{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T15:04:05Z","timestamp":1780326245615,"version":"3.54.1"},"reference-count":152,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2026,5,4]],"date-time":"2026-05-04T00:00:00Z","timestamp":1777852800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0"},{"start":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T00:00:00Z","timestamp":1780272000000},"content-version":"vor","delay-in-days":28,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Discov Internet Things"],"DOI":"10.1007\/s43926-026-00341-7","type":"journal-article","created":{"date-parts":[[2026,5,4]],"date-time":"2026-05-04T09:43:06Z","timestamp":1777887786000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["A comprehensive review of DDoS attack prevention, detection, and mitigation in IoT and SDN-IoT networks"],"prefix":"10.1007","volume":"6","author":[{"given":"Sujit","family":"Sutradhar","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Keya","family":"Chowdhury","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Subhrajyoti","family":"Deb","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Joy Lal","family":"Sarkar","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Chandan","family":"Kumar","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Aditya Kumar","family":"Sahu","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2026,5,4]]},"reference":[{"issue":"1","key":"341_CR1","doi-asserted-by":"publisher","first-page":"648","DOI":"10.1109\/TII.2019.2917912","volume":"16","author":"M Du","year":"2020","unstructured":"Du M, Wang K. An SDN-enabled pseudo-honeypot strategy for distributed denial of service attacks in industrial Internet of Things. IEEE Trans Industr Inf. 2020;16(1):648\u201357. https:\/\/doi.org\/10.1109\/TII.2019.2917912.","journal-title":"IEEE Trans Industr Inf"},{"issue":"2","key":"341_CR2","doi-asserted-by":"publisher","first-page":"499","DOI":"10.3390\/app15020499","volume":"15","author":"S Szymoniak","year":"2025","unstructured":"Szymoniak S, Pi\u0105tkowski J, Kurkowski M. Defense and security mechanisms in the Internet of Things: a review. Appl Sci. 2025;15(2):499.","journal-title":"Appl Sci"},{"issue":"1","key":"341_CR3","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1109\/TSC.2017.2694426","volume":"13","author":"OA Wahab","year":"2017","unstructured":"Wahab OA, Bentahar J, Otrok H, Mourad A. Optimal load distribution for the detection of VM-based DDoS attacks in the cloud. IEEE Trans Serv Comput. 2017;13(1):114\u201329.","journal-title":"IEEE Trans Serv Comput"},{"issue":"1","key":"341_CR4","doi-asserted-by":"publisher","first-page":"1","DOI":"10.4018\/IJSWIS.297143","volume":"18","author":"A Singh","year":"2022","unstructured":"Singh A, Gupta BB. Distributed denial-of-service (DDoS) attacks and defense mechanisms in various web-enabled computing platforms: issues, challenges, and future research directions. Int J Semant Web Inf Syst (IJSWIS). 2022;18(1):1\u201343.","journal-title":"Int J Semant Web Inf Syst (IJSWIS)"},{"key":"341_CR5","doi-asserted-by":"crossref","unstructured":"Gupta BB, Dahiya A, Upneja C, Garg A, Choudhary R. A comprehensive survey on DDoS attacks and recent defense mechanisms. Handbook Res Intrusion Detect Syst. 2020:186\u2013218.","DOI":"10.4018\/978-1-7998-2242-4.ch010"},{"key":"341_CR6","first-page":"579","volume":"2019","author":"S Saharan","year":"2020","unstructured":"Saharan S, Gupta V. DDoS prevention: review and issues. Adv Mach Learn Comput Intel Proc ICMLCI. 2020;2019:579\u201386.","journal-title":"Adv Mach Learn Comput Intel Proc ICMLCI"},{"issue":"1","key":"341_CR7","doi-asserted-by":"publisher","first-page":"661","DOI":"10.1109\/COMST.2018.2870658","volume":"21","author":"A Praseed","year":"2018","unstructured":"Praseed A, Thilagam PS. DDoS attacks at the application layer: challenges and research perspectives for safeguarding web applications. IEEE Commun Surv Tutor. 2018;21(1):661\u201385.","journal-title":"IEEE Commun Surv Tutor"},{"issue":"4","key":"341_CR8","doi-asserted-by":"publisher","first-page":"2755","DOI":"10.1109\/TDSC.2021.3074086","volume":"19","author":"L Shi","year":"2021","unstructured":"Shi L, Li J, Zhang M, Reiher P. On capturing DDoS traffic footprints on the internet. IEEE Trans Depend Secure Comput. 2021;19(4):2755\u201370.","journal-title":"IEEE Trans Depend Secure Comput"},{"key":"341_CR9","doi-asserted-by":"publisher","first-page":"26759","DOI":"10.1109\/ACCESS.2024.3367240","volume":"12","author":"OI Falowo","year":"2024","unstructured":"Falowo OI, Abdo JB. 2019\u20132023 in review: projecting DDoS threats with ARIMA and ETS forecasting techniques. IEEE Access. 2024;12:26759\u201372.","journal-title":"IEEE Access"},{"issue":"1","key":"341_CR11","doi-asserted-by":"publisher","first-page":"9006405","DOI":"10.1155\/2024\/9006405","volume":"2024","author":"S Shafiq","year":"2024","unstructured":"Shafiq S, Rahman MS, Shaon SA, Mahmud I, Hosen AS. A review on software-defined networking for internet of things inclusive of distributed computing, blockchain, and mobile network technology: basics, trends, challenges, and future research potentials. Int J Distrib Sens Netw. 2024;2024(1):9006405.","journal-title":"Int J Distrib Sens Netw"},{"issue":"1","key":"341_CR12","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/s11235-019-00599-z","volume":"73","author":"R Vishwakarma","year":"2020","unstructured":"Vishwakarma R, Jain AK. A survey of DDoS attacking techniques and defence mechanisms in the IoT network. Telecommun Syst. 2020;73(1):3\u201325.","journal-title":"Telecommun Syst"},{"key":"341_CR13","unstructured":"O. Tr, \u2018\u2018Principles and practices for securing software-defined networks,\u2019\u2019 Open Netw. Found., Palo Alto, CA, USA, Tech. Rep., 2015."},{"issue":"2","key":"341_CR14","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1145\/1355734.1355746","volume":"38","author":"N McKeown","year":"2008","unstructured":"McKeown N, Anderson T, Balakrishnan H, Parulkar G, Peterson L, Rexford J, et al. Openflow: enabling innovation in campus networks. ACM SIGCOMM Comput Commun Rev. 2008;38(2):69\u201374.","journal-title":"ACM SIGCOMM Comput Commun Rev"},{"issue":"5","key":"341_CR15","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1109\/MCOM.2017.1600951","volume":"55","author":"X Foukas","year":"2017","unstructured":"Foukas X, Patounas G, Elmokashfi A, Marina MK. Network slicing in 5G: survey and challenges. IEEE Commun Mag. 2017;55(5):94\u2013100.","journal-title":"IEEE Commun Mag"},{"issue":"8","key":"341_CR16","doi-asserted-by":"publisher","first-page":"7751","DOI":"10.1109\/JIOT.2020.2991401","volume":"7","author":"Y Liu","year":"2020","unstructured":"Liu Y, James J, Kang J, Niyato D, Zhang S. Privacy-preserving traffic flow prediction: a federated learning approach. IEEE Internet Things J. 2020;7(8):7751\u201363.","journal-title":"IEEE Internet Things J"},{"issue":"1","key":"341_CR17","doi-asserted-by":"publisher","first-page":"291","DOI":"10.1007\/s11227-024-06718-1","volume":"81","author":"MA Ouamri","year":"2025","unstructured":"Ouamri MA, Alharbi T, Singh D, Sylia Z. A comprehensive survey on software-defined wide area network (SD-WAN): principles, opportunities and future challenges. J Supercomput. 