SpringerLink
Log in

DDoS Threats and Solutions for 5G-Enabled IoT Networks

  • Chapter
  • First Online:
Secure and Trusted Cyber Physical Systems

Part of the book series: Smart Sensors, Measurement and Instrumentation ((SSMI,volume 43))

  • 345 Accesses

Abstract

In recent years, the need for seamless connectivity has increased across various network platforms like IoT, with demands coming from industries, homes, mobile, transportation and office networks. The 5th generation (5G) network is being deployed to meet such demand for high-speed seamless network device connections. 5G is a high-speed network technology with a seamless connection of different network devices in an internet of things (IoT) network area. However, the advantages of 5G also contribute to the security challenges. The seamless connectivity 5G provides could be a security threat allowing attacks such as distributed denial of service (DDoS) because attackers might have easy access to the network infrastructure and higher bandwidth to enhance the effects of the attack. We look at DDoS attacks and the classification of DDoS. We discuss some general approaches proposed to mitigate DDoS threats. This paper covers approaches using SDN in 5G enabled IoT network platforms.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (Canada)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (Canada)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (Canada)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (Canada)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. A. Kalliola, et al., Flooding DDoS mitigation and traffic management with software defined networking, in 2015 IEEE 4th International Conference on Cloud Networking, CloudNet 2015 (2015), pp. 248–254. https://doi.org/10.1109/CloudNet.2015.7335317

  2. A. Bakr, A. El-Aziz, H. Hefny, A survey on mitigation techniques against DDoS attacks on cloud computing architecture. Int. J. Adv. Sci. Technol.28(12), 187–200 (2019). http://sersc.org/journals/index.php/IJAST/article/view/1211/994

  3. A. Kulkarni, S. Bush, Detecting distributed denial-of-service attacks using Kolmogorov complexity metrics. J. Netw. Syst. Manag. 14(1), 69–80 (2006). https://doi.org/10.1007/s10922-005-9016-3

  4. A. Serrano Mamolar, et al., Towards the transversal detection of DDoS network attacks in 5G multi-tenant overlay networks. Comput. Secur. 79(May 2020), 132–147 (2018). https://doi.org/10.1016/j.cose.2018.07.017

  5. A. Serrano Mamolar, et al., Autonomic protection of multi-tenant 5G mobile networks against UDP flooding DDoS attacks. J. Netw. Comput. Appl. 145(November 2018), 102416 (Elsevier Ltd, 2019). https://doi.org/10.1016/j.jnca.2019.102416

  6. A.S. Mamolar, et al., Towards the detection of mobile DDoS attacks in 5G multi-tenant networks, in 2019 European Conference on Networks and Communications, EuCNC 2019 (IEEE, 2019), pp. 273–277. https://doi.org/10.1109/EuCNC.2019.8801975

  7. B. Gwak, et al., IoT trust estimation in an unknown place using the opinions of i-sharing friends, in Proceedings—16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 11th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Conference on Embedded Software and Systems (2017), pp. 602–609. https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.290

  8. B. Hussain, et al., Deep learning-based DDoS-attack detection for cyber-physical system over 5G network. IEEE Trans. Ind. Inf. 3203(DL), 1–1 (2020). https://doi.org/10.1109/tii.2020.2974520

  9. B.W. Gemberling, C.L. Morrow, B.R. Greene, ISP security—Real world techniques, in NANOG (2001).

    Google Scholar 

  10. C. Douligeris, A. Mitrokotsa, DDoS attacks and defense mechanisms: a classification, in Proceedings of the 3rd IEEE International Symposium on Signal Processing and Information Technology, ISSPIT 2003 (2003), pp. 190–193. https://doi.org/10.1109/ISSPIT.2003.1341092

  11. C. Douligeris, A. Mitrokotsa, DDoS attacks and defense mechanisms: classification and state-of-the-art. Comput. Netw. 44(5), 643–666 (2004). https://doi.org/10.1016/j.comnet.2003.10.003

  12. C. Zhou, R.C. Paffenroth, Anomaly detection with robust deep autoencoders, in Proceedings of the ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Part F1296 (2017). pp. 665–674. https://doi.org/10.1145/3097983.3098052

