Flow and unified information-based DDoS attack detection system for multi-topology IoT networks

https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/. Li, 2020, RTVD: A real-time volumetric detection scheme for DDoS in the internet of things, IEEE Access, 8, 36191, 10.1109/ACCESS.2020.2974293 Salim, 2020, Distributed denial of service attacks and its defenses in IoT: A survey, J. Supercomput., 76, 5320, 10.1007/s11227-019-02945-z Vishwakarma, 2020, A survey of DDoS attacking techniques and defence mechanisms in the IoT network, Telecommun. Syst., 73, 3, 10.1007/s11235-019-00599-z Saiyed, 2023, Entropy and divergence-based DDoS attack detection system in IoT networks, 224 Jazi, 2017, Detecting HTTP-based application layer DoS attacks on web servers in the presence of sampling, Comput. Netw., 121, 25, 10.1016/j.comnet.2017.03.018 Zhijun, 2020, Low-rate DDoS attack detection based on factorization machine in software defined network, IEEE Access, 8, 17404, 10.1109/ACCESS.2020.2967478 Li, 2019, Distributed threat intelligence sharing system: A new sight of P2P botnet detection, 1 https://blog.nexusguard.com/ddos-attacks-are-getting-more/persistent-and-prolonged-but-are-more/difficult-to-detect/. Tsobdjou, 2022, An online entropy-based DDoS flooding attack detection system with dynamic threshold, IEEE Trans. Netw. Serv. Manag., 19, 1679, 10.1109/TNSM.2022.3142254 Ghaben, 2021, Mathematical approach as qualitative metrics of distributed denial of service attack detection mechanisms, IEEE Access, 9, 123012, 10.1109/ACCESS.2021.3110586 Shafiq, 2021, CorrAUC: A malicious bot-IoT traffic detection method in IoT network using machine-learning techniques, IEEE Internet Things J., 8, 3242, 10.1109/JIOT.2020.3002255 https://www.f5.com/labs/articles/threat-intelligence/2022-application-protection-report-ddos-attack-trends. (Online; Accessed 30 October 2023). Thangavel, 2022, Detection and trace back of low and high volume of distributed denial-of-service attack based on statistical measures, Concurr. Comput.: Pract. Exper., 34, 10.1002/cpe.5428 Ismail, 2022, A machine learning-based classification and prediction technique for DDoS attacks, IEEE Access, 10, 21443, 10.1109/ACCESS.2022.3152577 Booij, 2021, ToN_IoT: The role of heterogeneity and the need for standardization of features and attack types in IoT network intrusion data sets, IEEE Internet Things J., 9, 485, 10.1109/JIOT.2021.3085194 Sharafaldin, 2018, Toward generating a new intrusion detection dataset and intrusion traffic characterization, ICISSp, 1, 108 Sharafaldin, 2019, Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy, 1 Alatram, 2023, DoS/DDoS-MQTT-IoT: A dataset for evaluating intrusions in IoT networks using the MQTT protocol, Comput. Netw., 231, 10.1016/j.comnet.2023.109809 Lopez, 2019, Network traffic behavioral analytics for detection of DDoS attacks, SMU Data Sci. Rev., 2, 14 Shtern, 2014, Towards mitigation of low and slow application DDoS attacks, 604 Mishra, 2021, Internet of Things Applications, Security Challenges, Attacks, Intrusion Detection, and Future Visions: A Systematic Review, IEEE Access, 9, 59353, 10.1109/ACCESS.2021.3073408 Liu, 2020, The detection method of low-rate DoS attack based on multi-feature fusion, Digit. Commun. Netw., 6, 504, 10.1016/j.dcan.2020.04.002 Bovenzi, 2020, A hierarchical hybrid intrusion detection approach in IoT scenarios, 1 Doriguzzi-Corin, 2020, Lucid: A practical, lightweight deep learning solution for DDoS attack detection, IEEE Trans. Netw. Serv. Manag., 17, 876, 10.1109/TNSM.2020.2971776 Hamamoto, 2018, Network anomaly