2025;81(1):291.","journal-title":"J Supercomput"},{"issue":"1","key":"341_CR18","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1109\/JLT.2018.2869242","volume":"37","author":"M Garrich","year":"2018","unstructured":"Garrich M, Moreno-Muro F-J, Delgado M-VB, Marino PP. Open-source network optimization software in the open SDN\/NFV transport ecosystem. J Lightwave Technol. 2018;37(1):75\u201388.","journal-title":"J Lightwave Technol"},{"issue":"1","key":"341_CR19","doi-asserted-by":"publisher","first-page":"131","DOI":"10.23919\/JCN.2023.000051","volume":"26","author":"MMS Sarwar","year":"2024","unstructured":"Sarwar MMS, Muhammad A, Song W-C. Ibn@ cloud: an intent-based cloud and overlay network orchestration system. J Commun Netw. 2024;26(1):131\u201346.","journal-title":"J Commun Netw"},{"issue":"12","key":"341_CR20","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1109\/MCOM.004.2001124","volume":"59","author":"S-C Lin","year":"2022","unstructured":"Lin S-C, Chen K-C, Karimoddini A. SDVEC: software-defined vehicular edge computing with ultra-low latency. IEEE Commun Mag. 2022;59(12):66\u201372.","journal-title":"IEEE Commun Mag"},{"key":"341_CR21","doi-asserted-by":"crossref","unstructured":"Jiang W, Zhang Y, Han H, Mu J. Quantum communication in self-organizing satellite networks: challenges and opportunities. IEEE Commun Stand Mag. vol. 9, no. 3, pp. 15-25, Sept. 2025.","DOI":"10.1109\/MCOMSTD.2025.3578320"},{"key":"341_CR22","doi-asserted-by":"crossref","unstructured":"Garcia L, Mirkovic J, Balenson D, Kline E, Pradkin Y, Choffnes D, Dubois D, Benzel T, Ravi S, Barnes J, et al. SPHERE CPS enclave: a reconfigurable testbed for industrial control system security experimentation. In: Proceedings of the ACM\/IEEE 16th international conference on cyber-physical systems (with CPS-IoT Week 2025). 2025. p. 1\u20132.","DOI":"10.1145\/3716550.3725158"},{"key":"341_CR23","unstructured":"Doria A, Salim JH, Haas R, Khosravi H, Wang W, Dong L, Gopal R, Halpern J. Forwarding and control element separation (ForCES) protocol specification. 2010 Mar."},{"key":"341_CR24","doi-asserted-by":"crossref","unstructured":"Pfaff B, Davie B. The open vswitch database management protocol. 2013 Dec.","DOI":"10.17487\/rfc7047"},{"key":"341_CR25","doi-asserted-by":"crossref","unstructured":"Song H. Protocol-oblivious forwarding: unleash the power of SDN through a future-proof forwarding plane. In: Proceedings of the second ACM SIGCOMM workshop on hot topics in software defined networking. 2013. p. 127\u201332.","DOI":"10.1145\/2491185.2491190"},{"key":"341_CR26","unstructured":"Smith M, Dvorkin M, Laribi Y, Pandey V, Garg P, Weidenbache N. Opflex control protocol, internet draft, internet engineering task force. 2014."},{"issue":"2","key":"341_CR27","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1145\/2602204.2602211","volume":"44","author":"G Bianchi","year":"2014","unstructured":"Bianchi G, Bonola M, Capone A, Cascone C. OpenState: programming platform-independent stateful openflow applications inside the switch. ACM SIGCOMM Comp Commun Rev. 2014;44(2):44\u201351.","journal-title":"ACM SIGCOMM Comp Commun Rev"},{"issue":"5","key":"341_CR28","first-page":"327","volume":"11","author":"T Hegr","year":"2013","unstructured":"Hegr T, Bohac L, Uhlir V, Chlumsky P. Openflow deployment and concept analysis. Adv Electr Electron Eng. 2013;11(5):327.","journal-title":"Adv Electr Electron Eng"},{"key":"341_CR29","unstructured":"Richardson L, Ruby S. RESTful web services. \" O'Reilly Media, Inc.\"; 2008 Dec 17."},{"issue":"9","key":"341_CR30","doi-asserted-by":"publisher","first-page":"279","DOI":"10.1145\/2034574.2034812","volume":"46","author":"N Foster","year":"2011","unstructured":"Foster N, Harrison R, Freedman MJ, Monsanto C, Rexford J, Story A, et al. Frenetic: a network programming language. ACM Sigplan Not. 2011;46(9):279\u201391.","journal-title":"ACM Sigplan Not"},{"key":"341_CR31","doi-asserted-by":"crossref","unstructured":"Voellmy A, Hudak P. Nettle: raking the sting out of programming network routers. In: International symposium on practical aspects of declarative languages. Springer; 2011. p. 235\u201349.","DOI":"10.1007\/978-3-642-18378-2_19"},{"issue":"2","key":"341_CR32","doi-asserted-by":"publisher","first-page":"943","DOI":"10.1007\/s11277-015-2963-4","volume":"86","author":"IZ Bholebawa","year":"2016","unstructured":"Bholebawa IZ, Jha RK, Dalal UD. Performance analysis of proposed openflow-based network architecture using mininet. Wirel Pers Commun. 2016;86(2):943\u201358.","journal-title":"Wirel Pers Commun"},{"key":"341_CR33","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1016\/j.jnca.2015.04.009","volume":"54","author":"Y Liu","year":"2015","unstructured":"Liu Y, Li Y, Wang Y, Yuan J. Optimal scheduling for multi-flow update in software-defined networks. J Netw Comput Appl. 2015;54:11\u20139.","journal-title":"J Netw Comput Appl"},{"key":"341_CR34","doi-asserted-by":"crossref","unstructured":"Metter C, Seufert M, Wamser F, Zinner T, Tran-Gia P. Analytic model for SDN controller traffic and switch table occupancy. In: 2016 12th international conference on network and service management (CNSM). IEEE; 2016. p. 109\u201317.","DOI":"10.1109\/CNSM.2016.7818406"},{"issue":"9","key":"341_CR35","doi-asserted-by":"publisher","first-page":"175","DOI":"10.1109\/MCOM.2017.1600970","volume":"55","author":"K Kalkan","year":"2017","unstructured":"Kalkan K, Gur G, Alagoz F. Defense mechanisms against DDoS attacks in SDN environment. IEEE Commun Mag. 2017;55(9):175\u20139.","journal-title":"IEEE Commun Mag"},{"issue":"4","key":"341_CR36","doi-asserted-by":"publisher","first-page":"1338","DOI":"10.1007\/s11036-020-01552-0","volume":"25","author":"OE Tayfour","year":"2020","unstructured":"Tayfour OE, Marsono MN. Collaborative detection and mitigation of distributed denial-of-service attacks on software-defined network. Mob Netw Appl. 2020;25(4):1338\u201347.","journal-title":"Mob Netw Appl"},{"key":"341_CR37","doi-asserted-by":"publisher","first-page":"339","DOI":"10.1016\/j.future.2022.11.008","volume":"141","author":"IH Abdulqadder","year":"2023","unstructured":"Abdulqadder IH, Zou D, Aziz IT. The DAG blockchain: a secure edge assisted honeypot for attack detection and multi-controller based load balancing in SDN 5G. Futur Gener Comput Syst. 2023;141:339\u201354.","journal-title":"Futur Gener Comput Syst"},{"issue":"5","key":"341_CR38","doi-asserted-by":"publisher","first-page":"3612","DOI":"10.1109\/JIOT.2021.3098029","volume":"9","author":"J