Distributed Denial of Service (DDoS) Mitigation Using Blockchain—A Comprehensive Insight
Abstract
:1. Introduction
1.1. Problem Statement
1.2. Motivation
1.3. Objectives/Contributions
- To discuss current applications of blockchain for DDoS mitigation in all related domains
- To provide a comprehensive review of researches surrounding this domain
- To classify mitigation approaches based on the dominant method/technology/technique
- To tabulate essential findings of all related papers, providing a quick insight about the progress in this field of study
1.4. Paper Organization
2. Theoretical Background
2.1. DDoS Attack Types
- Application layer attacks: This is a layer seven network architecture attack aimed at target resource exhaustion leading to denial of service [38]. The attacker leverages application or system vulnerabilities, causing network instability. These attacks are often mistaken as implementation errors because of the low rate traffic required to execute them successfully.Examples include HTTP flood, Slowloris and Zero-day attack. An HTTP flood is an attack whereby continuous access is requested from multiple devices, exhausting the capabilities of the targeted device. A typical setup for an HTTP flood is presented in Figure 2. Slowloris sends incomplete requests at predefined intervals, aiming at keeping the request channels engaged for an extended period of time, preventing legitimate access to the target devices [37,38,39,40,41].
- Resource exhaustion attack: Network layer and transport layer vulnerabilities are exploited by this DDoS attack. These are also referred as state exhaustion attacks depleting computing resources such as computational power and primary and secondary memories. Since this attack exploits protocol vulnerabilities in addition to being voluminous, it forms a hybrid between specific messages and volume being sent to the victim. TCP SYN floods send SYN messages to the victim but provide no confirmation to the victim for establishment of a connection with spoofed source IP addresses. In this manner, the target resources are exhausted over time, since it responds to each hand shake but never receives any confirmation from the attacker [37,41]. Other examples include Ping of Death, which are ping packets greater than 65,535 bytes, making the victim inaccessible, and Smurf attack, which destabilizes the victim services by sending a large volume of ICMP packets [39,41]. As seen in Figure 3, the attacker creates a network packet attached to a false IP address (spoofing), transmitting an ICMP ping message. The network nodes are required to reply. The replies follow an infinite loop by being sent back to the network IPs.
- Volumetric attacks: Massive amounts of data are sent to the victim using botnets or other amplification methods, exhausting the bandwidth between the target and larger network/internet. UDP protocol is commonly used to exploit any excessive increase in packet size. DNS amplification attacks perform service requests to change the source address field with the victim’s address, causing response amplification by the servers and exhausting the victim bandwidth, as demonstrated in Figure 4 [37,40,41]. Similarly, ICMP floods send abnormal packets to target servers, making them inaccessible to legitimate requests [39,40,41].
2.2. Blockchain
- Database: This aspect covers blockchains’ fundamental capability or buildup of storing the information in a non-traditional method and structure (rows and columns). It stores all transaction records of the participating users with high throughput, no central control and immutable records, among others.
- Blocks: Blocks store data associated with different transactions among the participating users. They are chained together storing hash values of previous blocks, forming a loop of tightly interconnected data. Typically divided into two, the header contains information about the block in the chain, while the latter part is associated with storing the actual transactional data [45,46].
- Hash: These are complex mathematical problems responsible for identification and verification. Miners must solve these problems in order to trace a block, while the hash function for two messages cannot be the same, allowing verification. A hash table is maintained for efficient indexing while the next blocks store hashes of previous blocks in the chain [45,47,48].
- Miner: A network node that solves a computational problem locating a new block is referred as a block miner. New transactions are broadcasted across the chain, and participants efforts are rewarded based on proof-of-work. The generated block is accepted into the chain when the miners start working on the next block, so that the previous hash is stored, ensuring continuity of the chain [45,47].
- Consensus: Consensus over records is a key characteristic in blockchain achieved via various consensus mechanism. The famous ones are Proof of Work (PoW) and Proof of Stake (PoS); the former ones reward based on proof of the work for block generation while the latter distributes work based on a participant’s virtual currency tokens [45,46].
3. Review Methodology
- Selection of relevant and appropriate digital libraries for search of relevant literature.
- Design and refinement of search terms based on essential keywords concerning the subject of the study.
- Refinement of retrieved results based on relevant search filters to studies associated with the domain.
- Selection of studies defining inclusion and exclusion criteria based on title, abstract, keywords and content.
3.1. Sources
3.2. Search Methodology:
- The search term was based on the keywords that directly relate to the topic under discussion. The search term used in this review was “DDoS” AND “Mitigation” AND “Using” AND “Blockchain” IN “All Fields”, to include all possible studies relating to the keyword domains. The search retrieved a total of 368 research articles.
- The following filters were applied to the retrieved results
- Limit by Subject Area—Results were filtered by Computer Science AND Engineering AND Mathematics AND Decision Sciences AND Multidisciplinary. A total of 359 documents were displayed.However, this study wanted to verify that the unrelated subject areas do not contain any related researches. Multiple related documents were found categorized in unrelated domains. Hence, the filter was removed, setting the number of primary documents back to 368.
