Skip to main content

Advertisement

SpringerLink
Log in

EIDDM: Edge and Internet Layer Distributed DoS Threats Detection and Mitigation for Internet of Things Wireless Communications

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Distributed Denial of Service (DDoS) attacks, plague the Internet of Things (IoT)-enabled distributed communication network. To mitigate DDoS attacks on IoT many protocols have been suggested in earlier literature, but most of them are successful in mitigating attacks on one layer at any given time. This research work proposes a mechanism to mitigate DDoS attacks on multiple layers of IoT networks. An IoT wireless network has been simulated in NS2 for developing a mechanism to detect and mitigate such attacks. Defending against multi-layer DDoS attacks is tough since DDoS threats are introduced on several tiers of IoT communication networks. This research work presents a unique security strategy to evaluate, detect, and neutralize the behavior of attack nodes. The protocol named “Edge and Internet Layer DDoS Threats Detection and Mitigation” (EIDDM), has been proposed in this work, as most DDoS attacks are introduced on edge and internet layers of the IoT framework. The functionality of EIDDM is driven by Network tree analysis. Edge and internet layer trust factors are routinely assessed for each IoT communication system sensor node. These trust factors are used to analyze node activity and reputation in network tree form. The trust-based network tree analysis of each node first detects attacker nodes and then determines the type of DDoS threat and its underlying cause. IoT connectivity technologies related to attacking nodes are discontinued till DDoS attacks have been mitigated. The proposed EIDDM protocol has been evaluated for its efficiency in terms of throughput, latency, energy consumption, Packet Delivery Ratio (PDR), and communication overhead in simulations. EIDDM protocol has been surpassed other protocols. Earlier protocols had throughput in the range of 53–56% and PDR in the range of 75–80%, whereas for EIDDM these are increased by 6.5% and 14%, respectively. Earlier protocols had overhead in the range of 10–12% and average energy utilization in the range of 1706–1756 J, whereas the EIDDM protocol reduced communication overhead by 25% and average energy utilization by 6.6%.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12

Similar content being viewed by others

Data Availability

The datasets analysed during the current study are available from the corresponding author on reasonable request.

References

  1. Mahajan, H. B., & Badarla, A. (2020). Detecting HTTP Vulnerabilities in IoT-based precision farming connected with cloud environment using artificial intelligence. International Journal of Advanced Science and Technology, 29(3), 214–226.

    Google Scholar 

  2. Alhayani, B., Kwekha-Rashid, A. S., Mahajan, H. B., et al. (2022). 5G Standards for the Industry 4.0 enabled communication systems using artificial intelligence: Perspective of smart healthcare system. Applied Nanoscience. https://doi.org/10.1007/s13204-021-02152-4

    Article  Google Scholar 

  3. Mahajan, H. B., Rashid, A. S., Junnarkar, A. A., et al. (2022). Integration of Healthcare 4.0 and blockchain into secure cloud-based electronic health records systems. Applied Nanoscience. https://doi.org/10.1007/s13204-021-02164-0

    Article  Google Scholar 

  4. Mahajan, H. B., & Badarla, A. (2018). Application of internet of things for smart precision farming: Solutions and challenges. International Journal of Advanced Science and Technology, 2018, 37–45.

    Google Scholar 

  5. Harbi, Y., Aliouat, Z., Harous, S., et al. (2019). A review of security in internet of things. Wireless Personal Communications, 108, 325–344. https://doi.org/10.1007/s11277-019-06405-y

    Article  Google Scholar 

  6. Jurcut, A., Niculcea, T., Ranaweera, P., et al. (2020). Security considerations for internet of things: A survey. SN COMPUT. SCI., 1, 193. https://doi.org/10.1007/s42979-020-00201-3

    Article  Google Scholar 

  7. Abiodun, O. I., Abiodun, E. O., Alawida, M., et al. (2021). A review on the security of the internet of things: Challenges and solutions. Wireless Personal Communications, 119, 2603–2637. https://doi.org/10.1007/s11277-021-08348-9

    Article  Google Scholar 

  8. Aldowah, H., Ul Rehman, S., & Umar, I. (2019). Security in internet of things: Issues, challenges and solutions. In F. Saeed, N. Gazem, F. Mohammed, & A. Busalim (Eds.), Recent trends in data science and soft computing IRICT 2018. Cham: Springer.

