Software-Defined Edge Defense Against IoT-Based DDoS

Industries, people's activities and urban infrastructure rely more and more on "Internet of Things" (IoT) devices for all kinds of activities and operations. Although securing a computer network has always been a difficult task, it transmutes into a massive challenge with the exponentially-growing network size and heterogenity in these systems. A recent example in that vein is a major security violation in the form of DDoS attacks which were performed by a huge number of IoT devices infected with a botnet called "Mirai". Moreover, the role of these devices as control, sensing and communication substrate in critical infrastructures aggravate such problems. Nevertheless, there are some new networking concepts and technologies which promise to offer remedies for the aforementioned challenges; one is software-defined networking (SDN) and another one is fog computing, which primarily provide global network control and local services, respectively. In this paper, we introduce a edge-oriented detection/mitigation scheme against DDoS in IoT using SDN and Fog approaches while utilizing Mirai as the case study.

[1]  Dan Schnackenberg,et al.  Statistical approaches to DDoS attack detection and response , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[2]  Dragan Peraković,et al.  Analysis of the IoT impact on volume of DDoS attacks , 2015 .

[3]  F. Richard Yu,et al.  Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges , 2016, IEEE Communications Surveys & Tutorials.

[4]  Elisa Bertino,et al.  Botnets and Internet of Things Security , 2017, Computer.

[5]  Syed Ali Khayam,et al.  Revisiting Traffic Anomaly Detection Using Software Defined Networking , 2011, RAID.

[6]  Stuart E. Schechter,et al.  Fast Detection of Scanning Worm Infections , 2004, RAID.

[7]  Gürkan Gür,et al.  Filtering-Based Defense Mechanisms Against DDoS Attacks: A Survey , 2017, IEEE Systems Journal.

[8]  Olivier Flauzac,et al.  SDN Based Architecture for IoT and Improvement of the Security , 2015, 2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops.

[9]  Christian Esteve Rothenberg,et al.  Mininet-WiFi: Emulating software-defined wireless networks , 2015, 2015 11th International Conference on Network and Service Management (CNSM).

[10]  Im Young Jung,et al.  Bot Detection via IoT Environment , 2015, 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security, and 2015 IEEE 12th International Conference on Embedded Software and Systems.

[11]  Qun Li,et al.  A Survey of Fog Computing: Concepts, Applications and Issues , 2015, Mobidata@MobiHoc.

[12]  Matthew M. Williamson,et al.  Throttling viruses: restricting propagation to defeat malicious mobile code , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..