahmed, I., Bashir, A. K., & Shaukat, K. (2023). A Critical Cybersecurity Analysis and Future Research Directions for the Internet of Things: A Comprehensive Review. Sensors, 23(8), 4117.
Abubakar, R., Aldegheishem, A., Majeed, M. F., Mehmood, A., Maryam, H., Alrajeh, N. A., ... & Jawad, M. (2020). An effective mechanism to mitigate real-time DDoS attack. IEEE Access, 8, 126215-126227.
MAHRACH, S., & HAQIQ, A. (2020). DDoS flooding attack mitigation in software defined networks. International Journal of Advanced Computer Science and Applications, 11(1).
Uwaezuoke, E. C. (2022). Analysis of power line communication network vulnerabilities using cyber security techniques (Doctoral dissertation, University of Johannesburg).
Belgaum, M. R., Musa, S., Alam, M. M., & Su’ud, M. M. (2020). A systematic review of load balancing techniques in software-defined networking. IEEE Access, 8, 98612-98636.
Eskandari, M., Janjua, Z. H., Vecchio, M., & Antonelli, F. (2020). Passban IDS: An intelligent anomaly-based intrusion detection system for IoT edge devices. IEEE Internet of Things Journal, 7(8), 6882-6897.
Yang, N., Chen, K., & Wang, M. (2021). SmartDetour: Defending blackhole and content poisoning attacks in IoT NDN networks. IEEE Internet of Things Journal, 8(15), 12119-12136.
El Kafhali, S., El Mir, I., & Hanini, M. (2022). Security threats, defense mechanisms, challenges, and future directions in cloud computing. Archives of Computational Methods in Engineering, 29(1), 223-246.
Husnain, M., Hayat, K., Cambiaso, E., Fayyaz, U. U., Mongelli, M., Akram, H., ... & Shah, G. A. (2022). Preventing mqtt vulnerabilities using iot-enabled intrusion detection system. Sensors, 22(2), 567.
Shah, Z., Ullah, I., Li, H., Levula, A., & Khurshid, K. (2022). Blockchain based solutions to mitigate distributed denial of service (DDoS) attacks in the Internet of Things (IoT): A survey. Sensors, 22(3), 1094.
Chaganti, R., Bhushan, B., & Ravi, V. (2023). A survey on Blockchain solutions in DDoS attacks mitigation: Techniques, open challenges and future directions. Computer Communications, 197, 96-112.
Tariq, U., Ahmed, I., Bashir, A. K., & Shaukat, K. (2023). A Critical Cybersecurity Analysis and Future Research Directions for the Internet of Things: A Comprehensive Review. Sensors, 23(8), 4117.
Keoh, S. L., Kumar, S. S., & Tschofenig, H. (2014). Securing the internet of things: A standardization perspective. IEEE Internet of things Journal, 1(3), 265-275.
Dutta, M., & Granjal, J. (2020). Towards a secure Internet of Things: A comprehensive study of second line defense mechanisms. IEEE Access, 8, 127272-127312.
Hasan, M. K., Ghazal, T. M., Saeed, R. A., Pandey, B., Gohel, H., Eshmawi, A. A., ... & Alkhassawneh, H. M. (2022). A review on security threats, vulnerabilities, and counter measures of 5G enabled Internet‐of‐Medical‐Things. IET communications, 16(5), 421-432.
Kumar, A., Sharma, S., Goyal, N., Singh, A., Cheng, X., & Singh, P. (2021). Secure and energy-efficient smart building architecture with emerging technology IoT. Computer Communications, 176, 207-217.
Tariq, U., Ahmed, I., Bashir, A. K., & Shaukat, K. (2023). A critical cybersecurity analysis and future research directions for the Internet of Things: A comprehensive review. Sensors, 23(8), 4117.
Khalil, K., Elgazzar, K., Abdelgawad, A., & Bayoumi, M. (2020, June). A security approach for CoAP-based internet of things resource discovery. In 2020 IEEE 6th World Forum on Internet of Things (WF-IoT) (pp. 1-6). IEEE.
Kumar, P. M., & Gandhi, U. D. (2020). Enhanced DTLS with CoAP-based authentication scheme for the internet of things in healthcare application. The Journal of Supercomputing, 76, 3963-3983.
Pritikin, M., Richardson, M., Eckert, T., Behringer, M., & Watsen, K. (2021). Bootstrapping remote secure key infrastructures (BRSKI). RFC 8995.
Sara, A., & Randa, J. (2024, February). Data protection in IoT using CoAP based on enhanced DTLS. In AIP Conference Proceedings (Vol. 2729, No. 1). AIP Publishing.
Swamy, S. N., & Kota, S. R. (2020). An empirical study on system level aspects of Internet of Things (IoT). IEEE Access, 8, 188082-188134.
Rehman, S. U., Manickam, S., & Firdous, N. F. (2023, June). Impact of DoS/DDoS attacks in IoT environment: A study. In AIP Conference Proceedings (Vol. 2760, No. 1). AIP Publishing.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.
