Showing papers on "Denial-of-service attack published in 2022"

Security-Based Fuzzy Control for Nonlinear Networked Control Systems With DoS Attacks via a Resilient Event-Triggered Scheme

Abstract: This article studies the issue of resilient event-triggered (RET)-based security controller design for nonlinear networked control systems (NCSs) described by interval type-2 (IT2) fuzzy models subject to nonperiodic denial of service (DoS) attacks. Under the nonperiodic DoS attacks, the state error caused by the packets loss phenomenon is transformed into an uncertain variable in the designed event-triggered condition. Then, an RET strategy based on the uncertain event-triggered variable is firstly proposed for the nonlinear NCSs. The existing results that utilized the hybrid triggered scheme have the defect of complex control structure, and most of the security compensation methods for handling the impacts caused by DoS attacks need to transmit some compensation data when the DoS attacks disappear, which may lead to large performance loss of the systems. Different from these existing results, the proposed RET strategy can transmit the necessary packets to the controller under nonperiodic DoS attacks to reduce the performance loss of the systems and a new security controller subject to the RET scheme and mismatched membership functions is designed to simplify the network control structure under DoS attacks. Finally, some simulation results are utilized to testify the advantages of the presented approach.

Event-Triggered <i>H_∞ </i> Filtering for T–S Fuzzy-Model-Based Nonlinear Networked Systems With Multisensors Against DoS Attacks

Abstract: This article focuses on the problem of resilient H∞ filtering for Takagi-Sugeno fuzzy-model-based nonlinear networked systems with multisensors. A weighted fusion approach is adopted before information from multisensors is transmitted over the network. A novel event-triggered mechanism is proposed, which allows us not only to reduce the data-releasing rate but also to prevent abnormal data being potentially transmitted over the network due to sensor measurement or other practical factors. The problem of denial-of-service (DoS) attacks, which often occurs in a communication network, is also considered, where the DoS attack model is based on an assumption that the periodic attack includes active periods and sleeping periods. By employing the idea of the switching model for filtering error systems to deal with DoS attacks, sufficient conditions are derived to guarantee that the filtering error system is exponentially stable. Simulation results are given to demonstrate the effectiveness of the theoretical analysis and design method.

Distributed Resilient Secondary Control for DC Microgrids Against Heterogeneous Communication Delays and DoS Attacks

Abstract: In this article, a cooperative resilient control method for dc microgrid (MG) is proposed to dispel the adverse influences of both communication delays and denial-of-service (DoS) attacks. To avoid that the sampling period is captured by intelligent attackers, a new time-varying sampling period, and an improved communication mechanism are first introduced under the sampling control framework. Based on the designed sampling period and communication mechanism, a resilient secondary controller is designed. It is theoretically shown that the developed method can achieve the goals of bus voltage restoration and current sharing even in the presence of both DoS attacks and heterogeneous communication delays. Finally, a dc MG test system is built in a controller-hardware-in-the-loop testing platform to illustrate and verify the effectiveness of our developed method against both communication delays and DoS attacks.

Learning-Based Methods for Cyber Attacks Detection in IoT Systems: A Survey on Methods, Analysis, and Future Prospects

Abstract: Internet of Things (IoT) is a developing technology that provides the simplicity and benefits of exchanging data with other devices using the cloud or wireless networks. However, the changes and developments in the IoT environment are making IoT systems susceptible to cyber attacks which could possibly lead to malicious intrusions. The impacts of these intrusions could lead to physical and economical damages. This article primarily focuses on the IoT system/framework, the IoT, learning-based methods, and the difficulties faced by the IoT devices or systems after the occurrence of an attack. Learning-based methods are reviewed using different types of cyber attacks, such as denial-of-service (DoS), distributed denial-of-service (DDoS), probing, user-to-root (U2R), remote-to-local (R2L), botnet attack, spoofing, and man-in-the-middle (MITM) attacks. For learning-based methods, both machine and deep learning methods are presented and analyzed in relation to the detection of cyber attacks in IoT systems. A comprehensive list of publications to date in the literature is integrated to present a complete picture of various developments in this area. Finally, future research directions are also provided in the paper.