Bhayo","year":"2021","unstructured":"Bhayo J, Jafaq R, Ahmed A, Hameed S, Shah SA. A time-efficient approach toward DDoS attack detection in IoT network using SDN. IEEE Internet Things J. 2021;9(5):3612\u201330.","journal-title":"IEEE Internet Things J"},{"key":"341_CR39","doi-asserted-by":"crossref","unstructured":"Mohammed SS, Hussain R, Senko O, Bimaganbetov B, Lee J, Hussain F, Kerrache CA, Barka E, Bhuiyan MZA. A new machine learning-based collaborative DDoS mitigation mechanism in software-defined network. In: 2018 14th International conference on wireless and mobile computing, networking and communications (WiMob). IEEE; 2018. p. 1\u20138.","DOI":"10.1109\/WiMOB.2018.8589104"},{"issue":"2","key":"341_CR40","doi-asserted-by":"publisher","first-page":"411","DOI":"10.1016\/j.dcan.2022.11.003","volume":"9","author":"A Rahman","year":"2023","unstructured":"Rahman A, Islam MJ, Band SS, Muhammad G, Hasan K, Tiwari P. Towards a blockchain-SDN-based secure architecture for cloud computing in smart industrial IoT. Digital Commun Netw. 2023;9(2):411\u201321.","journal-title":"Digital Commun Netw"},{"issue":"16","key":"341_CR41","doi-asserted-by":"publisher","first-page":"1065","DOI":"10.1007\/s10586-025-05770-7","volume":"28","author":"W Bekri","year":"2025","unstructured":"Bekri W, Jmal R, Chaari Fourati L. Distributed secured and trustworthy IoT framework based on SDN, AI, and blockchain. Clust Comput. 2025;28(16):1065.","journal-title":"Clust Comput"},{"issue":"8","key":"341_CR42","doi-asserted-by":"publisher","first-page":"4953","DOI":"10.3390\/app13084953","volume":"13","author":"R Jmal","year":"2023","unstructured":"Jmal R, Ghabri W, Guesmi R, Alshammari BM, Alshammari AS, Alsaif H. Distributed blockchain-SDN secure IoT system based on ANN to mitigate DDoS attacks. Appl Sci. 2023;13(8):4953.","journal-title":"Appl Sci"},{"key":"341_CR43","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2021.100371","volume":"40","author":"M Snehi","year":"2021","unstructured":"Snehi M, Bhandari A. Vulnerability retrospection of security solutions for software-defined cyber-physical system against DDoS and IoT-DDoS attacks. Comput Sci Rev. 2021;40:100371.","journal-title":"Comput Sci Rev"},{"issue":"14","key":"341_CR44","doi-asserted-by":"publisher","first-page":"3103","DOI":"10.3390\/electronics12143103","volume":"12","author":"AA Alahmadi","year":"2023","unstructured":"Alahmadi AA, Aljabri M, Alhaidari F, Alharthi DJ, Rayani GE, Marghalani LA, et al. DDoS attack detection in IoT-based networks using machine learning models: a survey and research directions. Electronics. 2023;12(14):3103.","journal-title":"Electronics"},{"key":"341_CR45","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2024.100631","volume":"52","author":"B Bala","year":"2024","unstructured":"Bala B, Behal S. Ai techniques for IoT-based DDoS attack detection: taxonomies, comprehensive review and research challenges. Comput Sci Rev. 2024;52:100631.","journal-title":"Comput Sci Rev"},{"key":"341_CR46","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2024.100644","volume":"53","author":"JK Chahal","year":"2024","unstructured":"Chahal JK, Bhandari A, Behal S. Ddos attacks and defense mechanisms in SDN-enabled cloud: taxonomy, review and research challenges. Comput Sci Rev. 2024;53:100644.","journal-title":"Comput Sci Rev"},{"key":"341_CR47","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2024.100692","volume":"55","author":"A Kaur","year":"2025","unstructured":"Kaur A, Krishna CR, Patil NV. A comprehensive review on software-defined networking (SDN) and DDoS attacks: ecosystem, taxonomy, traffic engineering, challenges and research directions. Comput Sci Rev. 2025;55:100692.","journal-title":"Comput Sci Rev"},{"issue":"10","key":"341_CR48","doi-asserted-by":"publisher","first-page":"14637","DOI":"10.1007\/s10586-024-04662-6","volume":"27","author":"A Pakmehr","year":"2024","unstructured":"Pakmehr A, A\u00dfmuth A, Taheri N, Ghaffari A. DDoS attack detection techniques in IoT networks: a survey. Clust Comput. 2024;27(10):14637\u201368.","journal-title":"Clust Comput"},{"key":"341_CR49","doi-asserted-by":"publisher","first-page":"12605","DOI":"10.1109\/TEM.2022.3170519","volume":"71","author":"RF Hayat","year":"2022","unstructured":"Hayat RF, Aurangzeb S, Aleem M, Srivastava G, Lin JC-W. ML-DDoS: a blockchain-based multilevel DDoS mitigation mechanism for IoT environments. IEEE Trans Eng Manag. 2022;71:12605\u201318.","journal-title":"IEEE Trans Eng Manag"},{"key":"341_CR50","doi-asserted-by":"crossref","unstructured":"Bhale P, Padulkar D, Abraham J. Binary voting protocol using quantum secret sharing. In: 2023 7th international conference on computation system and information technology for sustainable solutions (CSITSS). 2023. p. 1\u20135.","DOI":"10.1109\/CSITSS60515.2023.10334245"},{"key":"341_CR51","unstructured":"Zhang, Shaojun. Conversation-based p2p botnet detection with decision fusion. 2013."},{"key":"341_CR52","doi-asserted-by":"crossref","unstructured":"Navruzov E, Kabulov A. Detection and analysis types of DDoS attack. In: 2022 IEEE international IOT, electronics and mechatronics conference (IEMTRONICS). IEEE; 2022; p. 1\u20137.","DOI":"10.1109\/IEMTRONICS55184.2022.9795729"},{"key":"341_CR53","doi-asserted-by":"crossref","unstructured":"Aun Y, Khaw Y-MJ, Gan M-L, Ponnusamy VA. Comparing network resilience against distributed-denial-of-service (DDoS) on the cloud. In: International conference on advances in cyber security. Springer; 2020. p. 523\u201334.","DOI":"10.1007\/978-981-33-6835-4_35"},{"key":"341_CR54","unstructured":"Fossi M, Egan G, Haley K, Johnson E, Mack T, Adams T, Blackbird J, Low MK, Mazurek D, McKinney D, Wood P. Symantec internet security threat report trends for 2010. Volume XVI. 2011 Apr."},{"key":"341_CR55","unstructured":"Thomas R. Managing the threat of denial-of-service attacks. CERT Coordination Center. 2001 Oct;10."},{"key":"341_CR56","doi-asserted-by":"publisher","first-page":"344","DOI":"10.1016\/j.cose.2016.10.005","volume":"65","author":"K Singh","year":"2017","unstructured":"Singh K, Singh P, Kumar K. Application layer http-get flood DDoS attacks: research landscape and challenges. Comput Secur. 2017;65:344\u201372.","journal-title":"Comput Secur"},{"key":"341_CR57","doi-asserted-by":"publisher","first-page":"23013","DOI":"10.1109\/ACCESS.2025.3535943","volume":"13","author":"A Hirsi","year":"2025","unstructured":"Hirsi A, Alhartomi MA, Audah L, Salh A, Mad Sahar N, Ahmed S, et al. Comprehensive analysis of DDoS anomaly detection in software-defined networks. IEEE Access. 2025;13:23013.","journal-title":"IEEE Access"},{"key":"341_CR58","doi-asserted-by":"crossref","unstructured":"Beitollahi H, Deconinck G. Analyzing well-known countermeasures against distributed denial of service attacks. Comp Commun. 