    Google Scholar 

  9. Singh, D., Pati, B., Panigrahi, C. R., & Swagatika, S. (2020). Security issues in IoT and their Countermeasures in smart city applications. In B. Pati, C. Panigrahi, R. Buyya, & K. C. Li (Eds.), Advanced computing and intelligent engineering. Singapore: Springer.

    Google Scholar 

  10. Bhatt, S., & Ragiri, P. R. (2021). Security trends in internet of things: A survey. SN Applied Sciences, 3, 1–14. https://doi.org/10.1007/s42452-021-04156-9

    Article  Google Scholar 

  11. Gautam, A. K., & Kumar, R. (2021). A comprehensive study on key management, authentication and trust management techniques in wireless sensor networks. SN Applied Science, 3, 50. https://doi.org/10.1007/s42452-020-04089-9

    Article  Google Scholar 

  12. Sharma, M., Arora, B. (2021). Detection and Prevention of DoS and DDoS in IoT. In: Singh, P.K., Wierzchoń, S.T., Tanwar, S., Ganzha, M., Rodrigues, J.J.P.C. (eds) Proceedings of Second International Conference on Computing, Communications, and Cyber-Security, Springer, Singapore. https://doi.org/10.1007/978-981-16-0733-2_60.

  13. Kumar, P., Bagga, H., Netam, B., & Uduthalapally, V. (2022). SAD-IoT: Security analysis of DDoS attacks in IoT networks. Wireless Personal Communications. https://doi.org/10.1007/s11277-021-08890-6

    Article  Google Scholar 

  14. Malhotra, P., Singh, Y., Anand, P., Bangotra, D. K., Singh, P. K., & Hong, W.-C. (2021). Internet of things: Evolution concerns and security challenges. Sensors, 21(5), 1809. https://doi.org/10.3390/s21051809

    Article  Google Scholar 

  15. Khraisat, A., & Alazab, A. (2021). A critical review of intrusion detection systems in the internet of things: Techniques, deployment strategy, validation strategy, attacks, public datasets and challenges. Cybersecur, 4, 18. https://doi.org/10.1186/s42400-021-00077-7

    Article  Google Scholar 

  16. Yu, S. (2014). Distributed denial of service attack and defense. SpringerBriefs in Computer Science. https://doi.org/10.1007/978-1-4614-9491-1

    Article  Google Scholar 

  17. Tabash, M., & Barhoom, T. (2014). An approach for detecting and preventing DoS attacks in LAN. International Journal of Computer Trends and Technology., 18, 265–271. https://doi.org/10.14445/22312803/IJCTT-V18P156

    Article  Google Scholar 

  18. Francois, J., Aib, I., & Boutaba, R. (2012). FireCol: A collaborative protection network for the detection of flooding DDoS attacks. IEEE/ACM Transactions on Networking, 20(6), 1828–1841. https://doi.org/10.1109/tnet.2012.2194508

    Article  Google Scholar 

  19. Prasad, K. M., Reddy, A., & Jyothsna, V. (2012). IP traceback for flooding attacks on Internet threat monitors (ITM) using Honeypots. arXiv preprint arXiv:1202.4530.

  20. Zargar, S. T., Joshi, J., & Tipper, D. (2013). A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Communications Surveys & Tutorials, 15(4), 2046–2069. https://doi.org/10.1109/surv.2013.031413.00127

    Article  Google Scholar 

  21. Xiaofeng, Q., Jihong, H., & Ming, C. (2004). A mechanism to defend SYN flooding attack based on network measurement system. IEEE Explore, 33, 208–212. https://doi.org/10.1109/ITRE.2004.1393677

    Article  Google Scholar 

  22. Wu, Y.-C., Tseng, H.-R., Yang, W., & Jan, R.-H. (2009). DDoS Detection and Traceback with Decision Tree and Grey Relational Analysis. In 2009 Third International Conference on Multimedia and Ubiquitous Engineering. https://doi.org/10.1109/mue.2009.60.

