Internet of Things (IoT) is a massive network of tiny devices connected internally and to the in-ternet. It is uniquely identified in the network (i.e. dedicated IP) and can share the information with other devices. However, the low power and low resources that distinguish IoT devices render them unsecure and targeted by different kinds of attacks since IoT devices cannot toler-ate heavy security models. Also, due to the heavy nature of famous protocols such as HyperText Transport Protocol (HTTP), it is costly to be used with IoT devices, and alternatively, different lightweight protocols are implemented to fit IoT devices. One of the prevailing protocols used over IoT networks is the Constrained Application Protocol (CoAP). Therefore, CoAP is popular, and that makes it targeted by different types of attacks. One of the major attacks that target CoAP is distributed denial of service (DDoS) attacks. DDoS aims to overwhelm the resources of the target and make them unavailable to legitimate users. As a result, different kinds of meth-ods were used to secure CoAP against DDoS attacks such as Datagram Transport Layer Secu-rity (DTLS) and Lightweight and Secure Protocol for Wireless Sensor Networks (LSPWSN). However, the existing models suffer from two issues: DTLS is not designed for constrained devices and is considered a heavy protocol. Besides, LSPWSN is working over the network layer, not in the application layer that CoAP works on. In this paper, we build a machine learn-ing model that can detect the DDoS attacks against CoAP with an accuracy of 98%. The CIDAD dataset is extended from ~11000 to 100,000 samples using GANs because it has fewer samples of malware (less than 0.2% of the total dataset). Our model outperforms the existing models that target securing CoAP in the application layer and obtains 93% of accuracy.
Internet of Things (IoT) is a massive network based on tiny devices connected internally and to the internet. Each connected device is uniquely identified in this network through a dedicated IP address and can share the information with other devices. In contrast to its alternatives, IoT consumes less power and resources; however, this makes its devices more vulnerable to different types of attacks as they cannot execute heavy security protocols. Moreover, traditionally used heavy protocols for web-based communication, such as the Hyper Text Transport Protocol (HTTP) are quite costly to be executed on IoT devices, and thus specially designed lightweight protocols, such as the Constrained Application Protocol (CoAP) are employed for this purpose. However, while the CoAP remains widely-used, it is also susceptible to attacks, such as the Distributed Denial-of-Service (DDoS) attack, which aims to overwhelm the resources of the target and make them unavailable to legitimate users. While protocols, such as the Datagram Transport Layer Security (DTLS) and Lightweight and the Secure Protocol for Wireless Sensor Network (LSPWSN) can help in securing CoAP against DDoS attacks, they also have their limitations. DTLS is not designed for constrained devices and is considered as a heavy protocol. LSPWSN, on the other hand, operates on the network layer, in contrast to CoAP which operates on the application layer. This paper presents a machine learning model, using the CIDAD dataset (created on 11 July 2022), that can detect the DDoS attacks against CoAP with an accuracy of 98%.
This paper discusses the Internet of Things (IoT) and the security challenges associated with it. IoT is a network of interconnected devices that share information. However, the low power and resources of IoT devices make them vulnerable to attacks. Using heavy protocols like HTTP for IoT devices can prove costly and using popular lightweight protocols like CoAP can invite attacks such as DoS (Denial-of-Service). While security models such as DTLS and LSPWSN can secure IoT against such attacks, they also have limitations. To overcome this problem, this paper proposes a machine learning model that detects DoS amplification attacks against CoAP with 99% accuracy. To the best of our knowledge, this research is the first to use the multi-classification process to detect and classify the different types of the DoS amplification techniques that attack CoAP client use against victim CoAP clients.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.