Security Concerns of IoT Against DDoS in 5G Systems

UMAR DANJUMA MAIWADA2, SHAHBAZ ALI IMRAN1, KAMALUDDEEN USMAN DANYARO2, AFTAB

ALAM JANISAR2, ANAS SALAMEH3, ALIZA BT SARLAN2

1Department of Software Engineering Bahria university Islamabad campus Islamabad, PAKISTAN

2Department of Computer and Information Science Universiti Teknologi Petronas, MALAYSIA

3Department of management Information System college of business administration Prince Sattam bin Abdulaziz

University, SAUDI ARABIA

Abstract: The Internet of Things (IoT), which enables seamless connectivity and communication between gadgets and the internet

has completely changed how people interact with and use technology in 5G. Distributed Denial of Service (DDoS) assaults are

on the growing strategies used by attackers to infiltrate and manage IoT botnets. To emphasize how urgent it is to mitigate such

risks, the effects of DDoS assaults on vital infrastructures, companies, and end-users are also emphasized. The paper also evaluates

current mitigation techniques and security safeguards intended to counter IoT-based DDoS attacks. These include the use of

security in Nexus that prioritize device authentication, encryption, and secure communication protocols as well as network traffic

filtering and anomaly detection. Relevant case studies and real-world examples are provided to give readers a thorough

understanding of the topic while demonstrating the scope and effects of recent IoT-based DDoS attacks. The paper guides different

approaches through which DDOS can harm the server/ system (or anything, which is belonging to the family of the Internet of

things) through different types; DDOS can be minimized but impossible to overcome. In this paper, we also have proved that due

to IOT, the ratio of DDOS has increased by implementing these measures and continuously monitoring the network for potential

threats. 5G systems can enhance their security posture and provide a safer and more reliable communication infrastructure for users

constrained resources. These devices often have limited

processing power and memory, making them susceptible to

resource depletion attacks. Furthermore, the sheer volume and

heterogeneity of IoT devices in 5G networks create

complexities in ensuring uniform security standards and

updates across the ecosystem [1]. Presently, multi day's web is

broadly utilized everywhere throughout the world.

Correspondence is simple; everybody can speak with one

another everywhere throughout the world free of expense.

Indeed, even as IOT is present, we can deal with our homes IP

a condition.

(denial of service attack) assault. In which aggressor tosses the

broad heap of movement from numerous sources to trade off a

focused-on framework/server [3].

In DOS, there is just a single source from where the assault has

been created and trade off the specific framework/server or

anything, which are remote access or has a place with the

Here we discussed three types of DDOs attacks (1) Volume-

Based ATTACKS, (2) Protocol Attacks, (3) Application layer

ATTACKS [6].

In this sort of DDOs assault ICMP, UDP and numerous other

parodied – parcels surge is included. The genuine objective of

this assault is to overabundance the site's transfer speed, which

is being under assault. The estimation of data transfer capacity

is in bits every second (BPS) [6].

In this assault, dangerous (pings of death) and SYN Floods are

included to expend the assets (genuine assets) of the

framework [6].

Includes Get/post for the most part moderate. The objective of

these assaults is Apache, firewalls and so forth. Results server

smashed [6].

There are more particular kinds of DDOS assaults accessible

Ethernet systems can just acknowledge a breaking point of 1500

bytes which is sent by the Data Link layer with countless

bundles parts into various sections. There are unit winds up with

a flood of memory allotted for IP bundles and this is the reason

for DDOS [7].