  13. C. Buragohain, N. Medhi, FlowTrApp: an SDN based architecture for DDoS attack detection and mitigation in data centers, in 3rd International Conference on Signal Processing and Integrated Networks, SPIN 2016 (IEEE, 2016), pp. 519–524. https://doi.org/10.1109/SPIN.2016.7566750

  14. Chiang et al., Fog and IoT : an overview of research opportunities. IEEE Internet Things J. 3(6), 854–864 (IEEE, 2016). https://doi.org/10.1109/JIOT.2016.2584538

  15. D. Sattar, A. Matrawy, Towards secure slicing: using slice isolation to mitigate DDoS attacks on 5G core network slices, in 2019 IEEE Conference on Communications and Network Security, CNS 2019 (2019), pp. 82–90. https://doi.org/10.1109/CNS.2019.8802852

  16. D. Dean, M. Franklin, A. Stubblefield, An algebraic approach to IP traceback. ACM Transactions on Information and System Security 5(2), pp. 119–137 (2002). https://doi.org/10.1145/505586.505588

  17. D.X. Song, A. Perrig, Advanced and authenticated marking schemes for IP traceback, Proceedings—IEEE INFOCOM, 2, (2001). pp. 878–886. https://doi.org/10.1109/INFCOM.2001.916279

  18. F. Baker, Requirements for IP version 4 routers. IETF, RFC 1812 (1995).

    Google Scholar 

  19. F. Wong, C.X. Tan, A survey of trends in massive DDOS attacks and cloud-based mitigations. Int. J. Netw. Secur. Appl. 6(3), 57–71 (2014). https://doi.org/10.5121/ijnsa.2014.6305

  20. G.C. Hong, C.N. Lee, M.F. Lee, Dynamic threshold for DDoS mitigation in SDN environment, in 2019 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference, APSIPA ASC 2019 (IEEE, 2019), pp. 1–7. https://doi.org/10.1109/APSIPAASC47483.2019.9023229

  21. H. Ghorbani, M.S. Mohammadzadeh, M.H. Ahmadzadegan, DDoS attacks on the IoT network with the emergence of 5G, in 2020 International Conference on Technology and Entrepreneurship—Virtual, ICTE-V 2020 (2020). https://doi.org/10.1109/ICTE-V50708.2020.9113779

  22. H. Huang, J. Chu, X. Cheng, Trend analysis and countermeasure research of DDoS attack under 5G network, in 2021 IEEE 5th International Conference on Cryptography, Security and Privacy, CSP 2021 (no. 978, 2021), pp. 153–160. https://doi.org/10.1109/CSP51677.2021.9357499

  23. H. Burch, B. Cheswick, Tracing anonymous packets to their approximate source, Lisa (2000)

    Google Scholar 

  24. J. Rodriguez, Fundamentals of 5G Mobile Networks, Fundamentals of 5G Mobile Networks (2015). https://doi.org/10.1002/9781118867464

  25. K. Giotis et al., Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput. Netw. 62(April), 122–136 (2014). https://doi.org/10.1016/j.bjp.2013.10.014

  26. K. Bhardwaj, J.C. Miranda, A. Gavrilovska, Towards IoT-DDoS prevention using edge computing, in USENIX Workshop on Hot Topics in Edge Computing (HotEdge 18) (2018). https://www.usenix.org/biblio-1765

  27. K. Park, H. Lee, On the effectiveness of probabilistic packet marking for IP traceback under denial of service attack, Proceedings—IEEE INFOCOM, 1, pp. 338–347. (2000) https://doi.org/10.1109/INFCOM.2001.916716

  28. L. Deng, D. Yu, Deep learning: methods and applications. Found. Trends Signal Process. 7(3–4), 197–387 (2013). https://doi.org/10.1561/2000000039

  29. L. Kagal, T. Finin, A. Joshi, A policy language for a pervasive computing environment, in Proceedings—POLICY 2003: IEEE 4th International Workshop on Policies for Distributed Systems and Networks (2003), pp. 63–74. https://doi.org/10.1109/POLICY.2003.1206958

  30. M. Ejaz Ahmed, H. Kim, DDoS attack mitigation in internet of things using software defined networking, in Proceedings—3rd IEEE International Conference on Big Data Computing Service and Applications, BigDataService 2017 (2017), pp. 271–276. https://doi.org/10.1109/BigDataService.2017.41

