Article Preview
Top1. Introduction
IoT is a hybrid network of hundreds of billion heterogenous devices such as, IPv6, which IoT is based, can save huge number of addresses. These devices can be a PC/laptop, printer, an automobile part, smart phone, control system in factory, sensing device like thermostat, electricity meter, a microwave, servers, cloud or any other device. There are challenges for using new protocols for communication between these heterogenous things. Radio-Frequency Identification (RFID) is unique number used for connection and identification the objects(Atzori et al., 2010). A compressed version of IPv6, which is used for IoT, is named 6LoWPAN. The connection-less User Datagram Protocol (UDP) and Constrained Application Protocol (CoAP) are mostly used in 6LoWPAN networks. Also, the standard routing protocol is IPv6 Routing Protocol for Low-Power and Lossy Networks (RPL) for the IP-connected IoT (Winter et al., 2012). RPL creates a Destination-Oriented Directed Acyclic Graph (DODAG). IoT takes the advantages of wireless sensor network(WSN), mobile Ad-hoc networks (MANET), cloud and internet as, it proves the combination system of these technologies(Bellavista et al., 2013). The IoT technology aims to reduce the gap between isolated networks, devices and services providers by forming connectivity.
Many attacks threaten IoT resources, of which denial of service (DoS) is achieving more reputation with its modification distributed denial of service (DDoS). DDoS is an attack that tries to confuse resources or the bandwidth of authentic users. The DDoS attack has ability for flooding a huge amount of traffic to occupy network resources, bandwidth, target CPU time. The most common DDoS attacks are ICMP broadcast, SYN flood, Ping flood, DNS flood, UDP flood,and so on. Currently, IoT can connect many technologies like traditional internet, mobile networks, sensor networks, computer networks, healthcare applications networks, smart home networks, and cloud. Therefore, the security and privacy of IoT have many problems that need to pay more attention to the research issues of confidentiality, authenticity, and integrity of data. DDoS attacks can be found in any layer of IoT three layers like jamming attacks in sensor/physical layer, flooding attacks in the network layer, and reprogramming and path-based DDoS attacks in the application layer(Ahmed et al., 2019).
Both the security and the privacy of IoT present many issues related to confidentiality, authenticity, and integrity of data. DDoS attacks can be found in any layer of IoT. For example, jamming attacks can occur in the sensor/physical layer; flooding attacks in the network layer; and reprogramming and path-based DDoS attacks in the application layer (Ahmed et al., 2019).
The objective of this paper is to propose a generic model for securing IoT against DDoS attacks which threaten all layers of IoT. In the sensing/physical layer, an attack can insert false messages or emit radio signals to obstruct the wireless medium and evict other wireless devices from the communicating process. In the network layer, DDoS attacks can be noticed through the exhaustion of the bandwidth of network routes or resources. In the application layer, DDoS attacks can be identified through many events such as an increase in the number of sessions of the anomalous node, an increase in the number of requests for one session, or an increase in the size of requested data for one request. These events ultimately lead to heavy traffic and exhaustion in an application.