Systematic Literature Review of Machine Learning Models for Detecting DDoS Attacks in IoT Networks
Resumen The escalating integration of Internet of Things (IoT) devices has led to a surge in data generation within networks, consequently elevating the vulnerability to Distributed Denial of Service (DDoS) attacks. Detecting such attacks in IoT Networks is critical, and Machine Learning (ML) models have shown efficacy in this realm. This study conducts a systematic review of literature from 2018 to 2023, focusing on DDoS attack detection in IoT Networks using deep learning techniques. Employing the PRISMA methodology, the review identifies and evaluates studies, synthesizing key findings/2**. It highlights that incorporating deep learning significantly enhances DDoS attack detection precision and efficiency, achieving detection rates between 94 % and 99 %. Despite progress, challenges persist, such as limited training data and IoT device processing constraints with large data volumes. This review underscores the importance of addressing these challenges to improve DDoS attack detection in IoT Networks. The research's significance lies in IoT's growing importance and security concerns. It contributes by showcasing current state-of-the-art DDoS detection through deep learning while outlining persistent challenges. Recognizing deep learning's effectiveness sets the stage for refining IoT security protocols, and moreover, by identifying challenges, the research informs strategies to enhance IoT security, fostering a resilient framework.
- Referencias
- Cómo citar
- Del mismo autor
- Métricas
Alaba, F., Hammoudeh, M., & Newman, R. (2021). IoT-23: A dataset of 23 IoT devices for intrusion detection. En 2021 7th International Conference on Information Management (ICIM) (pp. 56–63). IEEE.
Ali, T. E., Chong, Y.-W., & Manickam, S. (2023). Machine learning techniques to detect a DDoS attack in SDN: A systematic review. Applied Sciences, 13(5). 10.3390/app13053183
Alrawashdeh, S., Hossain, M. S., & Al-Dmour, H. (2020). MQTT-IoT-IDS2020: A dataset for evaluating the performance of intrusion detection systems in IoT MQTT environments. Zenodo. 10.5281/zenodo.4449822
Alshammari, R., & Zincir-Heywood, A. N. (2020). CICDDoS2019: A new dataset for DDoS attacks and normal traffic. En 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) (pp. 157–165). IEEE.
Aswad, F. M., Ahmed, A. M. S., Alhammadi, N. A. M., Khalaf, B. A., & Mostafa, S. A. (2023). Deep learning in distributed denial-of-service attacks detection method for Internet of Things networks. Journal of Intelligent Systems, 32(1), 20220155. 10.1515/jisys-2022-0155
Awajan, A. (2023). A novel deep learning-based intrusion detection system for IoT Networks. Computers, 12(2). 10.3390/computers12020034
ElKashlan, M., Aslan, H., & Azer, M. (2022). DDoS attack detection in IoT using machine learning-based intrusion detection system (IDS). IEEE Explore, 19–24. 10.1109/ICENCO55801.2022.10032515
Farukee, M. B., Shabit, M. S. Z., Haque, M. R., & Sattar, A. H. M. S. (2021). DDoS attack detection in IoT Networks using deep learning models combined with random forest as feature selector. In M. Anbar, N. Abdullah, & S. Manickam (Eds.). Advances in Cyber Security. ACeS 2020. Communications in Computer and Information Science (vol. 1347, pp. 118–134). Springer, Singapore. 10.1007/978-981-33-6835-4_8
Gartner. (2021). Forecast: Internet of Things — Endpoints and Associated Services, Worldwide, 2021.
Jain, R. (2021). WUSTL-IIOT-2021 dataset. https://www.cse.wustl.edu/~jain/iiot2/index.html
Khanday, S. A., Fatima, H., & Rakesh, N. (2023). Implementation of intrusion detection model for DDoS attacks in lightweight IoT Networks. Expert Systems with Applications, 215, 119330. 10.1016/j.eswa.2022.119330
Kolias, C., Kambourakis, G., Stavrou, A., & Voas, J. (2018). BoT-IoT: A dataset for IoT botnet attacks.
Laboratory, L. (1998). 1998 DARPA intrusion detection evaluation dataset.
Labs, F. (2022). 2022 application protection report: In expectation of exfiltration.
