EIDDM: Edge and Internet Layer Distributed DoS Threats Detection and Mitigation for Internet of Things Wireless Communications

Distributed Denial of Service (DDoS) attacks, plague the Internet of Things (IoT)-enabled distributed communication network. To mitigate DDoS attacks on IoT many protocols have been suggested in earlier literature, but most of them are successful in mitigating attacks on one layer at any given time. This research work proposes a mechanism to mitigate DDoS attacks on multiple layers of IoT networks. An IoT wireless network has been simulated in NS2 for developing a mechanism to detect and mitigate such attacks. Defending against multi-layer DDoS attacks is tough since DDoS threats are introduced on several tiers of IoT communication networks. This research work presents a unique security strategy to evaluate, detect, and neutralize the behavior of attack nodes. The protocol named "Edge and Internet Layer DDoS Threats Detection and Mitigation" (EIDDM), has been proposed in this work, as most DDoS attacks are introduced on edge and internet layers of the IoT framework. The functionality of EIDDM is driven by Network tree analysis. Edge and internet layer trust factors are routinely assessed for each IoT communication system sensor node. These trust factors are used to analyze node activity and reputation in network tree form. The trust-based network tree analysis of each node first detects attacker nodes and then determines the type of DDoS threat and its underlying cause. IoT connectivity technologies related to attacking nodes are discontinued till DDoS attacks have been mitigated. The proposed EIDDM protocol has been evaluated for its efficiency in terms of throughput, latency, energy consumption, Packet Delivery Ratio (PDR), and communication overhead in simulations. EIDDM protocol has been surpassed other protocols. Earlier protocols had throughput in the range of 53-56% and PDR in the range of 75-80%, whereas for EIDDM these are increased by 6.5% and 14%, respectively. Earlier protocols had overhead in the range of 10-12% and average energy utilization in the range of 1706-1756 J, whereas the EIDDM protocol reduced communication overhead by 25% and average energy utilization by 6.6%.