TCN-Based DDoS Detection and Mitigation in 5G Healthcare-IoT: A Frequency Monitoring and Dynamic Threshold Approach

Mirza Akhi, Ciaran Eising, Lubna Luxmi Dhirani

Research output: Contribution to journalArticlepeer-review

Abstract

The Internet of Things (IoT) revolutionizes precision healthcare by enhancing patient care and reducing costs. However, this technology poses challenges in securing Healthcare-IoT (H-IoT) devices, as low-latency packet transmission increases vulnerability to attacks (e.g., Distributed Denial of Service (DDoS)) in 5G networks. This research develops a monitoring frequency-based detection and dynamic threshold mitigation method using Temporal Convolutional Networks (TCNs) in 5G H-IoT environments. A monitoring frequency-based detection method calculates each H-IoT node's message count over the past five seconds as a percentage of total traffic. A dynamic threshold strategy also provides adaptive security by averaging detected malicious behavior messages across all nodes to determine the base threshold. This approach enhances classification accuracy, effectively mitigates actual DDoS attack nodes, and blacklists malicious nodes without false positives in H-IoT environments. Moreover, this research creates DDoS attack models, monitoring parameters using two simulators (Cooja and ns-3) on H-IoT devices. Data is collected over the Message Queuing Telemetry Transport (MQTT) and User Datagram Protocol (UDP) in a realistic 5G-based H-IoT environment, creating two datasets with malicious and benign data. The proposed TCN-based DDoS prediction and mitigation method achieves 99.98% and 95% accuracy on the MQTT dataset. This model also attains a slightly higher prediction accuracy of 99.99% and mitigation of 80% on the UDP dataset. This research evaluates the proposed model against prior methods, including Bidirectional Long Short-Term Memory (BiLSTM) and Convolutional Neural Networks (CNNs), demonstrating improved accuracy. Thus, the proposed TCN model is a versatile and resilient security solution for H-IoT environments.

Original languageEnglish
Pages (from-to)12709-12733
Number of pages25
JournalIEEE Access
Volume13
DOIs
Publication statusPublished - 2025

Keywords

  • 5G
  • anomaly detection
  • Cooja simulator
  • DDoS attack
  • dynamic thresholding
  • frequency-based detection
  • Healthcare-IoT (H-IoT)
  • MQTT protocol
  • ns-3 simulator
  • security
  • UDP protocol

Fingerprint

Dive into the research topics of 'TCN-Based DDoS Detection and Mitigation in 5G Healthcare-IoT: A Frequency Monitoring and Dynamic Threshold Approach'. Together they form a unique fingerprint.

Cite this