2012;35(11):1312\u201332.","DOI":"10.1016\/j.comcom.2012.04.008"},{"key":"341_CR59","doi-asserted-by":"crossref","unstructured":"Colella, A., Colombini, C.M.: Amplification ddos attacks: Emerging threats and defense strategies. In: International Conference on Availability, Reliability, and Security, Springer; 2014. pp. 298\u2013310.","DOI":"10.1007\/978-3-319-10975-6_24"},{"key":"341_CR60","doi-asserted-by":"crossref","unstructured":"Heinrich T, Obelheiro RR, Maziero CA. New kids on the DRDoS block: characterizing multiprotocol and carpet bombing attacks. In: International conference on passive and active network measurement. Springer; 2021. p. 269\u201383.","DOI":"10.1007\/978-3-030-72582-2_16"},{"issue":"11","key":"341_CR61","doi-asserted-by":"publisher","first-page":"3145","DOI":"10.1007\/s13042-021-01306-8","volume":"12","author":"I Ko","year":"2021","unstructured":"Ko I, Chambers D, Barrett E. Recurrent autonomous autoencoder for intelligent DDoS attack mitigation within the ISP domain. Int J Mach Learn Cybern. 2021;12(11):3145\u201367.","journal-title":"Int J Mach Learn Cybern"},{"key":"341_CR62","doi-asserted-by":"crossref","unstructured":"Mathew SE, Vali YS, Shakkeera L. Botnet detection methods: a review and classification. In: 2025 3rd international conference on intelligent data communication technologies and Internet of Things (IDCIoT). IEEE; 2025. p. 497\u2013502.","DOI":"10.1109\/IDCIOT64235.2025.10914948"},{"key":"341_CR63","doi-asserted-by":"crossref","unstructured":"Swain PK, Pattnaik LM, Satpathy S. IoT applications and cyber threats: mitigation strategies for a secure future. 2025. p. 403\u201328.","DOI":"10.1007\/978-3-031-74885-1_27"},{"issue":"1","key":"341_CR64","doi-asserted-by":"publisher","first-page":"014","DOI":"10.1093\/cybsec\/tyaf014","volume":"11","author":"B Collier","year":"2025","unstructured":"Collier B, Clayton R. Peer (ing) pressure: a cybersecurity intervention at global scale in the internet infrastructure. J Cybersecur. 2025;11(1):014.","journal-title":"J Cybersecur"},{"key":"341_CR65","unstructured":"Vu AV, Collier B, Thomas DR, Kristoff J, Clayton R, Hutchings A. Assessing the aftermath: the effects of a global takedown against DDoS-for-hire services. In: Proceedings of the USENIX security symposium (USENIX Security). 2025."},{"key":"341_CR66","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103096","volume":"127","author":"P Kumari","year":"2023","unstructured":"Kumari P, Jain AK. A comprehensive study of DDoS attacks over IoT network and their countermeasures. Comput Secur. 2023;127:103096.","journal-title":"Comput Secur"},{"key":"341_CR67","unstructured":"Antonakakis M, April T, Bailey M, Bernhard M, Bursztein E, Cochran J, Durumeric Z, Halderman JA, Invernizzi L, Kallitsis M, et al. Understanding the Mirai botnet. In: 26th USENIX security symposium (USENIX Security 17). 2017. p. 1093\u2013110."},{"issue":"2","key":"341_CR68","doi-asserted-by":"publisher","first-page":"118","DOI":"10.1016\/j.dcan.2017.04.003","volume":"4","author":"AR Sfar","year":"2018","unstructured":"Sfar AR, Natalizio E, Challal Y, Chtourou Z. A roadmap for security challenges in the internet of things. Digital Commun Netw. 2018;4(2):118\u201337.","journal-title":"Digital Commun Netw"},{"issue":"4","key":"341_CR69","first-page":"1247","volume":"33","author":"S G\u00f6rm\u00fc\u015f","year":"2018","unstructured":"G\u00f6rm\u00fc\u015f S, Ayd\u0131n H, Uluta\u015f G. Security for the internet of things: a survey of existing mechanisms, protocols and open research issues. J Fac Eng Archit Gazi Univ. 2018;33(4):1247\u201372.","journal-title":"J Fac Eng Archit Gazi Univ"},{"issue":"1","key":"341_CR70","doi-asserted-by":"publisher","first-page":"116","DOI":"10.1007\/s43926-025-00234-1","volume":"5","author":"SB Wankhede","year":"2025","unstructured":"Wankhede SB, Patel D. Federated learning and blockchain approach for securing IoT data. Discover Internet Things. 2025;5(1):116.","journal-title":"Discover Internet Things"},{"issue":"4","key":"341_CR71","doi-asserted-by":"publisher","first-page":"586","DOI":"10.1109\/TETC.2016.2606384","volume":"5","author":"A Mosenia","year":"2016","unstructured":"Mosenia A, Jha NK. A comprehensive study of security of internet-of-things. IEEE Trans Emerg Top Comput. 2016;5(4):586\u2013602.","journal-title":"IEEE Trans Emerg Top Comput"},{"issue":"1","key":"341_CR72","doi-asserted-by":"publisher","first-page":"83","DOI":"10.1007\/s43926-025-00184-8","volume":"5","author":"D Krishnan","year":"2025","unstructured":"Krishnan D, Singh S, Sugumaran V. Explainable AI for zero-day attack detection in IoT networks using attention fusion model. Discover Internet Things. 2025;5(1):83.","journal-title":"Discover Internet Things"},{"key":"341_CR73","doi-asserted-by":"crossref","unstructured":"Saiyed MF, Al-Anbagi I. A game theoretic model for strategic defence selection against DDoS attacks in IoT networks. IEEE Trans Netw Serv Manag. 2025;22(5):4509\u201324.","DOI":"10.1109\/TNSM.2025.3589901"},{"issue":"16","key":"341_CR74","doi-asserted-by":"publisher","first-page":"1018","DOI":"10.1007\/s10586-025-05700-7","volume":"28","author":"H Aydin","year":"2025","unstructured":"Aydin H, Aydin MA. A multi-agent-based DDoS detection and defense system design with federated learning and blockchain in public cloud network environment. Clust Comput. 2025;28(16):1018.","journal-title":"Clust Comput"},{"issue":"2018","key":"341_CR75","first-page":"108","volume":"1","author":"I Sharafaldin","year":"2018","unstructured":"Sharafaldin I, Lashkari AH, Ghorbani AA, et al. Toward generating a new intrusion detection dataset and intrusion traffic characterization. ICISSp. 2018;1(2018):108\u201316.","journal-title":"ICISSp"},{"issue":"5","key":"341_CR76","doi-asserted-by":"publisher","first-page":"643","DOI":"10.1016\/j.comnet.2003.10.003","volume":"44","author":"C Douligeris","year":"2004","unstructured":"Douligeris C, Mitrokotsa A. DDoS attacks and defense mechanisms: classification and state-of-the-art. Comput Netw. 2004;44(5):643\u201366.","journal-title":"Comput Netw"},{"issue":"11","key":"341_CR77","doi-asserted-by":"publisher","first-page":"3078","DOI":"10.3390\/s20113078","volume":"20","author":"FS Dantas Silva","year":"2020","unstructured":"Dantas Silva FS, Silva E, Neto EP, Lemos M, Venancio Neto AJ, Esposito F. A taxonomy of DDoS attack mitigation approaches featured by SDN technologies in IoT scenarios. Sensors. 2020;20(11):3078.","journal-title":"Sensors"},{"key":"341_CR78","doi-asserted-by":"crossref","unstructured":"Sharafaldin I, Lashkari AH, Hakak S, Ghorbani AA. Developing realistic distributed denial of service (DDoS) attack dataset and taxonomy. In: 2019 International Carnahan conference on security technology (ICCST). IEEE; 2019. p. 1\u20138.","DOI":"10.1109\/CCST.2019.8888419"},{"key":"341_CR79","doi-asserted-by":"publisher","first-page":"119118","DOI":"10.1109\/ACCESS.2021.3106873","volume":"9","author":"A Sahu","year":"2021","unstructured":"Sahu A, Mao Z, Wlazlo P, Huang H, Davis K, Goulart A, et al. Multi-source multi-domain data fusion for cyberattack detection in power systems. IEEE Access. 