detection system using genetic algorithm and fuzzy logic, Expert Syst. Appl., 92, 390, 10.1016/j.eswa.2017.09.013 Meidan, 2018, N-baiot—Network-based detection of iot botnet attacks using deep autoencoders, IEEE Pervasive Comput., 17, 12, 10.1109/MPRV.2018.03367731 Doshi, 2021, Timely detection and mitigation of stealthy DDoS attacks via IoT networks, IEEE Trans. Dependable Secure Comput., 18, 2164 Hafeez, 2020, IoT-KEEPER: Detecting malicious IoT network activity using online traffic analysis at the edge, IEEE Trans. Netw. Serv. Manag., 17, 45, 10.1109/TNSM.2020.2966951 Bhuyan, 2016, A multi-step outlier-based anomaly detection approach to network-wide traffic, Inform. Sci., 348, 243, 10.1016/j.ins.2016.02.023 Ali, 2022, Securing IoT based maritime transportation system through entropy-based dual-stack machine learning framework, IEEE Trans. Intell. Transp. Syst., 10.1109/TITS.2022.3177772 Ali, 2021, Identification of distributed denial of services anomalies by using combination of entropy and sequential probabilities ratio test methods, Sensors, 21, 6453, 10.3390/s21196453 Ahmed, 2019, Statistical application fingerprinting for DDoS attack mitigation, IEEE Trans. Inf. Forensics Secur., 14, 1471, 10.1109/TIFS.2018.2879616 Behal, 2017, Detection of DDoS attacks and flash events using novel information theory metrics, Comput. Netw., 116, 96, 10.1016/j.comnet.2017.02.015 Sun, 2021, IoT-IE: An information-entropy-based approach to traffic anomaly detection in Internet of Things, Secur. Commun. Netw., 2021, 1 Galeano-Brajones, 2020, Detection and mitigation of DoS and DDoS attacks in IoT-based stateful SDN: An experimental approach, Sensors, 20, 816, 10.3390/s20030816 Pandey, 2023, Performance analysis of entropy variation-based detection of DDoS attacks in IoT, Internet Things, 23, 10.1016/j.iot.2023.100812 Lamping, 2004, Wireshark user’s guide, Interface, 4, 1 Paxson, 1999, Bro: A system for detecting network intruders in real-time, Comput. Netw., 31, 2435, 10.1016/S1389-1286(99)00112-7 Obaid, 2020, DoS and DDoS attacks at OSI layers, Int. J. Multidiscip. Res. Publ., 2 Rahouti, 2021, SYNGuard: Dynamic threshold-based SYN flood attack detection and mitigation in software-defined networks, IET Netw., 10, 76, 10.1049/ntw2.12009 Jia, 2020, FlowGuard: An intelligent edge defense mechanism against IoT DDoS attacks, IEEE Internet Things J., 7, 9552, 10.1109/JIOT.2020.2993782 Niknami, 2022, Entropy-KL-ML: Enhancing the entropy-KL-based anomaly detection on software-defined networks, IEEE Trans. Netw. Sci. Eng., 10.1109/TNSE.2022.3202147 Vidyasagar, 2012, A metric between probability distributions on finite sets of different cardinalities and applications to order reduction, IEEE Trans. Automat. Control, 57, 2464, 10.1109/TAC.2012.2188423 Pukelsheim, 1994, The three sigma rule, Amer. Statist., 48, 88 Ray, 2018, A survey on Internet of Things architectures, J King Saud Univ.-Comput. Inf. Sci., 30, 291 Kim, 2020, Performance of packet analysis between observer and wireshark, 268 Arvind, 2023, Network traffic virtualization using wireshark and google maps, 1 Alsakran, 2019, Intrusion detection systems for smart home iot devices: Experimental comparison study, 87 Dias, 2021, A hybrid approach for an interpretable and explainable intrusion detection system, 1035 Trabelsi, 2023, Event driven architecture: An exploratory study on the gap between academia and industry, 25 Siddharthan, 2022, Senmqtt-set: An intelligent intrusion detection in IOT-MQTT networks using ensemble multi cascade features, IEEE Access, 10, 33095, 10.1109/ACCESS.2022.3161566