Securing IoT Based Maritime Transportation System Through Entropy-Based Dual-Stack Machine Learning Framework

Internet of Things (IoTs) is envisaged to widely capture the realm of logistics and transportation services in future. The applications of ubiquitous IoTs have been extended to Maritime Transportation Systems (MTS) that spawned increasing security threats; posing serious fiscal concerns to stakeholders involved. Among these threats, Distributed Denial of Service Attack (DDoS) is ranked very high that can wreak havoc on IoT artifacts of the MTS networks. Timely and effective detection of such attacks is imperative for necessary mitigation. Conventional approaches exploit entropy of attributes in network traffic for detecting DDoS attacks. However, the majority of these approaches are static in nature and consider only a few network traffic parameters, limiting the number of DDoS attack detection to a few types and intensities. In current research, a novel framework named "Dual Stack Machine Learning (S2ML) " has been proposed to calculate distinct entropy-based varying 10-Tuple (T) features from network traffic features, three window sizes and associated Rate of Exponent Separation (RES). These features have been exploited for developing an intelligent model over MTS-IoT datasets to successfully detect multiple types of DDoS attacks in MTS. S2ML is an efficient framework that overcomes the shortcomings of prevalent DDoS detection approaches, as evident from the comparison with Multi-layer Perceptron (MLP), Alternating Decision Tree (ADT) and Simple Logistic Regression (SLR) over different evaluation metrics (Confusion metrics, ROCs). The proposed S2ML technique outperforms prevalent ones with 1.5% better results compared to asserted approaches on distribution of normal/attack traffic. We look forward to enhancing the model performance through dynamic windowing, measuring packet drop rates and infrastructure of Software Defined Networks (SDNs).