چالشها و راهکارهای شناسایی و پیشگیری از حملات SYN در اینترنت اشیا
محورهای موضوعی : فناوری های نوین در سیستم های توزیع شده و محاسبات الگوریتمی
وصال فیروزی
1
,
حسن شاکری
2
*
,
حسن راعی ثانی
3
1 - گروه مهندسی کامپیوتر، واحد مشهد، دانشگاه آزاد اسلامی، مشهد، ایران
2 - گروه مهندسی کامپیوتر، واحد مشهد، دانشگاه آزاد اسلامی، مشهد، ایران
3 - گروه مهندسی کامپیوتر، واحد مشهد، دانشگاه آزاد اسلامی، مشهد، ایران
کلید واژه: اینترنت اشیا, تشخیص نفوذ, حملات منع سرویس توزیعشده, حمله SYN,
چکیده مقاله :
تعداد و کاربردهای دستگاههای اینترنت اشیا در سالهای اخیر به طور چشمگیری افزایش یافته است. این موضوع باعث افزایش مداوم خطرات و آسیبپذیریهای امنیتی مرتبط با این دستگاهها شده است. یکی از چالشهای اصلی در محیط اینترنت اشیا، تهدید حملات منع سرویس توزیعشده (DDoS) است. حمله SYN یکی از حملات مهم این گونه است که در سالهای اخیر گسترش یافته است. با وجود تحقیقات فراوان در زمینه تشخیص و پیشگیری از حملات SYN، مهاجمان با استفاده از ابزارها و تکنیکهای پیشرفته به راحتی میتوانند از مکانیزمهای تشخیص فرار کنند. این موضوع باعث مشکلات متعددی در تشخیص بلادرنگ چنین حملات مهلکی میشود. در این مقاله، پس از شرح حمله SYN، روشهای تشخیص و پیشگیری از این حمله در دو گروه استراتژیهای میزبان پایانی و استراتژیهای مبتنی بر شبکه، مورد بررسی قرار گرفته است. در نهایت، موضوعات باز و چالشهایی که نیاز به توجه محققان این حوزه دارند، معرفی شده است. این تحقیق، پتانسیل قابلتوجه روشهای مختلف حملات SYN در اینترنت اشیا را روشن میکند و بنابراین بینشهای ارزشمندی را به محققان حوزه امنیت اینترنت اشیا ارائه میدهد.
The number and applications of IoT devices have increased dramatically in recent years. This issue has caused a continuous increase in security risks and vulnerabilities associated with these devices. One of the main challenges in the Internet of things environment is the threat of distributed denial of service (DDoS) attacks. The SYN attack is one of the most important attacks of this type that has spread in recent years. Despite a lot of research in the field of detection and prevention of SYN attacks, attackers can easily evade detection mechanisms using advanced tools and techniques. This issue causes several problems in real-time detection of such deadly attacks. In this article, after the description of the SYN attack, the detection and prevention methods of this attack have been investigated in two groups of end host strategies and network based strategies. Finally, open issues and challenges that need the attention of researchers in this field are introduced. This research sheds light on the significant potential of various SYN attack methods in IoT and thus provides valuable insights to IoT security researchers.
[1] Almazrouei, Essa, Shubair, Raed M., Saffre, Fabrice,, "Internet of nanothings: Concepts and applications," arXiv preprint arXiv:1809.08914., 2018.
[2] Brun, O., Yin, Y., Augusto-Gonzalez, J., Ramos, M., & Gelenbe, E. , "Iot attack detection with deep learning. ," In ISCIS Security Workshop., 2018.
[3] Houbakht Attaran, Nahid Kheibari, Davoud Bahrepour, "Toward integrated smart city: A new model for implementation and design challenges," GeoJournal, pp. 511-526, 2022.
[4] Sarker, I. H., Khan, A. I., Abushark, Y. B., & Alsolami, F., "Internet of things (iot) security intelligence: a comprehensive overview, machine learning solutions and research directions. ," Mobile Networks and Applications, vol. 28, no. 1, pp. 296-312, 2023.