  31. M. Iavich, et al., The novel system of attacks detection in 5G. Lect. Notes Netw. Syst. 226 LNNS(April), 580–591 (2021). https://doi.org/10.1007/978-3-030-75075-6_47

  32. M. Ozcelik, N. Chalabianloo, G. Gur, Software-defined edge defense against IoT-based DDoS, in IEEE CIT 2017—17th IEEE International Conference on Computer and Information Technology (2017), pp. 308–313. https://doi.org/10.1109/CIT.2017.61

  33. M.A. Saleh, S. Abdul Manaf, A novel protective framework for defeating HTTP-based denial of service and distributed denial of service attacks. Sci. World J. (2015). https://doi.org/10.1155/2015/238230

  34. M.A. Sotelo Monge, et al., Source-side DDoS detection on IoT-enabled 5G environments, in Proceedings—2018 International Workshop on Secure Internet of Things, SIoT 2018 (2018), pp. 28–37. https://doi.org/10.1109/SIoT.2018.00010

  35. M.G. Perez et al., Dynamic reconfiguration in 5G mobile networks to proactively detect and mitigate botnets. IEEE Internet Comput. 21(5), 28–36 (2017). https://doi.org/10.1109/MIC.2017.3481345

  36. N. Jawad, et al., Smart television services using NFV/SDN network management. IEEE Trans. Broadcast. 65(2), 404–413 (IEEE, 2019). https://doi.org/10.1109/TBC.2019.2898159

  37. N. Patani, R. Patel, A mechanism for prevention of flooding based DDoS attack. Int. J. Comput. Intell. Res. 13(1), 101–111 (2017)

    Google Scholar 

  38. N. Sultana, et al., Survey on SDN based network intrusion detection system using machine learning approaches. Peer-to-Peer Netw. Appl. 12(2), 493–501 (2019). https://doi.org/10.1007/s12083-017-0630-0

  39. N. Weiler, Honeypots for distributed denial-of-service attacks, in Proceedings of the Workshop on Enabling Technologies: infrastructure for Collaborative Enterprises, WETICE (2002). pp. 109–114. https://doi.org/10.1109/ENABL.2002.1029997

  40. N.N. Dao, et al., MAEC-X: DDoS prevention leveraging multi-access edge computing, in International Conference on Information Networking (IEEE, 2018), pp. 245–248. https://doi.org/10.1109/ICOIN.2018.8343118

  41. P. Ferguson, D. Senie, Network ingress filtering: defeating denial of service attacks which employ IP source address spoofing. IETF (1998). https://www.hjp.at/doc/rfc/rfc2267.html

  42. Q. Gu, S. Marcos, Denial of service attacks department of computer science texas State University—San marcos school of information sciences and technology Pennsylvania State University denial of service attacks outline (2007), pp. 1–28. https://s2.ist.psu.edu/ist451/DDoS-Chap-Gu-June-07.pdf

  43. Q. Yan et al., A multi-level DDoS mitigation framework for the industrial internet of things. IEEE Commun. Mag. IEEE 56(2), 30–36 (2018). https://doi.org/10.1109/MCOM.2018.1700621

  44. Q. Cheng, F. Fang, Kolmogorov random graphs only have trivial stable colorings. Information processing letters, 81(3), (2001). 133–136 https://doi.org/10.1016/S0304-3975(96)00206-X

  45. R. Alhajri, R. Zagrouba, F. Al-Haidari, Survey for anomaly detection of IoT botnets using machine learning auto-encoders. Int. J. Appl. Eng. Res.14(10), 2417–2421 (2019). http://www.ripublication.com

  46. R. Sathya, A. Abraham, Comparison of supervised and unsupervised learning algorithms for pattern classification. (IJARAI) Int. J. Adv. Res. Artific. Intell. 2(2), 34–38 (2013)

    Google Scholar 

  47. R.B. Blazek, et al., A novel approach to detection of denial-of-service attacks via adaptive sequential and batch-sequential change-point detection methods, in Proceedings of IEEE …(2001), pp. 1–7. http://www.professores.unirg.edu.br/marcelo/coordenacao/mar/doutorado/ufrj/DoSDectionPaper.pdf

  48. RCN, Prevention is Better than Cure, Royal College of Nursing (2020). https://www.rcn.org.uk/get-involved/campaign-with-us/prevention-is-better-than-cure