- Exclude by Document Type—Results were filtered by Review and Conference Review. However, in a separate search, these documents were checked to verify any reviews written in this domain. Exclusion yielded 317 documents.
- Limit by Language—Filter results by English. Six items were dropped, leaving the number of items to 313 documents.
3.3. Inclusion and Exclusion Criteria
- Inclusion Criteria
- Studies reporting usage of blockchain for DDoS mitigation
- All studies in this domain to date were included (2015–2021)
- Exclusion Criteria
- Studies reporting only DDoS or DDoS mitigation or blockchain
- Other surveys about DDoS mitigation
- Studies dealing with protection of blockchain or its applications
- Unavailable full prints such as Symposiums and Workshops
- Surveys were filtered during the search
4. Comprehensive Review
4.1. Software-Defined Networking (SDN)
4.2. Blockchain and Smart Contracts
4.3. Blockchain Structure
4.4. Artificial Intelligence
4.5. Collaborative Platforms
5. Discussion—Open Challenges and Opportunities
6. Conclusions
Author Contributions
Funding
Acknowledgments
Conflicts of Interest
References
- Agrawal, N.; Tapaswi, S. Defense Mechanisms against DDoS Attacks in a Cloud Computing Environment: State-of-the-Art and Research Challenges. IEEE Commun. Surv. Tutorials 2019, 21, 3769–3795. [Google Scholar] [CrossRef]
- Banitalebi Dehkordi, A.; Soltanaghaei, M.R.; Boroujeni, F.Z. The DDoS attacks detection through machine learning and statistical methods in SDN. J. Supercomput. 2020, 1–33. [Google Scholar] [CrossRef]
- Fazeldehkordi, E.; Owe, O.; Ramezanifarkhani, T. A Language-Based Approach to Prevent DDoS Attacks in Distributed Financial Agent Systems. In Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Springer: Berlin/Heidelberg, Germany, 2020; Volume 11981, pp. 258–277. [Google Scholar] [CrossRef]
- Singh, K.; Dhindsa, K.S.; Nehra, D. T-CAD: A threshold based collaborative DDoS attack detection in multiple autonomous systems. J. Inf. Secur. Appl. 2020, 51, 102457. [Google Scholar] [CrossRef]
- Cheng, J.; Li, J.; Tang, X.; Sheng, V.S.; Zhang, C.; Li, M. A novel DDoS attack detection method using optimized generalized multiple kernel learning. Comput. Mater. Contin. 2020, 62, 1423–1443. [Google Scholar] [CrossRef]
- Mirchev, M.J.; Mirtchev, S.T. System for DDoS attack mitigation by discovering the attack vectors through statistical traffic analysis. Int. J. Inf. Comput. Secur. 2020, 13, 309–321. [Google Scholar] [CrossRef]
- Lotfalizadeh, H.; Kim, D.S. Investigating Real-Time Entropy Features of DDoS Attack Based on Categorized Partial-Flows. In Proceedings of the 2020 14th International Conference on Ubiquitous Information Management and Communication (IMCOM), Taichung, Taiwan, 3–5 January 2020. [Google Scholar] [CrossRef]
- Abubakar, R.; Aldegheishem, A.; Faran Majeed, M.; Mehmood, A.; Maryam, H.; Ali Alrajeh, N.; Maple, C.; Jawad, M. An Effective Mechanism to Mitigate Real-Time DDoS Attack. IEEE Access 2020, 8, 126215–126227. [Google Scholar] [CrossRef]
- Yuan, B.; Zhao, H.; Lin, C.; Zou, D.; Yang, L.T.; Jin, H.; He, L.; Yu, S. Minimizing Financial Cost of DDoS Attack Defense in Clouds with Fine-Grained Resource Management. IEEE Trans. Netw. Sci. Eng. 2020. [Google Scholar] [CrossRef]
- Khooi, X.Z.; Csikor, L.; Divakaran, D.M.; Kang, M.S. DIDA: Distributed in-Network Defense Architecture against Amplified Reflection DDoS Attacks. In Proceedings of the 2020 IEEE Conference on Network Softwarization: Bridging the Gap Between AI and Network Softwarization (NetSoft), Ghent, Belgium, 29 June–3 July 2020; pp. 277–281. [Google Scholar] [CrossRef]
- Wang, A.; Chang, W.; Chen, S.; Mohaisen, A. A Data-Driven Study of DDoS Attacks and Their Dynamics. IEEE Trans. Dependable Secur. Comput. 2020, 17, 648–661. [Google Scholar] [CrossRef]
- Saxena, U.; Sodhi, J.S.; Singh, Y. An Analysis of DDoS Attacks in a Smart Home Networks. In Proceedings of the Confluence 2020—10th International Conference on Cloud Computing, Data Science and Engineering, Noida, India, 29–31 January 2020; pp. 272–276. [Google Scholar] [CrossRef]
- Kotey, S.; Tchao, E.; Gadze, J. On Distributed Denial of Service Current Defense Schemes. Technologies 2019, 7, 19. [Google Scholar] [CrossRef] [Green Version]
- Choi, S.; An, Y.; Sasase, I. A Lightweight Detection Using Bloom Filter against Flooding DDoS Attack. IEICE Trans. Inf. Syst. 2020, 103, 2600–2610. [Google Scholar] [CrossRef]
- NETSCOUT. High-Profile DDoS Extortion Attacks—September 2020. Available online: https://www.netscout.com/blog/asert/high-profile-ddos-extortion-attacks-september-2020 (accessed on 14 January 2021).
