Abstract
The Internet of Things (IoT) is a rapidly emerging technology in the consumer and industrial market. This technology has the potential to radically transform the consumer experience, as it will change our daily scenes, starting from the way we drink coffee to how smart objects interact with industrial applications. Such rapid development and deployment face multifarious challenges, including the sheer amount of data generated, network scale, network heterogeneity, as well as security and privacy concerns. In recent years, Distributed Denial-of-Service (DDoS) attacks in IoT networks are considered one of the growing challenges that need to be shed light on. DDoS attacks utilize the limited resources in IoT devices, such as storage limitation and network capacity, that cause this issue in the IoT application. This paper comprehensively reviews the attacks that can lead to DDoS, which eventually will cause serious damage to existing systems. Additionally, the paper investigates the available solutions used to counter these attacks and explore their limitations from the perspective of the constrained device. Furthermore, a detailed analysis of the existing solution placement was implemented, including heterogeneity and their performance for IoT based networks. Finally, the paper will reveal and discuss interesting research direction on the future IoT security and current trends.
Similar content being viewed by others
References
Abomhara, M., et al.: Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. J. Cyber. Secur. Mob. 4(1), 65–88 (2015)
Ahmed, F., Ko, Y-B: Mitigation of black hole attacks in routing protocol for low power and lossy networks. Secur. Commun. Netw. 9(18), 5143–5154 (2016)
Airehrour, D., Gutierrez, J., Ray, S.K.: A lightweight trust design for iot routing. In: 2016 IEEE 14th Intl Conf on Dependable, Autonomic and Secure Computing, 14th Intl Conf on Pervasive Intelligence and Computing, 2nd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech), pp. 552–557. IEEE (2016)
Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., Ayyash, M.: Internet of things: A survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutorials 17(4), 2347–2376 (2015)
Alaba, F.A., Othman, M., Hashem, I.A.T., Alotaibi, F.: Internet of things security: A survey. J. Netw. Comput. Appl. 88, 10–28 (2017)
Amish, P., Vaghela, V.B.: Detection and prevention of wormhole attack in wireless sensor network using aomdv protocol. Procedia Comput. Sci. 79, 700–707 (2016)
Bhattasali, T., Chaki, R., Sanyal, S.: Sleep deprivation attack detection in wireless sensor network. arXiv:1203.0231 (2012)
Borgohain, T., Kumar, U., Sanyal, S.: Survey of security and privacy issues of internet of things. arXiv:1501.02211 (2015)
Bostani, H., Sheikhan, M.: Hybrid of anomaly-based and specification-based ids for internet of things using unsupervised opf based on mapreduce approach. Comput. Commun. 98, 52–71 (2017)
Brown, C., Cowperthwaite, A., Hijazi, A., Somayaji, A.: Analysis of the 1999 darpa/lincoln laboratory ids evaluation data with netadhict. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–7. IEEE (2009)
Cervantes, C., Poplade, D., Nogueira, M., Santos, A.: Detection of sinkhole attacks for supporting secure routing on 6lowpan for internet of things. In: 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM), pp. 606–611. IEEE (2015)
Chaabouni, N., Mosbah, M., Zemmari, A., Sauvignac, C., Faruki, P.: Network intrusion detection for iot security based on learning techniques. IEEE Communications Surveys & Tutorials (2019)
Chen, R., Bao, F., Guo, J.: Trust-based service management for social internet of things systems. IEEE Trans. Depend. Sec. Comput. 13(6), 684–696 (2015)
Conti, M., Dehghantanha, A., Franke, K., Watson, S.: Internet of things security and forensics: Challenges and opportunities. Elsevier (2018)
Creech, G., Hu, J.: Generation of a new ids test dataset: Time to retire the kdd collection. In: 2013 IEEE Wireless Communications and Networking Conference (WCNC), pp. 4487–4492. IEEE (2013)
Dvir, A., Buttyan, L., et al.: Vera-version number and rank authentication in rpl. In: 2011 IEEE Eighth International Conference on Mobile Ad-Hoc and Sensor Systems, pp. 709–714. IEEE (2011)
Gara, F., Saad, L.B., Ayed, R.B.: An intrusion detection system for selective forwarding attack in ipv6-based mobile wsns. In: 2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC), pp. 276–281. IEEE (2017)
Glissa, G., Meddeb, A.: 6lowpan multi-layered security protocol based on ieee 802.15. 4 security features. In: 2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC), pp. 264–269. IEEE (2017)
Glissa, G., Meddeb, A.: 6lowpsec: An end-to-end security protocol for 6lowpan. Ad Hoc Netw. 82, 100–112 (2019)
