Lightweight and host-based denial of service (DoS) detection and defense mechanism for resource-constrained IoT devices

The Internet of Things (IoT) is an intelligent network that connects smart objects to the Internet. A large number of IoT devices are connecting to the Internet, yet many of these devices are insecure, exposing them to a number of security threats. Most IoT devices are resource constrained hence making it difficult to secure them using conventional security techniques. A number of researchers have proposed intrusion detection mechanisms implemented at IoT gateways. IoT devices become vulnerable when the security mechanisms put in place at the gateway fails. This has opened a new research into how conventional security measures can be applied to IoT devices through the development of lightweight and host-based security measures. This paper presents a lightweight and host-based detection and defense mechanism to address DoS attacks on IoT devices. We propose an anomaly DoS detection technique based on heuristics to tackle SYN, ICMP and UDP flood attacks through the application of machine learning. We evaluate the performance of the proposed technique based on CPU and memory utilization efficiency, power consumption, time taken to detect and defend against a DoS attack. The proposed technique achieves promising results with respect to the key performance indicators used; an efficient CPU utilization, an average of 23 megabytes of memory usage, a power consumption of 35.8mW and an average detection and mitigation time of 0.10 and 0.22 seconds respectively. (C) 2020 Elsevier B.V. All rights reserved.