- Cisco Annual Internet Report—Cisco Annual Internet Report (2018–2023) White Paper—Cisco. Available online: https://www.cisco.com/c/en/us/solutions/collateral/executive-perspectives/annual-internet-report/white-paper-c11-741490.html (accessed on 18 January 2021).
- Ko, I.; Chambers, D.; Barrett, E. Unsupervised learning with hierarchical feature selection for DDoS mitigation within the ISP domain. ETRI J. 2019, 41, 574–584. [Google Scholar] [CrossRef] [Green Version]
- Mohammed, S.S.; Hussain, R.; Senko, O.; Bimaganbetov, B.; Lee, J.Y.; Hussain, F.; Kerrache, C.A.; Barka, E.; Alam Bhuiyan, M.Z. A New Machine Learning-based Collaborative DDoS Mitigation Mechanism in Software-Defined Network. In Proceedings of the International Conference on Wireless and Mobile Computing, Networking and Communications, Limassol, Cyprus, 15–17 October 2018. [Google Scholar] [CrossRef]
- Ko, I.; Chambers, D.; Barrett, E. Adaptable feature-selecting and threshold-moving complete autoencoder for DDoS flood attack mitigation. J. Inf. Secur. Appl. 2020, 55. [Google Scholar] [CrossRef]
- Essaid, M.; Kim, D.Y.; Maeng, S.H.; Park, S.; Ju, H.T. A Collaborative DDoS Mitigation Solution Based on Ethereum Smart Contract and RNN-LSTM. In Proceedings of the 2019 20th Asia-Pacific Network Operations and Management Symposium: Management in a Cyber-Physical World (APNOMS 2019), Matsue, Japan, 18–20 September 2019. [Google Scholar] [CrossRef]
- Ko, I.; Chambers, D.; Barrett, E. Feature Dynamic Deep Learning Approach for DDoS Mitigation within the ISP Domain. In Proceedings of the International Journal of Information Securitym; Springer: Berlin/Heidelberg, Germany, 2020; Volume 19, pp. 53–70. [Google Scholar] [CrossRef]
- Simpson, K.A.; Rogers, S.; Pezaros, D.P. Per-Host DDoS Mitigation by Direct-Control Reinforcement Learning. IEEE Trans. Netw. Serv. Manag. 2020, 17, 103–117. [Google Scholar] [CrossRef]
- Hugues-Salas, E.; Ntavou, F.; Ou, Y.; Kennard, J.E.; White, C.; Gkounis, D.; Nikolovgenis, K.; Kanellos, G.; Erven, C.; Lord, A.; et al. Experimental demonstration of DDoS mitigation over a Quantum key distribution (QKD) network using Software Defined Networking (SDN). In Proceedings of the 2018 Optical Fiber Communications Conference and Exposition (OFC), San Diego, CA, USA, 11–15 March 2018; Available online: https://ieeexplore.ieee.org/document/8385709 (accessed on 28 January 2021).
- Harikrishna, P.; Amuthan, A. SDN-based DDoS Attack Mitigation Scheme using Convolution Recursively Enhanced Self Organizing Maps. Sadhana Acad. Proc. Eng. Sci. 2020, 45. [Google Scholar] [CrossRef]
- Huong, T.T.; Thanh, N.H. Software defined networking-based One-packet DDoS mitigation architecture. In Proceedings of the 11th International Con-ference on Ubiquitous Information Management and Communication (IMCOM 2017), Beppu, Japan, 5–7 January 2017; Available online: https://dl.acm.org/doi/abs/10.1145/3022227.3022336 (accessed on 28 January 2021).