[5] Cil, A.E.; Yildiz, K.; Buldu, A. , "Detection of DDoS attacks with feed forward based deep neural network model.," Expert Syst. Appl., vol. 169, 2021.
[6] Patil, N.V.; Krishna, C.R.; Kumar, K., " SSK-DDoS: Distributed stream processing framework based classification system for DDoS attacks.," Clust. Comput. , vol. 25, p. 355–1372, 2022.
[7] Oncioiu, R., & Simion, E., " Approach to prevent SYN flood DoS Attacks in Cloud. ," In 2018 International Conference on Communications (COMM). IEEE., pp. 447-452), 2018.
[8] M. Sanlı, "Detection and Mitigation of Denial of Service Attacks in Internet of Things Networks. ," Arabian Journal for Science and Engineering, pp. 1-11, 2024.
[9] A. Spognardi, M.D. Donno, N. Dragoni, A. Giaretta,, " Analysis of DDoS-capable IoT malwares,," in: Proceedings of the 2017 Federated Conference on Computer Science and Information Systems, IEEE, pp. 807-816, 2017.
[10] Bala, B., & Behal, S. , "AI techniques for IoT-based DDoS attack detection: Taxonomies, comprehensive review and research challenges.," Computer science review,, vol. 52, 2024.
[11] Wong, F., & Tan, C. X., "A survey of trends in massive DDoS attacks and cloud-based mitigations.," International Journal of Network Security & Its Applications, vol. 6, no. 3, p. 57, 2014.
[12] Ozcelik, M.; Chalabianloo, N.; Gur, G., " Software-Defined Edge Defense Against IoT-Based DDoS.," In Proceedings of the 2017 IEEE International Conference on Computer and Information Technology (CIT), Helsinki, Finland, p. 308–313., 2017.
[13] Kepçeoğlu, B., Murzaeva, A., & Demirci, S. , " Performing energy consuming attacks on IoT devices.," In 2019 27th Telecommunications Forum (TELFOR) (pp. 1-4). IEEE., 2019.
[14] Galeano-Brajones, J., Carmona-Murillo, J., Valenzuela-Valdés, J. F., & Luna-Valero, F. , "Detection and mitigation of DoS and DDoS attacks in IoT-based stateful SDN: An experimental approach.," Sensors, vol. 20, no. 3, pp. 816-823, 2020.
[15] Kumari, P., & Jain, A. K., "Timely detection of DDoS attacks in IoT with dimensionality reduction. ," Cluster Computing, , pp. 1-19, 2024.
[16] Ramadhan, G.; Kurniawan, Y.; Kim, C. S., "Design of TCP SYN flood DDoS attack detection using artificial immune systems.," In IEEE 6th International Conference on System Engineering and Technology (ICSET), pp. 72-76, 2016.
[17] L. DaYin, "A DDoS Attack Detection and Mitigation with Software Defined Internet of Things Framework Security and Trusted Computing For Industrial Internet of Things," IEEE, pp. 24694 -24705, 2018.
[18] Diro, A. A., Chilamkurti, N., & Nam, Y. , "Analysis of lightweight encryption scheme for fog-to-things communication.," IEEE Access, vol. 6, pp. 26820-26830, 2018.
[19] Dang, V. T., Huong, T. T., Thanh, N. H., Nam, P. N., Thanh, N. N., & Marshall, A., " Sdn-based syn proxy—a solution to enhance performance of attack mitigation under tcp syn flood. ," The Computer Journal, vol. 62, no. 4, pp. 518-534, 2019.
[20] Patil, N.V.; Krishna, C.R.; Kumar, K. , "SSK-DDoS: Distributed stream processing framework based classification system for DDoS attacks," Clust. Comput. , vol. 25, p. 1355–1372, 2022.
[21] Berguiga, A., & Harchay, A., "An IoT-Based Intrusion Detection System Approach for TCP SYN Attacks," Computers, Materials & Continua, vol. 71, no. 2, 2022.
[22] Kshirsagar, D., Kumar, S., "A feature reduction based reflected and exploited DDoS attacks detection system.," J. Ambient Intell. Humaniz. Comput. , vol. 13, no. 1, pp. 393-405, 2022.