Hifoots: A Highly Efficient DDoS Attack Detection Scheme Deployed in Smart IoT Homes

IF 7 1区计算机科学 Q1 TELECOMMUNICATIONS IEEE Transactions on Cognitive Communications and Networking Pub Date : 2024-07-08 DOI:10.1109/TCCN.2024.3424888

Yipeng Wang;Xintong Zhang;Yingxu Lai;Zijian Zhao;Yongjian Deng

{"title":"Hifoots: A Highly Efficient DDoS Attack Detection Scheme Deployed in Smart IoT Homes","authors":"Yipeng Wang;Xintong Zhang;Yingxu Lai;Zijian Zhao;Yongjian Deng","doi":"10.1109/TCCN.2024.3424888","DOIUrl":null,"url":null,"abstract":"This paper concerns the detection of Distributed Denial of Service (DDoS) attacks in network traffic generated by Internet of Things (IoT) devices in smart home environments. The detection of DDoS attacks is crucial for IoT network security, as such attacks can disrupt the availability of essential services. In particular, due to the growing popularity of smart homes and the emergence of malicious software that compromises devices, home IoT devices have become susceptible to botnet infections capable of launching DDoS attacks. With the development of artificial intelligence technology, many advanced methods have been proposed that show promising performance in detecting DDoS attacks. However, there is still a need for improvement in their generalizability and detection efficiency. In this paper, we propose Hifoots, a highly efficient IoT DDoS attack detection scheme, aiming to achieve high detection robustness and detection efficiency. Hifoots builts upon our key observation that DDoS attacks can be detected by examining the group behavior of all flows over a given time interval. We evaluated Hifoots on five complex DDoS attack scenarios. The experimental results demonstrate that Hifoots outperforms the detection performance of existing state-of-the-art methods and offers an improvement in detection efficiency that is up to 12 times better, along with stronger generalizability compared to the state-of-the-art methods.","PeriodicalId":13069,"journal":{"name":"IEEE Transactions on Cognitive Communications and Networking","volume":"11 1","pages":"519-533"},"PeriodicalIF":7.0000,"publicationDate":"2024-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Cognitive Communications and Networking","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10589367/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}

引用次数: 0

Abstract

This paper concerns the detection of Distributed Denial of Service (DDoS) attacks in network traffic generated by Internet of Things (IoT) devices in smart home environments. The detection of DDoS attacks is crucial for IoT network security, as such attacks can disrupt the availability of essential services. In particular, due to the growing popularity of smart homes and the emergence of malicious software that compromises devices, home IoT devices have become susceptible to botnet infections capable of launching DDoS attacks. With the development of artificial intelligence technology, many advanced methods have been proposed that show promising performance in detecting DDoS attacks. However, there is still a need for improvement in their generalizability and detection efficiency. In this paper, we propose Hifoots, a highly efficient IoT DDoS attack detection scheme, aiming to achieve high detection robustness and detection efficiency. Hifoots builts upon our key observation that DDoS attacks can be detected by examining the group behavior of all flows over a given time interval. We evaluated Hifoots on five complex DDoS attack scenarios. The experimental results demonstrate that Hifoots outperforms the detection performance of existing state-of-the-art methods and offers an improvement in detection efficiency that is up to 12 times better, along with stronger generalizability compared to the state-of-the-art methods.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Hifoots：部署在智能物联网家庭中的高效 DDoS 攻击检测方案

本文关注智能家居环境中物联网（IoT）设备产生的网络流量中分布式拒绝服务（DDoS）攻击的检测。检测DDoS攻击对于物联网网络安全至关重要，因为此类攻击可能会破坏基本服务的可用性。特别是，随着智能家居的普及和侵害设备的恶意软件的出现，家庭物联网设备变得容易受到能够发动DDoS攻击的僵尸网络感染。随着人工智能技术的发展，人们提出了许多先进的方法来检测DDoS攻击，并显示出良好的性能。但是，它们的通用性和检测效率还有待提高。本文提出了一种高效的物联网DDoS攻击检测方案Hifoots，旨在达到较高的检测鲁棒性和检测效率。Hifoots建立在我们的关键观察之上，即DDoS攻击可以通过检查给定时间间隔内所有流的组行为来检测。我们在五种复杂的DDoS攻击场景下对Hifoots进行了评估。实验结果表明，Hifoots的检测性能优于现有的最先进的方法，检测效率提高了12倍，并且与最先进的方法相比具有更强的泛化能力。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Transactions on Cognitive Communications and Networking Computer Science-Artificial Intelligence

CiteScore

15.50

自引率

7.00%

发文量

108

期刊介绍： The IEEE Transactions on Cognitive Communications and Networking (TCCN) aims to publish high-quality manuscripts that push the boundaries of cognitive communications and networking research. Cognitive, in this context, refers to the application of perception, learning, reasoning, memory, and adaptive approaches in communication system design. The transactions welcome submissions that explore various aspects of cognitive communications and networks, focusing on innovative and holistic approaches to complex system design. Key topics covered include architecture, protocols, cross-layer design, and cognition cycle design for cognitive networks. Additionally, research on machine learning, artificial intelligence, end-to-end and distributed intelligence, software-defined networking, cognitive radios, spectrum sharing, and security and privacy issues in cognitive networks are of interest. The publication also encourages papers addressing novel services and applications enabled by these cognitive concepts.