- Hameed, S.; Khan, H.A. Leveraging SDN for Collaborative DDoS Mitigation. In Proceedings of the 2017 International Conference on Networked Systems (NetSys 2017), Gottingen, Germany, 13–16 March 2017. [Google Scholar] [CrossRef]
- Hameed, S.; Khan, H.A. SDN based collaborative scheme for mitigation of DDoS attacks. Futur. Internet 2018, 10, 23. [Google Scholar] [CrossRef] [Green Version]
- Somani, G.; Gaur, M.S.; Sanghi, D.; Conti, M.; Buyya, R. Service resizing for quick DDoS mitigation in cloud computing environment. Ann. Telecommun. Telecommun. 2017, 72, 237–252. [Google Scholar] [CrossRef]
- Kuka, M.; Vojanec, K.; Kucera, J.; Benacek, P. Accelerated DDoS Attacks Mitigation Using Programmable Data Plane. In Proceedings of the 2019 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS 2019), Cambridge, UK, 24–25 September 2019. [Google Scholar] [CrossRef]
- Ko, I.; Chambers, D.; Barrett, E. Self-supervised network traffic management for DDoS mitigation within the ISP domain. Futur. Gener. Comput. Syst. 2020, 112, 524–533. [Google Scholar] [CrossRef]
- Ko, I.; Chambers, D.; Barrett, E. A Lightweight DDoS Attack Mitigation System within the ISP Domain Utilising Self-Organizing Map. In Proceedings of the Advances in Intelligent Systems and Computing; Springer: Berlin/Heidelberg, Germany, 2019; Volume 881, pp. 173–188. [Google Scholar] [CrossRef]
- Bulbul, N.S.; Fischer, M. SDN/NFV-Based DDoS Mitigation via Pushback. In Proceedings of the IEEE International Conference on Communications, Dublin, Ireland, 7–11 June 2020. [Google Scholar] [CrossRef]
- Beigi-Mohammadi, N.; Barna, C.; Shtern, M.; Khazaei, H.; Litoiu, M. CAAMP: Completely Automated DDoS Attack Mitigation Platform in Hybrid Clouds. In Proceedings of the 2016 12th International Conference on Network and Service Management (CNSM), Montreal, QC, Canada, 31 October–4 November 2016; pp. 136–143. [Google Scholar] [CrossRef]
- Fulber Garcia, V.; De Freitas Gaiardo, G.; Da Cruz Marcuzzo, L.; Ceretta Nunes, R.; Paula Dos Santos, C.R. DeMONS: A DDoS Mitigation NFV Solution. In Proceedings of the Proceedings—International Conference on Advanced Information Networking and Applications (AINA), Krakow, Poland, 16–18 May 2018; pp. 769–776. [Google Scholar] [CrossRef]
- Zhou, L.; Guo, H.; Deng, G. A fog computing based approach to DDoS mitigation in IIoT systems. Comput. Secur. 2019, 85, 51–62. [Google Scholar] [CrossRef]
- Lohachab, A.; Karambir, B. Critical Analysis of DDoS—An Emerging Security Threat over IoT Networks. J. Commun. Inf. Netw. 2018, 3, 57–78. [Google Scholar] [CrossRef]
- Dantas Silva, F.S.; Silva, E.; Neto, E.P.; Lemos, M.; Venancio Neto, A.J.; Esposito, F. A Taxonomy of DDoS Attack Mitigation Approaches Featured by SDN Technologies in IoT Scenarios. Sensors 2020, 20, 3078. [Google Scholar] [CrossRef]
- Srinivasan, K.; Mubarakali, A.; Alqahtani, A.S.; Dinesh Kumar, A. A Survey on the Impact of DDoS Attacks in Cloud Computing: Prevention, Detection and Mitigation Techniques. In Lecture Notes on Data Engineering and Communications Technologies; Springer: Berlin/Heidelberg, Germany, 2020; Volume 33, pp. 252–270. [Google Scholar]
- Adhikary, K.; Bhushan, S.; Kumar, S.; Dutta, K. Hybrid Algorithm to Detect DDoS Attacks in VANETs. Wirel. Pers. Commun. 2020, 114, 3613–3634. [Google Scholar] [CrossRef]
- Vishwakarma, R.; Jain, A.K. A survey of DDoS attacking techniques and defence mechanisms in the IoT network. Telecommun. Syst. 2020, 73, 3–25. [Google Scholar] [CrossRef]
- Azahari Mohd Yusof, M.; Hani Mohd Ali, F.; Yusof Darus, M. Detection and Defense Algorithms of Different Types of DDoS Attacks. Int. J. Eng. Technol. 2018, 9, 410–444. [Google Scholar] [CrossRef] [Green Version]
- Singh, K.; Singh, P.; Kumar, K. Application layer HTTP-GET flood DDoS attacks: Research landscape and challenges. Comput. Secur. 2017, 65, 344–372. [Google Scholar] [CrossRef]
- Gupta, B.B.; Badve, O.P. Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a Cloud computing environment. Neural Comput. Appl. 2017, 28, 3655–3682. [Google Scholar] [CrossRef]
- Alkadi, O.; Moustafa, N.; Turnbull, B. A Review of Intrusion Detection and Blockchain Applications in the Cloud: Approaches, Challenges and Solutions. IEEE Access 2020, 8, 104893–104917. [Google Scholar] [CrossRef]
- Atlam, H.F.; Wills, G.B. Technical aspects of blockchain and IoT. In Advances in Computers; Academic Press: Amsterdam, The Netherlands, 2019; Volume 115, pp. 1–39. ISBN 9780128171899. [Google Scholar] [CrossRef]
- Khan, M.A.; Salah, K. IoT security: Review, blockchain solutions, and open challenges. Futur. Gener. Comput. Syst. 2018, 82, 395–411. [Google Scholar] [CrossRef]
- Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction—Arvind Narayanan, Joseph Bonneau, Edward Felten, Andrew Miller, Steven Goldfeder—Google Books. Available online: https://books.google.com.my/books?hl=en&lr=&id=LchFDAAAQBAJ&oi=fnd&pg=PP1&dq=Bitcoin+and+Cryptocurrency+Technologies&ots=AslEeY0InJ&sig=Rvnpl7K-O4XsMte7sftyGMYmbzU&redir_esc=y#v=onepage&q=BitcoinandCryptocurrencyTechnologies&f=false (accessed on 15 January 2021).
