DDoS Attack Identification
( 2 ) Interaction between IoT devices and distributed nodes . Many problems with IoT devices can be solved using blockchain and smart contracts . If / when DDoS attacks are successful , they may create logjams ( extra transaction volume and latency ) at impacted nodes and interfaces . If these nodes and interfaces each have smart contracts with transaction volume and latency rules , then we ' ll get reports on when and where the logjams occur . Sensing DDoS anomalies at the source is , therefore , more time and cost-efficient than mining anomalies from a central data lake .
( 3 ) Resistance to IoT cyberattacks . IoT devices typically lack the resources or capabilities to perform full-fledged security processes in the face of threats . - Lightweight security approaches may be useful , but they are still in their infancy . Hackers will find it far more difficult to disrupt the Blockchain without having enough CPU power to outrun the combined CPU power of the entire network and without being discovered with Blockchain and decentralized ledgers . Node based Smart contracts also allow IoT devices to define agreements on specific actions , behaviors , and results , allowing hackers ' anomalous conduct to be spotted , detected , and reported automatically . Furthermore , with the trusted Blockchain , it is feasible to set a " zero-trust " policy in the distributed network , which might monitor all network transactions and aid in the detection of strange behaviors , potential misuses , and assaults . Without being noticed and stopped , lateral moves from the hackers to the attacking targets will be far more difficult .
Deception-based defense is an effective cyber defense strategy which employs a variety of techniques to deceive , perplex , and apprehend dangerous hackers . Address hopping , network telescopes , and honeypots are examples of common methods . Radio networks are vulnerable , yet uniquely equipped to locate and apply covert radio countermeasures for IoT DDoS attacks .
Numerous radio DDoS mitigation and remediation procedures can be targeted at specific locations and cell sites . This targeted strategy will be enabled by the location fingerprinting of DDoS UE and the possibility of " swarms " of DDoS UE . While active , all cellular UEs adjust their uplink transmit burst timing to align with the frame structure of the serving cell site receiver .
As each UE moves further away , uplink transmits bursts take longer to reach the cell site . When the reception is delayed beyond a threshold , the cell site commands the UE to increase the timing advance value , thus sending uplink bursts sooner to overcome the additional delay . Each timing advance increment represents a 78M distance between the UE and cell site .
When classified as DDoS , the timing advance value can be used to geolocate the perpetrator UE within a 78M band around the known cell site location . When there are handovers between two cell sites of known location , the old ( before handover ) and new ( after handover ) timing advance values can be used to narrow the location estimate even further . If there are handovers between
66 March 2022