2. Literature review

To understand the deep knowledge of internet of things and

DDOs we have studied different journals and research. [8] In

Blockchain for IoT Security and Privacy: According to the

writers of the case study issue of a Smart Home magazine, IoT

The idea of assigning contextual analysis to a brilliant home

was discussed. In [9], they discussed the various exchanges and

tactics associated with it while illuminating the various center

sections of the magnificent home level. They also demonstrated

a thorough examination of its safety and security. Their

recreation results exhibit that the overheads brought about by 0

10 20 30 40 50 60 70 80 Base BC-based Store Transaction Time

Period Store Transaction Query-Based Access Transaction

Time (ms). Assessment of time overhead. 56.3 56.32 56.34

56.36 56.38 56.4 56.42 56.44 56.46 56.48 56.5 56.52 Access

their approach is modest and reasonable for low-asset IoT

devices. They concluded that, considering the significant

security and protection advantages they provide, these

overheads are warranted regardless of their weight. To the

utmost of our understanding, this analysis is the main effort

aimed at enhancing BC's smart homes. They looked into how

these systems might be used in various IoT spaces in further

studies. [10] concentrated on the security design and security

issues of IoT and have isolated IoT into three layers:

recognition layer, transportation layer, and application layer.

uniform coding, collision avoidance, RFID privacy protection,

and trust management, were analyzed for the recognition layer.

Next, they looked at the security concerns and specialized

protocols in WSNs, such as cryptographic algorithms, key

algorithms, and trust handling for nodes in WSNs. They

dissected the new challenges associated with the RSN, which is

managing the integration of RFID and WSNs, after looking at

RFID and WSNs. [11] As the IoT framework needs to deal with

gigantic heterogeneous information from various sources, they

they can provide reliable identification of devices with

aberrant traffic movements, they stop DDoS assaults against

interfering via Internet of Things systems. Reducing delay and

increasing sensitivity towards possible DDoS assaults are made

possible by the use of edge computing, putting risk evaluation

along with response technologies near to Internet of Things

devices [16]. The major (DDoS) assault impacted government

agencies and jeopardized traffic management systems inside the

facilities of a linked metropolis supported by 5G connectivity.

The hacking incident took use of flaws within IoT gadgets and

produced significant technical and economic impacts. The

The most concerning aspect was the use of a program that

breached password creator vulnerability, the organization

updated its password security protocols. To strengthen the

security of crucial accounts and systems, multi-factor

regularly used vulnerability and exposure (CVE) resources,

such as mitre.com and mitre.org, to keep apprised of known

vulnerabilities. To assist the organization in staying ahead of

possible threats, these platforms offered comprehensive

susceptibility descriptions, particularly Unique IDs, that were

updated on a regular basis.

balancers among the 93 UNIX servers [23]. The load balancers

averted server overloads and kept the organization's services

operational during periods of high demand by dividing

incoming traffic equally [24].

were effectively segregated to servers by the redesigned server

clustering architecture. This structural modification reduced the

possibility of large-scale disruptions brought about by

malevolent modifications, increasing network stability and

lessening the effect of subsequent attacks [25].

of enhanced password security methods including multiple-

this data to decide upon safety precautions and make software

update decisions [27].

with other significant businesses, expressed gratitude for the

increased cybersecurity safeguards and voiced confidence in

the company with regard to their personal information [28].

The case study at Nexus Technologies yielded invaluable

insights into their security vulnerabilities and deficiencies.

Armed with this knowledge, the organization took decisive

action to fortify its cybersecurity measures [29]. The

security improvements demonstrate their dedication to

safeguarding their valuable assets and maintaining a secure

environment for their clients and stakeholders.

3. How DDOS ratio is increased due to

IOT, HERE is the proof:

As the number of IOT devices increases IP’s will also be

increased

So, we can say that IOT is directly proportional IP’s.

T ∝ I eq (1)

security IOT

If security decreases DDOS or DOS threat will increase. Let’s

take DDOS as D

S ∝ 1/D eq (3)

Security DDOS

S ∝ 1/T, S ∝ 1/D

S = 1/T (eq 4)

S = 1/D (eq 5)

As security is common in both equations so we can write EQ 4

and EQ 5 as

Then the new equation becomes

D=T (eq7)

We can also write eq 7 as

D ∝ T Proved

As T ∝ P

(Where T denotes IOT, and I denote IP) so the new equation

becomes.

