Systematic Literature Review of Machine Learning Models for Detecting DDoS Attacks in IoT Networks

  • Marcos Luengo Viñuela
    Polytechnic School of Zamora, Computer Sciences Department, University of Salamanca, Avda. Cardenal Cisneros, 34, Zamora, 49022 mluevi17[at]usal.es
  • Jesús-Ángel Román Gallego
    Polytechnic School of Zamora, Computer Sciences Department, University of Salamanca, Avda. Cardenal Cisneros, 34, Zamora, 49022

Abstract

The escalating integration of Internet of Things (IoT) devices has led to a surge in data generation within networks, consequently elevating the vulnerability to Distributed Denial of Service (DDoS) attacks. Detecting such attacks in IoT Networks is critical, and Machine Learning (ML) models have shown efficacy in this realm. This study conducts a systematic review of literature from 2018 to 2023, focusing on DDoS attack detection in IoT Networks using deep learning techniques. Employing the PRISMA methodology, the review identifies and evaluates studies, synthesizing key findings/2**. It highlights that incorporating deep learning significantly enhances DDoS attack detection precision and efficiency, achieving detection rates between 94 % and 99 %. Despite progress, challenges persist, such as limited training data and IoT device processing constraints with large data volumes. This review underscores the importance of addressing these challenges to improve DDoS attack detection in IoT Networks. The research's significance lies in IoT's growing importance and security concerns. It contributes by showcasing current state-of-the-art DDoS detection through deep learning while outlining persistent challenges. Recognizing deep learning's effectiveness sets the stage for refining IoT security protocols, and moreover, by identifying challenges, the research informs strategies to enhance IoT security, fostering a resilient framework.
  • Referencias
  • Cómo citar
  • Del mismo autor
  • Métricas
Alaba, F., Hammoudeh, M., & Newman, R. (2021). IoT-23: A dataset of 23 IoT devices for intrusion detection. En 2021 7th International Conference on Information Management (ICIM) (pp. 56–63). IEEE.

Ali, T. E., Chong, Y.-W., & Manickam, S. (2023). Machine learning techniques to detect a DDoS attack in SDN: A systematic review. Applied Sciences, 13(5). 10.3390/app13053183

Alrawashdeh, S., Hossain, M. S., & Al-Dmour, H. (2020). MQTT-IoT-IDS2020: A dataset for evaluating the performance of intrusion detection systems in IoT MQTT environments. Zenodo. 10.5281/zenodo.4449822

Alshammari, R., & Zincir-Heywood, A. N. (2020). CICDDoS2019: A new dataset for DDoS attacks and normal traffic. En 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) (pp. 157–165). IEEE.

Aswad, F. M., Ahmed, A. M. S., Alhammadi, N. A. M., Khalaf, B. A., & Mostafa, S. A. (2023). Deep learning in distributed denial-of-service attacks detection method for Internet of Things networks. Journal of Intelligent Systems, 32(1), 20220155. 10.1515/jisys-2022-0155

Awajan, A. (2023). A novel deep learning-based intrusion detection system for IoT Networks. Computers, 12(2). 10.3390/computers12020034

ElKashlan, M., Aslan, H., & Azer, M. (2022). DDoS attack detection in IoT using machine learning-based intrusion detection system (IDS). IEEE Explore, 19–24. 10.1109/ICENCO55801.2022.10032515

Farukee, M. B., Shabit, M. S. Z., Haque, M. R., & Sattar, A. H. M. S. (2021). DDoS attack detection in IoT Networks using deep learning models combined with random forest as feature selector. In M. Anbar, N. Abdullah, & S. Manickam (Eds.). Advances in Cyber Security. ACeS 2020. Communications in Computer and Information Science (vol. 1347, pp. 118–134). Springer, Singapore. 10.1007/978-981-33-6835-4_8

Gartner. (2021). Forecast: Internet of Things — Endpoints and Associated Services, Worldwide, 2021.

