Abstract
Nowadays, the Internet of Things (IoT) has developed rapidly and changed people’s life into a more convenient style. However, a huge number of vulnerable IoT devices are exploited to constitute botnet by many attackers, which forms a serious problem for network security. To solve it, we propose a novel detection and mitigation mechanism. In our method, we use Software Defined Networking (SDN), a promising network architecture, for dropping malicious traffic in propagation path to avoid avalanche effect on the victim server in the traditional network. For the existing works, a lot of time and resources are wasted in using the controller of SDN to detect attacks. Unlike them, we take the features of IoT traffic into consideration and utilize the edge computing to provide local services by putting detection and mitigation method into the OpenFlow (OF) switches of IoT. This achieves a distributed anomaly detection to detect and respond IoT-based DDoS attacks in real time, and avoids the overload of the controller. Machine learning is used in the OF switches with around 99% precision. Experimental results demonstrate that our method is capable to mitigate IoT-based DDoS attacks in a short time.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Pettey, C.: The Internet of Things and the Enterprise. Gartner, August 2015
HP Enterprise: Internet of things research study -2015 report, vol. 2 (2015). http://www8.hp.com
Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80–84 (2017)
Bhunia, S.S., Gurusamy, M.: Dynamic attack detection and mitigation in IoT using SDN. In: 2017 27th International Telecommunication Networks and Applications Conference (ITNAC), pp. 1–6. IEEE, November 2017
Yin, D., Zhang, L., Yang, K.: A DDoS attack detection and mitigation with software-defined internet of things framework. IEEE Access 6, 24694–24705 (2018)
Wang, R., Jia, Z., Ju, L.: An entropy-based distributed DDoS detection mechanism in software-defined networking. In: 2015 IEEE Trustcom/BigDataSE/ISPA, vol. 1, pp. 310–317. IEEE, August 2015
Ahmed, M.E., Kim, H., Park, M.: Mitigating DNS query-based DDoS attacks with machine learning on software-defined networking. In: MILCOM 2017–2017 IEEE Military Communications Conference (MILCOM), pp. 11–16. IEEE, October 2017
Braga, R., Mota, E., Passito, A.: Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: IEEE Local Computer Network Conference, pp. 408–415. IEEE, October 2010
Zheng, J., Li, Q., Gu, G., Cao, J., Yau, D.K., Wu, J.: Realtime DDoS defense using COTS SDN switches via adaptive correlation analysis. IEEE Trans. Inf. Forensics Secur. 13(7), 1838–1853 (2018)
Yan, Q., Huang, W., Luo, X., Gong, Q., Yu, F.R.: A multi-level DDoS mitigation framework for the industrial internet of things. IEEE Commun. Mag. 56(2), 30–36 (2018)
Hyun, D., Kim, J., Hong, D., Jeong, J.P.: SDN-based network security functions for effective DDoS attack mitigation. In: 2017 International Conference on Information and Communication Technology Convergence (ICTC), pp. 834–839. IEEE, October 2017
Shin, S., Yegneswaran, V., Porras, P., Gu, G.: Avant-guard: scalable and vigilant switch flow management in software-defined networks. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 413–424. ACM, November 2013
Ahmed, M.E., Kim, H.: DDoS attack mitigation in Internet of Things using software defined networking. In: 2017 IEEE Third International Conference on Big Data Computing Service and Applications (BigDataService), pp. 271–276. IEEE, April 2017
sFlow. http://www.sflow.org/
Cisco NetFlow. http://www.cisco.com/go/netflow
Dolui, K., Datta, S.K.: Comparison of edge computing implementations: fog computing, cloudlet and mobile edge computing. In: 2017 Global Internet of Things Summit (GIoTS), pp. 1–6. IEEE, June 2017
Doshi, R., Apthorpe, N., Feamster, N.: Machine learning DDoS detection for consumer internet of things devices. In: 2018 IEEE Security and Privacy Workshops (SPW), pp. 29–35. IEEE, May 2018
Summerville, D.H., Zach, K.M., Chen, Y.: Ultra-lightweight deep packet anomaly detection for internet of things devices. In: 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC), pp. 1–8. IEEE, December 2015
Sedjelmaci, H., Senouci, S.M., Al-Bahri, M.: A lightweight anomaly detection technique for low-resource IoT devices: a game-theoretic methodology. In: 2016 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE, May 2016
Özçelik, M., Chalabianloo, N., Gür, G.: Software-defined edge defense against IoT-based DDoS. In: 2017 IEEE International Conference on Computer and Information Technology (CIT), pp. 308–313. IEEE, August 2017
Schechter, S.E., Jung, J., Berger, A.W.: Fast detection of scanning worm infections. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol. 3224, pp. 59–81. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30143-1_4
Williamson, M.M.: Throttling viruses: restricting propagation to defeat malicious mobile code. In: 18th Annual Computer Security Applications Conference 2002 Proceedings, pp. 61–68. IEEE (2002)
Meidan, Y., et al.: N-BaIoT—network-based detection of IoT Botnet attacks using deep autoencoders. IEEE Pervasive Comput. 17(3), 12–22 (2018)
Mininet. http://mininet.org/
Zhao, J.: Analysis of the characteristics of M2 M traffic. Master’s thesis, Southwest Jiaotong University (2014)
Hou, S., Tan, X.: Research and analysis of traffic characteristics of typical internet of things. Internet Things Technol. 7(6), 40–42 (2017)
Botta, A., Dainotti, A., Pescapé, A.: A tool for the generation of realistic network workload for emerging networking scenarios. Comput. Netw. 56(15), 3531–3547 (2012)
Kang, M.S., Lee, S.B., Gligor, V.D.: The crossfire attack. In: 2013 IEEE Symposium on Security and Privacy, pp. 127–141. IEEE. May 2013
Rasti, R., Murthy, M., Weaver, N., Paxson, V.: Temporal lensing and its application in pulsing denial-of-service attacks. In: 2015 IEEE Symposium on Security and Privacy, pp. 187–198. IEEE, May 2015
Acknowledgements.
This work was supported in part by the Natural Science Foundation of China under Grants 61672092, in part by the Fundamental Research Funds for the Central Universities of China under Grants 2018JBZ103 and Major Scientific, and in part by the Technological Innovation Projects of Shandong Province, China (No. 2019JZZY020128).
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Yang, Y., Wang, J., Zhai, B., Liu, J. (2019). IoT-Based DDoS Attack Detection and Mitigation Using the Edge of SDN. In: Vaidya, J., Zhang, X., Li, J. (eds) Cyberspace Safety and Security. CSS 2019. Lecture Notes in Computer Science(), vol 11983. Springer, Cham. https://doi.org/10.1007/978-3-030-37352-8_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-37352-8_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-37351-1
Online ISBN: 978-3-030-37352-8
eBook Packages: Computer ScienceComputer Science (R0)