DoS attack detection and prevention in fog-based intelligent environments / Detecção e prevenção de ataques DoS em ambientes inteligentes baseados em nevoeiro
DOI:
https://doi.org/10.34117/bjdv5n11-089Keywords:
Dos Attack, Fog Computing, Intelligent Environments.Abstract
The Internet of Things and Fog Computing are technologies currently used in many areas. They can be applied to provide a residential automation environment, for example, fire alarm applications, gas leak alarms, among others. Security-related searches for these fog-based environments are still in the early stages. Also, the fact that these environments are connected to the Internet makes them vulnerable to various threats, such as Denial of Service (DoS) attacks. In this work, we propose a module for detection and prevention of DoS attacks, that operates in the system’s fog layer, to protect the system from external attacks. Practical experiments were carried out with the proposed module, considering a Raspberry Pi 3B as our fog server. The results obtained demonstrates that the approach is capable of detecting external attacks, as well as blocking the IPs from attackers, using less than 20% of cpu and less than 1% of RAM memory usage.
References
Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., and Ayyash, M. (2015).Internet of things: A survey on enabling technologies, protocols, and applications.IEEE Communications Surveys & Tutorials, 17(4):2347–2376.
Aldaej, A. (2019). Enhancing cyber security in modern internet of things (iot) using intrusion prevention algorithm for iot (ipai). IEEE Access, pages 1–1.
Alrawais, A., Alhothaily, A., Hu, C., and Cheng, X. (2017). Fog Computing for the Internet of Things: Security and Privacy Issues. IEEE Internet Computing, 21(2):34–42.
Axelsson, S. (2000). Intrusion detection systems: A survey and taxonomy. Technical report, Technical report.
Bonomi, F., Milito, R., Zhu, J., and Addepalli, S. (2012). Fog computing and its role in the internet of things. In Proceedings of the first edition of the MCC workshop on Mobile cloud computing, pages 13–16. ACM.
Buyya, R., Yeo, C. S., Venugopal, S., Broberg, J., and Brandic, I. (2009). Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility. Future Generation Computer Systems, 25(6):599–616.
Cabrera, J. B., Lewis, L., Qin, X., Lee, W., Prasanth, R. K., Ravichandran, B., and Mehra,R. K. (2001). Proactive detection of distributed denial of service attacks using mib traffic variables-a feasibility study. In 2001 IEEE/IFIP International Symposium on Integrated Network Management Proceedings. Integrated Network Management VII. Integrated Management Strategies for the New Millennium (Cat. No. 01EX470), pages609–622. IEEE.
Chandre, P. R., Mahalle, P. N., and Shinde, G. R. (2018). Machine learning based novel approach for intrusion detection and prevention system: A tool based verification. In 2018 IEEE Global Conference on Wireless Computing and Networking (GCWCN), pages 135–140. IEEE.
Dragomir, D., Gheorghe, L., Costea, S., and Radovici, A. (2016). A survey on secure communication protocols for iot systems. In 2016 International Workshop on Secure Internet of Things (SIoT), pages 47–62.
Frustaci, M., Pace, P., Aloi, G., and Fortino, G. (2018). Evaluating critical security issues of the iot world: Present and future challenges. IEEE Internet of Things Journal, 5(4):2483–2495.
Garcia-Teodoro, P., Diaz-Verdejo, J., Maciá-Fernández, G., and Vázquez, E. (2009). Anomaly-based network intrusion detection: Techniques, systems and challenges. computers & security, 28(1-2):18–28.
Gubbi, J., Buyya, R., Marusic, S., and Palaniswami, M. (2013). Internet of things (iot): A vision, architectural elements, and future directions. Future Generation Computer Systems, 29(7):1645 – 1660.
Iorga, M., Feldman, L., Barton, R., Martin, M. J., Goren, N. S., and Mahmoudi, C. (2018). Fog computing conceptual model. Technical report.
Jackson, K. A. et al. (1999). Intrusion detection system (ids) product survey. Los Alamos National Laboratory.
Kabiri, P. and Ghorbani, A. A. (2005). Research on intrusion detection and response: A survey. IJ Network Security, 1(2):84–102.
Kasinathan, P., Pastrone, C., Spirito, M. A., and Vinkovits, M. (2013). Denial-of-service detection in 6lowpan based internet of things. In 2013 IEEE 9th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), pages 600–607.
Kolias, C., Kambourakis, G., Stavrou, A., and Voas, J. (2017). Ddos in the iot: Mirai and other botnets. Computer, 50(7):80–84.
Lu, Y. and Xu, L. D. (2019). Internet of things (iot) cybersecurity research: A review of current research topics. IEEE Internet of Things Journal, 6(2):2103–2115.
Maphats’oe, T. and Masinde, M. (2016). A security algorithm for wireless sensor networks in the internet of things paradigm. In 2016 IST-Africa Week Conference, pages 1–10.
Mell, P., Grance, T., et al. (2011). The nist definition of cloud computing.
Miorandi, D., Sicari, S., De Pellegrini, F., and Chlamtac, I. (2012). Internet of things: Vision, applications and research challenges. Ad hoc networks, 10(7):1497–1516.
Mukherjee, M., Shu, L., and Wang, D. (2018). Survey of fog computing: Fundamental, network applications, and research challenges. IEEE Communications Surveys Tutorials, 20(3):1826–1857.
Nazario, J. (2008). Ddos attack evolution. Network Security, 2008(7):7–10.
Nikam, A. and Ambawade, D. (2018). Opinion metric based intrusion detection mechanism for rpl protocol in iot. In 3rd International Conference for Convergence in Technology (I2CT), pages 1–6.
Sampaio, H. V., de Jesus, A. L. C., do Nascimento Boing, R., and Westphall, C. B. (2019). Autonomic IoT Battery Management with Fog Computing. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 11484 LNCS(Cc):89–103.
Satyanarayanan, M. (2015). A brief history of cloud offload: A personal journey from odyssey through cyber foraging to cloudlets. GetMobile: Mobile Computing and Communications, 18(4):19–23.
Shafi, Q., Basit, A., Qaisar, S., Koay, A., and Welch, I. (2018). Fog-assisted sdn controlled framework for enduring anomaly detection in an iot network. IEEE Access, PP:1–1.
Vikram, N., Harish, K. S., Nihaal, M. S., Umesh, R., Shetty, A., and Kumar, A. (2017). A low cost home automation system using wi-fi based wireless sensor network incorporating internet of things (iot). In 2017 IEEE 7th International Advance Computing Conference (IACC), pages 174–178.
Wang, H., Zhang, D., and Shin, K. G. (2002). Detecting syn flooding attacks. In Proceedings. Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies, volume 3, pages 1530–1539. IEEE.
Xia, F., Yang, L., Wang, L., and Vinel, A. (2012). Internet of things. International Journal of Communication Systems, 25.
Zhang, X., Li, C., and Zheng, W. (2004). Intrusion prevention system design. In The Fourth International Conference on Computer and Information Technology, 2004. CIT’04., pages 386–390. IEEE.
