Almeghlef, S.M.; AL-Ghamdi, A.A.-M.; Ramzan, M.S.; Ragab, M. Application Layer-Based Denial-of-Service Attacks Detection against IoT-CoAP. Electronics2023, 12, 2563.
Almeghlef, S.M.; AL-Ghamdi, A.A.-M.; Ramzan, M.S.; Ragab, M. Application Layer-Based Denial-of-Service Attacks Detection against IoT-CoAP. Electronics 2023, 12, 2563.
Almeghlef, S.M.; AL-Ghamdi, A.A.-M.; Ramzan, M.S.; Ragab, M. Application Layer-Based Denial-of-Service Attacks Detection against IoT-CoAP. Electronics2023, 12, 2563.
Almeghlef, S.M.; AL-Ghamdi, A.A.-M.; Ramzan, M.S.; Ragab, M. Application Layer-Based Denial-of-Service Attacks Detection against IoT-CoAP. Electronics 2023, 12, 2563.
Abstract
Internet of Things (IoT) is a massive network of tiny devices connected internally and to the in-ternet. It is uniquely identified in the network (i.e. dedicated IP) and can share the information with other devices. However, the low power and low resources that distinguish IoT devices render them unsecure and targeted by different kinds of attacks since IoT devices cannot toler-ate heavy security models. Also, due to the heavy nature of famous protocols such as HyperText Transport Protocol (HTTP), it is costly to be used with IoT devices, and alternatively, different lightweight protocols are implemented to fit IoT devices. One of the prevailing protocols used over IoT networks is the Constrained Application Protocol (CoAP). Therefore, CoAP is popular, and that makes it targeted by different types of attacks. One of the major attacks that target CoAP is distributed denial of service (DDoS) attacks. DDoS aims to overwhelm the resources of the target and make them unavailable to legitimate users. As a result, different kinds of meth-ods were used to secure CoAP against DDoS attacks such as Datagram Transport Layer Secu-rity (DTLS) and Lightweight and Secure Protocol for Wireless Sensor Networks (LSPWSN). However, the existing models suffer from two issues: DTLS is not designed for constrained devices and is considered a heavy protocol. Besides, LSPWSN is working over the network layer, not in the application layer that CoAP works on. In this paper, we build a machine learn-ing model that can detect the DDoS attacks against CoAP with an accuracy of 98%. The CIDAD dataset is extended from ~11000 to 100,000 samples using GANs because it has fewer samples of malware (less than 0.2% of the total dataset). Our model outperforms the existing models that target securing CoAP in the application layer and obtains 93% of accuracy.
Keywords
Denial of Service; IoT attacks; CoAP Security; Application layer; DTLS
Subject
Computer Science and Mathematics, Security Systems
Copyright:
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.