Toward a Distributed Approach for Detection and Mitigation of Denial-of-Service Attacks Within Industrial Internet of Things

Wireless sensor networks (WSNs) are commonly adopted by the Industrial Internet-of-Things (IIoT) scenarios due to their easy and fast deployment. However, WSNs are especially vulnerable to security attacks as reflexive packet flooding Denial of Service (DoS) may occur. Admission control and reputation-based strategies are effective for attack detection. However, mitigation strategies to deal with the effects of these attacks, such as congestion channel transmission is an open issue. Additionally, the resource-constrained nature of nodes, such as the low bandwidth, limited memory, and battery within WSNs, poses a challenge to develop efficient mechanisms in such a scenario. To address this issue, we propose a distributed congestion control by duty-cycle restriction (D-ConCReCT) to detect and mitigate DoS in IIoT. The main goal is to investigate its feasibility in large-scale networks, as well as its ability to reduce both the detection and mitigation times when compared to a previous centralized approach, the so-called congestion control by duty-cycle restriction (ConCReCT). Our results indicate that D-ConCReCT may be applied in the mitigation of DoS attacks in a sensor network scenario with 500 nodes.