IEEE P2668-Compliant Multi-Layer IoT-DDoS Defense System Using Deep Reinforcement Learning

The Internet of Things (IoT) has been attracting people to its capability to deal with smart applications. However, with the development of IoT, there are more attacks to threaten IoT systems. Especially, the distributed denial of service (DDoS) attack can lead to mighty destruction to IoT servers, causing the whole IoT network to be out-of-service. Hitherto, given the lack of a common standard for defining the IoT-driven DDoS (IoT-DDoS) attack, the DDoS defense system for IoT is developed without accurate guidance. Additionally, defense against multi-layer IoT-DDoS attacks is rarely covered by previous works. To address these issues, a deep reinforcement learning-based multi-layer IoT-DDoS defense system (DRL-MLDS) is proposed with the reward metrics in compliance with IEEE P2668 - the first of its kind. In addition, to provide a resilient blocking time configuration for false-positive samples, a new power-law-based blocking time mechanism is developed to cooperate with the DRL-MLDS. The outcome reveals that the DRL-MLDS can reach the same accuracy level (i.e., more than 96%) as previous works under single protocol-based IoT DDoS attack, as well as providing around 97% defense accuracy on multi-layer IoT-DDoS attack, which was rarely discussed in previous works. Additionally, by applying the IEEE P2668-compliant reward metrics, the applicability index (ADex) of DRL-MLDS can be improved from 3.2 to 4.4, fulfilling the recommendation of ADex (e.g., > 3.5) toward IoT best practices. The DRL-MLDS can be extended to Metaverse design and applications.