Graph-Based DDoS Attack Detection in IoT Systems with Lossy Network

TL;DR

This paper proposes a GCN-based method for detecting DDoS attacks in IoT networks that remains effective even with significant network loss, achieving high accuracy and robustness.

Contribution

It introduces a graph-based detection framework using GCNs tailored for lossy IoT environments, demonstrating its effectiveness over various network topologies.

Findings

F1 score of up to 91% in attack detection.

Only 2% drop in F1-score with 50% connection loss.

Hybrid graph structure outperforms other models.

Abstract

This study introduces a robust solution for the detection of Distributed Denial of Service (DDoS) attacks in Internet of Things (IoT) systems, leveraging the capabilities of Graph Convolutional Networks (GCN). By conceptualizing IoT devices as nodes within a graph structure, we present a detection mechanism capable of operating efficiently even in lossy network environments. We introduce various graph topologies for modeling IoT networks and evaluate them for detecting tunable futuristic DDoS attacks. By studying different levels of network connection loss and various attack situations, we demonstrate that the correlation-based hybrid graph structure is effective in spotting DDoS attacks, substantiating its good performance even in lossy network scenarios. The results indicate a remarkable performance of the GCN-based DDoS detection model with an F1 score of up to 91%. Furthermore, we observe at most a 2% drop in F1-score in environments with up to 50% connection loss. The findings from this study highlight the advantages of utilizing GCN for the security of IoT systems which benefit from high detection accuracy while being resilient to connection disruption.