TY - GEN
T1 - Source-side DDoS Detection on IoT-enabled 5G Environments
AU - Sotelo Monge, Marco Antonio
AU - Lorenzo Fernandez, Borja
AU - Maestre Vidal, Diego
AU - Rius Garcia, Guillermo
AU - Herranz Gonzalez, Andres
AU - Maestre Vidal, Jorge
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/9
Y1 - 2018/9
N2 - This paper introduces a novel approach for detecting the participation of a protected end-user or IoT device in Distributed Denial of Service attacks. With this purpose, traffic flows are inspected at source-side looking for discordant behaviors. In contrast to most previous solutions, the proposal assumes the non-stationarity and heterogeneity of the emerging communication networks, which demands a more complex analytical environment. This has led to delegate the analytic tasks to a dedicated data processing layer, where advanced feature extraction, pattern recognition, prediction and adaptive thresholding capabilities operate. The proposal relies on a sophisticated knowledge acquisition architecture enabled to operate on 5G environments, in this way supporting the leading-edge technologies it implements and being compatible with defensive self-organizing schemes. The effectiveness of the proposal has been proven by analyzing traffic from 62 network devices of different nature with different behavioral profiles, being able to accurately distinguish their normal activities from malicious traffic injections.
AB - This paper introduces a novel approach for detecting the participation of a protected end-user or IoT device in Distributed Denial of Service attacks. With this purpose, traffic flows are inspected at source-side looking for discordant behaviors. In contrast to most previous solutions, the proposal assumes the non-stationarity and heterogeneity of the emerging communication networks, which demands a more complex analytical environment. This has led to delegate the analytic tasks to a dedicated data processing layer, where advanced feature extraction, pattern recognition, prediction and adaptive thresholding capabilities operate. The proposal relies on a sophisticated knowledge acquisition architecture enabled to operate on 5G environments, in this way supporting the leading-edge technologies it implements and being compatible with defensive self-organizing schemes. The effectiveness of the proposal has been proven by analyzing traffic from 62 network devices of different nature with different behavioral profiles, being able to accurately distinguish their normal activities from malicious traffic injections.
KW - 5th-generation-mobile-network
KW - DDoS
KW - Internet-of-Things
KW - intrusion-Detection-Systems
UR - http://www.scopus.com/inward/record.url?scp=85076107178&partnerID=8YFLogxK
U2 - 10.1109/SIoT.2018.00010
DO - 10.1109/SIoT.2018.00010
M3 - Articulo (Contribución a conferencia)
AN - SCOPUS:85076107178
T3 - Proceedings - 2018 International Workshop on Secure Internet of Things, SIoT 2018
SP - 28
EP - 37
BT - Proceedings - 2018 International Workshop on Secure Internet of Things, SIoT 2018
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 6 September 2018
ER -