{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,15]],"date-time":"2026-06-15T10:01:29Z","timestamp":1781517689967,"version":"3.54.1"},"reference-count":31,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2023,2,3]],"date-time":"2023-02-03T00:00:00Z","timestamp":1675382400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Ministry of Education, Youth and Sports, Czech Republic","award":["SP2023\/74"],"award-info":[{"award-number":["SP2023\/74"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>This paper proposes a solution for ensuring the security of IoT devices in the cloud environment by protecting against distributed denial-of-service (DDoS) and false data injection attacks. The proposed solution is based on the integration of simple network management protocol (SNMP), Kullback\u2013Leibler distance (KLD), access control rules (ACL), and moving target defense (MTD) techniques. The SNMP and KLD techniques are used to detect DDoS and false data sharing attacks, while the ACL and MTD techniques are applied to mitigate these attacks by hardening the target and reducing the attack surface. The effectiveness of the proposed framework is validated through experimental simulations on the Amazon Web Service (AWS) platform, which shows a significant reduction in attack probabilities and delays. The integration of IoT and cloud technologies is a powerful combination that can deliver customized and critical solutions to major business vendors. However, ensuring the confidentiality and security of data among IoT devices, storage, and access to the cloud is crucial to maintaining trust among internet users. This paper demonstrates the importance of implementing robust security measures to protect IoT devices in the cloud environment and highlights the potential of the proposed solution in protecting against DDoS and false data injection attacks.<\/jats:p>","DOI":"10.3390\/s23031708","type":"journal-article","created":{"date-parts":[[2023,2,6]],"date-time":"2023-02-06T02:06:43Z","timestamp":1675649203000},"page":"1708","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":19,"title":["Detection and Mitigation of IoT-Based Attacks Using SNMP and Moving Target Defense Techniques"],"prefix":"10.3390","volume":"23","author":[{"given":"Rajakumaran","family":"Gayathri","sequence":"first","affiliation":[{"name":"Vellore Institute of Technology, Chennai Campus, Chennai 600127, India"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7480-7777","authenticated-orcid":false,"given":"Shola","family":"Usharani","sequence":"additional","affiliation":[{"name":"Vellore Institute of Technology, Chennai Campus, Chennai 600127, India"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9720-2201","authenticated-orcid":false,"given":"Miroslav","family":"Mahdal","sequence":"additional","affiliation":[{"name":"Department of Control Systems and Instrumentation, Faculty of Mechanical Engineering, VSB-Technical University of Ostrava, 17, Listopadu 2172\/15, 70800 Ostrava, Czech Republic"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Rajasekharan","family":"Vezhavendhan","sequence":"additional","affiliation":[{"name":"Vellore Institute of Technology, Vellore 632014, India"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Rajiv","family":"Vincent","sequence":"additional","affiliation":[{"name":"Vellore Institute of Technology, Chennai Campus, Chennai 600127, India"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Murugesan","family":"Rajesh","sequence":"additional","affiliation":[{"name":"Vellore Institute of Technology, Chennai Campus, Chennai 600127, India"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2349-3701","authenticated-orcid":false,"given":"Muniyandy","family":"Elangovan","sequence":"additional","affiliation":[{"name":"Department of R&D, Bond Marine Consultancy, London EC1V 2NX, UK"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2023,2,3]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"12633","DOI":"10.1109\/TITS.2021.3115823","article-title":"C2FDA: Coarse-to-fine domain adaptation for traffic object detection","volume":"23","author":"Zhang","year":"2022","journal-title":"IEEE Trans. Intell. Transp. Syst."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"2756","DOI":"10.1109\/TNSE.2021.3057915","article-title":"Many-objective deployment optimization for a drone-assisted camera network","volume":"8","author":"Cao","year":"2021","journal-title":"IEEE Trans. Netw. Sci. Eng."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"6273","DOI":"10.1109\/JIOT.2020.3004469","article-title":"Industrial security solution for virtual reality","volume":"8","author":"Lv","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"5257","DOI":"10.1109\/TIP.2022.3192706","article-title":"Extendable Multiple nodes recurrent tracking framework with RTU+","volume":"31","author":"Wang","year":"2022","journal-title":"IEEE Trans. Image Process."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"12556","DOI":"10.1007\/s10489-021-03121-8","article-title":"SA-FPN: An effective feature pyramid network for crowded human detection","volume":"52","author":"Zhou","year":"2022","journal-title":"Appl. Intell."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Ghorbani, H.R., and Ahmadzadegan, M.H. (2017, January 13\u201314). Security challenges in internet of things: Survey. Proceedings of the 2017 IEEE Conference on Wireless Sensors (ICWiSe), Miri, Malaysia.","DOI":"10.1109\/ICWISE.2017.8267153"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Kiruthika, J., and Khaddaj, S. (2015, January 18\u201324). Software quality issues and challenges of internet of things. Proceedings of the 2015 14th International Symposium on Distributed Computing and Applications for Business Engineering and Science (DCABES), Guiyang, China.","DOI":"10.1109\/DCABES.2015.51"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"5533843","DOI":"10.1155\/2021\/5533843","article-title":"Internet of Things security: Challenges and key issues","volume":"2021","author":"Azrour","year":"2021","journal-title":"Secur. Commun. Netw."