Improving Detection Accuracy in Group Testing-Based Identification of Misbehaving Data Sources

Internet of Things (IoT) is an emerging field of research, in which heterogeneous objects effectively communicate with each other over the Internet and each object has a unique address. The fact that objects can access each other makes security a major issue. One of the serious security threats is Denial-of-Service (DoS) attack. DoS attacks overwhelm their victims with fake requests to consume their resources so that they become incapable of serving their legitimate clients. One category of proposed DoS defense techniques uses the Group Testing theory for detecting the identities of DoS attackers among the client group quickly and with low state overhead. In this paper, a group-testing-based DoS defense algorithm, namely Live Baiting, is tested in action. A concrete implementation is used to verify the algorithm's feasibility, effectiveness and weaknesses. The algorithm is modified by introducing dynamic threshold and tolerance degree to enhance its accuracy. Under a high volume of HTTP traffic, the modified algorithm exhibited a detection accuracy (in terms of F-measure) that is improved by up to 300% as compared to the original algorithm.

[1]  Sherif Khattab,et al.  A defense framework against denial-of-service in computer networks , 2008 .

[2]  Stefan Savage,et al.  Inferring Internet denial-of-service activity , 2001, TOCS.

[3]  Hung-Lin Fu,et al.  Threshold Group Testing on Inhibitor Model , 2013, J. Comput. Biol..

[4]  Rami G. Melhem,et al.  Live Baiting for Service-Level DoS Attackers , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[5]  Michael Weber,et al.  Protecting web servers from distributed denial of service attacks , 2001, WWW '01.

[6]  Jelena Mirkovic,et al.  Distributed Defense Against DDoS Attacks , 2004 .

[7]  Avi Goldfarb,et al.  Why Do Denial of Service Attacks Reduce Future Visits? Switching Costs vs. Changing Preferences , 2005, WEIS.

[8]  Rolf H. Weber,et al.  Internet of Things - New security and privacy challenges , 2010, Comput. Law Secur. Rev..

[9]  Khaled Elleithy,et al.  Denial of Service Attack Techniques: Analysis, Implementation and Comparison , 2005 .

[10]  Taieb Znati,et al.  Detecting Application Denial-of-Service Attacks: A Group-Testing-Based Approach , 2010, IEEE Transactions on Parallel and Distributed Systems.

[11]  Andrew B. Whinston,et al.  Defeating distributed denial of service attacks , 2000 .

[12]  Ding-Zhu Du,et al.  A survey on combinatorial group testing algorithms with applications to DNA Library Screening , 1999, Discrete Mathematical Problems with Medical Applications.

[13]  R. Dorfman The Detection of Defective Members of Large Populations , 1943 .

[14]  Lida Xu,et al.  The internet of things: a survey , 2014, Information Systems Frontiers.

[15]  Shruti Patil,et al.  A Survey of the Internet of Things , 2016 .

[16]  Chen Eric Yi-Hua,et al.  Defending against distributed denial of service attacks , 2005 .

[17]  Shusen Yang,et al.  A survey on the ietf protocol suite for the internet of things: standards, challenges, and opportunities , 2013, IEEE Wireless Communications.

[18]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.