Learning-Based Distributed Resilient Fault-Tolerant Control Method for Heterogeneous MASs Under Unknown Leader Dynamic

Abstract: In this article, we consider the distributed fault-tolerant resilient consensus problem for heterogeneous multiagent systems (MASs) under both physical failures and network denial-of-service (DoS) attacks. Different from the existing consensus results, the dynamic model of the leader is unknown for all followers in this article. To learn this unknown dynamic model under the influence of DoS attacks, a distributed resilient learning algorithm is proposed by using the idea of data-driven. Based on the learned dynamic model of the leader, a distributed resilient estimator is designed for each agent to estimate the states of the leader. Then, a new adaptive fault-tolerant resilient controller is designed to resist the effect of physical failures and network DoS attacks. Moreover, it is shown that the consensus can be achieved with the proposed learning-based fault-tolerant resilient control method. Finally, a simulation example is provided to show the effectiveness of the proposed method.

Secure Distributed Adaptive Platooning Control of Automated Vehicles Over Vehicular Ad-Hoc Networks Under Denial-of-Service Attacks

Abstract: This article deals with the problem of secure distributed adaptive platooning control of automated vehicles over vehicular ad-hoc networks (VANETs) in the presence of intermittent denial-of-service (DoS) attacks. The platoon, which is wirelessly connected via directed vehicle-to-vehicle (V2V) communication, is composed of a group of following vehicles subject to unknown heterogeneous nonlinearities and external disturbance inputs, and a leading vehicle subject to unknown nonlinearity and external disturbance as well as an unknown control input. Under such a platoon setting, this article aims to accomplish secure distributed platoon formation tracking with the desired longitudinal spacing and the same velocities and accelerations guided by the leader regardless of the simultaneous presence of nonlinearities, uncertainties, and DoS attacks. First, a new logical data packet processor is developed on each vehicle to identify the intermittent DoS attacks via verifying the time-stamps of the received data packets. Then, a scalable distributed neural-network-based adaptive control design approach is proposed to achieve secure platooning control. It is proved that under the established design procedure, the vehicle state estimation errors and platoon tracking errors can be regulated to reside in small neighborhoods around zero. Finally, comparative simulation studies are provided to substantiate the effectiveness and merits of the proposed control design approach on maintaining the desired platooning performance and attack tolerance.

Observer-Based Event-Triggered Containment Control for MASs Under DoS Attacks

Abstract: This article studies the observer-based event-triggered containment control problem for linear multiagent systems (MASs) under denial-of-service (DoS) attacks. In order to deal with situations where MASs states are unmeasurable, an improved separation method-based observer design method with less conservativeness is proposed to estimate MASs states. To save communication resources and achieve the containment control objective, a novel observer-based event-triggered containment controller design method based on observer states is proposed for MASs under the influence of DoS attacks, which can make the MASs resilient to DoS attacks. In addition, the Zeno behavior can be eliminated effectively by introducing a positive constant into the designed event-triggered mechanism. Finally, a practical example is presented to illustrate the effectiveness of the designed observer and the event-triggered containment controller.

Boosting-Based DDoS Detection in Internet of Things Systems

Abstract: Distributed Denial-of-Service (DDoS) attacks remain challenging to mitigate in the existing systems, including in-home networks that comprise different Internet of Things (IoT) devices. In this article, we present a DDoS traffic detection model that uses a boosting method of logistic model trees for different IoT device classes. Specifically, a different version of the model will be generated and applied for each device class since the characteristics of the network traffic from each device class may have subtle variation(s). As a case study, we explain how devices in a typical smart home environment can be categorized into four different classes (and in our context, Class 1—very high level of traffic predictability, Class 2—high level of traffic predictability, Class 3—medium level of traffic predictability, and Class 4—low level of traffic predictability). Findings from our evaluations show that the accuracy of our proposed approach is between 99.92% and 99.99% for these four device classes. In other words, we demonstrate that we can use device classes to help us more effectively detect DDoS traffic.

A Game-Theoretical Approach for Mitigating Edge DDoS Attack

Abstract: Edge computing (EC) is an emerging paradigm that extends cloud computing by pushing computing resources onto edge servers that are attached to base stations or access points at the edge of the cloud in close proximity with end-users. Due to edge servers’ geographic distribution, the EC paradigm is challenged by many new security threats, including the notorious distributed Denial-of-Service (DDoS) attack. In the EC environment, edge servers usually have constrained processing capacities due to their limited sizes. Thus, they are particularly vulnerable to DDoS attacks. DDoS attacks in the EC environment render existing DDoS mitigation approaches obsolete with its new characteristics. In this article, we make the first attempt to tackle the edge DDoS mitigation (EDM) problem. We model it as a constraint optimization problem and prove its $\mathcal {NP}$ -hardness. To solve this problem, we propose an optimal approach named EDMOpti and a novel game-theoretical approach named EDMGame for mitigating edge DDoS attacks. EDMGame formulates the EDM problem as a potential EDM Game that admits a Nash equilibrium and employs a decentralized algorithm to find the Nash equilibrium as the solution to the EDM problem. Through theoretical analysis and experimental evaluation, we demonstrate that our approaches can solve the EDM problem effectively and efficiently.

