OTI-IoT: A Blockchain-based Operational Threat Intelligence Framework for Multi-vector DDoS Attacks

IF 3.9 3区 计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS ACM Transactions on Internet Technology Pub Date : 2024-05-11 DOI:10.1145/3664287
Aswani Aguru, Suresh Erukala
{"title":"OTI-IoT: A Blockchain-based Operational Threat Intelligence Framework for Multi-vector DDoS Attacks","authors":"Aswani Aguru, Suresh Erukala","doi":"10.1145/3664287","DOIUrl":null,"url":null,"abstract":"<p>The <b>Internet of Things (IoT)</b> refers to a complex network comprising interconnected devices that transmit their data via the Internet. Due to their open environment, limited computation power, and absence of built-in security, IoT environments are susceptible to various cyberattacks. Denial of service (DDoS) attacks are among the most destructive types of threats. The <b>Multi-vector DDoS attack</b> is a contemporary and formidable form of DDoS wherein the attacker employs a collection of compromised IoT devices as zombies to initiate numerous DDoS attacks against a target server. A Blockchain-based Operational Threat Intelligence framework, OTI-IoT, is proposed in this paper to counter multi-vector DDoS attacks in IoT networks. A <b>”Prevent-then-Detect”</b> methodology was utilized to deploy the OTI-IoT framework in two distinct stages. During Phase 1, the <b>consortium Blockchain network</b> validators employ the IPS module, composed of a smart contract for attack prevention &amp; access control, and Proof of Voting consensus, to thwart attacks. Validators are outfitted with deep learning-based IDS instances to detect multi-vector DDoS attacks during Phase 2. Alert messages are generated by the IDS module’s alert generation &amp; propagation smart contract in response to identifying malicious IoT sources. The feedback loop from the IDS module to the IPS module prevents incoming traffic from malicious sources. The proposed OTI framework capabilities are realized as an outcome of combining and storing the outcomes of the IDS and IPS modules on the consortium Blockchain. Each validator maintains a shared ledger containing information regarding threat sources to ensure robust security, transparency, and integrity. The operational execution of OTI-IoT occurs on an individual Ethereum Blockchain. The empirical findings indicate that our proposed framework is most suitable for real-time applications due to its ability to lower attack detection time, decreased block validation time, and higher attack prevention rate.</p>","PeriodicalId":50911,"journal":{"name":"ACM Transactions on Internet Technology","volume":"138 1","pages":""},"PeriodicalIF":3.9000,"publicationDate":"2024-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Internet Technology","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/3664287","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

The Internet of Things (IoT) refers to a complex network comprising interconnected devices that transmit their data via the Internet. Due to their open environment, limited computation power, and absence of built-in security, IoT environments are susceptible to various cyberattacks. Denial of service (DDoS) attacks are among the most destructive types of threats. The Multi-vector DDoS attack is a contemporary and formidable form of DDoS wherein the attacker employs a collection of compromised IoT devices as zombies to initiate numerous DDoS attacks against a target server. A Blockchain-based Operational Threat Intelligence framework, OTI-IoT, is proposed in this paper to counter multi-vector DDoS attacks in IoT networks. A ”Prevent-then-Detect” methodology was utilized to deploy the OTI-IoT framework in two distinct stages. During Phase 1, the consortium Blockchain network validators employ the IPS module, composed of a smart contract for attack prevention & access control, and Proof of Voting consensus, to thwart attacks. Validators are outfitted with deep learning-based IDS instances to detect multi-vector DDoS attacks during Phase 2. Alert messages are generated by the IDS module’s alert generation & propagation smart contract in response to identifying malicious IoT sources. The feedback loop from the IDS module to the IPS module prevents incoming traffic from malicious sources. The proposed OTI framework capabilities are realized as an outcome of combining and storing the outcomes of the IDS and IPS modules on the consortium Blockchain. Each validator maintains a shared ledger containing information regarding threat sources to ensure robust security, transparency, and integrity. The operational execution of OTI-IoT occurs on an individual Ethereum Blockchain. The empirical findings indicate that our proposed framework is most suitable for real-time applications due to its ability to lower attack detection time, decreased block validation time, and higher attack prevention rate.

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
OTI-IoT:基于区块链的多载体 DDoS 攻击行动威胁情报框架
物联网(IoT)是指由相互连接的设备组成的复杂网络,这些设备通过互联网传输数据。由于其开放的环境、有限的计算能力和缺乏内置的安全性,物联网环境很容易受到各种网络攻击。拒绝服务(DDoS)攻击是最具破坏性的威胁类型之一。多载体 DDoS 攻击是一种当代可怕的 DDoS 攻击形式,攻击者利用一系列受损的物联网设备作为僵尸,对目标服务器发起大量 DDoS 攻击。本文提出了一种基于区块链的运营威胁情报框架--OTI-IoT,以应对物联网网络中的多载体 DDoS 攻击。本文采用 "先预防、后检测 "的方法,分两个不同阶段部署 OTI-IoT 框架。在第一阶段,联盟区块链网络验证器采用 IPS 模块,该模块由用于攻击预防的智能合约、访问控制和投票证明共识组成,以挫败攻击。在第二阶段,验证器配备了基于深度学习的 IDS 实例,以检测多载体 DDoS 攻击。警报信息由 IDS 模块的警报生成与传播智能合约生成,以识别恶意物联网源。从 IDS 模块到 IPS 模块的反馈回路可防止来自恶意源的流量进入。将 IDS 模块和 IPS 模块的结果结合并存储在联盟区块链上,就能实现所提出的 OTI 框架功能。每个验证器都维护一个共享分类账,其中包含有关威胁源的信息,以确保强大的安全性、透明度和完整性。OTI-IoT 的操作执行发生在单个以太坊区块链上。实证研究结果表明,我们提出的框架最适合实时应用,因为它能够缩短攻击检测时间、减少区块验证时间并提高攻击防范率。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
ACM Transactions on Internet Technology
ACM Transactions on Internet Technology 工程技术-计算机:软件工程
CiteScore
10.30
自引率
1.90%
发文量
137
审稿时长
>12 weeks
期刊介绍: ACM Transactions on Internet Technology (TOIT) brings together many computing disciplines including computer software engineering, computer programming languages, middleware, database management, security, knowledge discovery and data mining, networking and distributed systems, communications, performance and scalability etc. TOIT will cover the results and roles of the individual disciplines and the relationshipsamong them.
期刊最新文献
Interpersonal Communication Interconnection in Media Convergence Metaverse Using Reinforcement Learning and Error Models for Drone Precision Landing Towards Human-AI Teaming to Mitigate Alert Fatigue in Security Operations Centres RESP: A Recursive Clustering Approach for Edge Server Placement in Mobile Edge Computing OTI-IoT: A Blockchain-based Operational Threat Intelligence Framework for Multi-vector DDoS Attacks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1