Conceptual Framework to Mitigate Internet of Things-DDoS Attacks Using Fog Nodes

Internet of Things has proven to maximize workflow and data sensing capabilities. Contrarily, Distributed Denial of Service attacks that employ compromised Internet of Things devices have caused considerable damage to the Information Technology infrastructure since their advent. More specifically, Application-level attacks facilitated using affected Internet of Things devices are found to be difficult to detect and defend against. Seemingly benign traffic from infected devices exits the network edge to target a remote server. The conceptual framework described in this paper attempts to mitigate malicious Internet of Things traffic at the source network. Fog nodes at the source Autonomous System are utilized in tandem with a ratiometric that flags traffic as well as the originating device as suspicious or benign based on traffic ratios calculated in real-time. Subsequently, malicious traffic is blocked inside the Autonomous System. The burden of protecting the external network from Distributed Denial of Service attacks is transferred to Fog nodes inherent to every source network. The proposed conceptual defense framework is proactive and performs in real-time attack scenarios.