TY - GEN
T1 - Smart NCAP supporting low-rate DDoS detection for IEEE 21451-1-5 internet of things
AU - Ren, Jie
AU - Liu, Yi
AU - Wu, Jun
AU - Li, Jianhua
AU - Wang, Kuan
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/5
Y1 - 2019/5
N2 - With the increasing variety of Internet of Things (IoT) devices, the complexity and heterogeneity of next generation IoT have increased the difficulty of managing IoT devices. The development direction of traditional IoT networks is moving towards the IEEE-21451 standard architecture. In IEEE-21451 standard system, Network Capable Application Processor (N-CAP) is a pivotal composition of the overall network architecture while there is not a mature architecture and implementation of smart NCAP. In addition, the new IoT is facing a variety of security issues. As a new type of Distributed Denial of Service (DDoS) attack, Low-rate Distributed Denial of Service (LDDoS) attack is efficient and uneasy to find. Considering the limited resources of IoT devices, it's difficult to establish security mechanism against LDDoS attack in IoT node level. In this paper, we propose a smart NCAP supporting LDDoS detection and implement the NCAP test bed platform using the Raspberry Pi. We design the architecture of smart NCAP from perspectives of embedding SNMP module, management work and mechanism for interacting with nodes. Then we propose a method for detecting LDDoS attack traffic using a linear multiple regression model with Simple Network Management Protocol (SNMP) contents. Simulations show that the computational resources occupied by the proposed scheme are within an acceptable range.
AB - With the increasing variety of Internet of Things (IoT) devices, the complexity and heterogeneity of next generation IoT have increased the difficulty of managing IoT devices. The development direction of traditional IoT networks is moving towards the IEEE-21451 standard architecture. In IEEE-21451 standard system, Network Capable Application Processor (N-CAP) is a pivotal composition of the overall network architecture while there is not a mature architecture and implementation of smart NCAP. In addition, the new IoT is facing a variety of security issues. As a new type of Distributed Denial of Service (DDoS) attack, Low-rate Distributed Denial of Service (LDDoS) attack is efficient and uneasy to find. Considering the limited resources of IoT devices, it's difficult to establish security mechanism against LDDoS attack in IoT node level. In this paper, we propose a smart NCAP supporting LDDoS detection and implement the NCAP test bed platform using the Raspberry Pi. We design the architecture of smart NCAP from perspectives of embedding SNMP module, management work and mechanism for interacting with nodes. Then we propose a method for detecting LDDoS attack traffic using a linear multiple regression model with Simple Network Management Protocol (SNMP) contents. Simulations show that the computational resources occupied by the proposed scheme are within an acceptable range.
KW - IEEE-21451
KW - Low-rate Distributed Denial of Service
KW - Network Capable Application Processor
KW - Simple Network Management Protocol
UR - http://www.scopus.com/inward/record.url?scp=85070859103&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85070859103&partnerID=8YFLogxK
U2 - 10.1109/ICPHYS.2019.8780132
DO - 10.1109/ICPHYS.2019.8780132
M3 - Conference contribution
AN - SCOPUS:85070859103
T3 - Proceedings - 2019 IEEE International Conference on Industrial Cyber Physical Systems, ICPS 2019
SP - 532
EP - 535
BT - Proceedings - 2019 IEEE International Conference on Industrial Cyber Physical Systems, ICPS 2019
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2019 IEEE International Conference on Industrial Cyber Physical Systems, ICPS 2019
Y2 - 6 May 2019 through 9 May 2019
ER -