  23. MacFarland, D. C., Shue, C. A., & Kalafut, A. J. (2015). Characterizing optimal DNS amplification attacks and effective mitigation. Lecture Notes in Computer Science. https://doi.org/10.1007/978-3-319-15509-8_2

    Article  Google Scholar 

  24. Dandare, P., & Chole, P. V. (2016). Detection of collision attacks and comparison of efficiency in wireless sensor network. International Journal of Engineering and Computer Science, 5(5), 16400–16406. https://doi.org/10.18535/ijecs/v5i5.13

    Article  Google Scholar 

  25. Sufyan, N., Saqib, N. A., & Zia, M. (2013). Detection of jamming attacks in 802.11 b wireless networks. EURASIP Journal on Wireless Communications and Networking. https://doi.org/10.1186/1687-1499-2013-208

    Article  Google Scholar 

  26. Rehman, E., Sher, M., Naqvi, S. H. A., Badar Khan, K., & Ullah, K. (2017). Energy efficient secure trust based clustering algorithm formobile wireless sensor network. Journal of Computer Networks and Communications, 2017, 1630673.

    Article  Google Scholar 

  27. Mittal, N. (2019). Moth flame optimization based energy efficient stable clustered routing approach for wireless sensor networks. Wireless Personal Communications, 104(2), 677–694.

    Article  Google Scholar 

  28. Sharma, R., Vashisht, V., & Singh, U. (2019). Nature Inspired Algorithms for Energy Efficient Clustering in Wireless Sensor Net-works. In 2019 9th International Conference on Cloud Computing, Data Science & Engineering (Confluence). https://doi.org/10.1109/confluence.2019.8776618.

  29. Sharma, R., Vashisht, V., & Singh, U. (2019). EEFCM-DE: Energy efficient clustering based on fuzzy C Means and differential evolution algorithm in WSNs. IET Communications. https://doi.org/10.1049/iet-com.2018.5546

    Article  Google Scholar 

  30. Pavani, M., & Trinatha Rao, P. (2019). Adaptive PSO with Opti-mized firefly algorithms for secure cluster based routing in wireless sensor networks. IET Wireless Sensor Systems. https://doi.org/10.1049/iet-wss.2018.5227

    Article  Google Scholar 

  31. Gilbert, E. P. K., Baskaran, K., Rajsingh, E. B., Lydia, M., & Selvakumar, A. I. (2019). Trust aware nature inspired optimised rout-ing in clustered wireless sensor networks. International Journal of Bio-Inspired Computation, 14(2), 103. https://doi.org/10.1504/ijbic.2019.101637

    Article  Google Scholar 

  32. Ramesh, S., & Yaashuwanth, C. (2019). Enhanced approach using trust based decision making for secured wireless streaming video sensor networks. Multimedia Tools and Applications. https://doi.org/10.1007/s11042-019-7585-5

    Article  Google Scholar 

  33. Sharma, R., Vashisht, V., & Singh, U. (2020). eeTMFO/GA: A secure and energy efficient cluster head selection in wireless sensor networks. Telecommunication Systems. https://doi.org/10.1007/s11235-020-00654-0

    Article  Google Scholar 

  34. Mahajan, H. B., Badarla, A., & Junnarkar, A. A. (2021). CL-IoT: Cross-layer Internet of Things protocol for intelligent manufacturing of smart farming. Journal of Ambient Intelligence and Humanized Computing, 12(7), 7777–7791. https://doi.org/10.1007/s12652-020-02502-0

    Article  Google Scholar 

  35. Qureshi, S. G. & Shandilya, S. K. (2021). Advances in Cyber Security Paradigm: A Review. A. Abraham et al. (Eds.): HIS 2019, AISC 1179, pp. 268–276. https://doi.org/10.1007/978-3-030-49336-3_27.

  36. Mahajan, H. B., & Badarla, A. (2021). Cross-layer protocol for WSN-Assisted IoT smart farming applications using nature inspired algorithm. Wireless Personal Communications. https://doi.org/10.1007/s11277-021-08866-6

    Article  Google Scholar 

  37. Wang, J., Jiang, S., & Fapojuwo, A. (2017). A protocol layer trust-based intrusion detection scheme for wireless sensor networks. Sensors, 17(6), 1227. https://doi.org/10.3390/s17061227

    Article  Google Scholar 

  38. Abidoye, A. P., & Ochola, E. O. (2018). Denial of service attacks in wireless sensor networks with proposed countermeasures. In S. Latifi (Ed.), Information Technology—New Generations. Cham: Springer.