Moher, D., Liberati, A., Tetzlaff, J., & Altman, D. G. (2009). Preferred reporting items for systematic reviews and meta-analyses: The PRISMA statement. Annals of Internal Medicine, 151(4), 264–269. 10.7326/0003-4819-151-4-200908180-00135
Moher, D., Shamseer, L., Clarke, M., Ghersi, D., Liberati, A., Petticrew, M., Shekelle, P., Stewart, L. A., & PRISMA-P Group. (2015). Preferred reporting items for systematic review and meta-analysis protocols (PRISMA-P) 2015 statement. Systematic Reviews, 4, 1–9. 10.1186/2046-4053-4-1
Moustafa, N., & Slay, J. (2015). UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In 2015 Military Communications and Information Systems Conference (MilCIS) (pp. 1–6). IEEE. 10.1109/MilCIS.2015.7348942
Ramos, D., Marin, J. M., de Goyeneche, J.-M., & Lopez, D. R. (2020). TON-IoT: A novel dataset for building IoT intrusion detection systems.
Sangodoyin, A. O., Akinsolu, M. O., Pillai, P., & Grout, V. (2021). Detection and classification of DDoS flooding attacks on software-defined networks: A case study for the application of machine learning. IEEE Access, 9, 122495–122508. 10.1109/ACCESS.2021.3109490
Schardt, C., Adams, M. B., Owens, T., Keitz, S., & Fontelo, P. (2007). Utilization of the PICO framework to improve searching PubMed for clinical questions. BMC Medical Informatics and Decision Making, 7(1). 10.1186/1472-6947-7-16
Sharafaldin, I., Lashkari, A. H., & Ghorbani, A. A. (2018). Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSP, 1, 108–116. 10.5220/0006639801080116
Shiravi, A., Shiravi, H., Tavallaee, M., & Ghorbani, A. A. (2012). Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Computers & Security, 31(3), 357–374. 10.1016/j.cose.2011.12.012
Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009). A detailed analysis of the KDD CUP 99 data set. En 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications (pp. 1–6). IEEE. 10.1109/CISDA.2009.5356528
Vieira, M. N., Oliveira, L. P., & Carneiro, L. (2022). A comparative analysis of machine learning algorithms for distributed intrusion detection in IoT Networks. En Springer International Publishing (pp. 249–258). 10.1007/978-3-030-99584-3_22
Wehbi, K., Hong, L., Al-salah, T., & Bhutta, A. A. (2019). A survey on machine learning-based detection on DDoS attacks for IoT systems. IEEE Explore, 1–6. 10.1109/SoutheastCon42311.2019.9020468
Zhang, Y., Liu, Y., Guo, X., Liu, Z., Zhang, X., & Liang, K. (2022). A BiLSTM-based DDoS attack detection method for edge computing. Energies, 15(21). 10.3390/en15217882
Ali, T. E., Chong, Y.-W., & Manickam, S. (2023). Machine learning techniques to detect a DDoS attack in SDN: A systematic review. Applied Sciences, 13(5). 10.3390/app13053183
Alrawashdeh, S., Hossain, M. S., & Al-Dmour, H. (2020). MQTT-IoT-IDS2020: A dataset for evaluating the performance of intrusion detection systems in IoT MQTT environments. Zenodo. 10.5281/zenodo.4449822
Alshammari, R., & Zincir-Heywood, A. N. (2020). CICDDoS2019: A new dataset for DDoS attacks and normal traffic. En 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) (pp. 157–165). IEEE.
Aswad, F. M., Ahmed, A. M. S., Alhammadi, N. A. M., Khalaf, B. A., & Mostafa, S. A. (2023). Deep learning in distributed denial-of-service attacks detection method for Internet of Things networks. Journal of Intelligent Systems, 32(1), 20220155. 10.1515/jisys-2022-0155
Awajan, A. (2023). A novel deep learning-based intrusion detection system for IoT Networks. Computers, 12(2). 10.3390/computers12020034
ElKashlan, M., Aslan, H., & Azer, M. (2022). DDoS attack detection in IoT using machine learning-based intrusion detection system (IDS). IEEE Explore, 19–24. 10.1109/ICENCO55801.2022.10032515
Farukee, M. B., Shabit, M. S. Z., Haque, M. R., & Sattar, A. H. M. S. (2021). DDoS attack detection in IoT Networks using deep learning models combined with random forest as feature selector. In M. Anbar, N. Abdullah, & S. Manickam (Eds.). Advances in Cyber Security. ACeS 2020. Communications in Computer and Information Science (vol. 1347, pp. 118–134). Springer, Singapore. 10.1007/978-981-33-6835-4_8
Gartner. (2021). Forecast: Internet of Things — Endpoints and Associated Services, Worldwide, 2021.
