Nowadays DDoS attacks using devices from IoT networks are frequent and extensive. Given that IoT network instances are distributed and deployed on the conventional Internet structure, DDoS countermeasures in IoT need to be fully distributed and coordinated all over the components that form each IoT instance. This paper presents a host-based intrusion detection system (HIDS) that was designed and prototyped to protect the components of IoT network backbones comprising conventional switches and routers, not IoT devices. In our design, a set of the proposed HIDS executes conventional security verification, like default username and password, known attacks signatures, usage of resources, processes, ports and open connections, while also interacting with a Controller of the HIDS set to allow the coordination of intrusion detection actions relative to DDoS attacks distributed all over the IoT instance. The designed distributed HIDS is evaluated in a controlled environment that, although being a local and isolated network, realistically represents IoT network instances.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.