Traffic flow features as metrics (TFFM): detection of application layer level DDOS attack scope of IOT traffic flows

  • Authors

    • Kalathiripi Rambabu
    • N Venkatram
    2018-03-18
    https://doi.org/10.14419/ijet.v7i2.7.10293
  • IoT, DDOS, Botnet, DDoSFlowgen, MEC Shield, Preventive Measures, Traffic Flow, Mirae.
  • The phenomenal and continuous growth of diversified IOT (Internet of Things) dependent networks has open for security and connectivity challenges. This is due to the nature of IOT devices, loosely coupled behavior of internetworking, and heterogenic structure of the networks.  These factors are highly vulnerable to traffic flow based DDOS (distributed-denial of services) attacks. The botnets such as “mirae†noticed in recent past exploits the IoT devises and tune them to flood the traffic flow such that the target network exhaust to response to benevolent requests. Hence the contribution of this manuscript proposed a novel learning-based model that learns from the traffic flow features defined to distinguish the DDOS attack prone traffic flows and benevolent traffic flows. The performance analysis was done empirically by using the synthesized traffic flows that are high in volume and source of attacks. The values obtained for statistical metrics are evincing the significance and robustness of the proposed model

  • References

    1. [1] Filip Jelic, “Analysis: Record DDoS Attacks by Mirai, IoT Botnet,†Deep.Dot.Web, Nov. 2016.

      [2] Pettey, Christy. "The Internet of Things and the Enterprise." Gartner (2015).

      [3] Ali, Sardar, et al. "On mitigating sampling-induced accuracy loss in traffic anomaly detection systems." ACM SIGCOMM Computer Communication Review 40.3 (2010): 4-16.

      [4] Krebs, Brian. "Who makes the IoT things under attack." KrebsonSe-curity (2016).

      [5] Douligeris, Christos, and Aikaterini Mitrokotsa. "DDoS attacks and defense mechanisms: classification and state-of-the-art." Computer Networks 44.5 (2004): 643-666.

      [6] Mirkovic, Jelena, and Peter Reiher. "A taxonomy of DDoS attack and DDoS defense mechanisms." ACM SIGCOMM Computer Communication Review 34.2 (2004): 39-53.

      [7] Tariq, Usman, ManPyo Hong, and Kyung-suk Lhee. "A comprehensive categorization of DDoS attack and DDoS defense techniques." International Conference on Advanced Data Mining and Applications. Springer, Berlin, Heidelberg, 2006.

      [8] Jung, Jaeyeon, Balachander Krishnamurthy, and Michael Rabinovich. "Flash crowds and denial of service attacks: Characterization and implications for CDNs and web sites." Proceedings of the 11th international conference on World Wide Web. ACM, 2002.

      [9] Tao, Yuan, and Shui Yu. "DDoS attack detection at local area networks using information theoretical metrics." Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on. IEEE, 2013.

      [10] Misra, Sudip, et al. "An adaptive learning routing protocol for the prevention of distributed denial of service attacks in wireless mesh networks." Computers & Mathematics with Applications 60.2 (2010): 294-306.

      [11] Zhang, Fangjiao, et al. "Research on redundant channel model based on spatial correlation in IOT." International Conference on Trustworthy Computing and Services. Springer, Berlin, Heidelberg, 2012.

      [12] Zhang, Congyingzi, and Robert Green. "Communication security in internet of thing: preventive measure and avoid DDoS attack over IoT network." Proceedings of the 18th Symposium on Communications & Networking. Society for Computer Simulation International, 2015.

      [13] Dao, Nhu-Ngoc, et al. "Securing Heterogeneous IoT with Intelligent DDoS Attack Behavior Learning." arXiv preprint arXiv:1711.06041 (2017).

      [14] Kohonen, Teuvo. "Essentials of the self-organizing map." Neural networks 37 (2013): 52-65.

      [15] https://www.corero.com/resources/ddos-attack-types/mirai-botnet-ddos-attack.html

      [16] An, Tae-Ki, and Moon-Hyun Kim. "A new diverse AdaBoost classifier." Artificial Intelligence and Computational Intelligence (AICI), 2010 International Conference on. Vol. 1. IEEE, 2010.

      [17] https://galois.com/blog/2017/04/simulating-ddos-attacks-ddosflowgen/

      [18] Kolias, Constantinos, et al. "DDoS in the IoT: Mirai and other botnets." Computer 50.7 (2017): 80-84.

      [19] Powers, David Martin. "Evaluation: from precision, recall and F-measure to ROC, informedness, markedness and correlation." (2011).

  • Downloads

  • How to Cite

    Rambabu, K., & Venkatram, N. (2018). Traffic flow features as metrics (TFFM): detection of application layer level DDOS attack scope of IOT traffic flows. International Journal of Engineering & Technology, 7(2.7), 203-208. https://doi.org/10.14419/ijet.v7i2.7.10293