Research Area:  Internet of Things
The proliferation of Distributed Denial of Service (DDoS) attacks in Internet of Things (IoT) not only threatens the security of digital devices and infrastructure, but also severely degrades IoT system performance due to the overly consumed network resources. With the knowledge of identity information of devices and signaling data, Internet Service providers (ISPs) can detect and block DDoS traffic by monitoring the upstream IoT packets, and thereby improve network efficiency. However, inspecting all data packets online for DDoS detection will significantly increase both the network delay and the computational overhead. Therefore, the packet sampling strategy is crucial for the defenders to detect DDoS attacks. To this end, this paper formulates a Stackelberg game model to analyze the collaborative IoT packet sampling against DDoS attacks. Through the equilibrium analysis of the DDoS game, we derive the lower bound of packet sampling rate (PSR) that can effectively deter potential attackers. Unlike traditional offline detection, our proposed packet sampling strategy can support both the online detection and proactive prevention of DDoS traffic. As a use case, a multi-point DDoS defense framework is developed to address the IP spoofing in 5G network based on the proposed packet sampling strategy, which deters DDoS attacks and reduces the packet sampling cost, and thereby maximize the IoT utility, compared with existing methods. In typical reflection attacks (in which no more than 5 packets of response are triggered by a request packet), our proposed scheme not only reduces more than 70% of the sampling rate, but also demonstrates superior robustness against boundary condition variation.
Author(s) Name:  Xu Chen; Liang Xiao; Wei Feng; Ning Ge; Xianbin Wang
Journal name:  IEEE Internet of Things Journal
Publisher name:  IEEE
Volume Information:  Page(s): 1 - 1
Paper Link:   https://ieeexplore.ieee.org/document/9662404