T ∝ D and I ∝ D

all angles. 5G technology offers more functionality for network

segmentation, reliable communication needs, including

improved device identification across previous network

protocols. These developments strengthen the basis of IoT

systems and increase its resilience against DDoS assaults. This

technique uses proactive risk assessment methods, real-time

channel evaluation, and adaptive access control to solve the

problems caused by DDoS assaults within the context of both

5G plus IoT. 5G's fast speeds, low latency, while IoT-specific

security standards make it possible to quickly identify and stop

IoT gadgets in 5G systems. The method we used considerably

how a 5G systems enabled approach gets around these

drawbacks and provides improved defenses over DDoS assaults

by fusing the inherent characteristics of 5G connectivity with

state-of-the-art security measures developed specifically for

IoT scenarios.

Figure 3: IoT vs DDoS in 5G Systems

4. Improved Security in 5g IΟΤ Systems

The use of robust techniques for authentication, including

credential verification and multiple-factor authentication,

data and amenities. TLS and other confidential communication

protocols must be present to protect data flows through gadgets

and the network's elements. This prevents interception and

transmission manipulation. These systems employ IDPS

approaches, which analyze traffic on the network for aberrant

activity and possible risks to detect anomalies and respond

virtualize network functions and implement security measures

to protect virtualized resources from attacks. Regular update

and patch virtualized network elements are needed to mitigate

known vulnerabilities. Then employing continuous monitoring

tools to detect and respond to security incidents promptly. By

utilizing threat, intelligence feeds will stay updated on the latest

threats and vulnerabilities, enabling proactive security

measures. Since conducting regular security training and

awareness programs for users and network administrators will

give update. Educating them about best security practices, the

importance of strong passwords, and how to identify and report

tampered with or compromised. This can be done through

hardware-based attestation or secure boot procedures. There is

a need to securely store and protect physical network

components, such as base stations and routers, to prevent

unauthorized access and tampering. Finally, the development of

a comprehensive incident response plan to outline the steps to

be taken in case of a security breach or cyberattack to plan

should include strategies for containment, eradication, and

recovery.

impacting critical services within the network.

Figure 5: flow of IoT network

To safeguard IoT devices from DDoS attacks in 5G networks

from figure 5 between time and throughput, it is crucial to

explore advanced technologies such as NETSIM-based

anomaly detection, blockchain for secure device authentication,

and adaptive access control mechanisms. There is need for the

utilization of Low latency in 5G and an increase in bandwidth

for the protocols of IoT to strengthen devices and protect them

threats. Defenses are needed for IoT devices from the hardware

through which Hacker can trade off the framework. As

contextual analysis of NEXUS innovation, the association that

confronted DDOS assault and how they secure their servers and

safety measures after the assault. By putting these protections

in place and regularly scanning the network for threats, 5G

systems may improve their security posture and offer

consumers and companies a safer and more dependable

communication infrastructure. The study concludes by

highlighting the urgent need for cooperation among IoT device

manufacturers, network operators, and regulators to address the

security issues brought on by DDoS attacks on IoT devices. A

[5] A. Aminu Ghali, R. Ahmad, and H. S. A. Alhussian,

[6] A. R. a. Yusof, N. I. Udzir, and A. Selamat,

"Systematic literature review and taxonomy for DDoS

attack detection and prediction," International Journal

of Digital Enterprise Technology, vol. 1, no. 3, pp.

[7] E. Navruzov and A. Kabulov, "Detection and analysis

types of DDoS attack," in 2022 IEEE International

IOT, Electronics and Mechatronics Conference

(IEMTRONICS), 2022: IEEE, pp. 1-7.

[8] S. Arif, M. A. Khan, S. U. Rehman, M. A. Kabir, and

[29] S. Siddique, M. A. Haque, R. H. Rifat, R. George, K.

Shujaee, and K. D. Gupta, "Cyber Security issues in

the industrial applications of digital twins," in 2023

IEEE Symposium Series on Computational

Intelligence (SSCI), 2023: IEEE, pp. 873-878.