IEEE P2668-Compliant Multi-Layer IoT-DDoS Defense System Using Deep Reinforcement Learning

Research output: Journal Publications and ReviewsRGC 21 - Publication in refereed journalpeer-review

21 Scopus Citations
View graph of relations

Related Research Unit(s)

Detail(s)

Original languageEnglish
Pages (from-to)49-64
Journal / PublicationIEEE Transactions on Consumer Electronics
Volume69
Issue number1
Online published12 Oct 2022
Publication statusPublished - Feb 2023

Abstract

The Internet of Things (IoT) has been attracting people to its capability to deal with smart applications. However, with the development of IoT, there are more attacks to threaten IoT systems. Especially, the distributed denial of service (DDoS) attack can lead to mighty destruction to IoT servers, causing the whole IoT network to be out-of-service. Hitherto, given the lack of a common standard for defining the IoT-driven DDoS (IoT-DDoS) attack, the DDoS defense system for IoT is developed without accurate guidance. Additionally, defense against multi-layer IoTDDoS attacks is rarely covered by previous works. To address these issues, a deep reinforcement learning-based multi-layer IoTDDoS defense system (DRL-MLDS) is proposed with the reward metrics in compliance with IEEE P2668 – the first of its kind. In addition, to provide a resilient blocking time configuration for false-positive samples, a new power-law-based blocking time mechanism is developed to cooperate with the DRL-MLDS. The outcome reveals that the DRL-MLDS can reach the same accuracy level (i.e., more than 96%) as previous works under single protocol-based IoT DDoS attack, as well as providing around 97 defense accuracy on multi-layer IoT-DDoS attack, which was rarely discussed in previous works. Additionally, by applying the IEEE P2668-compliant reward metrics, the applicability index (ADex) of DRL-MLDS can be improved from 3.2 to 4.4, fulfilling the recommendation of ADex (e.g., >3.5) toward IoT best practices. The DRL-MLDS can be extended to Metaverse design and applications.

© 2022 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. 

Research Area(s)

  • Computer crime, Deep Reinforcement Learning, Defense, Denial-of-service attack, Feature extraction, Floods, IEEE P2668, Internet of Things, Metaverse, Multi-Layer IoT-DDoS, Protocols, Resilient Blocking Time Mechanism, Servers, Standardized Reward Metrics