2021;9:119118\u201338.","journal-title":"IEEE Access"},{"key":"341_CR80","doi-asserted-by":"publisher","first-page":"50","DOI":"10.58496\/MJBD\/2025\/004","volume":"2025","author":"WAH Salman","year":"2025","unstructured":"Salman WAH, Yong CH. Overview of the ciciot2023 dataset for internet of things intrusion detection systems. Mesopotamian J Big Data. 2025;2025:50\u201360.","journal-title":"Mesopotamian J Big Data"},{"issue":"6","key":"341_CR81","doi-asserted-by":"publisher","first-page":"2452","DOI":"10.18517\/ijaseit.12.6.17280","volume":"12","author":"RR Nuiaa","year":"2022","unstructured":"Nuiaa RR, Manickam S, ALsaeedi AH. A comprehensive review of DNS-based distributed reflection denial of service (DRDoS) attacks: state-of-the-art. Int J Adv Sci Eng Inf Technol. 2022;12(6):2452\u201361.","journal-title":"Int J Adv Sci Eng Inf Technol"},{"key":"341_CR82","doi-asserted-by":"crossref","unstructured":"Kawamura T, Fukushi M, Hirano Y, Fujita Y, Hamamoto Y. An NTP-based detection module for DDoS attacks on IoT. In: 2017 IEEE international conference on consumer electronics-Taiwan (ICCE-TW). IEEE; 2017. p. 15\u20136.","DOI":"10.1109\/ICCE-China.2017.7990972"},{"issue":"2","key":"341_CR83","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1007\/s42979-021-00477-z","volume":"2","author":"E Arul","year":"2021","unstructured":"Arul E, Punidha A. Supervised deep learning vector quantization to detect MemCached DDoS malware attack on cloud. SN Comput Sci. 2021;2(2):85.","journal-title":"SN Comput Sci"},{"key":"341_CR84","doi-asserted-by":"crossref","unstructured":"Avdeeva I, Golovina T, Guzhina G, Sulima E, Suhanov D, Tihanov E. The concept of preventive cybersecurity management of the IoT device market in the digital economy. In: IV International scientific and practical conference. 2021. p. 1\u20136.","DOI":"10.1145\/3487757.3490859"},{"key":"341_CR85","unstructured":"Ahuja N, Singal G, Mukhopadhyay D. DDoS attack SDN dataset Mendeley data. 2020;1:17632."},{"key":"341_CR86","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2024.120209","volume":"662","author":"AD Aguru","year":"2024","unstructured":"Aguru AD, Erukala SB. A lightweight multi-vector DDoS detection framework for IoT-enabled mobile health informatics systems using deep learning. Inf Sci. 2024;662:120209.","journal-title":"Inf Sci"},{"issue":"7","key":"341_CR87","doi-asserted-by":"publisher","first-page":"5320","DOI":"10.1007\/s11227-019-02945-z","volume":"76","author":"MM Salim","year":"2020","unstructured":"Salim MM, Rathore S, Park JH. Distributed denial of service attacks and its defenses in IoT: a survey. J Supercomput. 2020;76(7):5320.","journal-title":"J Supercomput"},{"key":"341_CR88","doi-asserted-by":"publisher","first-page":"n71","DOI":"10.1136\/bmj.n71","volume":"372","author":"MJ Page","year":"2021","unstructured":"Page MJ, McKenzie JE, Bossuyt PM, Boutron I, Hoffmann TC, Mulrow CD, et al. The Prisma 2020 statement: an updated guideline for reporting systematic reviews. BMJ. 2021;372:n71.","journal-title":"BMJ"},{"issue":"17","key":"341_CR89","doi-asserted-by":"publisher","first-page":"12982","DOI":"10.3390\/su151712982","volume":"15","author":"R Raman","year":"2023","unstructured":"Raman R, Lathabhai H, Mandal S, Kumar C, Nedungadi P. Contribution of business research to sustainable development goals: bibliometrics and science mapping analysis. Sustainability. 2023;15(17):12982.","journal-title":"Sustainability"},{"issue":"3","key":"341_CR90","doi-asserted-by":"publisher","first-page":"558","DOI":"10.5530\/jscires.12.3.053","volume":"12","author":"C Kumar","year":"2023","unstructured":"Kumar C, Pattnaik D, Balas VE, Raman R. Comprehensive scientometric analysis and longitudinal SDG mapping of quality and reliability engineering international journal. J Sci Res. 2023;12(3):558\u201369.","journal-title":"J Sci Res"},{"issue":"1","key":"341_CR91","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s40537-024-00920-x","volume":"11","author":"R Raman","year":"2024","unstructured":"Raman R, Pattnaik D, Lathabai HH, Kumar C, Govindan K, Nedungadi P. Green and sustainable AI research: an integrated thematic and topic modeling analysis. J Big Data. 2024;11(1):1\u201328.","journal-title":"J Big Data"},{"issue":"8","key":"341_CR92","doi-asserted-by":"publisher","first-page":"2661","DOI":"10.1016\/j.adhoc.2013.04.014","volume":"11","author":"S Raza","year":"2013","unstructured":"Raza S, Wallgren L, Voigt T. Svelte: real-time intrusion detection in the internet of things. Ad Hoc Netw. 2013;11(8):2661\u201374.","journal-title":"Ad Hoc Netw"},{"issue":"1","key":"341_CR93","doi-asserted-by":"publisher","first-page":"303","DOI":"10.1109\/SURV.2013.052213.00046","volume":"16","author":"MH Bhuyan","year":"2013","unstructured":"Bhuyan MH, Bhattacharyya DK, Kalita JK. Network anomaly detection: methods, systems and tools. IEEE Commun Surv Tutor. 2013;16(1):303\u201336.","journal-title":"IEEE Commun Surv Tutor"},{"key":"341_CR94","doi-asserted-by":"publisher","first-page":"761","DOI":"10.1016\/j.future.2017.08.043","volume":"82","author":"AA Diro","year":"2018","unstructured":"Diro AA, Chilamkurti N. Distributed attack detection scheme using deep learning approach for Internet of Things. Futur Gener Comput Syst. 2018;82:761\u20138.","journal-title":"Futur Gener Comput Syst"},{"key":"341_CR95","doi-asserted-by":"crossref","unstructured":"Nugraha B, Murthy RN. Deep learning-based slow DDoS attack detection in SDN-based networks. In: 2020 IEEE conference on network function virtualization and software defined networks (NFV-SDN). IEEE; 2020. p. 51\u20136.","DOI":"10.1109\/NFV-SDN50289.2020.9289894"},{"key":"341_CR96","doi-asserted-by":"publisher","first-page":"42357","DOI":"10.1109\/ACCESS.2024.3378727","volume":"12","author":"Y Alhasawi","year":"2024","unstructured":"Alhasawi Y, Alghamdi S. Federated learning for decentralized DDoS attack detection in IoT networks. IEEE Access. 2024;12:42357\u201368.","journal-title":"IEEE Access"},{"issue":"9","key":"341_CR97","doi-asserted-by":"publisher","first-page":"3367","DOI":"10.3390\/s22093367","volume":"22","author":"JG Almaraz-Rivera","year":"2022","unstructured":"Almaraz-Rivera JG, Perez-Diaz JA, Cantoral-Ceballos JA. Transport and application layer DDoS attacks detection to IoT devices by using machine learning and deep learning models. Sensors. 