Distributed dual-layer autonomous closed loops for self-protection of 5G/6G IoT networks from distributed denial of service attacks

Abstract

Internet of Things (IoT) is a major application area of the Fifth-Generation (5G) and beyond capable of providing massive machine-type communications (mMTC) at a large scale. It enables a wide range of applications such as smart cities, smart grids, smart factories and so on. In light of the huge number of devices involved, it is prohibitive to manage the massive large-scale cyber security scenarios manually. Therefore, closed automation loops are essential to automate such management. This paper proposes a new cognitive closed loop system to offer distributed dual-layer self-protection capabilities to battle against Distributed Denial of Service (DDoS) attacks. The proposed system features the novel usage of concurrent autonomous closed-loops for the different stakeholders’ business roles: Digital Service Providers (DSPs) and Infrastructure Service Providers (ISPs) respectively, suitable to provide a multi-layer self-protection defence mechanisms across multiple administrative domains. It has been designed, implemented and experimentally validated. Empirical results have shown that there is a high potential in the collaboration between the stakeholders to achieve the common goal of self-protection of infrastructures. It makes a major difference in the performance of the whole infrastructure for detecting, analysing and mitigating the threat when the proposed distributed dual-layer loops are applied instead of a standalone loop. The system has achieved a 78.12% of effectiveness compared with a 4.73% of the standalone counterpart, for a large scale attack when stopping 256 infected devices. Also, the proposed system has achieved a response time of 18 s whereas the standalone has required 57 s, achieving an optimization of performance of 316%.