Context-aware security framework for detection and mitigation of Distributed Denial of Service (DDoS) attacks on Internet of Things (IoT)

Cybersecurity has become one of the top concerns for businesses, governments, and organizations worldwide due to the drastic increase in cyber-attacks in recent years. One emergent technology that has attracted cyber-attackers is Internet of Things (IoT). This technology refers to a collection of autonomous, smart, connected, and uniquely identifiable objects with embedded processors that have sensing, computing, and communicating capabilities. IoT promises enormous application benefits in the areas of mobile commerce, energy and environment, agriculture, military, security, surveillance, and critical infrastructure such as smart grids, water supply, nuclear plants, connected health, and telecommunications. However, resource constraints, lack of security protocols, and the heterogeneous nature of IoT devices have presented new attack surfaces. In particular, IoT systems are vulnerable to one major type of cyber-attack, namely, Distributed Denial of Service or DDoS, in which access to services are blocked, thus leading to catastrophic consequences, especially in critical infrastructure and mission critical applications. The primary objective of this proposal is to innovate, design, and implement a suite of algorithms for the detection and mitigation of DDoS attacks on IoT systems. The novelty of the proposal is the design and development of an end-to-end security architecture that uses a context-aware framework for the prediction, detection, and mitigation of DDoS attacks. This proposal is supported by industry partner Calian Ltd., one of Canada's leading solution providers and industry leaders in cybersecurity. Calian will work closely with the researchers and train highly qualified personnel (HQP) in the areas of IoT, cyber-security, data analytics, machine learning, and predictive algorithms. The outcome of this research will generate innovative solutions for DDoS attack mitigation and lead to knowledge transfer and knowledge mobilization with the supporting partner. In the long term, investing in this program will give Canada a driving role in cybersecurity research and training, ensuring an economic payoff and social benefit to citizens well into the future.