LDoS Attacker Detection Algorithms in Zigbee Network

Abstract

Low-Rate DoS (LDoS) attacks degrade the quality of service with less traffic than ordinary DoS attacks. LDoS attacks can easily evade conventional counter-DoS detection mechanisms because their time-averaged flow is small. Thus, LDoS attack is getting a serious problem nowadays. With the recent spread of IoT devices, Zigbee, one of the IoT communication standards, attracts much attention. Zigbee is a low-power wireless communication protocol at the sacrifice of its transfer range and band-width. Since Zigbee consumes low power, it is widely adopted for inexpensive small sensors and IoT that run on batteries. The advantage of the low power consumption of Zigbee is due to its use of indirect transmission. However, LDoS attacks that exploit this indirect transmission have already been pointed out. Some mitigation methods have also been proposed, but there are no attacker detection methods. Thus, in this paper, we proposed two different LDoS attacker detection algorithms which consume less computing resources and power. Each of them focuses on different characteristics of the attackers' communication. Then, we evaluated the effectiveness of both algorithms quantitatively using a simulator. The results reveal that both algorithms can find attackers with high accuracy. Furthermore, these algorithms work complementarily for detecting attackers. Thus, we propose a detection system using two algorithms simultaneously.