A MULTI-LAYER APPROACH TO DETECTING AND PREVENTING IOT-BASED BOTNET ATTACKS

Abstract

As the Internet of Things (IoT) becomes ubiquitous and cybersecurity attacks rapidly evolve, IoT devices must be secured. Their infection can lead to compromised networks, stolen information, service disruptions, and botnet attacks. Botnet attacks, such as Distributed Denial of Service (DDoS), strengthen with larger numbers of devices and IoT devices make great targets for this reason. As IoT devices grow in number, the strength and risk of these massive attacks grow. Infamous botnet attacks, such as Mirai, have proven this to be a serious threat. IoT security faces unique challenges including detection difficulties, device limitations, and user attitudes and education. This paper reviews and analyzes 21 articles providing information on tools and techniques for securing IoT devices against these threats. A multi-layer approach to IoT-botnet detection and prevention is suggested consisting of: the outer layer consisting of ISP architecture; the middle layer consisting of advanced detection methods and DDoS detection and mitigation; and the inner layer consisting of user attitudes, education, and security best practices. By addressing security challenges at multiple points along the botnet lifecycle and within each layer, our proposed approach provides a holistic strategy for detecting and preventing botnet attacks.