Adaptive Strategies to Mitigate DDoS Attacks in IoT-Devices Through A Moving Target Defense Approach in SDN
Article Sidebar
Main Article Content
Abstract
The surge of IoT devices has revolutionized the world, but the inherent complexity and vulnerabilities of these devices pose significant security risks. Among security challenges, distributed denial of service (DDoS) attacks stands out as a major cybersecurity issue aimed at interfering with regular systems. This paper conducts a gap analysis of existing research on DDoS attacks in the context of SDN oriented IoT devices. The research focus is on comparing algorithms and mitigation strategies proposed in different research papers and evaluating their efficiency and cost-effectiveness as previous research efforts have taken a variety of approaches, some focused on inexpensive but ineffective procedures, while others focused on expensive but effective procedures. However, few studies have investigated both cost and performance effectiveness simultaneously. The main objective of this research paper is to evaluate and compare different strategies proposed in the literature to protect Software Defined Network oriented IoT devices from DDoS attacks through an active approach using MTD (Moving Target Defense) technique. The goal of this strategy is to protect the network from attacks while remaining cost-effective through gap analysis to suggest that the Moving Target Defense technique is less complex than previous approaches to provide better security measures and protection against DDoS attacks on networks.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
References
Y. Zhou, G. Cheng and S. Yu, “An Software Defined Network-Enabled Proactive Defense framework for DDOS Mitigation in IoT Networks,” IEEE Trans. Informat. Forens. and Secur., vol. 16, pp. 5366–5380, 2021.
L. F. Eliyan and R. Di Pietro, “DoS and DDoS Attacks in Software Defined Networks: A Survey of Existing Solutions and Research Challenges,” Future Generat. Comput. Syst., vol. 122, pp. 149-171, 2021.
F. Nabi, X. Zhou, U. Iftikhar and H. M. Attaullah, “A Case Study of Cyber Subversion Attack based Design Flaw in Service Oriented Component Application Logic,” J. Cyber Secur. Technol., vol.8, no.3, pp. 204-228, 2024.
H. Galadima, A. Seeam, Amar and V. Ramsurrun, “Cyber Deception Against DDoS Attack using Moving Target Defense Framework in Software Defined Network IoT-Edge Networks,”. in 3rd Int. Conf. Next Generat. Comput. Appl., Flic-en-Flac, Mauritius, pp. 1-6, 2022.
R. L. Hemanth Kumar, K. P. Bhargava and A. R. Ashok Kumar, “Mitigation and Detection of DDOS Attacks using Software Defined Network (SDN) and Machine Learning,” Int. J. Res. in Appl. Sci. and Eng. Technol., vol. 11, no. 4, pp. 4821–4829, 2023.
M. M. Oo, S. Kamolphiwong and T. Kamolphiwong, “The Design of SDN Based Detection for Distributed Denial of Service (DDoS) Attack,” in 21st Int. Comput. Sci. and Eng. Conf., Bangkok, Thailand, pp. 1-5, 2017.
H. M. Attaullah, S. Memon, O. F. Erkan and R. Khawar, “IoT Based Systems and Services: Recent Security Concerns and Feasible Solutions,” IEEE 1st Karachi Sect. Human. Technol. Conf., pp. 1-6, 2024.
H. M. Attaullah, R. A. Khan and S. Mughal, “Cyber Security for Industrial Control System–A Survey,” IKSP J. Emerg. Trends in Basic and Appl. Sci., vol. 1, pp. 15–21, 2021.
K. Doshi, Y. Yilmaz and S. Uludag, “Timely Detection and Mitigation of Stealthy DDoS Attacks via IoT Networks,” IEEE Trans. Depend. and Secur. Comput., vol. 18, no. 5, pp. 2164-2176, 2021.
M. S. B. Syed, H. M. Attaullah, S. Ali and M. I. Aslam, “Wireless Communications Beyond Antennas: The Role of Reconfigurable Intelligent Surfaces,” Engi. Proc., vol. 32, no. 1, pp. 10, 2023.
K. S. Vanitha, S. V. Uma and S. K. Mahidhar, “Distributed Denial of Service: Attack Techniques and Mitigation,” in 2017 Int. Conf. Circ., Contr., and Commun., Bangalore, India, pp. 226-231, 2017.
A. Javadpour, F. Ja’fari, T. Taleb and M. Shojafar, Mohammad, “A Cost-Effective Moving Target Defense Approach for DDoS Attacks in Software-Defined Networks,” in 2022 IEEE Global Commun. Conf., Rio de Janeiro, Brazil, pp. 4173-4178, 2022.
O. Yoachimik, “Cloudflare Thwarts 17.2M rps DDoS Attack - The Largest Ever Reported,” The Cloudflare Blog. [Available online on 19 August 2021] https://blog.cloudflare.com/cloudflare-thwarts-17-2m-rps-ddos-attack-the-largest-ever-reported.
K. S. Kumavat and J. Gomes, “Survey of Detection Techniques for DDoS Attacks,” in 3rd Int. Conf. Intellig. Eng. and Manage., London, United Kingdom, pp. 657-663, 2022.
C. Gudla and A. H. Sung, “Moving Target Defense Discrete Host Address Mutation and Analysis in SDN,” in Int. Conf. Comput. Sci.and Comput. Intellig., Las Vegas, NV, USA, pp. 55–61, 2020.
C. Douligeris and A. Mitrokotsa, “DDoS Attacks and Defense Mechanisms: A Classification,” in Proc. 3rd IEEE Int. Symp. Signal Process. and Informat. Technol., Darmstadt, Germany, pp. 190-193, 2003.
S. Venkatesan, M. Albanese, K. Amin, S. Jajodia and M. Wright, “A Moving Target Defense Approach to Mitigate DDoS Attacks Against Proxy-based Architectures,” in IEEE Conf. Commun. and Netw. Secur., Philadelphia, PA, USA, pp. 198-206, 2016.
T. Mehmood, H. M. Attaullah, M. Ibrahim and M. B. J. Al Shehry, “Securing AGI-Driven Drone Communications for Climate Change: A Comprehensive Review of Deep Learning-Based IDS,” Artificial General Intelligence-Based Drones for Climate Change, pp. 97-152, IGI Global Scientific Publishing, 2025.