Abstract
The escalating distributed denial of service (DDoS) attacks severely threatens the security of the industrial internet of things (IIoT). This paper introduces moving target defense (MTD) as an adaptive solution to fortify IIoT security against DDoS attacks. Dynamically reconfiguring network elements and service placements makes it challenging for attackers to target specific vulnerabilities. We propose an MTD traffic manager (MTDTM) architecture to enable early detection and mitigation of DDoS attacks within resource-constrained edge clouds. A traffic classifier is integrated into our model to intelligently filter incoming traffic, ensuring real-time responsiveness to the demands of IIoT applications. Moreover, dynamic admission rules and relocation of service replicas efficiently distribute the traffic, ensuring the availability of services for legitimate users. Unlike traditional static defense methods, our adaptive approach caters to the evolving DDoS threat landscape of IIoT, safeguarding critical industrial processes. Simulation results validate the efficiency of our algorithm while maintaining an acceptable quality of service. Our research demonstrated a 15% to 20% improvement in service response times compared to existing algorithms. Notably, we achieved significant enhancements in average resource availability during DDoS attacks across various parameter variations.