Abstract
Recently, D/DoS attacks have been launched by zombie IoT devices in smart home networks. They pose a great threat to network systems with Application Layer DDoS attacks being especially hard to detect due to their stealth and seemingly legitimacy. In this paper, we propose ForChaos, a lightweight detection algorithm for IoT devices, which is based on forecasting and chaos theory to identify flooding and DDoS attacks. For every time-series behaviour collected, a forecasting-technique prediction is generated, based on a number of features, and the error between the two values is calculated. In order to assess the error of the forecasting from the actual value, the Lyapunov exponent is used to detect potential malicious behaviour. In NS-3 we evaluate our detection algorithm through a series of experiments in flooding and slow-rate DDoS attacks. The results are presented and discussed in detail and compared with related studies, demonstrating its effectiveness and robustness.
Highlights
Smart Homes consist of a great number of different devices, all deployed in a single network monitoring the environment, collecting and sharing important data and information with the owners and other smart IoT devices and external services through internal and external networks
Throughout the experiments, we proved that our proposed ForChaos algorithm is able to detect malicious activity, with small training time using eight features
We have created a dataset of Application Layer DDoS attacks in IoT to evaluate a set of Machine Learning algorithms provided by Weka
Summary
Smart Homes consist of a great number of different devices, all deployed in a single network monitoring the environment, collecting and sharing important data and information with the owners and other smart IoT devices and external services through internal and external networks. The node responsible for this communication is the Energy Services Interface (ESI). It acts as a bidirectional interface where information can be exchanged between the Smart Home and external domains. It protects internal energy resources from security failures and ensures secure internal communication between the devices deployed in the Smart Home. The TCP connections are established successfully and normal requests are sent to the target, in contrast to DDoS attacks in lower layer such as the TCP Flooding which sends a burst amount of SYN packets without acknowledging the SYN,ACK packets sent from the server. It becomes unresponsive due to great amount of incoming requests
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
