Detecting IoT zombie attacks on web servers

Internet of Things (IoT) devices pose a serious threat to the web as poorly configured or faulty devices can be used for massive Distributed Denial of Service attacks. High jacked IoT devices that act like real users are a particular problem that present significant difficulties for traditional detection methods. An adaptive, real time scoring system for detecting such attacks is proposed that does not punish profitable flash crowds as do current methods. This system employs an energy efficient architecture and thus web server system power usage is reduced.

[1]  Sujatha Sivabalan,et al.  A novel framework to detect and block DDoS attack at the application layer , 2013, IEEE 2013 Tencon - Spring.

[2]  Elisa Bertino,et al.  Botnets and Internet of Things Security , 2017, Computer.

[3]  Scott Shenker,et al.  Scheduling for reduced CPU energy , 1994, OSDI '94.

[4]  Helen J. Wang,et al.  Practical end-to-end web content integrity , 2012, WWW.

[5]  S Sivabalan,et al.  Real time calibration of DDoS blocking rules for Web Servers , 2016 .

[6]  Shun-Zheng Yu,et al.  Monitoring the Application-Layer DDoS Attacks for Popular Websites , 2009, IEEE/ACM Transactions on Networking.

[7]  Carlo Maria Medaglia,et al.  An Overview of Privacy and Security Issues in the Internet of Things , 2010 .

[8]  P. Venkata Krishna,et al.  A Learning Automata Based Solution for Preventing Distributed Denial of Service in Internet of Things , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[9]  Shunzheng Yu,et al.  Monitoring the Application-Layer DDoS Attacks for Popular Websites , 2009, IEEE/ACM Transactions on Networking.

[10]  Michael Backes,et al.  Identifying the Scan and Attack Infrastructures Behind Amplification DDoS Attacks , 2016, CCS.

[11]  Balachander Krishnamurthy,et al.  Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites , 2002, WWW.

[12]  Robert Green,et al.  Communication security in internet of thing: preventive measure and avoid DDoS attack over IoT network , 2015, SpringSim.