SpringerLink
Log in

A survey of DDoS attacking techniques and defence mechanisms in the IoT network

  • Published:
Telecommunication Systems Aims and scope Submit manuscript

Abstract

Internet-of-things has emerged out as an important invention towards employing the tremendous power of wireless media in the real world. We can control our surroundings by interacting with numerous smart applications running independently on different platforms, almost everywhere in the world. IoT, with such a ubiquitous popularity often serve itself as a potential platform for escalating malicious entities. These entities get an access to the legitimate devices by exploiting IoT vulnerabilities which results from several constraints like limited resources, weaker security, etc. and can further take form of various attacks. Distributed Denial-of-service (DDoS) in IoT network is an attack which targets the availability of the servers by flooding the communication channel with impersonated requests coming from distributed IoT devices. Defending DDoS in IoT has now become an exigent area of research due to the recent incidents of demolishment of some renowned servers, reported in previous few years. In this paper, we discuss the concept of malware and botnets working behind ‘Distributed’ DoS in IoT. The various DDoS defence techniques are broadly described and compared in order to identify the security gaps present in them. Moreover, we list out the open research issues and challenges that need to be addressed for a stronger as well as smarter DDoS defence.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price includes VAT (Germany)

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

References

  1. Chen, K., Zhang, S., Li, Z., Zhang, Y., Deng, Q., Ray, S., et al. (2018). Internet-of-Things security and vulnerabilities: Taxonomy, challenges, and practice. Journal of Hardware and Systems Security,2(2), 97–110.

    Article  Google Scholar 

  2. Zhou, W., Jia, Y., Peng, A., Zhang, Y., & Liu, P. (2018). The effect of iot new features on security and privacy: New threats, existing solutions, and challenges yet to be solved. IEEE Internet of Things Journal,6(2), 1606–1616.

    Article  Google Scholar 

  3. Roman, R., Zhou, J., & Lopez, J. (2013). On the features and challenges of security and privacy in distributed internet of things. Computer Networks,57(10), 2266–2279.

    Article  Google Scholar 

  4. Million Amazon Echo Smart Speakers to Be Sold In 2017, Driving US Smart Home Adoption. https://www.forbes.com/sites/gilpress/2017/10/29/22-million-amazon-echo-smart-speakers-to-be-sold-in-2017-driving-us-smart-home-adoption/#5328961c481a. Accessed 15 December 2018.

  5. Top IoT Vulnerabilities. https://www.owasp.org/index.php/Top_IoT_Vulnerabilities. Accessed 04 March 2019.

  6. Gubbi, J., Buyya, R., Marusic, S., & Palaniswami, M. (2013). Internet of Things (IoT): A vision, architectural elements, and future directions. Future generation computer systems,29(7), 1645–1660.

    Article  Google Scholar 

  7. Lee, J. H., & Kim, H. (2017). Security and privacy challenges in the internet of things [security and privacy matters]. IEEE Consumer Electronics Magazine,6(3), 134–136.

    Article  Google Scholar 

  8. Fortino, G., & Trunfio, P. (Eds.). (2014). Internet of things based on smart objects: Technology, middleware, and applications. Berlin: Springer.

    Google Scholar 

  9. Zhao, K., & Ge, L. (2013). A survey on the internet of things security. In 2013 9th international conference on computational intelligence and security (CIS) (pp. 663–667). IEEE.

  10. Kolias, C., Kambourakis, G., Stavrou, A., & Voas, J. (2017). DDoS in the IoT: Mirai and other botnets. Computer,50(7), 80–84.

    Article  Google Scholar 

  11. Lohachab, A., & Karambir, B. (2018). Critical analysis of DDoS—An emerging security threat over IoT networks. Journal of Communications and Information Networks,3(3), 57–78.

    Article  Google Scholar 

  12. Sicari, S., Rizzardi, A., Miorandi, D., & Coen-Porisini, A. (2018). REATO: REActing TO Denial of Service attacks in the Internet of Things. Computer Networks,137, 37–48.

    Article  Google Scholar 

  13. DDoS Statistics That Should Concern Business Leaders. https://www.coxblue.com/12-ddos-statistics-that-should-concern-business-leaders/. Accessed 29 October 2018.

  14. Akamai’s State of The Internet Security Q3 2016 Report. https://www.akamai.com/us/en/multimedia/documents/state-of-the-internet/q3-2016-state-of-the-internet-security-report.pdf. Accessed 14 December 2018.

  15. New Report Points to Alarming DDoS Attack Statistics and Projections. https://www.corero.com/blog/736-new-report-points-to-alarming-ddos-attack-statistics-and-projections.html. Accessed 14 December 2018.

  16. Kaspersky Lab DDoS Intelligence Report: Long-lasting Attacks, Amplification Attacks and Old Botnets Make a Comeback. https://usa.kaspersky.com/about/press-releases/2018_kaspersky-lab-ddos-intelligence-report-long-lasting-attacks-amplification-attacks-and-old-botnets-make-a-comeback. Accessed 14 December 2018.

  17. Cisco Visual Networking Index: Forecast and Trends, 2017–2022. https://www.cisco.com/c/en/us/solutions/collateral/service-provider/visual-networking-index-vni/white-paper-c11-741490.html. Accessed 14 December 2018.

  18. Statistics That Demonstrate the Need for DDoS Mitigation. https://www.cdnetworks.com/en/news/10-statistics-that-demonstrate-the-need-for-ddos-mitigation/4234. Accessed 14 December 2018.

  19. The average DDoS attack cost for businesses rises to over $2.5 million. https://www.zdnet.com/article/the-average-ddos-attack-cost-for-businesses-rises-to-over-2-5m/. Accessed 14 December 2018.

  20. DDoS is a most common cyberattack on financial institutions. https://www.computerweekly.com/news/4500272230/DDoS-is-most-common-cyber-attack-on-financial-institutions. Accessed 14 December 2018.

  21. Zargar, S. T., Joshi, J., & Tipper, D. (2013). A survey of defence mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Communications Surveys & Tutorials,15(4), 2046–2069.

    Article  Google Scholar 

  22. Mendez, D. M., Papapanagiotou, I., & Yang, B. (2017). Internet of things: Survey on security and privacy. ar**v preprint ar**v:1707.01879.

  23. McDermott, C. D., Petrovski, A. V., & Majdani, F. (2018, June). Towards situational awareness of botnet activity in the internet of things. In 2018 International conference on cyber situational awareness, data analytics and assessment (Cyber SA) (pp. 1–8). IEEE.

  24. Bertino, E., & Islam, N. (2017). Botnets and internet of things security. Computer,2, 76–79.

    Article  Google Scholar 

  25. Jerkins, J. A. (2017). Motivating a market or regulatory solution to IoT insecurity with the Mirai botnet code. In 2017 IEEE 7th annual computing and communication workshop and conference (CCWC) (pp. 1–5). IEEE.

  26. The Wirex Botnet. https://blog.cloudflare.com/the-wirex-botnet/. Accessed 04 December 2018.

  27. The Reaper IoT Botnet Has Already Infected A Million Networks. https://www.wired.com/story/reaper-iot-botnet-infected-million-networks/. Accessed 05 December 2018.

  28. New Vicious Torii IoT Botnet Discovered. https://www.csoonline.com/article/3310222/security/new-vicious-torii-iot-botnet-discovered.html. Accessed 14 December 2018.

  29. Alert (TA18-331A) 3ve—Major Online Ad Fraud Operation. https://www.us-cert.gov/ncas/alerts/TA18-331A. Accessed 14 December 2018.

  30. Three Types of DDOS Attacks. https://blog.thousandeyes.com/three-types-ddos-attacks/. Accessed 04 December 2018.

  31. Mirkovic, J., & Reiher, P. (2004). A taxonomy of DDoS attack and DDoS defence mechanisms. ACM SIGCOMM Computer Communication Review,34(2), 39–53.

    Article  Google Scholar 

  32. Alomari, E., Manickam, S., Gupta, B. B., Karuppayah, S., & Alfaris, R. (2012). Botnet-based distributed denial of service (DDoS) attacks on web servers: classification and art. ar**v preprint ar**v:1208.0403.

  33. Mosenia, A., & Jha, N. K. (2017). A comprehensive study of security of internet-of-things. IEEE Transactions on Emerging Topics in Computing,5(4), 586–602.

    Article  Google Scholar 

  34. Specht, S. M., & Lee, R. B. (2004). Distributed denial of service: Taxonomies of attacks, tools, and countermeasures. In ISCA PDCS (pp. 543–550).

  35. Lemon, J. (2002, February). Resisting SYN flood DoS attacks with a SYN Cache. In BSDCon (Vol. 2002, pp. 89–97).

  36. Kambourakis, G., Moschos, T., Geneiatakis, D., & Gritzalis, S. (2007, October). Detecting DNS amplification attacks. In International workshop on critical information infrastructures security (pp. 185–196). Berlin: Springer.

  37. Kührer, M., Hupperich, T., Rossow, C., & Holz, T. (2014). Exit from hell? Reducing the impact of amplification DDoS attacks. In USENIX Security Symposium (pp. 111–125).

  38. Douligeris, C., & Mitrokotsa, A. (2004). DDoS attacks and defence mechanisms: Classification and state-of-the-art. Computer Networks,44(5), 643–666.

    Article  Google Scholar 

  39. Lau, F., Rubin, S. H., Smith, M. H., & Trajkovic, L. (2000). Distributed denial of service attacks. In 2000 IEEE international conference on systems, man, and cybernetics (Vol. 3, pp. 2275–2280). IEEE.

  40. Types of DDoS Attacks. https://www.esecurityplanet.com/network-security/types-of-ddos-attacks.html. Accessed 14 December 2018.

  41. Farwell, J. P., & Rohozinski, R. (2011). Stuxnet and the future of cyber war. Survival,53(1), 23–40.

    Article  Google Scholar 

  42. DDOS Report in 2018. https://securelist.com/ddos-report-in-q3-2018/88617/. Accessed 04 December 2018.

  43. Linux Malware on the Rise: A Look at Recent Threats. https://www.linux.com/news/2017/7/linux-malware-rise-look-recent-threats. Accessed 29 March 2018

  44. Mergendahl, S., Sisodia, D., Li, J., & Cam, H. (2017). Source-end DDoS defence in IoT environments. In Proceedings of the 2017 workshop on internet of things security and privacy (pp. 63–64). ACM.

  45. Anirudh, M., Thileeban, S. A., & Nallathambi, D. J. (2017, January). Use of honeypots for mitigating DoS attacks targeted on IoT networks. In 2017 International conference on computer, communication and signal processing (ICCCSP) (pp. 1–4). IEEE.

  46. Misra, S., Krishna, P. V., Agarwal, H., Saxena, A., & Obaidat, M. S. (2011). A learning automata-based solution for preventing distributed denial of service in Internet of things. In 2011 international conference on internet of things and 4th international conference on cyber, physical and social computing (pp. 114–122). IEEE.

  47. Ahmed, M. E., & Kim, H. (2017). DDoS attack mitigation in Internet of Things using software defined networking. In 2017 IEEE third international conference on big data computing service and applications (BigDataService) (pp. 271–276). IEEE.

  48. Adat, V., Gupta, B. B., & Yamaguchi, S. (2017, November). Risk transfer mechanism to defend DDoS attacks in IoT scenario. In 2017 IEEE international symposium on consumer electronics (ISCE) (pp. 37–40). IEEE.

