Recognition of Denial-of-Service Attacks in IoT Networks with Linear Complexity Model.

The growth in the number of IoT devices and applications, as well as their heterogeneity and hardware limitations, make it difficult to apply traditional security mechanisms. In this way, the IoT layer has become a highly vulnerable part of the network. In this context, an intrusion detection system with low computational complexity is proposed for online recognition of denial-of-service attacks. A common feature of denial-of-service attacks is the sudden increase of a particular type of packet or request. To track this sudden increase, network traffic is first filtered by protocol, and then reduced to the number of packets over time. On these data, the techniques of sliding window and the comparison of moving averages, both adjustable by variables, are applied to identify the anomalies. Tests carried out on data extracted from pcap files, containing attacks carried out on real devices, demonstrate the accuracy in recognizing attacks. Furthermore, the tools and techniques for implementing the proposed model in a realistic environment are described.