H ∞ state estimation for memristive neural networks with randomly occurring DoS attacks

Abstract: This study deals with the problem of the state estimation for discrete-time memristive neural networks with time-varying delays, where the output is subject to randomly occurring denial-of-service attacks. The average dwell time is used to describe the attack rules, which makes the randomly occurring denial-of-service attack more universal. The main purpose of the addressed issue is to contribute with a state estimation method, so that the dynamics of the error system is exponentially mean-square stable and satisfies a prescribed disturbance attenuation level. Sufficient conditions for the solvability of such a problem are established by employing the Lyapunov function and stochastic analysis techniques. Estimator gain is described explicitly in terms of certain linear matrix inequalities. Finally, the effectiveness of the proposed state estimation scheme is proved by a numerical example.

Detection of Distributed Denial of Service (DDoS) Attacks in IOT Based Monitoring System of Banking Sector Using Machine Learning Models

Abstract: Cyberattacks can trigger power outages, military equipment problems, and breaches of confidential information, i.e., medical records could be stolen if they get into the wrong hands. Due to the great monetary worth of the data it holds, the banking industry is particularly at risk. As the number of digital footprints of banks grows, so does the attack surface that hackers can exploit. This paper aims to detect distributed denial-of-service (DDOS) attacks on financial organizations using the Banking Dataset. In this research, we have used multiple classification models for the prediction of DDOS attacks. We have added some complexity to the architecture of generic models to enable them to perform well. We have further applied a support vector machine (SVM), K-Nearest Neighbors (KNN) and random forest algorithms (RF). The SVM shows an accuracy of 99.5%, while KNN and RF scored an accuracy of 97.5% and 98.74%, respectively, for the detection of (DDoS) attacks. Upon comparison, it has been concluded that the SVM is more robust as compared to KNN, RF and existing machine learning (ML) and deep learning (DL) approaches.

Adaptive Machine Learning Based Distributed Denial-of-Services Attacks Detection and Mitigation System for SDN-Enabled IoT

Abstract: The development of smart network infrastructure of the Internet of Things (IoT) faces the immense threat of sophisticated Distributed Denial-of-Services (DDoS) security attacks. The existing network security solutions of enterprise networks are significantly expensive and unscalable for IoT. The integration of recently developed Software Defined Networking (SDN) reduces a significant amount of computational overhead for IoT network devices and enables additional security measurements. At the prelude stage of SDN-enabled IoT network infrastructure, the sampling based security approach currently results in low accuracy and low DDoS attack detection. In this paper, we propose an Adaptive Machine Learning based SDN-enabled Distributed Denial-of-Services attacks Detection and Mitigation (AMLSDM) framework. The proposed AMLSDM framework develops an SDN-enabled security mechanism for IoT devices with the support of an adaptive machine learning classification model to achieve the successful detection and mitigation of DDoS attacks. The proposed framework utilizes machine learning algorithms in an adaptive multilayered feed-forwarding scheme to successfully detect the DDoS attacks by examining the static features of the inspected network traffic. In the proposed adaptive multilayered feed-forwarding framework, the first layer utilizes Support Vector Machine (SVM), Naive Bayes (NB), Random Forest (RF), k-Nearest Neighbor (kNN), and Logistic Regression (LR) classifiers to build a model for detecting DDoS attacks from the training and testing environment-specific datasets. The output of the first layer passes to an Ensemble Voting (EV) algorithm, which accumulates the performance of the first layer classifiers. In the third layer, the adaptive frameworks measures the real-time live network traffic to detect the DDoS attacks in the network traffic. The proposed framework utilizes a remote SDN controller to mitigate the detected DDoS attacks over Open Flow (OF) switches and reconfigures the network resources for legitimate network hosts. The experimental results show the better performance of the proposed framework as compared to existing state-of-the art solutions in terms of higher accuracy of DDoS detection and low false alarm rate.

