FlowGuard: An Intelligent Edge Defense Mechanism against IoT DDoS Attacks

Internet-of-Things (IoT) devices are getting more and more popular in recent years and IoT networks play an important role in the industry as well as people's activities. On the one hand, they bring convenience to every aspect of our daily life; on the other hand, they are vulnerable to various attacks that in turn cancels out their benefits to a certain degree. In this article, we target the defense techniques against IoT Distributed Denial-of-Service (DDoS) attacks and propose an edge-centric IoT defense scheme termed FlowGuard for the detection, identification, classification, and mitigation of IoT DDoS attacks. We present a new DDoS attack detection algorithm based on traffic variations and design two machine learning models for DDoS identification and classification. To demonstrate the effectiveness of the two machine learning models, we generate a large data set by DDoS simulators BoNeSi and SlowHTTPTest, and combine it with the CICDDoS2019 data set, to test the identification and classification accuracy as well as the model efficiency. Our results indicate that the identification accuracy of the proposed long short-term memory is as high as 98.9%, which significantly outperforms the other four well-known learning models mentioned in the most related work. The classification accuracy of the proposed convolutional neural network is up to 99.9%. Besides, our models satisfactorily meet the delay requirements of IoT when deployed in edge servers with computational powers higher than a personal computer.