Gubbi, J., Buyya, R., Marusic, S., Palaniswami, M.: Internet of things (iot): A vision, architectural elements, and future directions. Fut. Gener. Comput. Syst. 29(7), 1645–1660 (2013)
Hassan, W.H., et al.: Current research on internet of things (iot) security: A survey. Comput. Netw. 148, 283–294 (2019)
Heurtefeux, K., Erdene-Ochir, O., Mohsin, N., Menouar, H.: Enhancing rpl resilience against routing layer insider attacks. In: 2015 IEEE 29th International Conference on Advanced Information Networking and Applications, pp. 802–807. IEEE (2015)
Hossain, M.S., Muhammad, G., Rahman, S.M.M., Abdul, W., Alelaiwi, A., Alamri, A.: Toward end-to-end biomet rics-based security for iot infrastructure. IEEE Wirel. Commun. 23(5), 44–51 (2016)
Hossain, M., Karim, Y., Hasan, R.: Secupan: A security scheme to mitigate fragmentation-based network attacks in 6lowpan. In: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, pp. 307–318. ACM (2018)
Hota, C., Shrivastava, R.K., Shipra, S.: Tamper-resistant code using optimal rop gadgets for iot devices. In: 2017 13th International Wireless Communications and Mobile Computing Conference (IWCMC), pp. 570–575. IEEE (2017)
Hummen, R., Hiller, J., Wirtz, H., Henze, M., Shafagh, H., Wehrle, K.: 6lowpan fragmentation attacks and mitigation mechanisms. In: Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks, pp. 55–66. ACM (2013)
Ioulianou, P., Vasilakis, V., Moscholios, I., Logothetis, M.: A signature-based intrusion detection system for the internet of things. Information and Communication Technology Form (2018)
Jan, M.A., Khan, M.: Denial of service attacks and their countermeasures in wsn. IRACST–Int. J. Comput. Netw. Wirel. Commun. (IJCNWC) 3 (2013)
Jøsang, A.: A logic for uncertain probabilities. Int. J. Uncertain. Fuzziness Knowl.-Based Syst. 9(3), 279–311 (June 2001). https://doi.org/10.1142/S0218488501000831
Kasinathan, P., Pastrone, C., Spirito, M.A., Vinkovits, M.: Denial-of-service detection in 6lowpan based internet of things. In: 2013 IEEE 9th international conference on wireless and mobile computing, networking and communications (WiMob), pp. 600–607. IEEE (2013)
Khan, Z.A., Herrmann, P.: A trust based distributed intrusion detection mechanism for internet of things. In: 2017 IEEE 31st International Conference on Advanced Information Networking and Applications (AINA), pp. 1169–1176. IEEE (2017)
Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: Ddos in the iot: Mirai and other botnets. Computer 50(7), 80–84 (2017)
Kouicem, D.E., Bouabdallah, A., Lakhlef, H.: Internet of things security: A top-down survey. Comput. Netw. 141, 199–221 (2018)
La, V.H., Fuentes, R., Cavalli, A.R.: A novel monitoring solution for 6lowpan-based wireless sensor networks. In: 2016 22nd Asia-Pacific Conference on Communications (APCC), pp. 230–237. IEEE (2016)
Le, A., Loo, J., Chai, K., Aiash, M.: A specification-based ids for detecting attacks on rpl-based network topology. Information 7(2), 25 (2016)
Lee, I., Lee, K.: The internet of things (iot): Applications, investments, and challenges for enterprises. Bus. Horiz. 58(4), 431–440 (2015)
Lin, J., Yu, W., Zhang, N., Yang, X., Zhang, H., Zhao, W.: A survey on internet of things: Architecture, enabling technologies, security and privacy, and applications. IEEE Internet Things J. 4(5), 1125–1142 (2017)
Lu, Y., DaXu, L.: Internet of things (iot) cybersecurity research: a review of current research topics. IEEE Internet Things J. (2018)
Lyu, M., Sherratt, D., Sivanathan, A., Gharakheili, H.H., Radford, A., Sivaraman, V.: Quantifying the reflective ddos attack capability of household iot devices. In: Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 46–51. ACM (2017)
Mahmoud, R., Yousuf, T., Aloul, F., Zualkernan, I.: Internet of things (iot) security: Current status, challenges and prospective measures. In: 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 336–341. IEEE (2015)
Medjek, F., Tandjaoui, D., Romdhani, I., Djedjig, N.: A trust-based intrusion detection system for mobile rpl based networks. In: 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 735–742. IEEE (2017)
Midi, D., Rullo, A., Mudgerikar, A., Bertino, E.: Kalis—a system for knowledge-driven adaptable intrusion detection for the internet of things. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 656–666. IEEE (2017)
Mosenia, A., Jha, N.K.: A comprehensive study of security of internet-of-things. IEEE Trans. Emerg. Top. Comput. 5(4), 586–602 (2017)
Namvar, N., Saad, W., Bahadori, N., Kelley, B.: Jamming in the internet of things: A game-theoretic perspective. In: 2016 IEEE Global Communications Conference (GLOBECOM), pp. 1–6. IEEE (2016)