  49. README.unified2, Unified2 (2018). https://www.snort.org/faq/readme-unified2. Accessed 15 Apr. 2022

  50. S. Li, L.D. Xu, S. Zhao, 5G Internet of things: a survey. J. Ind. Inform. Integr. 10, 1–9 (Elsevier, 2018). https://doi.org/10.1016/J.JII.2018.01.005

  51. S. Rommer et al., 5G Core Networks (Elsevier, 2020)

    Google Scholar 

  52. S. Savage, D. Wetherall, A. Karlin, T. Anderson, Network support for IP traceback. IEEE/ACM Transactions on Networking 9(3), 226–237 (2000). https://doi.org/10.1109/90.929847

  53. S.M. Bellovin, M. Leech, T. Taylor, ICMP traceback messages (2003). http://academiccommons.columbia.edu/catalog/ac:127253

  54. S.M. Specht, R.B. Lee, Distributed denial of service: taxonomies of attacks, tools and countermeasures, Int. Works. Secur. Parall. Distrib. Syst. (9), 543–550 (2004). https://doi.org/10.1.1.133.4566

  55. S.S. Bhunia, M. Gurusamy, Dynamic attack detection and mitigation in IoT using SDN, in 2017 27th International Telecommunication Networks and Applications Conference, ITNAC 2017 (2017), pp. 1–6. https://doi.org/10.1109/ATNAC.2017.8215418

  56. T. Luo, S.G. Nagarajany, Distributed anomaly detection using autoencoder neural networks in WSN for IoT, in IEEE International Conference on Communications (2018). https://doi.org/10.1109/ICC.2018.8422402

  57. T. Peng, C. Leckie, K. Ramamohanarao, Protection from distributed denial of service attack using history-based IP filtering (2002)

    Google Scholar 

  58. T. Peng, C. Leckie, K. Ramamohanarao, Survey of network-based defense mechanisms countering the DoS and DDoS problems. ACM Comput. Surv. 39(1) (2007). https://doi.org/10.1145/1216370.1216373

  59. T.M. Gil, M. Poletto, in Proceedings of the 10 th USENIX Security Symposium MULTOPS : a Data-Structure for Bandwidth Attack Detection. Statistics (2001)

    Google Scholar 

  60. X. Geng, A.B. Whinston, Proactively defeating distributed denial of service attacks, Security 1(August), 1520 (2000). https://doi.org/10.1109/ccece.2003.1226075

  61. Y. Bhavani, V. Janaki, R. Sridevi, IP traceback through modified probabilistic packet marking algorithm using chinese remainder theorem. Ain Shams Eng. J. Faculty Eng. Ain Shams Univ. 6(2), 715–722 (2015). https://doi.org/10.1016/j.asej.2014.12.004

  62. Z. Kotulski, et al., On end-to-end approach for slice isolation in 5G networks. Fundamental challenges, in Proceedings of the 2017 Federated Conference on Computer Science and Information Systems, FedCSIS 2017 (vol. 11, 2017), pp. 783–792. https://doi.org/10.15439/2017F228

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, Macquarie University, Sydney, NSW, 2109, Australia

    Daniel Onoja, Michael Hitchens & Rajan Shankaran

Authors
  1. Daniel Onoja
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Michael Hitchens
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rajan Shankaran
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Daniel Onoja .

Editor information

Editors and Affiliations

  1. School of Computer Science, Queensland University of Technology, Brisbane, QLD, Australia

    Shantanu Pal

  2. School of Information and Communication Technology, Griffith University, Gold Coast, QLD, Australia

    Zahra Jadidi

  3. School of Information and Communication Technology, Griffith University, Gold Coast, QLD, Australia

    Ernest Foo

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Onoja, D., Hitchens, M., Shankaran, R. (2022). DDoS Threats and Solutions for 5G-Enabled IoT Networks. In: Pal, S., Jadidi, Z., Foo, E. (eds) Secure and Trusted Cyber Physical Systems. Smart Sensors, Measurement and Instrumentation, vol 43. Springer, Cham. https://doi.org/10.1007/978-3-031-08270-2_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-08270-2_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-08269-6

  • Online ISBN: 978-3-031-08270-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation