Skip to main content
SpringerLink
Log in

IoT-Based DDoS Attack Detection and Mitigation Using the Edge of SDN

  • Conference paper
  • First Online:
Cyberspace Safety and Security (CSS 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11983))

Included in the following conference series:

Abstract

Nowadays, the Internet of Things (IoT) has developed rapidly and changed people’s life into a more convenient style. However, a huge number of vulnerable IoT devices are exploited to constitute botnet by many attackers, which forms a serious problem for network security. To solve it, we propose a novel detection and mitigation mechanism. In our method, we use Software Defined Networking (SDN), a promising network architecture, for dropping malicious traffic in propagation path to avoid avalanche effect on the victim server in the traditional network. For the existing works, a lot of time and resources are wasted in using the controller of SDN to detect attacks. Unlike them, we take the features of IoT traffic into consideration and utilize the edge computing to provide local services by putting detection and mitigation method into the OpenFlow (OF) switches of IoT. This achieves a distributed anomaly detection to detect and respond IoT-based DDoS attacks in real time, and avoids the overload of the controller. Machine learning is used in the OF switches with around 99% precision. Experimental results demonstrate that our method is capable to mitigate IoT-based DDoS attacks in a short time.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Pettey, C.: The Internet of Things and the Enterprise. Gartner, August 2015

    Google Scholar 

  2. HP Enterprise: Internet of things research study -2015 report, vol. 2 (2015). http://www8.hp.com

  3. Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80–84 (2017)

    Article  Google Scholar 

  4. Bhunia, S.S., Gurusamy, M.: Dynamic attack detection and mitigation in IoT using SDN. In: 2017 27th International Telecommunication Networks and Applications Conference (ITNAC), pp. 1–6. IEEE, November 2017

    Google Scholar 

  5. Yin, D., Zhang, L., Yang, K.: A DDoS attack detection and mitigation with software-defined internet of things framework. IEEE Access 6, 24694–24705 (2018)

    Article  Google Scholar 

  6. Wang, R., Jia, Z., Ju, L.: An entropy-based distributed DDoS detection mechanism in software-defined networking. In: 2015 IEEE Trustcom/BigDataSE/ISPA, vol. 1, pp. 310–317. IEEE, August 2015

    Google Scholar 

  7. Ahmed, M.E., Kim, H., Park, M.: Mitigating DNS query-based DDoS attacks with machine learning on software-defined networking. In: MILCOM 2017–2017 IEEE Military Communications Conference (MILCOM), pp. 11–16. IEEE, October 2017

    Google Scholar 

  8. Braga, R., Mota, E., Passito, A.: Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: IEEE Local Computer Network Conference, pp. 408–415. IEEE, October 2010

    Google Scholar 

  9. Zheng, J., Li, Q., Gu, G., Cao, J., Yau, D.K., Wu, J.: Realtime DDoS defense using COTS SDN switches via adaptive correlation analysis. IEEE Trans. Inf. Forensics Secur. 13(7), 1838–1853 (2018)

    Article  Google Scholar 

  10. Yan, Q., Huang, W., Luo, X., Gong, Q., Yu, F.R.: A multi-level DDoS mitigation framework for the industrial internet of things. IEEE Commun. Mag. 56(2), 30–36 (2018)

    Article  Google Scholar 

  11. Hyun, D., Kim, J., Hong, D., Jeong, J.P.: SDN-based network security functions for effective DDoS attack mitigation. In: 2017 International Conference on Information and Communication Technology Convergence (ICTC), pp. 834–839. IEEE, October 2017

    Google Scholar 

  12. Shin, S., Yegneswaran, V., Porras, P., Gu, G.: Avant-guard: scalable and vigilant switch flow management in software-defined networks. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 413–424. ACM, November 2013

    Google Scholar 

  13. Ahmed, M.E., Kim, H.: DDoS attack mitigation in Internet of Things using software defined networking. In: 2017 IEEE Third International Conference on Big Data Computing Service and Applications (BigDataService), pp. 271–276. IEEE, April 2017

    Google Scholar 

  14. sFlow. http://www.sflow.org/

  15. Cisco NetFlow. http://www.cisco.com/go/netflow

  16. Dolui, K., Datta, S.K.: Comparison of edge computing implementations: fog computing, cloudlet and mobile edge computing. In: 2017 Global Internet of Things Summit (GIoTS), pp. 1–6. IEEE, June 2017

