RTED-SD: A Real-Time Edge Detection Scheme for Sybil DDoS in the Internet of Vehicles

As the increasing popularity and development of the Internet of Vehicles (IoV), it is important to ensure the reliability and safety for IoV. However, communicating in an open-access environment makes road safety, communication security and privacy issues facing great challenges. Also, the high requirement of real-time detection and reponse to the security issues makes edge detection a more and more important research subject. Among all the challenges, Sybil Denial of Service (DoS) Attack is one of the most severe threats to the IoV safety, which can lead to traffic jams and other safety issues. In this paper, we introduce a Real-Time Edge Detection Scheme for Sybil DDoS in IoV. We use the entropy theory to quantify the traffic distribution, and further design an algorithm named Fast Quartile Deviation Check (FQDC) to recognize and locate the attack. Furthermore, because of the calculation limit in IoV scenarios, we also optimize the calculation with some useful techniques, such as the optimized sliding window, the incremental calculation of entropy values and make it suitable for the IoV environment. Finally, we proposed a temporal index. Temporal False Omission Rate (TFOR), to measure the performance of response speed and omission rate. In our evaluation, we successfully detect all the Sybil DDoS attacks provided in the F2MD datasets, and have the average alarm delay of 4.9193 seconds, and the average TFOR of 1.6024%.