A survey of DDoS attacking techniques and defence mechanisms in the IoT network

Internet-of-things has emerged out as an important invention towards employing the tremendous power of wireless media in the real world. We can control our surroundings by interacting with numerous smart applications running independently on different platforms, almost everywhere in the world. IoT, with such a ubiquitous popularity often serve itself as a potential platform for escalating malicious entities. These entities get an access to the legitimate devices by exploiting IoT vulnerabilities which results from several constraints like limited resources, weaker security, etc. and can further take form of various attacks. Distributed Denial-of-service (DDoS) in IoT network is an attack which targets the availability of the servers by flooding the communication channel with impersonated requests coming from distributed IoT devices. Defending DDoS in IoT has now become an exigent area of research due to the recent incidents of demolishment of some renowned servers, reported in previous few years. In this paper, we discuss the concept of malware and botnets working behind ‘Distributed’ DoS in IoT. The various DDoS defence techniques are broadly described and compared in order to identify the security gaps present in them. Moreover, we list out the open research issues and challenges that need to be addressed for a stronger as well as smarter DDoS defence.

[1]  Georgios Kambourakis,et al.  DDoS in the IoT: Mirai and Other Botnets , 2017, Computer.

[2]  Elisa Bertino,et al.  Botnets and Internet of Things Security , 2017, Computer.

[3]  Georgios Kambourakis,et al.  Detecting DNS Amplification Attacks , 2007, CRITIS.

[4]  Kai Zhao,et al.  A Survey on the Internet of Things Security , 2013, 2013 Ninth International Conference on Computational Intelligence and Security.

[5]  Rodrigo Roman,et al.  On the features and challenges of security and privacy in distributed internet of things , 2013, Comput. Networks.

[6]  Elena Sitnikova,et al.  Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics: Bot-IoT Dataset , 2018, Future Gener. Comput. Syst..

[7]  Giancarlo Fortino,et al.  Internet of Things Based on Smart Objects, Technology, Middleware and Applications , 2014, Internet of Things Based on Smart Objects, Technology, Middleware and Applications.

[8]  Antonio F. Gómez-Skarmeta,et al.  Risk-based automated assessment and testing for the cybersecurity certification and labelling of IoT devices , 2019, Comput. Stand. Interfaces.

[9]  Ali Dehghantanha,et al.  A deep Recurrent Neural Network based approach for Internet of Things malware threat hunting , 2018, Future Gener. Comput. Syst..

[10]  Peng Liu,et al.  The Effect of IoT New Features on Security and Privacy: New Threats, Existing Solutions, and Challenges Yet to Be Solved , 2018, IEEE Internet of Things Journal.

[11]  Yi Zhang,et al.  Internet-of-Things Security and Vulnerabilities: Taxonomy, Challenges, and Practice , 2018, J. Hardw. Syst. Secur..

[12]  Daniel Jeswin Nallathambi,et al.  Use of honeypots for mitigating DoS attacks targeted on IoT networks , 2017, 2017 International Conference on Computer, Communication and Signal Processing (ICCCSP).

[13]  Ethem Alpaydin,et al.  Introduction to machine learning , 2004, Adaptive computation and machine learning.

[14]  Christian Rossow,et al.  Exit from Hell? Reducing the Impact of Amplification DDoS Attacks , 2014, USENIX Security Symposium.

[15]  Yuval Elovici,et al.  N-BaIoT—Network-Based Detection of IoT Botnet Attacks Using Deep Autoencoders , 2018, IEEE Pervasive Computing.

[16]  Dimitri Konstantas,et al.  A Comprehensive IoT Attacks Survey based on a Building-blocked Reference Model , 2018 .

[17]  Saman Taghavi Zargar,et al.  A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks , 2013, IEEE Communications Surveys & Tutorials.

[18]  Longfei Wu,et al.  A Survey on Security and Privacy Issues in Internet-of-Things , 2017, IEEE Internet of Things Journal.

[19]  Jinjun Chen,et al.  A confidence-based filtering method for DDoS attack defense in cloud environment , 2013, Future Gener. Comput. Syst..

[20]  Ron Kohavi,et al.  Supervised and Unsupervised Discretization of Continuous Features , 1995, ICML.

[21]  B. B. Gupta,et al.  A DDoS attack mitigation framework for internet of things , 2017, 2017 International Conference on Communication and Signal Processing (ICCSP).

[22]  Angelo Spognardi,et al.  DDoS-Capable IoT Malwares: Comparative Analysis and Mirai Investigation , 2018, Secur. Commun. Networks.

[23]  Biplab Sikdar,et al.  Mitigating loT Device based DDoS Attacks using Blockchain , 2018, CRYBLOCK@MobiSys.

[24]  Ruby B. Lee,et al.  Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures , 2004, PDCS.

[25]  Razvan Deaconescu,et al.  Detecting and Analyzing Zero-Day Attacks Using Honeypots , 2013, 2013 19th International Conference on Control Systems and Computer Science.

[26]  Rafal Rohozinski,et al.  Stuxnet and the Future of Cyber War , 2011 .

[27]  Philippe Owezarski,et al.  Unsupervised Network Intrusion Detection Systems: Detecting the Unknown without Knowledge , 2012, Comput. Commun..

[28]  Esraa Alomari,et al.  Botnet-based Distributed Denial of Service (DDoS) Attacks on Web Servers: Classification and Art , 2012, ArXiv.

[29]  Niraj K. Jha,et al.  A Comprehensive Study of Security of Internet-of-Things , 2017, IEEE Transactions on Emerging Topics in Computing.

[30]  Barbara Carminati,et al.  AutoBotCatcher: Blockchain-Based P2P Botnet Detection for the Internet of Things , 2018, 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC).

[31]  Farzan Majdani,et al.  Towards Situational Awareness of Botnet Activity in the Internet of Things , 2018, 2018 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA).

[32]  Hyoungshick Kim,et al.  Security and Privacy Challenges in the Internet of Things [Security and Privacy Matters] , 2017, IEEE Consumer Electronics Magazine.

[33]  Eleonora Borgia,et al.  The Internet of Things vision: Key features, applications and open issues , 2014, Comput. Commun..

[34]  Aikaterini Mitrokotsa,et al.  DDoS attacks and defense mechanisms: classification and state-of-the-art , 2004, Comput. Networks.

[35]  Robert Green,et al.  Communication security in internet of thing: preventive measure and avoid DDoS attack over IoT network , 2015, SpringSim.

[36]  Stuart Harvey Rubin,et al.  Distributed denial of service attacks , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[37]  B. B. Gupta,et al.  Economic incentive based solution against distributed denial of service attacks for IoT customers , 2018, 2018 IEEE International Conference on Consumer Electronics (ICCE).

[38]  Daniele Miorandi,et al.  REATO: REActing TO Denial of Service attacks in the Internet of Things , 2018, Comput. Networks.

[39]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[40]  Yao Zheng,et al.  DDoS attack protection in the era of cloud computing and Software-Defined Networking , 2015, Comput. Networks.

[41]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[42]  Andrei Petrovski,et al.  Botnet Detection in the Internet of Things using Deep Learning Approaches , 2018, 2018 International Joint Conference on Neural Networks (IJCNN).

[43]  James A. Jerkins Motivating a market or regulatory solution to IoT insecurity with the Mirai botnet code , 2017, 2017 IEEE 7th Annual Computing and Communication Workshop and Conference (CCWC).

[44]  B. B. Gupta,et al.  Risk transfer mechanism to defend DDoS attacks in IoT scenario , 2017, 2017 IEEE International Symposium on Consumer Electronics (ISCE).

[45]  Hardik Upadhyay,et al.  An Approach to Secure Internet of Things Against DDoS , 2016 .

[46]  Alessandro Bassi,et al.  From today's INTRAnet of things to a future INTERnet of things: a wireless- and mobility-related view , 2010, IEEE Wireless Communications.

[47]  Jelena Mirkovic,et al.  Attacking DDoS at the source , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[48]  Raouf Boutaba,et al.  FireCol: A Collaborative Protection Network for the Detection of Flooding DDoS Attacks , 2012, IEEE/ACM Transactions on Networking.

[49]  Luying Zhou,et al.  A fog computing based approach to DDoS mitigation in IIoT systems , 2019, Comput. Secur..

[50]  Ankur Lohachab,et al.  Critical Analysis of DDoS—An Emerging Security Threat over IoT Networks , 2018, Journal of Communications and Information Networks.

[51]  Hyoungshick Kim,et al.  DDoS Attack Mitigation in Internet of Things Using Software Defined Networking , 2017, 2017 IEEE Third International Conference on Big Data Computing Service and Applications (BigDataService).

[52]  Jun Li,et al.  Source-End DDoS Defense in IoT Environments , 2017, IoT S&P@CCS.

[53]  P. Venkata Krishna,et al.  A Learning Automata Based Solution for Preventing Distributed Denial of Service in Internet of Things , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[54]  Sharath Chandra Guntuku,et al.  Big Data Analytics framework for Peer-to-Peer Botnet detection using Random Forests , 2014, Inf. Sci..

[55]  Gyungho Lee,et al.  DDoS Attack Detection and Wavelets , 2005, Telecommun. Syst..