    Google Scholar 

  17. Doshi, R., Apthorpe, N., Feamster, N.: Machine learning DDoS detection for consumer internet of things devices. In: 2018 IEEE Security and Privacy Workshops (SPW), pp. 29–35. IEEE, May 2018

    Google Scholar 

  18. Summerville, D.H., Zach, K.M., Chen, Y.: Ultra-lightweight deep packet anomaly detection for internet of things devices. In: 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC), pp. 1–8. IEEE, December 2015

    Google Scholar 

  19. Sedjelmaci, H., Senouci, S.M., Al-Bahri, M.: A lightweight anomaly detection technique for low-resource IoT devices: a game-theoretic methodology. In: 2016 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE, May 2016

    Google Scholar 

  20. Özçelik, M., Chalabianloo, N., Gür, G.: Software-defined edge defense against IoT-based DDoS. In: 2017 IEEE International Conference on Computer and Information Technology (CIT), pp. 308–313. IEEE, August 2017

    Google Scholar 

  21. Schechter, S.E., Jung, J., Berger, A.W.: Fast detection of scanning worm infections. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol. 3224, pp. 59–81. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30143-1_4

    Chapter  Google Scholar 

  22. Williamson, M.M.: Throttling viruses: restricting propagation to defeat malicious mobile code. In: 18th Annual Computer Security Applications Conference 2002 Proceedings, pp. 61–68. IEEE (2002)

    Google Scholar 

  23. Meidan, Y., et al.: N-BaIoT—network-based detection of IoT Botnet attacks using deep autoencoders. IEEE Pervasive Comput. 17(3), 12–22 (2018)

    Article  Google Scholar 

  24. Mininet. http://mininet.org/

  25. Zhao, J.: Analysis of the characteristics of M2 M traffic. Master’s thesis, Southwest Jiaotong University (2014)

    Google Scholar 

  26. Hou, S., Tan, X.: Research and analysis of traffic characteristics of typical internet of things. Internet Things Technol. 7(6), 40–42 (2017)

    Google Scholar 

  27. Botta, A., Dainotti, A., Pescapé, A.: A tool for the generation of realistic network workload for emerging networking scenarios. Comput. Netw. 56(15), 3531–3547 (2012)

    Article  Google Scholar 

  28. Scapy. http://www.secdev.org/projects/scapy/

  29. Kang, M.S., Lee, S.B., Gligor, V.D.: The crossfire attack. In: 2013 IEEE Symposium on Security and Privacy, pp. 127–141. IEEE. May 2013

    Google Scholar 

  30. Rasti, R., Murthy, M., Weaver, N., Paxson, V.: Temporal lensing and its application in pulsing denial-of-service attacks. In: 2015 IEEE Symposium on Security and Privacy, pp. 187–198. IEEE, May 2015

    Google Scholar 

Download references

Acknowledgements.

This work was supported in part by the Natural Science Foundation of China under Grants 61672092, in part by the Fundamental Research Funds for the Central Universities of China under Grants 2018JBZ103 and Major Scientific, and in part by the Technological Innovation Projects of Shandong Province, China (No. 2019JZZY020128).

Author information

Authors and Affiliations

  1. Beijing Jiaotong University, Beijing, China

    Yinqi Yang, Jian Wang, Baoqin Zhai & Jiqiang Liu

Authors
  1. Yinqi Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jian Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Baoqin Zhai
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jiqiang Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Yinqi Yang or Jian Wang .

Editor information

Editors and Affiliations

  1. Rutgers University, Newark, NJ, USA

    Jaideep Vaidya

  2. Beihang University, Beijing, China

    Xiao Zhang

  3. Guangzhou University, Guangzhou, China

    Jin Li

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yang, Y., Wang, J., Zhai, B., Liu, J. (2019). IoT-Based DDoS Attack Detection and Mitigation Using the Edge of SDN. In: Vaidya, J., Zhang, X., Li, J. (eds) Cyberspace Safety and Security. CSS 2019. Lecture Notes in Computer Science(), vol 11983. Springer, Cham. https://doi.org/10.1007/978-3-030-37352-8_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-37352-8_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-37351-1

  • Online ISBN: 978-3-030-37352-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation