Defense against flooding attacks using probabilistic thresholds in the internet of things ecosystem

TL;DR

This paper introduces LSFA-IoT, a novel approach to defend IoT networks against flooding attacks by combining intrusion detection at the physical layer with APT-RREQ-based event verification, enhancing security and communication reliability.

Contribution

The paper proposes LSFA-IoT, a new method that protects AODV routing in IoT networks from flooding attacks through a two-phase detection system, improving security metrics.

Findings

Outperforms REATO and IRAD in detection metrics

Significantly reduces false positive and false negative rates

Enhances overall network security and packet delivery

Abstract

The Internet of Things (IoT) ecosystem allows communication between billions of devices worldwide that are collecting data autonomously. The vast amount of data generated by these devices must be controlled totally securely. The centralized solutions are not capable of responding to these concerns due to security challenges problems. Thus, the Average Packet Transmission RREQ (APT-RREQ) as an effective solution, has been employed to overcome these concerns to allow for entirely secure communication between devices. In this paper, an approach called LSFA-IoT is proposed that protects the AODV routing protocol as well as the IoT network against flooding. The proposed method is divided into two main phases; The first phase includes a physical layer intrusion and attack detection system used to detect attacks, and the second phase involves detecting incorrect events through APT-RREQ messages. The simulation results indicated the superiority of the proposed method in terms of False Positive Rate (FPR), False Negative Rate (FPR), Detection Rate (DR), and Packet Delivery Rate (PDR) compared to REATO and IRAD. Also, the simulation results show how the proposed approach can significantly increase the security of each thing and network security.