Enhancing IoT Security: An Optimization Algorithm for Fog Layer-Based DDoS Attack Mitigation Framework

Mehdi Ebady  Manaa; Fryal Jassim  Abd Al-Razaq; Hussein A. A.  Al-Khamees

doi:10.24996/ijs.2025.66.2.19

Authors

Mehdi Ebady Manaa Department of Artificial Intelligence, College of Science, Al-Mustaqbal University, 51001, Babylon, Iraq / Department of Information Technology, Information Technology College, University of Babylon, Babylon, Iraq https://orcid.org/0000-0001-6498-8562
Fryal Jassim Abd Al-Razaq Department of Software, College of Information Technology, University of Babylon, Babylon, Iraq
Hussein A. A. Al-Khamees Department of Computer Techniques Engineering, Engineering, College of Engineering and Engineering Techniques, Al-Mustaqbal University, 51001, Babylon, Iraq

DOI:

https://doi.org/10.24996/ijs.2025.66.2.19

Keywords:

Anomaly Detection, Internet of Things (ioT), DDoS Mitigation, Fog Computing, Classification Algorithms

Abstract

The Internet of Things (IoT) refers to a network comprised of interconnected items, including computing devices and digital gadgets. Cloud-based IoT infrastructures are vulnerable to distributed denial of service (DDoS) attacks. A DDoS attack has the potential to incapacitate a server for an extended duration, resulting in service disruptions as a consequence of overwhelming system resources. This research presents a novel framework for mitigating DDoS attacks in IoT networks. The proposed system leverages the fog-cloud architecture to provide efficient, lightweight, and precise attack mitigation. Notably, the mitigation process is executed at the fog layer. The suggested fog layer uses Particle Swarm Optimization (PSO) to make allocating resources easier, which makes it possible for the mitigation framework to be set up quickly. This approach addresses the challenges associated with resource management on resource-constrained IoT devices. The mitigation framework uses the Fitness Leader Optimization (FLO) approach to construct a trained database, taking into consideration factors such as the needed time, the size of the request, and the number of created requests. The FLO system employs multilayer perceptron (MLP), k-nearest neighbors (KNN), and support vector machine (SVM) classification algorithms to effectively mitigate the assault. The results of this study show that adding classification algorithms to our framework made it easier to test networks for Internet of Things (IoT) devices, especially when the Particle Swarm Optimization (PSO) method was used together. The mitigation framework demonstrates a minimized fitness value of 0.284556 seconds, showcasing enhanced resource utilization and processing time optimization for IoT nodes and servers in a distributed fog environment. The total average of resource utilization is improved to 6.0850%, processing time is decreased to 17.0397, and fitness value is decreased to 0.0258 seconds in the proposed DDoS attack mitigation system. The machine learning classification model achieves high accuracy, with SVM leading at 99.6785% compared to others, emphasizing the robustness of the proposed framework in securing IoT networks.