Stochastic Event-Triggered <i>H</i>∞ Control for Networked Systems Under Denial of Service Attacks

Abstract: This article presents a novel stochastic event-triggered communication scheme (SETS) and a switching-like $H_{\infty }$ control method for networked control systems (NCSs) through an open bandwidth-limited network. To overcome the stochastic Denial of Service (DoS) attacks and save the limited network resource, a SETS is first proposed to decrease the number of packets transmitted while considering the malicious DoS attacks. Compared with the existing event-triggered schemes under a precondition that all triggered packets must be successfully transmitted, the proposed SETS has outstanding flexibility since it allows part event-triggered packets to be lost during the communication process. To fully use the dynamic features of communication in an open network, a switching-like control scheme is well designed, which can actively choose the different controller gains based on the current network Quality of Services (QoSs). Then, a networked closed-loop model is constructed, which considered both the effects of SETS and stochastic DoS attacks in a unified framework. Sufficient conditions for the existence of the switching-like controller are presented to ensure the stability of the networked control system while achieving the prescribed performance index. Gain matrices of the desired switching-like controller and the SETS parameters are reached in the light of the solutions to certain matrix inequalities. Compared with the existing time-invariant control strategy in a transmission interval, higher control performance can be expected since both the dynamic network information and the latest available state are well considered in the proposed communication and control framework. Finally, an illustrative example is given to verify the effectiveness of the proposed scheme.

Resilient Distributed Fuzzy Load Frequency Regulation for Power Systems Under Cross-Layer Random Denial-of-Service Attacks

Abstract: In this article, a novel distributed fuzzy load frequency control (LFC) approach is investigated for multiarea power systems under cross-layer attacks. The nonlinear factors existing in turbine dynamics and governor dynamics as well as the uncertain parameters therein are modeled and analyzed under the interval type-2 (IT2) Takagi-Sugeno (T-S) fuzzy framework. The cross-layer attacks threatening the stability of power systems are considered and modeled as an independent Bernoulli process, including denial-of-service (DoS) attacks in the cyber layer and phasor measurement unit (PMU) attacks in the physical layer. By using the Lyapunov theory, an area-dependent Lyapunov function is proposed and the sufficient conditions guaranteeing the system's asymptotically stability with the area control error (ACE) signals satisfying H∞ performance are deduced. In simulations, we adopt a four-area power system to verify the resiliency enhancement of the presented distributed fuzzy control strategy against random cross-layer DoS attacks. Results show that the designed resilient controller can effectively regulate the load frequency under different cross-layer DoS attack probabilities.

Deep learning approaches for detecting DDoS attacks: a systematic review

Abstract: In today's world, technology has become an inevitable part of human life. In fact, during the Covid-19 pandemic, everything from the corporate world to educational institutes has shifted from offline to online. It leads to exponential increase in intrusions and attacks over the Internet-based technologies. One of the lethal threat surfacing is the Distributed Denial of Service (DDoS) attack that can cripple down Internet-based services and applications in no time. The attackers are updating their skill strategies continuously and hence elude the existing detection mechanisms. Since the volume of data generated and stored has increased manifolds, the traditional detection mechanisms are not appropriate for detecting novel DDoS attacks. This paper systematically reviews the prominent literature specifically in deep learning to detect DDoS. The authors have explored four extensively used digital libraries (IEEE, ACM, ScienceDirect, Springer) and one scholarly search engine (Google scholar) for searching the recent literature. We have analyzed the relevant studies and the results of the SLR are categorized into five main research areas: (i) the different types of DDoS attack detection deep learning approaches, (ii) the methodologies, strengths, and weaknesses of existing deep learning approaches for DDoS attacks detection (iii) benchmarked datasets and classes of attacks in datasets used in the existing literature, and (iv) the preprocessing strategies, hyperparameter values, experimental setups, and performance metrics used in the existing literature (v) the research gaps, and future directions.

Threat Analysis and Distributed Denial of Service (DDoS) Attack Recognition in the Internet of Things (IoT)