- Peters, G.W.; Panayi, E. Understanding modern banking ledgers through blockchain technologies: Future of transaction processing and smart contracts on the internet of money. New Econ. Wind. 2016, 239–278. [Google Scholar] [CrossRef] [Green Version]
- Ismail, L.; Materwala, H. A Review of Blockchain Architecture and Consensus Protocols: Use Cases, Challenges, and Solutions. Symmetry 2019, 11, 1198. [Google Scholar] [CrossRef] [Green Version]
- Abou El Houda, Z.; Hafid, A.S.; Khoukhi, L. Cochain-SC: An Intra-and Inter-Domain Ddos Mitigation Scheme Based on Blockchain Using SDN and Smart Contract. IEEE Access 2019, 7, 98893–98907. [Google Scholar] [CrossRef]
- El Houda, Z.A.; Hafid, A.; Khoukhi, L. Co-IoT: A Collaborative DDoS Mitigation Scheme in IoT Environment Based on Blockchain Using SDN. In Proceedings of the 2019 IEEE Global Communications Conference, GLOBECOM 2019—Proceedings, Waikoloa, HI, USA, 9–13 December 2019. [Google Scholar] [CrossRef]
- Rodrigues, B.; Bocek, T.; Lareida, A.; Hausheer, D.; Rafati, S.; Stiller, B. A Blockchain-Based Architecture for Collaborative DDoS Mitigation with Smart Contracts. In Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Springer: Berlin/Heidelberg, Germany, 2017; Volume 10356, pp. 16–29. [Google Scholar] [CrossRef] [Green Version]
- Ahmed, Z.; Danish, S.M.; Qureshi, H.K.; Lestas, M. Protecting IoTs from Mirai Botnet Attacks Using Blockchains. In Proceedings of the IEEE International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), Limassol, Cyprus, 11–13 September 2019. [Google Scholar]
- Rodrigues, B.; Bocek, T.; Stiller, B. Multi-Domain DDoS Mitigation Based on Blockchains. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Limassol, Cyprus, 11–13 September 2019; Springer: Berlin/Heidelberg, Germany, 2017; Volume 10356, pp. 185–190. [Google Scholar]
- Misra, S.; Deb, P.K.; Pathak, N.; Mukherjee, A. Blockchain-Enabled SDN for Securing Fog-Based Resource-Constrained IoT. In Proceedings of the IEEE INFOCOM 2020–IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Toronto, ON, Canada, 6–9 July 2020; pp. 490–495. [Google Scholar] [CrossRef]
- Giri, N.; Jaisinghani, R.; Kriplani, R.; Ramrakhyani, T.; Bhatia, V. Distributed Denial of Service(DDoS) Mitigation in Software Defined Network using Blockchain. In Proceedings of the 3rd International Conference on I-SMAC IoT in Social, Mobile, Analytics and Cloud (I-SMAC), Palladam, India, 12–14 December 2019; pp. 673–678. [Google Scholar] [CrossRef]
- Gul, M.J.; Rehman, A.; Paul, A.; Rho, S.; Riaz, R.; Kim, J. Blockchain Expansion to secure Assets with Fog Node on special Duty. Soft Comput. 2020, 24, 15209–15221. [Google Scholar] [CrossRef]
- Al-Sakran, H.; Alharbi, Y.; Serguievskaia, I. Framework Architecture for Securing Iot Using Blockchain, Smart Contract and Software Defined Network Technologies. In Proceedings of the 2019 2nd International Conference on New Trends in Computing Sciences (ICTCS), Amman, Jordan, 9–11 October 2019. [Google Scholar] [CrossRef]
- Hajizadeh, M.; Afraz, N.; Ruffini, M.; Bauschert, T. Collaborative Cyber Attack Defense in SDN Networks Using Blockchain Technology. In Proceedings of the 2020 IEEE Conference on Network Softwarization: Bridging the Gap Between AI and Network Softwarization (NetSoft), Ghent, Belgium, 29 June–3 July 2020; pp. 487–492. [Google Scholar] [CrossRef]
- Bose, A.; Aujla, G.S.; Singh, M.; Kumar, N.; Cao, H. Blockchain as a Service for Software Defined Networks: A Denial of Service Attack Perspective. In Proceedings of the 2019 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), Fukuoka, Japan, 5–8 August 2019; pp. 901–906. [Google Scholar]