2022;22(9):3367.","journal-title":"Sensors"},{"key":"341_CR98","doi-asserted-by":"crossref","unstructured":"Akbar DA, Purwoko R, Syahral M, et al. IoT system design and implementation based on OWASP IoT security verification standard. In: 2024 8th International conference on information technology, information systems and electrical engineering (ICITISEE). IEEE; 2024. p. 274\u20139.","DOI":"10.1109\/ICITISEE63424.2024.10730126"},{"issue":"3","key":"341_CR99","first-page":"459","volume":"18","author":"A Mayzaud","year":"2016","unstructured":"Mayzaud A, Badonnel R, Chrisment I. A taxonomy of attacks in RPL-based internet of things. Int J Netw Secur. 2016;18(3):459\u201373.","journal-title":"Int J Netw Secur"},{"key":"341_CR100","doi-asserted-by":"crossref","unstructured":"Andrea I, Chrysostomou C, Hadjichristofi G. Internet of Things: security vulnerabilities and challenges. In: 2015 IEEE symposium on computers and communication (ISCC). IEEE; 2015. p. 180\u20137.","DOI":"10.1109\/ISCC.2015.7405513"},{"key":"341_CR101","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4842-2896-8","volume-title":"Demystifying internet of things security: successful IoT device\/edge and platform security deployment","author":"S Cheruvu","year":"2020","unstructured":"Cheruvu S, Kumar A, Smith N, Wheeler DM. Demystifying internet of things security: successful IoT device\/edge and platform security deployment. Berlin: Springer; 2020."},{"issue":"11","key":"341_CR102","doi-asserted-by":"publisher","first-page":"1312","DOI":"10.1016\/j.comcom.2012.04.008","volume":"35","author":"H Beitollahi","year":"2012","unstructured":"Beitollahi H, Deconinck G. Analyzing well-known countermeasures against distributed denial of service attacks. Comput Commun. 2012;35(11):1312\u201332.","journal-title":"Comput Commun"},{"key":"341_CR103","doi-asserted-by":"crossref","unstructured":"Guenane F, Nogueira M, Serhrouchni A. DDoS mitigation cloud-based service. In: 2015 IEEE Trustcom\/BigDataSE\/ISPA, vol. 1. IEEE; 2015. p. 1363\u20138.","DOI":"10.1109\/Trustcom.2015.531"},{"key":"341_CR104","doi-asserted-by":"crossref","unstructured":"Jajodia S, Ghosh AK, Swarup V, Wang C, Wang XS, editors. Moving target defense: creating asymmetric uncertainty for cyber threats. Springer Science & Business Media; 2011.","DOI":"10.1007\/978-1-4614-0977-9"},{"key":"341_CR105","doi-asserted-by":"crossref","unstructured":"Douligeris C, Mitrokotsa A. DDoS attacks and defense mechanisms: a classification. In: Proceedings of the 3rd IEEE international symposium on signal processing and information technology (IEEE Cat. No. 03EX795). IEEE; 2003. p. 190\u20133.","DOI":"10.1109\/ISSPIT.2003.1341092"},{"key":"341_CR106","doi-asserted-by":"crossref","unstructured":"Ferguson P, Senie D. Network ingress filtering: Defeating denial of service attacks which employ IP source address spoofing. No. rfc2267. 1998.","DOI":"10.17487\/rfc2267"},{"issue":"10","key":"341_CR107","doi-asserted-by":"publisher","first-page":"1853","DOI":"10.1109\/JSAC.2006.877138","volume":"24","author":"A Yaar","year":"2006","unstructured":"Yaar A, Perrig A, Song D. StackPi: new packet marking and filtering mechanisms for DDoS and IP spoofing defense. IEEE J Sel Areas Commun. 2006;24(10):1853\u201363.","journal-title":"IEEE J Sel Areas Commun"},{"issue":"3","key":"341_CR108","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1145\/571697.571724","volume":"32","author":"R Mahajan","year":"2002","unstructured":"Mahajan R, Bellovin SM, Floyd S, Ioannidis J, Paxson V, Shenker S. Controlling high bandwidth aggregates in the network. ACM SIGCOMM Comput Commun Rev. 2002;32(3):62\u201373.","journal-title":"ACM SIGCOMM Comput Commun Rev"},{"key":"341_CR109","doi-asserted-by":"crossref","unstructured":"Zaalouk A, Khondoker R, Marx R, Bayarou K. Orchsec: an orchestrator-based architecture for enhancing network-security using network monitoring and SDN control functions. In: 2014 IEEE network operations and management symposium (NOMS). IEEE; 2014. p. 1\u20139.","DOI":"10.1109\/NOMS.2014.6838409"},{"key":"341_CR110","unstructured":"Lemon J. Resisting $$\\{$$SYN$$\\}$$ flood $$\\{$$DoS$$\\}$$ attacks with a $$\\{$$SYN$$\\}$$ cache. In: BSDCon 2002 (BSDCon 2002). 2002; p. 89\u201398."},{"key":"341_CR111","doi-asserted-by":"crossref","unstructured":"Kambourakis G, Moschos T, Geneiatakis D, Gritzalis S. Detecting DNS amplification attacks. In: International workshop on critical information infrastructures security. Springer; 2007. p. 185\u201396.","DOI":"10.1007\/978-3-540-89173-4_16"},{"key":"341_CR112","unstructured":"K\u00fchrer M, Hupperich T, Rossow C, Holz T. Exit from hell? Reducing the impact of $$\\{$$Amplification$$\\}$$$$\\{$$DDoS$$\\}$$ attacks. In: 23rd USENIX security symposium (USENIX Security 14). 2014. p. 111\u201325."},{"issue":"1","key":"341_CR113","first-page":"83","volume":"2","author":"A Aljuhani","year":"2019","unstructured":"Aljuhani A, Alharbi T, Taylor B. Mitigation of application layer DDoS flood attack against web servers. J Inform Secur Cybercrimes Res. 2019;2(1):83\u201395.","journal-title":"J Inform Secur Cybercrimes Res"},{"issue":"4","key":"341_CR114","doi-asserted-by":"publisher","first-page":"2046","DOI":"10.1109\/SURV.2013.031413.00127","volume":"15","author":"ST Zargar","year":"2013","unstructured":"Zargar ST, Joshi J, Tipper D. A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Commun Surv Tutor. 2013;15(4):2046\u201369.","journal-title":"IEEE Commun Surv Tutor"},{"key":"341_CR115","doi-asserted-by":"publisher","first-page":"481","DOI":"10.1016\/j.future.2019.02.064","volume":"96","author":"W Li","year":"2019","unstructured":"Li W, Tug S, Meng W, Wang Y. Designing collaborative blockchained signature-based intrusion detection in IoT environments. Futur Gener Comput Syst. 2019;96:481\u20139.","journal-title":"Futur Gener Comput Syst"},{"issue":"2","key":"341_CR116","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1145\/997150.997156","volume":"34","author":"J Mirkovic","year":"2004","unstructured":"Mirkovic J, Reiher P. A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Comput Commun Rev. 2004;34(2):39\u201353.","journal-title":"ACM SIGCOMM Comput Commun Rev"},{"key":"341_CR117","doi-asserted-by":"publisher","DOI":"10.1016\/j.measen.2025.101873","volume":"39","author":"I Varalakshmi","year":"2025","unstructured":"Varalakshmi I, Thenmozhi M. Entropy based earlier detection and mitigation of DDoS attack using stochastic method in SDN_IoT. Measur Sensors. 2025;39:101873.","journal-title":"Measur Sensors"},{"issue":"2","key":"341_CR118","doi-asserted-by":"publisher","first-page":"532","DOI":"10.3934\/nhm.2025024","volume":"20","author":"M Ra\u2019ed","year":"2025","unstructured":"Ra\u2019ed M, Heilat L, Qudah W, Alhatamleh S, Al-Khateeb A. A novel improved deep learning model based on Bi-LSTM algorithm for intrusion detection in WSN. Netw Heterogeneous Med. 2025;20(2):532\u201365.","journal-title":"Netw Heterogeneous Med"},{"key":"341_CR119","doi-asserted-by":"publisher","first-page":"103136","DOI":"10.1109\/ACCESS.2022.3210189","volume":"10","author":"C Yao","year":"2022","unstructured":"Yao C, Yang Y, Yin K, Yang J. Traffic anomaly detection in wireless sensor networks based on principal component analysis and deep convolution neural network. IEEE Access. 