    Google Scholar 

  39. Chen, H., Meng, C., Shan, Z., Fu, Z., & Bhargava, B. K. (2019). A novel Low-rate Denial of Service attack detection approach in ZigBee wireless sensor network by combining Hilbert-Huang Transformation and Trust Evaluation. IEEE Access. https://doi.org/10.1109/access.2019.2903816

    Article  Google Scholar 

  40. Mohammadani, K. H., Memon, K. A., Memon, I., Hussaini, N. N., & Fazal, H. (2020). Preamble time-division multiple access fixed slot assignment protocol for secure mobile ad hoc networks. International Journal of Distributed Sensor Networks, 16(5), 155014772092162. https://doi.org/10.1177/1550147720921624

    Article  Google Scholar 

  41. Segura, G. A. N., Skaperas, S., Chorti, A., Mamatas, L., & Margi, C. B. (2020). Denial of service attacks detection in software-defined wireless sensor networks. In 2020 IEEE International Conference on Communications Workshops (ICC Workshops). https://doi.org/10.1109/iccworkshops49005.2020.9145136.

  42. Cheng, G., Zhao, L., Hu, X., Zheng, S., & wu, Hua & Li, Ruidong & Fan, Chengyu. (2019). Detecting and mitigating a sophisticated interest flooding attack in NDN from the network-wide view. IEEE First International Workshop on Network Meets Intelligent Computations (NMIC), 2019, 7–12. https://doi.org/10.1109/NMIC.2019.00007

    Article  Google Scholar 

  43. Borgiani, V., Moratori, P., Kazienko, J. F., Tubino, E. R., & Quincozes, S. E. (2020). Towards a distributed approach for detection and mitigation of denial of service attacks within industrial internet of things. IEEE Internet of Things Journal. https://doi.org/10.1109/jiot.2020.3028652

    Article  Google Scholar 

  44. Abidoye, A. P., & Kabaso, B. (2021). Lightweight models for detection of denial-of-service attack in wireless sensor networks. IET Networks, 10(4), 185–199. https://doi.org/10.1049/ntw2.12011

    Article  Google Scholar 

  45. Akhbari, A., & Ghaffari, A. (2021). Selfish node detection based on fuzzy logic and Harris hawks optimization algorithm in IoT networks. Security and Communication Networks. https://doi.org/10.1155/2021/2658272

    Article  Google Scholar 

  46. Farahani, G. (2021). Black hole attack detection using K-nearest neighbor algorithm and reputation calculation in mobile Ad Hoc networks. Security and Communication Networks, 2021, 1–15. https://doi.org/10.1155/2021/8814141

    Article  Google Scholar 

  47. Anand, C., & Vasuki, N. (2021). Trust based DoS attack detection in wireless sensor networks for reliable data transmission. Wireless Personal Communications. https://doi.org/10.1007/s11277-021-08855-9

    Article  Google Scholar 

  48. Nayak, R. P., Sethi, S., Bhoi, S. K., Sahoo, K. S., Jhanjhi, N., Tabbakh, T. A., & Almusaylim, Z. A. (2021). TBDDoSA-MD: Trust-based DDoS misbehave detection approach in software-defined vehicular network (SDVN). CMC-Computers, Materials & Continua, 69(3), 3513–3529. https://doi.org/10.32604/cmc.2021.018930

    Article  Google Scholar 

  49. Awan, S., Javaid, N., Ullah, S., Khan, A. U., Qamar, A. M., & Choi, J.-G. (2022). Blockchain based secure routing and trust management in wireless sensor networks. Sensors, 22(2), 411. https://doi.org/10.3390/s22020411

    Article  Google Scholar 

  50. Al-Zubaidie, M., Zhang, Z., & Zhang, J. (2020). REISCH: Incorporating lightweight and reliable algorithms into healthcare applications of WSNs. Applied Sciences, 10(6), 2007. https://doi.org/10.3390/app10062007

    Article  Google Scholar 

  51. Rao, V., & KV, P. (2021). DEC-LADE: Dual elliptic curve-based lightweight authentication and data encryption scheme for resource constrained smart devices. IET Wireless Sensor Systems, 11(2), 91–109. https://doi.org/10.1049/wss2.12014

