An Efficient Counter-Based DDoS Attack Detection Framework Leveraging Software Defined IoT (SD-IoT)

The Internet of things (IoT) introduces emerging applications (i.e., smart homes, smart cities, smart health, and smart gird) that assist the traditional infrastructure environments to be connected with smart objects. Things are connected with the Internet and numerous new IoT devices are developing at a rapid pace. As these smart objects are connected and able to communicate with each other in unprotected environments; therefore, the whole communication ecosystem requires security solutions at different levels. IoT technology possesses unique characteristics with various resource constraints and heterogeneous network protocol requirements, unlike traditional networks. The attacker exploits numerous security vulnerabilities of an IoT infrastructure, to generate a DDoS attack. The increase in DDoS attacks has made it important to address the consequences which imply in the IoT industry. This research proposes an SD-IoT based framework that provides security services to the IoT network. We developed a C-DAD (Counter-based DDoS Attack Detection) application that is based on counter values of different network parameters, which helps to detect DDoS attack successfully. C-DAD is a dynamic and programmable solution, and is deeply tested with different network parameters. The algorithm demonstrates a good performance with better results through SDN. Moreover, the proposed framework detects the attack efficiently in a minimum amount of time and with lesser consumption of CPU and memory resources.