A Novel Trust-Based DDoS Cyberattack Detection Model for Smart Business Environments

TL;DR

This paper presents a trust-based DDoS detection model specifically designed for smart business IoT environments, improving detection accuracy and reducing false positives in dynamic, resource-constrained networks.

Contribution

The paper introduces a novel trust evaluation framework that enhances DDoS detection in IoT settings by combining real-time trust metrics with centralized analysis.

Findings

Significant improvement in detection accuracy

Low false-positive rate achieved

Effective under TCP SYN, Ping Flood, UDP Flood attacks

Abstract

As the frequency and complexity of Distributed Denial-of-Service (DDoS) attacks continue to increase, the level of threats posed to Smart Internet of Things (SIoT) business environments have also increased. These environments generally have several interconnected SIoT systems and devices that are integral to daily operations, usually depending on cloud infrastructure and real-time data analytics, which require continuous availability and secure data exchange. Conventional detection mechanisms, while useful in static or traditional network environments, often are inadequate in responding to the needs of these dynamic and diverse SIoT networks. In this paper, we introduce a novel trust-based DDoS detection model tailored to meet the unique requirements of smart business environments. The proposed model incorporates a trust evaluation engine that continuously monitors node behaviour, calculating trust scores based on packet delivery ratio, response time, and anomaly detection. These trust metrics are then aggregated by a central trust-based repository that uses inherent trust values to identify traffic patterns indicative of DDoS attacks. By integrating both trust scores and central trust-based outputs, the trust calculation is enhanced, ensuring that threats are accurately identified and addressed in real-time. The model demonstrated a significant improvement in detection accuracy, and a low false-positive rate with enhanced scalability and adaptability under TCP SYN, Ping Flood, and UDP Flood attacks. The results show that a trust-based approach provides an effective, lightweight alternative for securing resource-constrained business IoT environments.