- Singh, M.; Aujla, G.S.; Singh, A.; Kumar, N.; Garg, S. Deep-Learning-Based Blockchain Framework for Secure Software-Defined Industrial Networks. IEEE Trans. Ind. Inform. 2021, 17, 606–616. [Google Scholar] [CrossRef]
- Lokesh, B.; Rajagopalan, N. A Blockchain-Based Security Model for SDNs. In Proceedings of the CONECCT 2020—6th IEEE International Conference on Electronics, Computing and Communication Technologies, Bangalore, India, 2–4 July 2020. [Google Scholar] [CrossRef]
- Kumari, A.; Gupta, R.; Tanwar, S.; Kumar, N. A taxonomy of blockchain-enabled softwarization for secure UAV network. Comput. Commun. 2020, 161, 304–323. [Google Scholar] [CrossRef]
- El Houda, Z.A.; Hafid, A.; Khoukhi, L. Blockchain Meets AMI: Towards Secure Advanced Metering Infrastructures. In Proceedings of the IEEE International Conference on Communications, Dublin, Ireland, 7–11 June 2020. [Google Scholar] [CrossRef]
- Kim, K.; You, Y.; Park, M.; Lee, K. DDoS Mitigation: Decentralized CDN Using Private Blockchain. In Proceedings of the International Conference on Ubiquitous and Future Networks (ICUFN), Prague, Czech Republic, 3–6 July 2018; 2018; pp. 693–696. [Google Scholar] [CrossRef]
- Sharma, R.K.; Pippal, R.S. Malicious Attack and Intrusion Prevention in IoT Network Using Blockchain Based Security Analysis. In Proceedings of the Proceedings—2020 12th International Conference on Computational Intelligence and Communication Networks (CICN), Bhimtal, India, 25–26 September 2020; pp. 380–385. [Google Scholar] [CrossRef]
- Han, X.; Zhang, R.; Liu, X.; Jiang, F. Biologically Inspired Smart Contract: A Blockchain-Based DDoS Detection System. In Proceedings of the 2020 IEEE International Conference on Networking, Sensing and Control (ICNSC), Nanjing, China, 30 October–2 November 2020. [Google Scholar] [CrossRef]
- Manikumar, D.V.V.S.; Maheswari, B.U. Blockchain Based DDoS Mitigation Using Machine Learning Techniques. In Proceedings of the 2nd International Conference on Inventive Research in Computing Applications (ICIRCA), Coimbatore, India, 15–17 July 2020; pp. 794–800. [Google Scholar] [CrossRef]
- Chen, M.; Tang, X.; Cheng, J.; Xiong, N.; Li, J.; Fan, D. A DDoS Attack Defense Method Based on Blockchain for IoTs Devices. In Proceedings of the Communications in Computer and Information Science; Springer Science and Business Media Deutschland GmbH: Singapore, 2020; Volume 1253, pp. 685–694. [Google Scholar] [CrossRef]
- Jia, B.; Liang, Y. Anti-D chain: A lightweight DDoS attack detection scheme based on heterogeneous ensemble learning in blockchain. China Commun. 2020, 17, 11–24. [Google Scholar] [CrossRef]
- Rodrigues, B.; Scheid, E.; Killer, C.; Franco, M.; Stiller, B. Blockchain Signaling System (BloSS): Cooperative Signaling of Distributed Denial-of-Service Attacks. J. Netw. Syst. Manag. 2020, 28, 953–989. [Google Scholar] [CrossRef]
- Rodrigues, B.; Stiller, B. Cooperative Signaling of DDoS Attacks in a Blockchain-Based Network. In Proceedings of the ACM SIGCOMM 2019 Conference Posters and Demos, Beijing, China, 19–23 August 2019; pp. 39–41. [Google Scholar] [CrossRef]
- Rodrigues, B.; Trendafilov, S.; Scheid, E.; Stiller, B. SC-FLARE: Cooperative DDoS Signaling Based on Smart Contracts. In Proceedings of the IEEE International Conference on Blockchain and Cryptocurrency (ICBC), Toronto, ON, Canada, 2–6 May 2020. [Google Scholar] [CrossRef]
- Gruhler, A.; Rodrigues, B.; Stiller, B. A Reputation Scheme for a Blockchain-based Network Cooperative Defense. In Proceedings of the 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), Arlington, VA, USA, 8–12 April 2019; pp. 71–79. Available online: https://ieeexplore.ieee.org/document/8717909 (accessed on 2 February 2021).
