Open Access

ARTICLE

Design the IoT Botnet Defense Process for Cybersecurity in Smart City

Donghyun Kim¹, Seungho Jeon², Jiho Shin³, Jung Taek Seo^4,*

1 Department of Information Security, Gachon University, Seongnam, 13120, Korea
2 Department of Smart Security, Gachon University, Seongnam, 13120, Korea
3 Police Science Institute, Korean National Police University, Asan, 31539, Korea
4 Department of Computer Engineering, Gachon University, Seongnam, 13120, Korea

* Corresponding Author: Jung Taek Seo. Email:

(This article belongs to the Special Issue: Advanced Achievements of Intelligent and Secure Systems for the Next Generation Computing)

Intelligent Automation & Soft Computing 2023, 37(3), 2979-2997. https://doi.org/10.32604/iasc.2023.040019

Received 28 February 2023; Accepted 18 May 2023; Issue published 11 September 2023

Abstract

The smart city comprises various infrastructures, including healthcare, transportation, manufacturing, and energy. A smart city’s Internet of Things (IoT) environment constitutes a massive IoT environment encompassing numerous devices. As many devices are installed, managing security for the entire IoT device ecosystem becomes challenging, and attack vectors accessible to attackers increase. However, these devices often have low power and specifications, lacking the same security features as general Information Technology (IT) systems, making them susceptible to cyberattacks. This vulnerability is particularly concerning in smart cities, where IoT devices are connected to essential support systems such as healthcare and transportation. Disruptions can lead to significant human and property damage. One representative attack that exploits IoT device vulnerabilities is the Distributed Denial of Service (DDoS) attack by forming an IoT botnet. In a smart city environment, the formation of IoT botnets can lead to extensive denial-of-service attacks, compromising the availability of services rendered by the city. Moreover, the same IoT devices are typically employed across various infrastructures within a smart city, making them potentially vulnerable to similar attacks. This paper addresses this problem by designing a defense process to effectively respond to IoT botnet attacks in smart city environments. The proposed defense process leverages the defense techniques of the MITRE D3FEND framework to mitigate the propagation of IoT botnets and support rapid and integrated decision-making by security personnel, enabling an immediate response.

---

Keywords

---