Jain, R. (2021). WUSTL-IIOT-2021 dataset. https://www.cse.wustl.edu/~jain/iiot2/index.html

Khanday, S. A., Fatima, H., & Rakesh, N. (2023). Implementation of intrusion detection model for DDoS attacks in lightweight IoT Networks. Expert Systems with Applications, 215, 119330. 10.1016/j.eswa.2022.119330

Kolias, C., Kambourakis, G., Stavrou, A., & Voas, J. (2018). BoT-IoT: A dataset for IoT botnet attacks.

Laboratory, L. (1998). 1998 DARPA intrusion detection evaluation dataset.

Labs, F. (2022). 2022 application protection report: In expectation of exfiltration.

Moher, D., Liberati, A., Tetzlaff, J., & Altman, D. G. (2009). Preferred reporting items for systematic reviews and meta-analyses: The PRISMA statement. Annals of Internal Medicine, 151(4), 264–269. 10.7326/0003-4819-151-4-200908180-00135

Moher, D., Shamseer, L., Clarke, M., Ghersi, D., Liberati, A., Petticrew, M., Shekelle, P., Stewart, L. A., & PRISMA-P Group. (2015). Preferred reporting items for systematic review and meta-analysis protocols (PRISMA-P) 2015 statement. Systematic Reviews, 4, 1–9. 10.1186/2046-4053-4-1

Moustafa, N., & Slay, J. (2015). UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In 2015 Military Communications and Information Systems Conference (MilCIS) (pp. 1–6). IEEE. 10.1109/MilCIS.2015.7348942

Ramos, D., Marin, J. M., de Goyeneche, J.-M., & Lopez, D. R. (2020). TON-IoT: A novel dataset for building IoT intrusion detection systems.

Sangodoyin, A. O., Akinsolu, M. O., Pillai, P., & Grout, V. (2021). Detection and classification of DDoS flooding attacks on software-defined networks: A case study for the application of machine learning. IEEE Access, 9, 122495–122508. 10.1109/ACCESS.2021.3109490

Schardt, C., Adams, M. B., Owens, T., Keitz, S., & Fontelo, P. (2007). Utilization of the PICO framework to improve searching PubMed for clinical questions. BMC Medical Informatics and Decision Making, 7(1). 10.1186/1472-6947-7-16

Sharafaldin, I., Lashkari, A. H., & Ghorbani, A. A. (2018). Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSP, 1, 108–116. 10.5220/0006639801080116

Shiravi, A., Shiravi, H., Tavallaee, M., & Ghorbani, A. A. (2012). Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Computers & Security, 31(3), 357–374. 10.1016/j.cose.2011.12.012

Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009). A detailed analysis of the KDD CUP 99 data set. En 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications (pp. 1–6). IEEE. 10.1109/CISDA.2009.5356528

Vieira, M. N., Oliveira, L. P., & Carneiro, L. (2022). A comparative analysis of machine learning algorithms for distributed intrusion detection in IoT Networks. En Springer International Publishing (pp. 249–258). 10.1007/978-3-030-99584-3_22

Wehbi, K., Hong, L., Al-salah, T., & Bhutta, A. A. (2019). A survey on machine learning-based detection on DDoS attacks for IoT systems. IEEE Explore, 1–6. 10.1109/SoutheastCon42311.2019.9020468

Zhang, Y., Liu, Y., Guo, X., Liu, Z., Zhang, X., & Liang, K. (2022). A BiLSTM-based DDoS attack detection method for edge computing. Energies, 15(21). 10.3390/en15217882
Luengo Viñuela, M., & Román Gallego, J.- Ángel. (2024). Systematic Literature Review of Machine Learning Models for Detecting DDoS Attacks in IoT Networks. ADCAIJ: Advances in Distributed Computing and Artificial Intelligence Journal, 13(1), e31919. https://doi.org/10.14201/adcaij.31919

Downloads

Download data is not yet available.
+