Abstract: The Internet of Things (IoT) plays a crucial role in various sectors such as automobiles and the logistic tracking medical field because it consists of distributed nodes, servers, and software for effective communication. Although this IoT paradigm has suffered from intrusion threats and attacks that cause security and privacy issues, existing intrusion detection techniques fail to maintain reliability against the attacks. Therefore, the IoT intrusion threat has been analyzed using the sparse convolute network to contest the threats and attacks. The web is trained using sets of intrusion data, characteristics, and suspicious activities, which helps identify and track the attacks, mainly, Distributed Denial of Service (DDoS) attacks. Along with this, the network is optimized using evolutionary techniques that identify and detect the regular, error, and intrusion attempts under different conditions. The sparse network forms the complex hypotheses evaluated using neurons, and the obtained event stream outputs are propagated to further hidden layer processes. This process minimizes the intrusion involvement in IoT data transmission. Effective utilization of training patterns in the network successfully classifies the standard and threat patterns. Then, the effectiveness of the system is evaluated using experimental results and discussion. Network intrusion detection systems are superior to other types of traditional network defense in providing network security. The research applied an IGA-BP network to combat the growing challenge of Internet security in the big data era, using an autoencoder network model and an improved genetic algorithm to detect intrusions. MATLAB built it, which ensures a 98.98% detection rate and 99.29% accuracy with minimal processing complexity, and the performance ratio is 90.26%. A meta-heuristic optimizer was used in the future to increase the system’s ability to forecast attacks.

Intrusion Detection for Secure Social Internet of Things Based on Collaborative Edge Computing: A Generative Adversarial Network-Based Approach

Abstract: The Social Internet of Things (SIoT) now penetrates our daily lives. As a strategy to alleviate the escalation of resource congestion, collaborative edge computing (CEC) has become a new paradigm for solving the needs of the Internet of Things (IoT). CEC can provide computing, storage, and network connection resources for remote devices. Because the edge network is closer to the connected devices, it involves a large amount of users’ privacy. This also makes edge networks face more and more security issues, such as Denial-of-Service (DoS) attacks, unauthorized access, packet sniffing, and man-in-the-middle attacks. To combat these issues and enhance the security of edge networks, we propose a deep learning-based intrusion detection algorithm. Based on the generative adversarial network (GAN), we designed a powerful intrusion detection method. Our intrusion detection method includes three phases. First, we use the feature selection module to process the collaborative edge network traffic. Second, a deep learning architecture based on GAN is designed for intrusion detection aiming at a single attack. Finally, we propose a new intrusion detection model by combining several intrusion detection models that aim at a single attack. Intrusion detection aiming at multiple attacks is realized through the designed GAN-based deep learning architecture. Besides, we provide a comprehensive evaluation to verify the effectiveness of the proposed method.

Distributed Denial-of-Service (DDoS) Attacks and Defense Mechanisms in Various Web-Enabled Computing Platforms: Issues, Challenges, and Future Research Directions

Abstract: The demand for internet security has escalated in the last two decades because the rapid proliferation in the number of internet users has presented attackers with new detrimental opportunities. One of the simple yet powerful attacks lurking around the internet today is the distributed denial-of-service (DDoS) attack. The expeditious surge in the collaborative environments, like IoT, cloud computing, and SDN, have provided attackers with countless new avenues to benefit from the distributed nature of DDoS attacks. The attackers protect their anonymity by infecting distributed devices and utilizing them to create a bot army to constitute a large-scale attack. Thus, the development of an effective as well as efficient DDoS defense mechanism becomes an immediate goal. In this exposition, the authors present a DDoS threat analysis along with a few novel ground-breaking defense mechanisms proposed by various researchers for numerous domains. Further, they talk about popular performance metrics that evaluate the defense schemes. In the end, they list prevalent DDoS attack tools and open challenges.

Protocol-Based Deep Intrusion Detection for DoS and DDoS Attacks Using UNSW-NB15 and Bot-IoT Data-Sets

Abstract: Since its inception, the Internet of Things (IoT) has witnessed mushroom growth as a breakthrough technology. In a nutshell, IoT is the integration of devices and data such that processes are automated and centralized to a certain extent. IoT is revolutionizing the way business is done and is transforming society as a whole. As this technology advances further, the need to exploit detection and weakness awareness increases to prevent unauthorized access to critical resources and business functions, thereby rendering the system unavailable. Denial of Service (DoS) and Distributed DoS attacks are all too common. In this paper, we propose a Protocol Based Deep Intrusion Detection (PB-DID) architecture, in which we created a data-set of packets from IoT traffic by comparing features from the UNSWNB15 and Bot-IoT data-sets based on flow and Transmission Control Protocol (TCP). We classify non-anomalous, DoS, and DDoS traffic uniquely by taking care of the problems like imbalanced and over-fitting. We have achieved a classification accuracy of 96.3% by using deep learning (DL) technique.