- Killer, C.; Rodrigues, B.; Stiller, B. Security Management and Visualization in a Blockchain-Based Collaborative Defense. In Proceedings of the ICBC 2019—IEEE International Conference on Blockchain and Cryptocurrency, Seoul, Korea, 14–17 May 2019; pp. 108–111. [Google Scholar] [CrossRef] [Green Version]
- Yeh, L.Y.; Lu, P.J.; Huang, S.H.; Huang, J.L. SOChain: A Privacy-Preserving DDoS Data Exchange Service over SOC Consortium Blockchain. IEEE Trans. Eng. Manag. 2020, 67, 1487–1500. [Google Scholar] [CrossRef]
- Pavlidis, A.; Dimolianis, M.; Giotis, K.; Anagnostou, L.; Kostopoulos, N.; Tsigkritis, T.; Kotinas, I.; Kalogeras, D.; Maglaris, V. Orchestrating DDoS mitigation via blockchain-based network provider collaborations. Knowl. Eng. Rev. 2020, 35. [Google Scholar] [CrossRef]
- Purohit, S.; Calyam, P.; Wang, S.; Yempalla, R.K.; Varghese, J. DefenseChain: Consortium Blockchain for Cyber Threat Intelligence Sharing and Defense. In Proceedings of the 2020 2nd Conference on Blockchain Research and Applications for Innovative Networks and Services (BRAINS), Paris, France, 28–30 September 2020; pp. 112–119. [Google Scholar] [CrossRef]
- Yeh, L.Y.; Huang, J.L.; Yen, T.Y.; Hu, J.W. A Collaborative DDoS Defense Platform Based on Blockchain Technology. In Proceedings of the Proceedings—2019 12th International Conference on Ubi-Media Computing (Ubi-Media), Bali, Indonesia, 5–8 August 2019; pp. 1–6. [Google Scholar] [CrossRef]
- Spathoulas, G.; Giachoudis, N.; Damiris, G.P.; Theodoridis, G. Collaborative blockchain-based detection of distributed denial of service attacks based on internet of things botnets. Futur. Internet 2019, 11, 226. [Google Scholar] [CrossRef] [Green Version]
- Tukur, Y.M.; Thakker, D.; Awan, I.U. Ethereum Blockchain-Based Solution to Insider Threats on Perception Layer of IoT Systems. In Proceedings of the 2019 IEEE Global Conference on Internet of Things (GCIoT), Dubai, United Arab Emirates, 4–7 December 2019. [Google Scholar]
Contributor | Purpose of Study | Method/s | Findings | Comments |
---|---|---|---|---|
[50] | Low cost and flexible DDoS mitigation scheme | Entropy, machine learning, blockchain and smart contracts | The scheme is successful in mitigating intra DDoS attacks using entropy changes and machine learning while inter domain attacks are catered by information sharing through smart contracts | A distributed DDoS attack within the same domain will affect the entropy measurement while a coordinated inter DDoS attack renders the smart contract layer less effective. The solution is scalable when the attack is specified to a specific entity within a particular SDN |
[51,52] | Low cost, efficient and flexible collaborative DDoS mitigation platforms | SDNs and smart contract | The collaboration using smart contract is efficient and cost effective over all | The efficiency of mitigation is primarily dependent on SDN controllers. Blockchain is only used for attacker information sharing |
[53] | Mitigation against Mirai botnet attack | |||
[54] | Collaborative multi-domain DDoS mitigation | SDN, NFV, blockchain and smart contracts | The framework provides a multi domain collaborative structure to reduce the DDoS mitigation burden by using SDN, NFV and blockchain | No experimental proof to indicate the performance of the proposed framework The detection model is still based on traditional traffic comparison |
[55] | Decentralizing a single point of failure in resource constrained SDNs | Blockchain decentralization | Successfully revert back to previous flow/block on detection | Detection is based on a set rule flow comparison |
[56] | Protection of enterprise networks against DDoS | Hybrid method in SDNs using blockchain | Illegitimate packet drop upon DDoS detection | No information about the private blockchain type No details about the blockchain application or smart contract Legitimate packet with higher transmission rate than predefined rule is most likely to get blocked |
[57] | Blockchain expansion for securing configuration files against DDoS attacks | Blockchain and smart contract | Blockchain effectively secures the transaction details in fog networks. Any attempt to change transactional data is thwarted using blockchain-based network setup | Blockchain is only used as a record keeper |
[58] | A hybrid of [50,57] | |||
[59] | Design a collaborative DDoS mitigation platform using blockchain, smart contract and SDNs | Hybrid approach | Instant DDoS mitigation by threat tracing | The threat host log must already contain information to detect a DDoS attack The simulated setup is not scalable for real world environment Blockchain is only used for storing and sharing threat data–blacklisted IPs |
[60] | Overcoming single point of failure in SDNs | Blockchain | Blockchain can ensure integrity and validity of data travelling between layers | No experimental proof for DDoS mitigation The implementation focuses only on the setup Experimental setup and results are not clearly presented |
[62] | Overcoming a single point of failure in SDNs | Blockchain | Each node is embedded in a blockchain network securing the data from tampering | Implementation details are scarce and therefore the validity cannot be determined Additional time cost in the network due to implementation of blockchain at each node |
[63] | Blockchain enabled secure middle layer to avoid single point failure | Communication layer based on blockchain | The blockchain middle layer protects data and helps to avoid single point failure | Theoretical framework with no implementation. As such, no results are included |
[64] | Prevention of cyber-attacks on smart meters | Decentralized access control policy using Ethereum smart contracts | Higher security, flexibility and efficiency | There seems to be no experimental results to indicate higher security |
[65] | Vulnerability of DDoS mitigation schemes due to centralization | Private blockchain and scale free networks | Higher reliability and permissibility of nodes as the integrity is tightly controlled by hub nodes in the decentralized structure. | Theoretical referring to graph theory with no implementation or experimental results. |
