|Protecting IoT Servers Against Flood Attacks with the Quasi Deterministic Transmission Policy
|Gelenbe E, Nasereddin M
|The 22nd IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom-2023)
|Congestion, Cyberattack Detection, Internet of Things (IoT), Quality of service, Quasi-Deterministic Transmission Policy (QDTP), Traffic Shaping
Servers at Supply Chains that receive packets from IoT devices should meet the QoS needs of incoming packets, and protect the system from Cyberattacks. UDP Floods are often part of Cyberattacks that overwhelm Supply Chains and the IoT through congestion that paralyzes their operation and limits their ability for timely Attack Detection.Thus this paper proposes an architecture that protects a connected Server using a Smart Quasi-Deterministic Transmission Policy Forwarder placed at its input port. This Forwarder shapes the incoming traffic, sends it to the Server without modifying the overall packet delay, and avoids Server congestion. The relevant theoretical background is reviewed, and measurements during a UDP Flood Attack are provided to compare the Server performance, with and without the Forwarder. It is seen that during a UDP Flood Attack, the Forwarder protects the Server from congestion allowing it to effectively identify Attack Packets. The resulting Forwarder congestion is also eliminated with “drop” commands generated by the Forwarder, or sent by the Server to the Forwarder.