Too Expensive to Attack: A Joint Defense Framework to Mitigate Distributed Attacks for the Internet of Things Grid

The distributed denial of service (DDoS) attack is detrimental to businesses and individuals as we are heavily relying on the Internet. Due to remarkable profits, crackers favor DDoS as cybersecurity weapons in attacking servers, computers, IoT devices, and even the entire Internet. Many current detection and mitigation solutions concentrate on specific technologies in combating DDoS, whereas the attacking expense and the cross-defender collaboration have not drawn enough attention. Under this circumstance, we revisit the DDoS attack and defense in terms of attacking cost and populations of both parties, proposing a joint defense framework to incur higher attacking expense in a grid of Internet service providers (ISPs), businesses, individuals, and third-party organizations (IoT Grid). Meanwhile, the defender’s cost does not grow much during combats. The skyrocket of attacking expense discourages profitdriven attackers from launching further attacks effectively. The quantitative evaluation and experimental assessment reinforce the effectiveness of our framework.

[1]  Song Guo,et al.  Can We Beat DDoS Attacks in Clouds? , 2014, IEEE Transactions on Parallel and Distributed Systems.

[2]  Nick Feamster,et al.  Machine Learning DDoS Detection for Consumer Internet of Things Devices , 2018, 2018 IEEE Security and Privacy Workshops (SPW).

[3]  J. Li,et al.  FLEAM: A Federated Learning Empowered Architecture to Mitigate DDoS in Industrial IoT , 2020, IEEE Transactions on Industrial Informatics.

[4]  F. Richard Yu,et al.  A Multi-Level DDoS Mitigation Framework for the Industrial Internet of Things , 2018, IEEE Communications Magazine.

[5]  Venkatesan Sridhar,et al.  A moving target defense approach to mitigate DDoS attacks against proxy-based architectures , 2016 .

[6]  Muttukrishnan Rajarajan,et al.  Combating DDoS Attacks in the Cloud: Requirements, Trends, and Future Directions , 2017, IEEE Cloud Computing.

[7]  Jie Li,et al.  Online Internet Traffic Monitoring and DDoS Attack Detection Using Big Data Frameworks , 2018, 2018 14th International Wireless Communications & Mobile Computing Conference (IWCMC).

[8]  Gregory Blanc,et al.  ArOMA: An SDN based autonomic DDoS mitigation framework , 2017, Comput. Secur..

[9]  Jiong Jin,et al.  Virtual Fog: A Virtualization Enabled Fog Computing Framework for Internet of Things , 2018, IEEE Internet of Things Journal.

[10]  Georgios Kambourakis,et al.  DDoS in the IoT: Mirai and Other Botnets , 2017, Computer.

[11]  Andreas Haeberlen,et al.  Dispersing Asymmetric DDoS Attacks with SplitStack , 2016, HotNets.

[12]  Brij B. Gupta,et al.  A reputation score policy and Bayesian game theory based incentivized mechanism for DDoS attacks mitigation and cyber defense , 2020, Future Gener. Comput. Syst..

[13]  Luying Zhou,et al.  A fog computing based approach to DDoS mitigation in IIoT systems , 2019, Comput. Secur..

[14]  Andikan Otung,et al.  Distributed Defence of Service (DiDoS): A Network-layer Reputation-based DDoS Mitigation Architecture , 2020, ICISSP.

[15]  Narmeen Zakaria Bawany,et al.  DDoS Attack Detection and Mitigation Using SDN: Methods, Practices, and Solutions , 2017 .

[16]  Jianhua Liu,et al.  A Bayesian Q-Learning Game for Dependable Task Offloading Against DDoS Attacks in Sensor Edge Cloud , 2021, IEEE Internet of Things Journal.

[17]  Enda Barrett,et al.  Feature dynamic deep learning approach for DDoS mitigation within the ISP domain , 2019, International Journal of Information Security.

[18]  Brij B. Gupta,et al.  Distributed denial of service (DDoS) attack mitigation in software defined network (SDN)-based cloud computing environment , 2019, J. Ambient Intell. Humaniz. Comput..

[19]  Gürkan Gür,et al.  Filtering-Based Defense Mechanisms Against DDoS Attacks: A Survey , 2017, IEEE Systems Journal.

[20]  Lingjuan Lyu,et al.  A Fast and Scalable Authentication Scheme in IoT for Smart Living , 2020, Future Gener. Comput. Syst..

[21]  Marimuthu Palaniswami,et al.  EHOPES: Data-centered Fog platform for smart living , 2015, 2015 International Telecommunication Networks and Applications Conference (ITNAC).

[22]  Agostino Forestiero,et al.  Multi-Agent Recommendation System in Internet of Things , 2017, 2017 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGRID).

[23]  Lyes Khoukhi,et al.  Co-IoT: A Collaborative DDoS Mitigation Scheme in IoT Environment Based on Blockchain Using SDN , 2019, 2019 IEEE Global Communications Conference (GLOBECOM).

[24]  Min Zhu,et al.  Umbrella: Enabling ISPs to Offer Readily Deployable and Privacy-Preserving DDoS Prevention Services , 2019, IEEE Transactions on Information Forensics and Security.

[25]  Dimitrios P. Pezaros,et al.  Per-Host DDoS Mitigation by Direct-Control Reinforcement Learning , 2020, IEEE Transactions on Network and Service Management.

[26]  Biplab Sikdar,et al.  Mitigating loT Device based DDoS Attacks using Blockchain , 2018, CRYBLOCK@MobiSys.

[27]  Jianhua Li,et al.  Latency estimation for fog-based internet of things , 2017, 2017 27th International Telecommunication Networks and Applications Conference (ITNAC).