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"2702","DOI":"10.1109\/COMST.2019.2910750","article-title":"Demystifying IoT security: An exhaustive survey on IoT vulnerabilities and a first empirical look on internet-scale IoT exploitations","volume":"21","author":"Neshenko","year":"2019","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"21947","DOI":"10.1007\/s11042-017-5540-x","article-title":"Malicious insiders attack in IoT based Multi-Cloud e-Healthcare environment: A Systematic Literature Review","volume":"77","author":"Ahmed","year":"2018","journal-title":"Multimed. Tools Appl."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"240","DOI":"10.35940\/ijeat.A1047.1091S19","article-title":"Mitigation of spoofing attacks on IOT home networks","volume":"9","author":"Archana","year":"2019","journal-title":"Int. J. Eng. Adv. Technol."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"2027","DOI":"10.1109\/COMST.2016.2548426","article-title":"A survey of man in the middle attacks","volume":"18","author":"Conti","year":"2016","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Feng, Y., Wang, W., Weng, Y., and Zhang, H. (2017, January 21\u201324). A replay-attack resistant authentication scheme for the internet of things. Proceedings of the 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC), Guangzhou, China.","DOI":"10.1109\/CSE-EUC.2017.101"},{"key":"ref_14","first-page":"77","article-title":"Cryptanalysis of Farash et al.\u2019s SIP authentication protocol","volume":"8","author":"Azrour","year":"2018","journal-title":"Int. J. Dyn. Syst. Differ. Equ."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Ryu, J., Lee, H., Kim, H., and Won, D. (2018). Secure and Efficient Three-Factor Protocol for Wireless Sensor Networks. Sensors, 18.","DOI":"10.3390\/s18124481"},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"59353","DOI":"10.1109\/ACCESS.2021.3073408","article-title":"Internet of things applications, security challenges, attacks, intrusion detection, and future visions: A systematic review","volume":"9","author":"Mishra","year":"2021","journal-title":"IEEE Access"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s12046-019-1230-x","article-title":"Intrusion detection system using an optimized kernel extreme learning machine and efficient features","volume":"45","author":"Ghasemi","year":"2020","journal-title":"Sadhana"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"48753","DOI":"10.1109\/ACCESS.2021.3060778","article-title":"Multilayer framework for botnet detection using machine learning algorithms","volume":"9","author":"Ibrahim","year":"2021","journal-title":"IEEE Access"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Wang, W., Fang, B., Zhang, Z., and Li, C. (2009, January 25\u201326). A novel approach to detect IRC-based botnets. Proceedings of the 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing, Wuhan, China.","DOI":"10.1109\/NSWCTC.2009.72"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"2","DOI":"10.1016\/j.cose.2013.04.007","article-title":"Botnet detection based on traffic behavior analysis and flow intervals","volume":"39","author":"Zhao","year":"2013","journal-title":"Comput. Secur."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"132","DOI":"10.1109\/MCOM.2014.6852094","article-title":"Bad neighborhoods on the internet","volume":"52","author":"Moura","year":"2014","journal-title":"IEEE Commun. Mag."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"10","DOI":"10.1016\/j.comcom.2014.03.009","article-title":"A moving target DDoS defense mechanism","volume":"46","author":"Wang","year":"2014","journal-title":"Comput. Commun."},{"key":"ref_23","first-page":"1443","article-title":"LFRSNet: A robust light field semantic segmentation network combining contextual and geometric features","volume":"10","author":"Yang","year":"2022","journal-title":"Front. Environ. Sci."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"5105","DOI":"10.37418\/amsj.9.7.76","article-title":"Web-acl based dos mitigation solution for cloud","volume":"9","author":"Gayathri","year":"2020","journal-title":"Adv. Math. Sci. J."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"225","DOI":"10.1504\/IJWBC.2019.101812","article-title":"Identification of regression function and distribution model for denial of service attack in Second Life online community using simple network management protocol","volume":"15","author":"Rajakumaran","year":"2019","journal-title":"Int. J. Web Based Communities"},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s42979-019-0043-7","article-title":"Denial of service attack prediction using gradient descent algorithm","volume":"1","author":"Rajakumaran","year":"2020","journal-title":"SN Comput. Sci."},{"key":"ref_27","first-page":"140","article-title":"Performance assessment of hybrid MTD for DoS mitigation in public cloud","volume":"2","author":"Rajakumaran","year":"2021","journal-title":"Int. J. Intell. Netw."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Yu, S., and Zhou, W. (2008, January 17\u201321). Entropy-based collaborative detection of DDOS attacks on community networks. Proceedings of the 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom), Hong Kong, China.","DOI":"10.1109\/PERCOM.2008.12"},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"412","DOI":"10.1109\/TPDS.2010.97","article-title":"Traceback of DDoS attacks using entropy variations","volume":"22","author":"Yu","year":"2011","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"426","DOI":"10.1109\/TIFS.2011.2107320","article-title":"Low-rate DDoS attacks detection and traceback by using new information metrics","volume":"6","author":"Xiang","year":"2011","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"101976","DOI":"10.1016\/j.cose.2020.101976","article-title":"Cost-effective moving target defense against DDoS attacks using trilateral game and multi-objective Markov decision processes","volume":"97","author":"Zhou","year":"2020","journal-title":"Comput. Secur."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/3\/1708\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T18:23:32Z","timestamp":1760120612000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/23\/3\/1708"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,2,3]]},"references-count":31,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2023,2]]}},"alternative-id":["s23031708"],"URL":"https:\/\/doi.org\/10.3390\/s23031708","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,2,3]]}}}