2022;10:103136\u201349.","journal-title":"IEEE Access"},{"key":"341_CR120","doi-asserted-by":"publisher","first-page":"150540","DOI":"10.1109\/ACCESS.2019.2946261","volume":"7","author":"K Zhang","year":"2019","unstructured":"Zhang K, Zhao F, Luo S, Xin Y, Zhu H. An intrusion action-based ids alert correlation analysis and prediction framework. IEEE Access. 2019;7:150540\u201351.","journal-title":"IEEE Access"},{"issue":"3","key":"341_CR121","first-page":"648","volume":"17","author":"A Wang","year":"2018","unstructured":"Wang A, Chang W, Chen S, Mohaisen A. A data-driven study of DDoS attacks and their dynamics. IEEE Trans Dependable Secure Comput. 2018;17(3):648\u201361.","journal-title":"IEEE Trans Dependable Secure Comput"},{"issue":"1","key":"341_CR122","doi-asserted-by":"publisher","first-page":"81","DOI":"10.1007\/s43926-025-00185-7","volume":"5","author":"F Khan","year":"2025","unstructured":"Khan F, Kumar BS, Sangani S. A feature-level ensemble machine learning approach for attack detection in IoT networks. Discover Internet Things. 2025;5(1):81.","journal-title":"Discover Internet Things"},{"key":"341_CR123","volume":"75","author":"O Polat","year":"2026","unstructured":"Polat O, Durmu\u015f \u00d6, Do\u011fan F, T\u00fcrko\u011flu M, \u015eeker H, Atasoy F, et al. Supervised and deep learning techniques for DDoS detection in software-defined network architectures: a systematic review. Eng Sci Technol Int J. 2026;75:102290.","journal-title":"Eng Sci Technol Int J"},{"key":"341_CR124","doi-asserted-by":"crossref","unstructured":"Kareem MI, Jasim MN. DDoS attack detection using lightweight partial decision tree algorithm. In: 2022 International conference on computer science and software engineering (CSASE). IEEE; 2022. p. 362\u20137.","DOI":"10.1109\/CSASE51777.2022.9759824"},{"key":"341_CR125","doi-asserted-by":"crossref","unstructured":"Sudar KM, Beulah M, Deepalakshmi P, Nagaraj P, Chinnasamy P. Detection of distributed denial of service attacks in SDN using machine learning techniques. In: 2021 International conference on computer communication and informatics (ICCCI). IEEE; 2021. p. 1\u20135.","DOI":"10.1109\/ICCCI50826.2021.9402517"},{"key":"341_CR126","doi-asserted-by":"publisher","first-page":"132502","DOI":"10.1109\/ACCESS.2020.3009733","volume":"8","author":"KS Sahoo","year":"2020","unstructured":"Sahoo KS, Tripathy BK, Naik K, Ramasubbareddy S, Balusamy B, Khari M, et al. An evolutionary SVM model for DDoS attack detection in software defined networks. IEEE Access. 2020;8:132502\u201313.","journal-title":"IEEE Access"},{"key":"341_CR127","doi-asserted-by":"publisher","first-page":"18701","DOI":"10.1109\/ACCESS.2019.2896783","volume":"7","author":"TV Phan","year":"2019","unstructured":"Phan TV, Park M. Efficient distributed denial-of-service attack defense in SDN-based cloud. IEEE Access. 2019;7:18701\u201314.","journal-title":"IEEE Access"},{"issue":"1","key":"341_CR128","first-page":"9649643","volume":"2018","author":"B Han","year":"2018","unstructured":"Han B, Yang X, Sun Z, Huang J, Su J. Overwatch: a cross-plane DDoS attack defense framework with collaborative intelligence in SDN. Security Commun Netw. 2018;2018(1):9649643.","journal-title":"Security Commun Netw"},{"key":"341_CR129","doi-asserted-by":"publisher","first-page":"453","DOI":"10.1016\/j.future.2021.01.022","volume":"118","author":"S Ur Rehman","year":"2021","unstructured":"Ur Rehman S, Khaliq M, Imtiaz SI, Rasool A, Shafiq M, Javed AR, et al. DIDDOS: an approach for detection and identification of distributed denial of service (DDoS) cyberattacks using gated recurrent units (GRU). Futur Gener Comput Syst. 2021;118:453\u201366.","journal-title":"Futur Gener Comput Syst"},{"issue":"1","key":"341_CR130","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1007\/s43926-025-00182-w","volume":"5","author":"NA Al-Shukaili","year":"2025","unstructured":"Al-Shukaili NA, Kiah MLM, Ahmedy I. Optimizing feature selection and deep learning techniques for precise detection of low-rate distributed denial of service (LDDOS) attack. Discover Internet Things. 2025;5(1):80.","journal-title":"Discover Internet Things"},{"key":"341_CR131","doi-asserted-by":"crossref","unstructured":"Li Y, Lu Y. LSTM-BA: DDoS detection approach combining LSTM and Bayes. In: 2019 Seventh international conference on advanced cloud and big data (CBD). IEEE; 2019. p. 180\u20135.","DOI":"10.1109\/CBD.2019.00041"},{"key":"341_CR132","first-page":"1","volume":"2022","author":"R Qamar","year":"2022","unstructured":"Qamar R, Zardari B, Arain A, Khoso F, Jokhio A. Detecting distributed denial of service attacks using recurrent neural network. Psychology. 2022;2022:1.","journal-title":"Psychology"},{"issue":"22","key":"341_CR133","doi-asserted-by":"publisher","first-page":"4089","DOI":"10.1049\/iet-com.2020.0477","volume":"14","author":"H Polat","year":"2020","unstructured":"Polat H, Turkoglu M, Polat O. Deep network approach with stacked sparse autoencoders in detection of DDoS attacks on SDN-based VANET. IET Commun. 2020;14(22):4089\u2013100.","journal-title":"IET Commun"},{"key":"341_CR134","unstructured":"Khan Saad. Lightweight deep learning framework to detect botnets in iot sensor networks by using hybrid self-organizing map. 2020."},{"key":"341_CR135","doi-asserted-by":"crossref","unstructured":"Almotiri Jasem. DDoS intrusion detection model for IoT networks using backpropagation neural network. Int J Adv Comput Sci Appl. 2022;13(6):694\u2013704.","DOI":"10.14569\/IJACSA.2022.0130682"},{"key":"341_CR136","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101645","volume":"88","author":"M Wang","year":"2020","unstructured":"Wang M, Lu Y, Qin J. A dynamic MLP-based DDoS attack detection method using feature selection and feedback. Comput Secur. 2020;88:101645.","journal-title":"Comput Secur"},{"issue":"4","key":"341_CR137","first-page":"39","volume":"7","author":"C Suprayogi","year":"2022","unstructured":"Suprayogi C, Marwan MA. Classification of network traffic data Mirai malware attacks on internet of things devices using the k-nearest neighbor method. Int Res J Adv Eng Sci. 2022;7(4):39\u201343.","journal-title":"Int Res J Adv Eng Sci"},{"issue":"8","key":"341_CR138","doi-asserted-by":"publisher","first-page":"1975","DOI":"10.1109\/TIFS.2018.2890808","volume":"14","author":"N Moustafa","year":"2019","unstructured":"Moustafa N, Choo K-KR, Radwan I, Camtepe S. Outlier Dirichlet mixture mechanism: adversarial statistical learning for anomaly detection in the fog. IEEE Trans Inf Forensics Secur. 2019;14(8):1975\u201387.","journal-title":"IEEE Trans Inf Forensics Secur"},{"issue":"2","key":"341_CR139","doi-asserted-by":"publisher","first-page":"2181","DOI":"10.32604\/cmc.2024.047387","volume":"78","author":"T-L Nguyen","year":"2024","unstructured":"Nguyen T-L, Kao H, Nguyen T-T, Horng M-F, Shieh C-S. Unknown DDoS attack detection with fuzzy c-means clustering and spatial location constraint prototype loss. Comput Mater Continua. 