Suvrima Datta, Aneesh Bhattacharya, Risav Rana, U. Venkanna
{"title":"iDAM: A Distributed MUD Framework for Mitigation of Volumetric Attacks in IoT Networks","authors":"Suvrima Datta, Aneesh Bhattacharya, Risav Rana, U. Venkanna","doi":"10.1109/CSNDSP54353.2022.9908058","DOIUrl":null,"url":null,"abstract":"The rapid popularity of IoT devices has led to an escalating number of sophisticated cybersecurity attacks. Prior security mechanisms are inaccurate and incur high computational costs for resource-constrained IoT devices, hindering their scalability to large networks. Manufacturer Usage Description (MUD) has been introduced to overcome IoT security challenges. However, it cannot mitigate volumetric attacks in IoT networks. This paper proposes iDAM: a distributed self-learning, autonomous system to detect and mitigate volumetric attacks in IoT networks. iDAM monitors and authenticates the behavioral profiles of MUD compliant IoT devices and builds specific-device-type OC-SVM models aggregated using federated learning. The solution can cope with the occurrence of volumetric attacks at several levels of the IoT infrastructure and the compromise of the internal components of the proposed solution. We have extensively evaluated our solution with the IoT network intrusion dataset, which shows that iDAM can efficiently mitigate several volumetric attacks by detecting anomalous packet flows in the network with an AUC of 0.9597. Testing iDAM against a real-time SYN flood attack in an experimental setup and its ability to quickly mitigate the attack solidifies the conclusion that it can be deployed in a real-time environment to detect and mitigate volumetric attacks effectively.","PeriodicalId":288069,"journal":{"name":"2022 13th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-07-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 13th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSNDSP54353.2022.9908058","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
The rapid popularity of IoT devices has led to an escalating number of sophisticated cybersecurity attacks. Prior security mechanisms are inaccurate and incur high computational costs for resource-constrained IoT devices, hindering their scalability to large networks. Manufacturer Usage Description (MUD) has been introduced to overcome IoT security challenges. However, it cannot mitigate volumetric attacks in IoT networks. This paper proposes iDAM: a distributed self-learning, autonomous system to detect and mitigate volumetric attacks in IoT networks. iDAM monitors and authenticates the behavioral profiles of MUD compliant IoT devices and builds specific-device-type OC-SVM models aggregated using federated learning. The solution can cope with the occurrence of volumetric attacks at several levels of the IoT infrastructure and the compromise of the internal components of the proposed solution. We have extensively evaluated our solution with the IoT network intrusion dataset, which shows that iDAM can efficiently mitigate several volumetric attacks by detecting anomalous packet flows in the network with an AUC of 0.9597. Testing iDAM against a real-time SYN flood attack in an experimental setup and its ability to quickly mitigate the attack solidifies the conclusion that it can be deployed in a real-time environment to detect and mitigate volumetric attacks effectively.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