Jain, R. (2021). WUSTL-IIOT-2021 dataset. https://www.cse.wustl.edu/~jain/iiot2/index.html
Khanday, S. A., Fatima, H., & Rakesh, N. (2023). Implementation of intrusion detection model for DDoS attacks in lightweight IoT Networks. Expert Systems with Applications, 215, 119330. 10.1016/j.eswa.2022.119330
Kolias, C., Kambourakis, G., Stavrou, A., & Voas, J. (2018). BoT-IoT: A dataset for IoT botnet attacks.
Laboratory, L. (1998). 1998 DARPA intrusion detection evaluation dataset.
Labs, F. (2022). 2022 application protection report: In expectation of exfiltration.
Moher, D., Liberati, A., Tetzlaff, J., & Altman, D. G. (2009). Preferred reporting items for systematic reviews and meta-analyses: The PRISMA statement. Annals of Internal Medicine, 151(4), 264–269. 10.7326/0003-4819-151-4-200908180-00135
Moher, D., Shamseer, L., Clarke, M., Ghersi, D., Liberati, A., Petticrew, M., Shekelle, P., Stewart, L. A., & PRISMA-P Group. (2015). Preferred reporting items for systematic review and meta-analysis protocols (PRISMA-P) 2015 statement. Systematic Reviews, 4, 1–9. 10.1186/2046-4053-4-1
Moustafa, N., & Slay, J. (2015). UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In 2015 Military Communications and Information Systems Conference (MilCIS) (pp. 1–6). IEEE. 10.1109/MilCIS.2015.7348942
Ramos, D., Marin, J. M., de Goyeneche, J.-M., & Lopez, D. R. (2020). TON-IoT: A novel dataset for building IoT intrusion detection systems.
Sangodoyin, A. O., Akinsolu, M. O., Pillai, P., & Grout, V. (2021). Detection and classification of DDoS flooding attacks on software-defined networks: A case study for the application of machine learning. IEEE Access, 9, 122495–122508. 10.1109/ACCESS.2021.3109490
Schardt, C., Adams, M. B., Owens, T., Keitz, S., & Fontelo, P. (2007). Utilization of the PICO framework to improve searching PubMed for clinical questions. BMC Medical Informatics and Decision Making, 7(1). 10.1186/1472-6947-7-16
Sharafaldin, I., Lashkari, A. H., & Ghorbani, A. A. (2018). Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSP, 1, 108–116. 10.5220/0006639801080116
Shiravi, A., Shiravi, H., Tavallaee, M., & Ghorbani, A. A. (2012). Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Computers & Security, 31(3), 357–374. 10.1016/j.cose.2011.12.012
Tavallaee, M., Bagheri, E., Lu, W., & Ghorbani, A. A. (2009). A detailed analysis of the KDD CUP 99 data set. En 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications (pp. 1–6). IEEE. 10.1109/CISDA.2009.5356528
Vieira, M. N., Oliveira, L. P., & Carneiro, L. (2022). A comparative analysis of machine learning algorithms for distributed intrusion detection in IoT Networks. En Springer International Publishing (pp. 249–258). 10.1007/978-3-030-99584-3_22
Wehbi, K., Hong, L., Al-salah, T., & Bhutta, A. A. (2019). A survey on machine learning-based detection on DDoS attacks for IoT systems. IEEE Explore, 1–6. 10.1109/SoutheastCon42311.2019.9020468
Zhang, Y., Liu, Y., Guo, X., Liu, Z., Zhang, X., & Liang, K. (2022). A BiLSTM-based DDoS attack detection method for edge computing. Energies, 15(21). 10.3390/en15217882
Luengo Viñuela, M., & Román Gallego, J.- Ángel. (2024). Systematic Literature Review of Machine Learning Models for Detecting DDoS Attacks in IoT Networks. ADCAIJ: Advances in Distributed Computing and Artificial Intelligence Journal, 13(1), e31919. https://doi.org/10.14201/adcaij.31919
Descargas
Los datos de descargas todavía no están disponibles.
+
−