2024;78(2):2181.","journal-title":"Comput Mater Continua"},{"issue":"1","key":"341_CR140","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/s43926-024-00080-7","volume":"4","author":"A Kumar","year":"2024","unstructured":"Kumar A, Singh D. Adaptive epsilon greedy reinforcement learning method in securing IoT devices in edge computing. Discover Internet Things. 2024;4(1):27.","journal-title":"Discover Internet Things"},{"key":"341_CR141","doi-asserted-by":"crossref","unstructured":"Khozam S, Blanc G, Tixeuil S, Totel E. Dams: double deep q-network approach for DDoS attack mitigation in SDN. In: Proceedings of the 8th international conference on future networks & distributed systems. 2024. p. 1049\u201356.","DOI":"10.1145\/3726122.3726282"},{"issue":"3","key":"341_CR142","doi-asserted-by":"publisher","first-page":"503","DOI":"10.1007\/s11235-023-01089-z","volume":"85","author":"W Bekri","year":"2024","unstructured":"Bekri W, Jmal R, Fourati LC. Secure and trustworthiness IoT systems: investigations and literature review. Telecommun Syst. 2024;85(3):503\u201338.","journal-title":"Telecommun Syst"},{"issue":"3","key":"341_CR143","doi-asserted-by":"publisher","first-page":"1604","DOI":"10.11591\/eei.v11i3.3643","volume":"11","author":"KF Hassan","year":"2022","unstructured":"Hassan KF, Manaa ME. Detection and mitigation of DDoS attacks in Internet of Things using a fog computing hybrid approach. Bull Electr Eng Inform. 2022;11(3):1604\u201313.","journal-title":"Bull Electr Eng Inform"},{"issue":"22","key":"341_CR144","doi-asserted-by":"publisher","first-page":"10501","DOI":"10.3390\/app142210501","volume":"14","author":"O Polat","year":"2024","unstructured":"Polat O, Oyucu S, T\u00fcrko\u011flu M, Polat H, Aksoz A, Yard\u0131mc\u0131 F. Hybrid AI-powered real-time distributed denial of service detection and traffic monitoring for software-defined-based vehicular ad hoc networks: a new paradigm for securing intelligent transportation networks. Appl Sci. 2024;14(22):10501.","journal-title":"Appl Sci"},{"issue":"1","key":"341_CR145","doi-asserted-by":"publisher","first-page":"20","DOI":"10.37934\/aaij.1.1.2033","volume":"1","author":"NHM Ariffin","year":"2025","unstructured":"Ariffin NHM, Iqbal MIM, Yusoff M, Zulkefli NAM. A study on the best classification method for an intelligent phishing website detection system. ASEAN Artif Intell J. 2025;1(1):20\u201333.","journal-title":"ASEAN Artif Intell J"},{"key":"341_CR146","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1016\/j.comnet.2015.08.038","volume":"92","author":"S Fichera","year":"2015","unstructured":"Fichera S, Galluccio L, Grancagnolo SC, Morabito G, Palazzo S. Operetta: an openflow-based remedy to mitigate TCP synflood attacks against web servers. Comput Netw. 2015;92:89\u2013100.","journal-title":"Comput Netw"},{"key":"341_CR147","doi-asserted-by":"crossref","unstructured":"Liu X, Yang X, Lu Y. To filter or to authorize: network-layer dos defense against multimillion-node botnets. In: Proceedings of the ACM SIGCOMM 2008 conference on data communication. 2008. p. 195\u2013206.","DOI":"10.1145\/1402958.1402981"},{"key":"341_CR148","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2024.103946","volume":"229","author":"A Kumar","year":"2024","unstructured":"Kumar A, Agarwal M. Quick service during DDoS attacks in the container-based cloud environment. J Netw Comput Appl. 2024;229:103946.","journal-title":"J Netw Comput Appl"},{"key":"341_CR149","doi-asserted-by":"publisher","DOI":"10.1016\/j.neunet.2025.107725","volume":"191","author":"X Wu","year":"2025","unstructured":"Wu X, Ding S, Zhao N, Wang H, Niu B. Neural-network-based event-triggered adaptive secure fault-tolerant containment control for nonlinear multi-agent systems under denial-of-service attacks. Neural Netw. 2025;191:107725.","journal-title":"Neural Netw"},{"issue":"1","key":"341_CR150","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1007\/s43926-023-00034-5","volume":"3","author":"M Bhavsar","year":"2023","unstructured":"Bhavsar M, Roy K, Kelly J, Olusola O. Anomaly-based intrusion detection system for IoT application. Discover Internet things. 2023;3(1):5.","journal-title":"Discover Internet things"},{"issue":"1","key":"341_CR151","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1007\/s43926-025-00156-y","volume":"5","author":"M Zahid","year":"2025","unstructured":"Zahid M, Bharati TS. Enhancing cybersecurity in IoT systems: a hybrid deep learning approach for real-time attack detection. Discover Internet Things. 2025;5(1):73.","journal-title":"Discover Internet Things"},{"issue":"1","key":"341_CR152","doi-asserted-by":"publisher","first-page":"72","DOI":"10.1007\/s43926-025-00169-7","volume":"5","author":"A Khraisat","year":"2025","unstructured":"Khraisat A, Alazab A, Alazab M, Obeidat A, Singh S, Jan T. Federated learning for intrusion detection in IoT environments: a privacy-preserving strategy. Discover Internet Things. 2025;5(1):72.","journal-title":"Discover Internet Things"},{"key":"341_CR153","doi-asserted-by":"crossref","unstructured":"Abdelaty M, Scott-Hayward S, Doriguzzi-Corin R, Siracusa D. GADoT: GAN-based adversarial training for robust DDoS attack detection. In: 2021 IEEE conference on communications and network security (CNS). IEEE; 2021. p. 119\u201327.","DOI":"10.1109\/CNS53000.2021.9705040"}],"container-title":["Discover Internet of Things"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s43926-026-00341-7","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s43926-026-00341-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s43926-026-00341-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T14:04:27Z","timestamp":1780322667000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s43926-026-00341-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,5,4]]},"references-count":152,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2026,12]]}},"alternative-id":["341"],"URL":"https:\/\/doi.org\/10.1007\/s43926-026-00341-7","relation":{},"ISSN":["2730-7239"],"issn-type":[{"value":"2730-7239","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,5,4]]},"assertion":[{"value":"11 November 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"20 April 2026","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"4 May 2026","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"Not applicable.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethics approval and consent to participate"}},{"value":"Not applicable.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Consent for publication"}},{"value":"The authors declare no competing interests.","order":4,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing interests"}}],"article-number":"67"}}