Protecting IoT Servers Against Flood Attacks with the Quasi Deterministic Transmission Policy

Abstract

Servers at Supply Chains and othet Cyber-physical systems that receive packets from IoT devices should meet the QoS needs of incoming packets and protect the system from Cyberattacks. UDP Floods are often included in attacks to overwhelm Supply Chains and the IoT through congestion that paralyzes their ability for timely Attack Detection and Mitigation. Thus this paper proposes an architecture that protects a connected Server using a Smart Quasi-Deterministic Transmission Policy Forwarder at its input. This Forwarder shapes the incoming traffic sends it to the Server without increasing the overall packet delay and avoids Server congestion. The relevant theoretical background is reviewed and measurements during a UDP Flood Attack are provided to compare the Server performance with and without the Forwarder. It is seen that during a UDP Flood Attack the Forwarder protects the Server from congestion allowing it to effectively identify Attack Packets. Congestion at the Forwarder is rapidly eliminated with "drop"commands generated by the Forwarder or sent by the Server to the Forwarder. © 2024 Elsevier B.V. All rights reserved.