Distributed Denial-of-Service (DDoS) Attacks and Defence Mechanisms in Various Web-enabled Computing Platforms

Abstract: The demand for Internet security has escalated in the last two decades because the rapid proliferation in the number of Internet users has presented attackers with new detrimental opportunities. One of the simple yet powerful attack, lurking around the Internet today, is the Distributed Denial-of-Service (DDoS) attack. The expeditious surge in the collaborative environments, like IoT, cloud computing and SDN, have provided attackers with countless new avenues to benefit from the distributed nature of DDoS attacks. The attackers protect their anonymity by infecting distributed devices and utilizing them to create a bot army to constitute a large-scale attack. Thus, the development of an effective as well as efficient DDoS defense mechanism becomes an immediate goal. In this exposition, we present a DDoS threat analysis along with a few novel ground-breaking defense mechanisms proposed by various researchers for numerous domains. Further, we talk about popular performance metrics that evaluate the defense schemes. In the end, we list prevalent DDoS attack tools and open challenges.

HDL-IDS: A Hybrid Deep Learning Architecture for Intrusion Detection in the Internet of Vehicles

Abstract: Internet of Vehicles (IoV) is an application of the Internet of Things (IoT) network that connects smart vehicles to the internet, and vehicles with each other. With the emergence of IoV technology, customers have placed great attention on smart vehicles. However, the rapid growth of IoV has also caused many security and privacy challenges that can lead to fatal accidents. To reduce smart vehicle accidents and detect malicious attacks in vehicular networks, several researchers have presented machine learning (ML)-based models for intrusion detection in IoT networks. However, a proficient and real-time faster algorithm is needed to detect malicious attacks in IoV. This article proposes a hybrid deep learning (DL) model for cyber attack detection in IoV. The proposed model is based on long short-term memory (LSTM) and gated recurrent unit (GRU). The performance of the proposed model is analyzed by using two datasets—a combined DDoS dataset that contains CIC DoS, CI-CIDS 2017, and CSE-CIC-IDS 2018, and a car-hacking dataset. The experimental results demonstrate that the proposed algorithm achieves higher attack detection accuracy of 99.5% and 99.9% for DDoS and car hacks, respectively. The other performance scores, precision, recall, and F1-score, also verify the superior performance of the proposed framework.

Blockchain Based Solutions to Mitigate Distributed Denial of Service (DDoS) Attacks in the Internet of Things (IoT): A Survey

Abstract: Internet of Things (IoT) devices are widely used in many industries including smart cities, smart agriculture, smart medical, smart logistics, etc. However, Distributed Denial of Service (DDoS) attacks pose a serious threat to the security of IoT. Attackers can easily exploit the vulnerabilities of IoT devices and control them as part of botnets to launch DDoS attacks. This is because IoT devices are resource-constrained with limited memory and computing resources. As an emerging technology, Blockchain has the potential to solve the security issues in IoT. Therefore, it is important to analyse various Blockchain-based solutions to mitigate DDoS attacks in IoT. In this survey, a detailed survey of various Blockchain-based solutions to mitigate DDoS attacks in IoT is carried out. First, we discuss how the IoT networks are vulnerable to DDoS attacks, its impact over IoT networks and associated services, the use of Blockchain as a potential technology to address DDoS attacks, in addition to challenges of Blockchain implementation in IoT. We then discuss various existing Blockchain-based solutions to mitigate the DDoS attacks in the IoT environment. Then, we classify existing Blockchain-based solutions into four categories i.e., Distributed Architecture-based solutions, Access Management-based solutions, Traffic Control-based solutions and the Ethereum Platform-based solutions. All the solutions are critically evaluated in terms of their working principles, the DDoS defense mechanism (i.e., prevention, detection, reaction), strengths and weaknesses. Finally, we discuss future research directions that can be explored to design and develop better Blockchain-based solutions to mitigate DDoS attacks in IoT.

Detection and analysis types of DDoS attack

Abstract: The problem of detecting types of DDOS attacks in large-scale networks is considered. The complexity of detection is explained by the presence of a large number of connected and diverse devices, the high volume of incoming traffic, the need to introduce special restrictions when searching for anomalies. The technology of developing information security models using data mining (DM) methods is proposed. The features of machine learning of DM algorithms are related to the choice of methods for preprocessing big data (Big Data). A technique for analyzing the structure of relations between types of DDOS attacks has been developed. Within the framework of this technique, a procedure for pairwise comparison of data by types of attacks with normal traffic is implemented. The result of the comparison is the stability of features, the values of which are invariant to the measurement scales. The analysis of the structure of relations by grouping algorithms was carried out according to the stability values on the determined sets of features. When forming the sets, the stability ranking was used. For classification, various existing methods of machine learning are analyzed.