Owezarski, P.: A database of anomalous traffic for assessing profile based ids. In: International Workshop on Traffic Monitoring and Analysis, pp. 59–72. Springer (2010)
Perrey, H., Landsmann, M., Ugus, O., Schmidt, T.C., Wählisch, M.: Trail: Topology authentication in rpl. arXiv:1312.0984 (2013)
Pihl, R.L.: The sequential probability ratio test. History 9, 1 (1998)
Pongle, P., Chavan, G.: A survey: Attacks on rpl and 6lowpan in iot. In: 2015 International Conference on Pervasive Computing (ICPC), pp. 1–6. IEEE (2015)
Pu, C., Lim, S.: A light-weight countermeasure to forwarding misbehavior in wireless sensor networks: design, analysis, and evaluation. IEEE Syst. J. 12(1), 834–842 (2016)
Raza, S., Wallgren, L., Voigt, T.: Svelte: Real-time intrusion detection in the internet of things. Ad hoc Netw. 11(8), 2661–2674 (2013)
Rivera, J., vander Meulen, R.: Gartner says the internet of things will transform the data center. Retrieved August 5, 2014 (2014)
Sehgal, A., Mayzaud, A., Badonnel, R., Chrisment, I., Schönwälder, J.: Addressing dodag inconsistency attacks in rpl networks. In: 2014 Global Information Infrastructure and Networking Symposium (GIIS), pp. 1–8. IEEE (2014)
Sfar, A.R., Natalizio, E., Challal, Y., Chtourou, Z.: A roadmap for security challenges in the internet of things. Digit. Commun. Netw. 4(2), 118–137 (2018)
Sha, K., Wei, W., Yang, T.A., Wang, Z., Shi, W.: On security challenges and open issues in internet of things. Futur. Gener. Comput. Syst. 83, 326–337 (2018)
Sherasiya, T., Upadhyay, H.: Intrusion detection system for internet of things. Int. J. Adv. Res. Innov. Ideas Educ.(IJARIIE) 2(3) (2016)
Shrivastava, R., Hota, C., Shrivastava, P.: Protection against code exploitation using rop and check-summing in iot environment. In: 2017 5th International Conference on Information and Communication Technology (ICoIC7), pp. 1–6. IEEE (2017)
Sonar, K., Upadhyay, H.: An approach to secure internet of things against ddos. Proceedings of International Conference on ICT for Sustainable Development, pp. 367–376. Springer (2016)
Stephen, R., Arockiam, L.: Intrusion detection system to detect sinkhole attack on rpl protocol in internet of things. Int. J. Electr. Electron. Comput. Sci. 4(4), 16–20 (2017)
Stolfo, S.J., et al.: Kdd cup 1999 dataset. UCI KDD repository. http://kdd.ics.uci.edu (1999)
Sung, Y., Lee, S., Lee, M.: A multi-hop clustering mechanism for scalable iot networks. Sensors 18(4), 961 (2018)
Surendar, M., Umamakeswari, A.: Indres: An intrusion detection and response system for internet of things with 6lowpan. In: 2016 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET), pp. 1903–1908. IEEE (2016)
Tang, X., Ren, P., Han, Z.: Jamming mitigation via hierarchical security game for iot communications. IEEE Access 6, 5766–5779 (2018)
Tewari, A., Gupta, B.B.: Security, privacy and trust of different layers in internet-of-things (iots) framework. Futur. Gener. Comput. Syst. (2018)
Wallgren, L., Raza, S., Voigt, T.: Routing attacks and countermeasures in the rpl-based internet of things. Int. J. Distrib. Sens. Netw. 9(8), 794326 (2013)
Wang, Y, Attebury, G, Ramamurthy, B: A survey of security issues in wireless sensor networks. IEEE Commun. Surv. Tutorials 8(2), 2–23 (2006). https://doi.org/10.1109/COMST.2006.315852
Yaseen, Q., Albalas, F., Jararwah, Y., Al-Ayyoub, M.: Leveraging fog computing and software defined systems for selective forwarding attacks detection in mobile wireless sensor networks. Trans. Emerg. Telecommun. Technol. 29 (4), e3183 (2018)
Yaseen, Q., AlBalas, F., Jararweh, Y., Al-Ayyoub, M.: A fog computing based system for selective forwarding detection in mobile wireless sensor networks. In: 2016 IEEE 1st International Workshops on Foundations and Applications of Self* Systems (FAS* W), pp. 256–262. IEEE (2016)
Zheng, L., Zhang, H., Han, W., Zhou, X., He, J., Zhang, Z., Gu, Y., Wang, J., et al.: Technologies, applications, and governance in the internet of things. Internet of things-Global technological and societal trends. From smart environments and spaces to green ICT (2011)
Acknowledgments
This work was supported by the University of Technology Sydney and the Centre for Artificial Intelligence in UTS. The authors are thankful for the funding entities.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article belongs to the Topical Collection: Special Issue on Intelligent Fog and Internet of Things (IoT)-Based Services
Guest Editors: Farookh Hussain, Wenny Rahayu, and Makoto Takizawa
Rights and permissions
About this article
Cite this article
Al-Hadhrami, Y., Hussain, F.K. DDoS attacks in IoT networks: a comprehensive systematic literature review. World Wide Web 24, 971–1001 (2021). https://doi.org/10.1007/s11280-020-00855-2
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11280-020-00855-2