Distributed Denial-of-Service Attack Detection and Mitigation for the Internet of Things

Distributed Denial-of-Service Attack Detection and Mitigation for the Internet of Things

Opeyemi Peter Ojajuni (Southern University & A&M College, USA), Yasser Ismail (Southern University & A&M College, USA) and Albertha Lawson (Southern University & A&M College, USA)
Copyright: © 2020 |Pages: 15
DOI: 10.4018/IJTD.2020040102


The Internet of Things (IoT) allows different devices with internet protocol (IP) address to be connected together via the internet to collect, provide, store, and exchange data amongst themselves. The distributed denial of service (DDoS) attack is one of the inevitable challenges which should be addressed in the development of the IoT. A DDoS attack has the potential to render a victim's services unavailable, which can then lead to additional challenges such as website outage, financial loss, reputational damage and loss of confidential information. In this article, a framework of the SDN controller via an application programming interface (API) is compared to an existing framework. SDN provides a new architecture that can detect and mitigate a DDoS attack so that it makes the networking functionalities programmable via the API and also it centralizes the control management of the IoT devices. Experimental results show the capability of the SDN framework to analyze a real-time traffic of the SDN controller via the API by setting a control bandwidth usage threshold using the API.
Article Preview

1. Introduction

The Internet of Things (IoT) allow different devices with Internet Protocol (IP) address such as wearable smart devices, medical equipment, smart cars, environment monitoring equipment, office, and home appliances, to be connected together via the internet to collect, provide, store, and exchange data amongst themselves (Islam, Kwak, Kabir, Hossain, & Kwak, 2015; Lu & Xu, 2019). The fast growth of the IoT has led to the generation of large amounts of data and a tremendous increase in the number of Internet Protocol (IP) devices connected to the internet. The IoT generates large amounts of data that the IoT software uses for data analysis.

Cisco projected that by 2022 the annual amount of data that will be generated globally will reach 4.8 Zettabytes, and by the year 2030 over 500 billion devices will be connected to the internet (Cisco, 2019). These devices are vulnerable to malicious attacks because they have limited computer system resources to support firewall and defense mechanism protocols. These vulnerabilities can allow an attacker to compromise these devices in order to access sensitive and unauthorized data or to carry out a distributed denial-of-service attack (DDoS attack). This has increased security and privacy concerns in the development of the IoT. Some of the major security and privacy issues are the machine to machine trust, Authorization, Authentication and Accounting (AAA), end-user privacy, data privacy, data confidentiality and several malicious attacks such as man-in-the-middle attack, denial of service (DoS) attack, Sybil attack, and node capture attack, distributed denial-of-service (DDoS) (Ko et al., 2011)(Mukherjee et al., 2017). The IoT service is expected to offer a high level of privacy, integrity, confidentiality of data.

The DDoS attack is a type of denial of service (DoS) attack where the attacker uses more than one IP address to send malicious traffic to its target victim in order to exhaust its computer system resources such as sockets, central processing unit (CPU), memory, disk or database bandwidth, network bandwidth, therefore, making the victim’s service unavailable. The DDoS attack can lead to additional problems such as loss of confidential data, website service outage, financial loss and brand reputation damage (Yan, Huang, Luo, Gong, & Yu, 2018; Zargar, Joshi, & Tipper, 2013).

DDoS attack detection and mitigation are major security challenges that must be addressed in the development of the IoT. Due to the recent DDoS attacks, DDoS attacks on the IoT infrastructure has become a popular area of research.

Yan et al. (Yan, Yu, Gong, & Li, 2016) studied and produced a survey on SDN and DDoS in the cloud computing environment. In their work, DDoS attacks were divided into two categories based on the target protocol layer in the Open Systems Interconnection (OSI) model. The categories are network or transport-layer DDoS flooding attack and the application-layer distributed denial of service (DDoS) flooding attack. The application-layer DDoS flooding attack is aimed at exhausting the victim’s server resources such as sockets, CPU, memory, database bandwidth, network usage bandwidth, therefore, making the server’s services unreachable by legitimate end-users. The network or transport-layer flooding DDoS attacks are launched by using network protocol like Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Internet Control Message Protocol (ICMP), and Domain Name System (DNS). The attacks are focused on disrupting legitimate users’ service by exhausting victim network bandwidth. Ahmed et al. (Ahmed & Kim, 2017) proposed that SDN offers a new chance in defeating DDoS because of its capabilities of centralized control management of the entire network, dynamic updating of forwarding rules, real-time soft-based traffic analysis and programmable networking.

Complete Article List

Search this Journal:
Open Access Articles
Volume 12: 4 Issues (2021): Forthcoming, Available for Pre-Order
Volume 11: 4 Issues (2020)
Volume 10: 4 Issues (2019)
Volume 9: 4 Issues (2018)
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing