Abstract
Ubiquitous computing facilitated by Internet of things (IoT) devices has made modern day life easier across many areas. It offers capabilities to measure parameters associated with the devices, to infer from their results, and to understand and control millions of such devices in various application domains. The enormous potential of IoT systems enables each and every device to communicate with each other, thereby providing more productivity. In this scenario, heterogeneity of technologies in use is expected to intensify the security threats. Policy enforcement for the assurance of privacy and security plays a key role in these systems. Fulfillment of privacy and security related requirements include confidentiality of data, user and device authentication, access control, and trust assurance among the things. However, recent reported events related to security attacks show colossal vulnerabilities among IoT devices capable of bringing security risks to the whole environment. One of the common uses of these devices by the attackers is to generate powerful distributed denial of service (DDoS) attacks. It is one of the most prominent attacking behaviors over a network by a group of geographically distributed zombie computers that interrupt and block legitimate users to use the network resources and hence, requires great attention. In this regard, the current work being novel in the field puts concentration on variants of DDoS attacks and their impact on IoT networks along with some of the existing countermeasures to defend against these attacks. The paper also discusses the detailed working mechanism of these attacks and highlights some of the commonly used tools that are deployed in such attack scenarios.
Similar content being viewed by others
References
H. B. Zhu, L. X. Yang, Q. Zhu, et al. Ubiquitous information service networks and technology based on the convergence of communication, computing and control [J]. Journal of Communications and Information Networks, 2016, 1(1): 98–110.
Y. C. Wang, Y. F. Zhang, X. H. Hei, et al. Game strategies for distributed denial of service defense in the Cloud of Things [J]. Journal of Communications and Information Networks, 2016, 1(4): 143–155.
I. Brass, L. Tanczer, M. Carr, et al. Regulating IoT: Enabling or disabling the capacity of the Internet of Things [M]. Risk & Regulation, 2017, 33: 12–15.
C. Zhang, R. Green. Communication security in Internet of Things: Preventive measure and avoid DDoS attack over IoT Network [C]//Proceedings of 18th Symposium on Communications and Networking, Bangkok, 2015: 8–15.
O. Bello, S. Zeadally, M. Badra. Network layer inter-operation of Device-to-Device communication technologies in Internet of Things (IoT) [J]. Ad Hoc Networks, 2017, 57(C): 52–62.
A. Dorri, S. S. Kanhere, R. Jurdak, et al. Blockchain for IoT security and privacy: The case study of a smart home [C]//IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), Kona, 2017: 618–623.
C. Cao, L. Guan, P. Liu, et al. Hey, you, keep away from my device: remotely implanting a virus expeller to defeat Mirai on IoT devices [J]. arXiv:1706.05779, 2017.
V. Adat, B. B. Gupta. Security in Internet of Things: Issues, challenges, taxonomy, and architecture [J]. Telecommunication Systems, 2018, 3/2018: 1–19.
A. K. Simpson, F. Roesner, T. Kohno. Securing vulnerable home IoT devices with an in-hub security manager [C]//International Conference on Pervasive Computing and CommunicationWorkshops (Percom Workshops), Kona, 2017: 551–556.
A. Sardana, R. Joshi. An auto-responsive honeypot architecture for dynamic resource allocation and QoS adaptation in DDoS attacked networks [J]. Computer Communications, 2009, 32(12): 1384–1399.
C. Douligeris, A. Mitrokotsa. DDoS attacks and defense mechanisms. Classification and state-of-the-art [J]. Computer Networks, 2004, 44(5): 643–666.
C. Zhang, R. Green. Communication security in Internet of Thing: Preventive measure and avoid DDoS attack over IoT network [C]//Proceedings of 18th Symposium on Communications & Networking, Society for Computer Simulation International, Alexandria, 2015: 8–15.
J. Pescatore. DDoS attacks advancing and enduring: A SANS survey [R]. 2014.
A. Zand, G. Modelo-Howard, A. Tongaonkar, et al. Demystifying DDoS as a service [J]. IEEE Communication Magazine, 2017, 55(7): 14–21.
C. Douligeris, A. Mitrokotsa. DDoS attacks and defense mechanisms: A classification [C]//Proceedings of 3rd IEEE International Symposium on Signal Processing and Information Technology, Darmstadt, 2003: 190–193.
M. T. Gardner, C. Beard, D. Medhi. Using SEIRS epidemic models for IoT botnets attacks [C]//Proceedings of 13th International Conference on Design of Reliable Communication Networks (DRCN), VDE, Münich, 2017: 1–8.
E. Bertino, N. Islam. Botnets and Internet of Things security [J]. Computer (Long Beach Calif), 2017, 50(2): 76–79.
E. Bertino, N. Islam. Botnets and Internet of Things security [J]. Computer, 2017, 50(2): 76–79.
J. A. Jerkins. Motivating a market or regulatory solution to IoT insecurity with the Mirai botnet code [C]//IEEE 7th Annual Computing and Communication Workshop and Conference (CCWC), Las Vegas, 2017: 1–5.
J. Gao, M. Liu. A study on social network based P2P botnet [J]. International Research Journal of Advanced Engineering and Science, 2017, 2(3): 204–208.
N. Pantic, M. Husain. Covert botnet command and control using twitter [C]//Proceedings of 31st Annual Computer Security Applications Conference, Los Angeles, 2015: 171–180.
S. Nagaraja, A. Houmansadr, P. Piyawongwisal, et al. Stegobot: a covert social network botnet [C]//Proceedings of 13th International Conference on Information Hiding, Prague, 2011: 299–313.
A. Wang, R. Liang, X. Liu, et al. An inside look at IoT malware [C]//International Conference on Industrial IoT Technologies and Applications, Wuhu, 2017: 176–186.
Taking charge of the IoT’s security vulnerabilities (White Paper) [M]. 2017.
B. Krebs. DDoS-for-hire. Krebs on security [R]. 2017.
S. Quamara, A. K. Singh. Bitcoins and secure financial transaction processing, recent advances [C]//2nd International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT), Bengaluru, 2016: 216–219.
A. K. Sood, S. Zeadally, R. Bansal. Cybercrime at a scale: A practical study of deployments of http-based botnet command and control panels [J]. IEEE Communications Magazine, 2017, 55(7): 22–28.
A. Darwish, M. M. El-Gendy, A. E. Hassanien. A new hybrid cryptosystem for Internet of Things applications [J]. Multimedia Forensics and Security, 2016, 115: 365–380.
A. C. Atluri, V. Tran. Botnets threat analysis and detection [M]. Information security practices: Emerging threats and perspectives, Springer, 2017: 7–28.
L. M. Ibrahim, K. H. Thanon. Detection of Zeus botnet in computers networks and Internet [J]. International Journal of Information Technology and Business Management, 2012, 6: 84–89.
C. Kolias, G. Kambourakis, A. Stavrou, et al. DDoS in th. IoT: Mirai and other botnets [J]. Computer (Long Beach Calif), 2017, 50(7): 80–84.
D. Moore, C. Shannon. Code-Red: A case study on the spread and victims of an Internet worm [C]//Proceedings of 2nd ACM SIGCOMM Workshop on Internet Measurement (IMW), Marseille, 2002: 273–284.
Q. Jing, A. V. Vasilakos, J. Wan, et al. Security of the Internet of Things: Perspectives and challenges [J]. Wireless Networks, 2014, 20(8): 2481–2501.
R. Khan, S. U. Khan, R. Zaheer, et al. Future Internet: The Internet of Things architecture, possible applications and key challenges [C]//Proceedings of 10th International Conference on Frontiers of Information Technology (FIT), Islamabad, 2012: 257–260.
A. T. Nguyen, L. Mokdad, J. Ben Othman. Solution of detecting jamming attacks in vehicle ad hoc networks [C]//Proceedings of 16th ACM International Conference on Modeling, Analysis & Simulation of Wireless and Mobile Systems, Barcelona, 2013: 405–410.
N. Thakur, A. Sankaralingam. Introduction to jamming attacks and prevention techniques using honeypots in wireless networks [J]. International Journal of Computer Science and Information Technology and Security, 2013, 3(2): 202–207.
B. R. Ray, J. Abawajy, M. Chowdhury. Scalable RFID security framework and protocol supporting Internet of Things [J]. Computer Networks, 2014, 67: 89–103.
Z. Ahmadian, M. Salmasizadeh, M. R. Aref. Desynchronization attack on RAPP ultralightweight authentication protocol [J]. Information Processing Letters, 2013, 113(7): 205–209.
K. Sonar, H. Upadhyay. A survey: DDOS attack o.Internet of Things [J]. International Journal of Engineering Research and Development, 2014, 10(11): 58–63.
V. Bhasin, S. Kumar, P. C. Saxena, et al. Security architectures in wireless sensor network [J]. International Journal of Information Technology, 2018: 1–12.
I. Vaccari, E. Cambiaso, M. Aiello. Remotely exploiting AT command attacks on ZigBee networks [J]. Security and Communication Networks, 2017: 1723658
S. Kumar. Smurf-based distributed denial of service (DDoS) attack amplification in Internet [C]//2nd International Conference on Internet Monitoring and Protection (ICIMP), San Jose, 2007: 25–25.
US CERT. DNS amplification attacks [R]. 2016.
K. M. Haataja, K. Hypponen. Man-in-the-middle attacks on bluetooth: A comparative analysis, a novel attack, and countermeasures [C]//3rd International Symposium on Communication Control and Signal Process (ISCCSP), Berkeley, 2008: 1096–1102.
Radware DDoS handbook: The ultimate guide to everything you need to know about DDoS attacks [M]. 2015: 1–43.
MalwareMustDie! Malware research group [R]. 2016.
L. Urquhart, D. McAuley. Cybersecurity implications of the industrial Internet of Things [C]//TILTing Perspectives 2017: Regulating a connected world, Tilburg, 2017.
K. Angrishi. Turning Internet of things (IoT) into Internet of vulnerabilities (IoV): IoT botnets [J]. arXiv:1702.03681, 2017.
GReAT. New(ish) Mirai spreader poses new risks [R]. 2017.
S. T. Zargar, J. Joshi, D. Tipper. A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks [J]. IEEE communications surveys & tutorials, 2013, 15(4): 2046–2069.
Kaspersky Lab. Statistics on botnet-assisted DDoS attacks in Q1 [R]. 2015.
Kaspersky Lab. Kaspersky DDoS intelligence report Q2 [R]. 2015.
Kaspersky Lab. Kaspersky DDoS intelligence report Q3 [R]. 2015.
Kaspersky Lab. Kaspersky DDoS intelligence report for Q4 [R]. 2015.
Kaspersky Lab. Kaspersky DDoS intelligence report for Q1 [R]. 2016.
Kaspersky Lab. Kaspersky DDoS intelligence report for Q2 [R]. 2016.
O. Kupreev, J. Strohschneider, A. Khalimonenko. Kaspersky DDOS intelligence report for Q3 [R]. 2016.
A. Khalimonenko, J. Strohschneider, O. Kupreev. DDoS attacks in Q4 2016 [R]. 2017.
A. Khalimonenko, O. Kupreev. DDOS attacks in Q1 2017 [R]. 2017.
A. Khalimonenko, O. Kupreev, T. Ibragimov. DDoS attacks in Q2 2017 [R]. 2017.
N. Kshetri, J. Voas. Banking on availability [J]. IEEE Computer (Long Beach Calif), 2017, 50(1): 76–80.
Y. J. Park, K. H. Lee. Constructing a secure hacking-resistant IoT Uhealthcare environment [J]. Journal of Computer Virology and Hacking Techniques, 2018, 14(1): 99–106.
D. Freet, R. Agrawal. A virtual machine platform and methodology for network data analysis with IDS and security visualization [C]//SoutheastCon, Charlotte, 2017: 1–8.
A. Gaurav, A. K. Singh. Super-Router: A collaborative filtering technique against DDoS attacks [C]//Advanced Informatics for Computing Research: First International Conference, Jalandhar, 2017: 294–305.
Y. Zhou, Y. Wang, J. Yu, et al. Load balancing for multiple controllers in SDN based on switches group [C]//19th Asia-Pacific Network Operations and Management Symposium (APNOMS), Seoul, 2017: 227–230.
L. Falk, A. Prakash, K. Borders. Analyzing websites for user-visible security design flaws [C]//Proceedings of 4th symposium on Usable privacy and security, Seoul, 2008: 117–126.
K. E. Smith. A Europea. Union global strategy for a changing world [J]. International Politics, 2017, 54(4): 503–518.
J. Kwon, J. Lee, H. Lee, et al. PsyBoG: A scalable botnet detection method for large-scale DNS traffic [J]. Computer Networks, 2016, 97: 48–73.
O. Y. Al-Jarrah, O. Alhussein, P. D. Yoo, et al. Data randomization and cluster-based partitioning for botnet intrusion detection [J]. IEEE Transactions on Cybernetics, 2016, 46(8): 1796–1806.
V. Natarajan, S. Sheen, R. Anitha. Detection of Stegobot: A covert social network botnet [C]//Proceedings of 1st International Conference on Security of Internet of Things, Kollam, 2012: 36–41.
N. Venkatachalam, R. Anitha. A multi-feature approach to detect stegobot: A covert multimedia social network botnet [J]. Multimedia Tools and Applications, 2017, 76(4): 6079–6096.
C. Dietz, A. Sperotto, G. Dreo, et al. How to achieve early botnet detection at the provider level [C]//Proceedings of 10th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security (AIMS), Munich, 2016: 142–146.
D. Zhao, I. Traore, B. Sayed, et al. Botnet detection based on traffic behavior analysis and flow intervals [J]. Computers & Security, 2013, 39(A): 2–16.
T. S. Wang, H. T. Lin, W. T. Cheng, et al. DBod. Clustering and detecting DGA-based botnets using DNS traffic analysis [J]. Computers & Security, 2017, 64(C): 1–15.
G. Kirubavathi, R. Anitha. Structural analysis and detection of android botnets using machine learning techniques [J]. International Journal of Information Security, 2018, 17(2): 153–167.
A. J. Alzahrani, A. A. Ghorbani. SMS mobile botnet detection using a multi-agent system: research in progress [C]//Proceedings of 1st International Workshop on Agents and CyberSecurity (ACySE), Paris, 2014: 2.
S. H. Li, Y. C. Kao, Z. C. Zhang, et al. A network behavior-based botnet detection mechanism using PSO and K-means [J]. ACM Transactions on Management Information Systems, 2015, 6(1): 3.
Y. Lu, M. Wang. An easy defense mechanism against botnet-based DDoS flooding attack originated in SDN environment using sFlow [C]//Proceedings of 11th International Conference on Future Internet Technology (CFI), Nanjing, 2016: 14–20.
J. Liu, Y. Lai, S. Zhang. FL-GUARD: A detection and defense system for DDoS attack in SDN [C]//Proceedings of the 2017 International Conference on Cryptography, Security and Privacy (ICCSP), Wuhan, 2017: 107–111.
S. Misra, P. V. Krishna, H. Agarwal, et al. A learning automata based solution for preventing distributed denial of service in Internet of Things [C]//4th International Conference on Cyber, Physical and Social Computing (CPSCom), Dalian, 2011: 114–122.
P. K. Sharma, S. Y. Moon, D. Moon, et al. DFA-AD: A distributed framework architecture for the detection of advanced persistent threats [J]. Cluster Computing, 2017, 20(1): 597–609.
F. Han, L. Xu, X. Yu, et al. Sliding-mode observers for real-time DDoS detection [C]//Proceedings of 11th IEEE Conference on Industrial Electronics and Applications (ICIEA), Hefei, 2016: 825–830.
A. S. Desai, D. P. Gaikwad. Real time hybrid intrusion detection system using signature matching algorithm and fuzzy-GA [C]//IEEE International Conference Advances in Electronics, Communication and Computer Technology (ICAECCT), Pune, 2016: 291–294.
K. Wang, M. Du, S. Maharjan, et al. Strategic honeypot game model for distributed denial of service attacks in the smart grid [J]. IEEE Transactions on Smart Grid, 2017, 8(5): 2474–2482.
H. Luo, Z. Chen, J. Li, et al. Preventing distributed denial-of-service flooding attacks with dynamic path identifiers [J]. IEEE Transactions on Information Forensics and Security, 2017, 12(8): 1801–1815.
A. Rajagopalan, M. Jagga, A. Kumari, et al. A DDoS prevention scheme for session resumption SEA architecture in healthcare IoT [C]//3rd International Conference on Computational Intelligence & Communication Technology (CICT), Ghaziabad, 2017: 1–5.
A. Sahi, D. Lai, Y. Li, et al. An efficient DDoS TCP flood attack detection and prevention system in a cloud environment [J]. IEEE Access, 2017, 5: 6036–6048.
P. Pal, N. Soule, N. Lageman, et al. Adaptive resource management enabling deception (ARMED) [C]//Proceedings of 12th International Conference on Availability, Reliability and Security (ARES), Reggio Calabria, 2017: 52.
X. Yuan, C. Li, X. Li. DeepDefense: Identifying DDoS attack via deep learning [C]//IEEE International Conference on Smart Computing (SMARTCOMP), Selangor, 2017: 1–8.
M. Nijim, H. Albataineh, D. Rao, et al. FastDetict: A data mining engine for predicting and preventing DDoS attacks [C]//IEEE International Symposium on Technology for Homeland Security (HST), Waltham, 2017: 1–5.
A. Joshi, K. Agrawal, D. Arora, et al. Efficient content authentication in ad hoc networks-mitigating DDoS attacks [J]. International Journal of Computer Applications, 2011, 23(4): 35–39.
O. Salman, S. Abdallah, I. H. Elhajj, et al. Identity-based authentication scheme for the Internet of things [C]//IEEE Symposium on Computers and Communication (ISCC), Natal, 2016: 1109–1111.
W. Feng, Y. Qin, S. Zhao, et al. AAoT. Lightweight attestation and authentication of low-resource things in IoT and CPS [J]. Computer Networks, 2018, 134: 167–182.
H. Yu, J. He. Authentication and en-route data filtering for wireless sensor networks in the Internet of things scenario [J]. International Journal of Grid and Distributed Computing, 2013, 6(1): 1–12.
W. K. Kim, H. Y. Han, S. G. Min. An authentication and key management mechanism for resource constrained devices in IEEE 802.11 based IoT access Networks [J]. Sensors, 2017, 17(10): 2170.
A. Lohachab, Karambir. Using quantum key distribution and ECC for secure inter-device authentication and communication in IoT infrastructure [C]//Proceedings of the International Conference on Internet of Things and Connected Technologies (ICIoTCT), Jaipur, 2018: 190–197.
Author information
Authors and Affiliations
Corresponding author
Additional information
The associate editor coordinating the review of this paper and approving it for publication was C. Z. Lai.
Ankur Lohachab [corresponding author] received his B.Tech. degree in Computer Science and Engineering from Kurukshetra University, India, in 2015 and is currently pursuing his M.Tech. degree in Computer Science and Engineering from University Institute of Engineering and Technology, Kurukshetra University.
Bidhan Karambir is currently working as an Assistant Professor in the Department of Computer Science and Engineering, University Institute of Engineering and Technology, Kurukshetra University. He has over 20 publications in National and International journals. His major research domain is Software Engineering.
Rights and permissions
About this article
Cite this article
Lohachab, A., Karambir, B. Critical Analysis of DDoS—An Emerging Security Threat over IoT Networks. J. Commun. Inf. Netw. 3, 57–78 (2018). https://doi.org/10.1007/s41650-018-0022-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s41650-018-0022-5