[66] | Securing data generated by IoT devices | IoT device data validation with associated blockchain nodes | Data tampering is detected instantly in IoT devices and healed using stored information across various blockchain nodes | The focus is on the security of data generated by IoT devices rather than DDoS or threat mitigation |
[67] | Collaborative detection system using public and private blockchain | Private entity data and public threat data over blockchain | Fuzzy neural networks over smart contracts are used for threat detection which is shared over the public blockchain for collaborators to download to their private blocks | Non-real-time threat information sharing might paralyze the architecture in case of a coordinated attack on multiple private chains |
[68] | Enhanced DDoS mitigation model | Secure and accessible information sharing over smart contract | Malicious node information being available to all nodes enhances current DDoS mitigation models | Largely dependent on the machine learning detection to categorize traffic No details about the threshold time for blacklisted IP releaseBlacklisted IP release may also indicate extra burden on the network as paper does not provide any key information about the underlying rules |
[69] | DDoS defense method for IoT devices | Hybrid method using LSTM and smart contracts | Conceptual mitigation model | No experimental proof |
[20] | DDoS mitigation | SDN, RNN-LSTM and smart contracts | Purely conceptual Usage of outdated DDoS datasets for deep learning detection model Finite or infinite duration for smart contracts implies constant involvement of fixed parties A decentralized model replacement for smart contracts is more viable to avoid fixed participation and avoid financial implications | |
[61] | Avoid single point of failure in software-defined industrial networks | Deep learning and blockchain-based DDoS defense | Switch registration and verification is secured over the blockchain and deep Boltzmann machine helps in anomaly detection. There is a significant increase in detection efficiency | Computation and communication cost are higher Simulation-based environment, yet to scale to a real-world industrial network to test the detection efficiency |
[70] | DDoS defense in blockchain | Virtual artificial blockchain | Using ensemble strategy in artificial blockchain, the defense mechanism performs very well | No learning and optimization from virtual blockchain to original blockchain has been demonstrated experimentally |
[71,72,73] | Collaborative threat information sharing | Incentivized information sharing | Incentivized cooperative model based on blockchain is economically and geographically beneficial as a threat signaling system | Improvements to threat information storage and incentive model can be made further Blockchain is essentially used for information sharing |
[74] | Enhancement: Incentive Scheme for [71]. Applicable to [72,73]. | |||
[75] | Enhancement: Visualization scheme for [71]. Applicable to [72,73]. | |||
[76] | Incentivized DDoS threat information sharing exchange service | Blockchain-based information sharing and coin-based incentives | Threat information sharing is rewarded using coins and reputation while a novel double bloom filter protects buyer and seller privacy | Upload computational cost is slightly higher than TRAD The computational costs were calculated using server-based setup. Computation power still largely impacts performance rate in blockchains |
[77] | Handling DDoS mitigation for network service providers | eXpress Data Path framework, blockchain is being used for data storage and sharing | Due to the nature of data, mitigation is almost 100% | The mitigation filters are already classified in the dataset detecting all malicious trafficA real-world test has not been demonstrated Does not focus on detection Blockchain is not used for mitigation |
[78] | Threat Intelligence Sharing Consortium | Information about malicious blacklisted hosts securely through blockchain | Blockchain stores and shares the information securely, helping to create an intelligent incentivized model reducing the impact of cyber-attacks and the reoccurrence rate | Time consuming detection and mitigation Blockchain is only used for information sharing |
[79] | Information sharing between SOCs based on CIA triad and traceability | Blockchain, smart contract, elliptic curve Diffie–Hellman (ECDH) and elliptic curve Elgamal | A different storage model on the swarm with hashes in the smart contract is a securer way to store suspected IPs | Attack botnets emerge from scrambled and different IPs in different attacks There is no trust management between the collaborating entities as proposed in similar systems |
[80] | Protect low power IoT devices against DDoS attacks | Multi-agent systems, consensus and smart contract | Agent collaboration is able to detect DDoS attack using consensus mechanism | Blockchain is only used to maintain the information integrity and govern the exchange Consensus mechanism needs to be tested on limited resource hardware The proposed framework has not been implemented on a blockchain network to prove its validity The research is focused mainly on the consensus mechanism |
[81] | Protect integrity of sensor data in IoT perception layer based on insider threats | Smart contracts for data correction | Blockchain-based smart contracts were able to correct faulty data before passing it to the next layer Framework has a minimum execution cost as proof of work is restricted to one node at a time | Standard definitions inside the smart contract will correct values outside the range even if the sensor data is an accurate outlier |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Wani, S.; Imthiyas, M.; Almohamedh, H.; Alhamed, K.M.; Almotairi, S.; Gulzar, Y. Distributed Denial of Service (DDoS) Mitigation Using Blockchain—A Comprehensive Insight. Symmetry 2021, 13, 227. https://doi.org/10.3390/sym13020227
Wani S, Imthiyas M, Almohamedh H, Alhamed KM, Almotairi S, Gulzar Y. Distributed Denial of Service (DDoS) Mitigation Using Blockchain—A Comprehensive Insight. Symmetry. 2021; 13(2):227. https://doi.org/10.3390/sym13020227
Chicago/Turabian StyleWani, Sharyar, Mohammed Imthiyas, Hamad Almohamedh, Khalid M Alhamed, Sultan Almotairi, and Yonis Gulzar. 2021. "Distributed Denial of Service (DDoS) Mitigation Using Blockchain—A Comprehensive Insight" Symmetry 13, no. 2: 227. https://doi.org/10.3390/sym13020227