Nowadays, fog computing plays a very vital role in providing many services to end-based IoT (Internet of Things) systems. The end IoT devices communicate with the middle layer fog nodes and to the above cloud layer to process the user tasks. However, this large data communication experiences many security challenges as IoT devices are being compromised and thus the fog nodes at the fog layer are more prone to a very critical attack known as Distributed Denial of Service (DDoS) attack. The attackers or the compromised IoT devices need to be detected well in the network. Deep Learning (DL) plays a prominent role in predicting the end-user behavior by extracting features and classifying the adversary in the network. But, due to IoT device’s constrained nature in computation and storage facilities, DL cannot be administered on those. In this paper, a deep intelligent DDoS attack detection scheme (DI-ADS) is proposed for fog-based IoT applications. The framework mainly uses a deep learning model (DLM) to detect DDoS attacks in the network. The DLM is installed on the computation module of the fog node that predicts the end IoT device behavior. For the selection of the best DLM model at the fog layer, the performance comparison is made on Deep Neural Multilayer Perceptron (DNMLP) and Long Short-Term Memory (LSTM) models along with the conventional machine learning (ML) models such as Support Vector Machine (SVM), K-Nearest Neighbours (KNN), Logistic Regression (LR), and Random Forest (RF). The simulation is performed using the Python Anaconda platform by considering a new DDoS-SDN (Mendeley Dataset) dataset that consists of three DDoS attacks such as TCP Syn, UDP Flood, and ICMP attacks. From the results, DNMLP showed the best accuracy of 99.44% as compared to other DL and ML models. By outperforming nature in the detection of DDoS attacks, DNMLP is considered in the proposed framework for being implemented at the fog layer.
Read full abstract