Luying Zhou, Huaqun Guo, Gelei Deng, A fog computing based approach to DDoS mitigation in IIoT systems, Computers & Security, Volume 85, 2019, Pages 51-62, ISSN 0167-4048, https://doi.org/10.1016/j.cose.2019.04.017.
Distributed denial of service (DDoS) cyber-attack poses a severe threat to the industrial Internet of Things (IIoT) operation due to the security vulnerabilities resulted from increased connectivity and openness, and the large number of deployed low computation power devices. This paper applies Fog computing concept in DDoS mitigation by allocating traffic monitoring and analysis work close to local devices, and, on the other hand, coordinating and consolidating work to cloud central servers so as to achieve fast response while at low false alarm rate. The mitigation scheme consists of real-time traffic filtering via field firewall devices, which are able to reversely filter the signature botnet attack packets; offline specification based traffic analysis via virtualized network functions (VNFs) in the local servers; and centralized coordination via cloud server, which consolidates and correlates the information from the distributed local servers to make a more accurate decision. The proposed scheme is tested in an industrial control system testbed and the experiments evaluate the detection time and rate for two types of DDoS attacks and demonstrate the effectiveness of the scheme.
A*STAR Industrial Internet of Things Research Program, under the RIE2020 IAF-PP Grant A1788a0023.