  49. Matheu-García, S. N., Hernández-Ramos, J. L., Skarmeta, A. F., & Baldini, G. (2019). Risk-based automated assessment and testing for the cybersecurity certification and labelling of IoT devices. Computer Standards & Interfaces,62, 64–83.

    Article  Google Scholar 

  50. Javaid, U., Siang, A. K., Aman, M. N., & Sikdar, B. (June 2018). Mitigating loT device based DDoS attacks using blockchain. In Proceedings of the 1st workshop on cryptocurrencies and blockchains for distributed systems (pp. 71–76). ACM.

  51. Sagirlar, G., Carminati, B., & Ferrari, E. (2018, October). AutoBotCatcher: blockchain-based P2P botnet detection for the internet of things. In 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC) (pp. 1–8). IEEE.

  52. Su, J., Vargas, D. V., Prasad, S., Sgandurra, D., Feng, Y., & Sakurai, K. (2018). Lightweight classification of IoT malware based on image recognition. ar**v preprint ar**v:1802.03714.

  53. Zhou, L., Guo, H., & Deng, G. (2019). A fog computing-based approach to DDoS mitigation in IoT systems. Computers & Security,85, 51–62.

    Article  Google Scholar 

  54. Doshi, R., Apthorpe, N., & Feamster, N. (2018). Machine learning DDoS detection for consumer internet of things devices. ar**v preprint ar**v:1804.04159.

  55. Singh, K., Guntuku, S. C., Thakur, A., & Hota, C. (2014). Big data analytics framework for peer-to-peer botnet detection using random forests. Information Sciences,278, 488–497.

    Article  Google Scholar 

  56. Haddad Pajouh, H., Dehghantanha, A., Khayami, R., & Choo, K. K. R. (2018). A deep Recurrent Neural Network based approach for Internet of Things malware threat hunting. Future Generation Computer Systems,85, 88–96.

    Article  Google Scholar 

  57. McDermott, C. D., Majdani, F., & Petrovski, A. V. (2018, July). Botnet detection in the internet of things using deep learning approaches. In 2018 international joint conference on neural networks (IJCNN) (pp. 1–8). IEEE.

  58. Meidan, Y., Bohadana, M., Mathov, Y., Mirsky, Y., Shabtai, A., Breitenbacher, D., et al. (2018). N-BaIoT—Network-based detection of iot botnet attacks using deep autoencoders. IEEE Pervasive Computing,17(3), 12–22.

    Article  Google Scholar 

  59. Zhang, C., & Green, R. (2015). Communication security on the internet of thing: Preventive measure and avoid DDoS attack over IoT network. In Proceedings of the 18th symposium on communications and networking (pp. 8–15). Society for Computer Simulation International.

  60. Sonar, K., & Upadhyay, H. (2016). An approach to secure internet of things against DDoS. In Proceedings of international conference on ICT for sustainable development (pp. 367–376). Singapore: Springer.

  61. De Donno, M., Dragoni, N., Giaretta, A., & Spognardi, A. (2018). DDoS-capable IoT malwares: Comparative analysis and Mirai investigation. In Security and Communication Networks, 2018.

  62. Adat, V., & Gupta, B. B. (2017, April). A DDoS attack mitigation framework for the internet of things. In 2017 international conference on communication and signal processing (ICCSP) (pp. 2036–2041). IEEE.

  63. Adat, V., Dahiya, A., & Gupta, B. B. (2018, January). Economic incentive-based solution against distributed denial of service attacks for IoT customers. In 2018 IEEE international conference on consumer electronics (ICCE) (pp. 1–5). IEEE.

  64. Zorzi, M., Gluhak, A., Lange, S., & Bassi, A. (2010). From today’s intranet of things to a future internet of things: A wireless-and mobility-related view. IEEE Wireless Communications,17(6), 44–51.

    Article  Google Scholar 

  65. Dou, W., Chen, Q., & Chen, J. (2013). A confidence-based filtering method for DDoS attack defence in cloud environment. Future Generation Computer Systems,29(7), 1838–1850.

    Article  Google Scholar 

  66. Afek, Y., Bremler-Barr, A., & Touitou, D. (2010). U.S. Patent No. 7,707,305. Washington, DC: U.S. Patent and Trademark Office.

  67. Alpaydin, E. (2009). Introduction to machine learning. Cambridge: MIT Press.

    Google Scholar 

  68. Borgia, E. (2014). The Internet of Things vision: Key features, applications and open issues. Computer Communications,54, 1–31.

    Article  Google Scholar 

  69. Mirkovic, J., Prier, G., & Reiher, P. (2002, November). Attacking DDoS at the source. In Proceedings. 10th IEEE International Conference on Network Protocols, 2002 (pp. 312–321). IEEE.

  70. Musca, C., Mirica, E., & Deaconescu, R. (2013). Detecting and analyzing zero-day attacks using honeypots. In 2013 19th international conference on control systems and computer science (CSCS) (pp. 543–548). IEEE.

  71. Casas, P., Mazel, J., & Owezarski, P. (2012). Unsupervised network intrusion detection systems: Detecting the unknown without knowledge. Computer Communications,35(7), 772–783.

    Article  Google Scholar 

  72. Wang, B., Zheng, Y., Lou, W., & Hou, Y. T. (2015). DDoS attack protection in the era of cloud computing and software-defined networking. Computer Networks,81, 308–319.

    Article  Google Scholar 

  73. François, J., Aib, I., & Boutaba, R. (2012). FireCol: A collaborative protection network for the detection of flooding DDoS attacks. IEEE/ACM Transactions on Networking (TON),20(6), 1828–1841.

    Article  Google Scholar 

  74. Sonar, K., & Upadhyay, H. (2014). A survey: DDOS attack on Internet of Things. International Journal of Engineering Research and Development,10(11), 58–63.

    Google Scholar 

  75. Zhang, C., & Green, R. (2015, April). Communication security in internet of thing: Preventive measure and avoid DDoS attack over IoT network. In Proceedings of the 18th symposium on communications and networking (pp. 8–15). Society for Computer Simulation International.

  76. Yang, Y., Wu, L., Yin, G., Li, L., & Zhao, H. (2017). A survey on security and privacy issues in Internet-of-Things. IEEE Internet of Things Journal,4(5), 1250–1258.

    Article  Google Scholar 

  77. Abdul-Ghani, H. A., Konstantas, D., & Mahyoub, M. (2018). A comprehensive IoT attacks survey based on a building-blocked reference model. International Journal of Advanced Computer Science and Applications (IJACSA). https://doi.org/10.14569/IJACSA.2018.090349.

    Article  Google Scholar 

  78. Dougherty, J., Kohavi, R., & Sahami, M. (1995). Supervised and unsupervised discretization of continuous features. In Machine learning proceedings 1995 (pp. 194–202).

  79. Koroniotis, N., Moustafa, N., Sitnikova, E., & Turnbull, B. (2019). Towards the development of realistic botnet dataset in the internet of things for network forensic analytics: Bot-iot dataset. Future Generation Computer Systems,100, 779–796.

    Article  Google Scholar 

  80. Li, L., & Lee, G. (2005). DDoS attack detection and wavelets. Telecommunication Systems,28(3–4), 435–451.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Institute of Technology, Kurukshetra, Kurukshetra, India

    Ruchi Vishwakarma & Ankit Kumar Jain

Authors
  1. Ruchi Vishwakarma
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ankit Kumar Jain
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ankit Kumar Jain.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Vishwakarma, R., Jain, A.K. A survey of DDoS attacking techniques and defence mechanisms in the IoT network. Telecommun Syst 73, 3–25 (2020). https://doi.org/10.1007/s11235-019-00599-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11235-019-00599-z

Keywords

Search

Navigation