    Article  Google Scholar 

  52. Gopala Krishnan, C., Gomathi, S., Aravind Swaminathan, G., Robinson, Y. H., & AnushaBamini, A. M. (2022). Trust management framework and high energy efficient lifetime management system for MANET using self-configurable cluster mechanism. Wireless Personal Communications. https://doi.org/10.1007/s11277-022-10048-x

    Article  Google Scholar 

  53. Qureshi, S. G., Shandilya, S. K., Satapathy, S. C., et al. (2023). Nature-inspired decision support system for securing clusters of wireless sensor networks in advanced IoT environments. Wireless Personal Communications, 128, 67–88. https://doi.org/10.1007/s11277-022-09601-5

    Article  Google Scholar 

  54. Mahajan, H. B., Junnarkar, A. A., Tiwari, M., Tiwari, T., & Upadhyaya, M. (2022). LCIPA: Lightweight clustering protocol for industry 4.0 enabled precision agriculture. Microprocessors and Microsystems, 94, 104633. https://doi.org/10.1016/j.micpro.2022.104633

    Article  Google Scholar 

  55. Maranur, J. R., & Mathapati, B. (2023). ARPVP: Attack resilient position-based VANET protocol using ant colony optimization. Wireless Personal Communications, 128, 1235–1258. https://doi.org/10.1007/s11277-022-09997-0

    Article  Google Scholar 

  56. Mahajan, H. B. (2022). Emergence of healthcare 4.0 and blockchain into secure cloud-based electronic health records systems: Solutions, challenges, and future roadmap. Wireless Personal Communications, 126(3), 2425–2446. https://doi.org/10.1007/s11277-022-09535-y

    Article  Google Scholar 

  57. Beslin Pajila, P. J., Golden Julie, E., & Harold Robinson, Y. (2023). ABAP: Anchor node based DDoS attack detection using adaptive neuro-fuzzy inference system. Wireless Personal Communications, 128(2), 875–899. https://doi.org/10.1007/s11277-022-09980-9

    Article  Google Scholar 

  58. Mahajan, H. B., Uke, N., Pise, P., et al. (2022). Automatic robot Manoeuvres detection using computer vision and deep learning techniques: A perspective of internet of robotics things (IoRT). Multimedia Tools Applied. https://doi.org/10.1007/s11042-022-14253-5

    Article  Google Scholar 

  59. Wang, J. (2012). Advanced attack tree based intrusion detection. Loughborough: Loughborough University.

    Google Scholar 

  60. Wang, J., Phan, R. C.-W., Whitley, J. N., & Parish, D. J. (2010). Augmented Attack Tree Modeling of Distributed Denial of Services and Tree Based Attack Detection Method. In 2010 10th IEEE International Conference on Computer and Information Technology. https://doi.org/10.1109/cit.2010.185.

  61. Jayashree, P., & Easwarakumar, D. K. (2008). An effective defence cum prevention of DDOS attacks in active networks using attribute trees. Journal of Ubiquitous Computing and Communication, Spl. issue on New Technologies, Mobility and Security, NTMS, pp 16–24.

  62. Chen, Y., Hwang, K., & Ku, W. (2007). Distributed Change-Point Detection of DDoS Attacks: Experimental Results on DETER Testbed. In DETER: Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007, pages 7.

Download references

Funding

No Funding.

Author information

Authors and Affiliations

  1. Department of Computer Engineering, St. Francis Institute of Technology, Mumbai, India

    Kavita Kumavat

  2. Vishwakarma University, Pune, India

    Kavita Kumavat

  3. Department of Information Technology, St. Francis Institute of Technology, Mumbai, India

    Joanne Gomes

Authors
  1. Kavita Kumavat
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Joanne Gomes
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kavita Kumavat.

Ethics declarations

Conflict of interest

All authors declares that they has no conflict of interest.

Ethical Approval

This article does not contain any studies with human participants performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kumavat, K., Gomes, J. EIDDM: Edge and Internet Layer Distributed DoS Threats Detection and Mitigation for Internet of Things Wireless Communications. Wireless Pers Commun 131, 709–735 (2023). https://doi.org/10.1007/s11277-023-10453-w

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-023-10453-w

Keywords

Search

Navigation