Protecting IoT Servers Against Flood Attacks with the Quasi Deterministic Transmission Policy

IoT Servers that receive and process packets from IoT devices should meet the QoS needs of incoming packets, and support Attack Detection software that analyzes the incoming traffic to identify and discard packets that may be part of a Cyberattack. Since UDP Flood Attacks can overwhelm IoT Servers by creating congestion that paralyzes their operation and limits their ability to conduct timely Attack Detection, this paper proposes and evaluates a simple architecture to protect a Server that is connected to a Local Area Network, using a Quasi Deterministic Transmission Policy Forwarder (SQF) at its input port. This Forwarder shapes the incoming traffic, sends it to the Server in a manner which does not modify the overall delay of the packets, and avoids congestion inside the Server. The relevant theoretical background is briefly reviewed, and measurements during a UDP Flood Attack are provided to compare the Server performance, with and without the Forwarder. It is seen that during a UDP Flood Attack, the Forwarder protects the Server from congestion allowing it to effectively identify Attack Packets. On the other hand, the resulting Forwarder congestion can also be eliminated at the Forwarder with "drop" commands generated by the Forwarder itself, or sent by the Server to the Forwarder.