electronics Article A Framework for Mitigating DDoS and DOS Attacks in IoT Environment Using Hybrid Approach Abdulrahman Aminu Ghali *, Rohiza Ahmad and Hitham Alhussian   Citation: Ghali, A.A.; Ahmad, R.; Alhussian, H. A Framework for Mitigating DDoS and DOS Attacks in IoT Environment Using Hybrid Approach. Electronics 2021, 10, 1282. https://doi.org/10.3390/ electronics10111282 Academic Editors: Sang-Soo Yeo and Damien Sauveron Received: 24 April 2021 Accepted: 24 May 2021 Published: 27 May 2021 Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affil- iations. Copyright: © 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https:// creativecommons.org/licenses/by/ 4.0/). Computer & Information Sciences Department, Universiti Teknologi PETRONAS, Seri Iskandar 32610, Perak Darul Ridzuan, Malaysia; rohiza_ahmad@utp.edu.my (R.A.); seddig.alhussian@utp.edu.my (H.A.) * Correspondence: aminuabdulrahman81@yahoo.com Abstract: The Internet of Things (IoT) has gained remarkable acceptance from millions of individuals. This is evident in the extensive use of intelligent devices such as smartphones, smart television, speakers, air conditioning, lighting, and high-speed networks. The general application area of IoT includes industries, hospitals, schools, homes, sports, oil and gas, automobile, and entertainment, to mention a few. However, because of the unbounded connection of IoT devices and the lack of a specific method for overseeing communication, security concerns such as distributed denial of service (DDoS), denial of service (DoS), replay, botnet, social engineering, man-in-the-middle, and brute force attacks have posed enormous challenges in the IoT environment. Regarding these enormous challenges, this study focuses on DDoS and DoS attacks. These two attacks have the most severe consequences in the IoT environment. The solution proposed in this study can also help future researchers tackle the expansion of IoT security threats. Moreover, the study conducts rigorous experiments to assess the efficiency of the proposed approach. In summary, the experimental results show that the proposed hybrid approach mitigates data exfiltration caused by DDoS and DoS attacks by 95.4%, with average network lifetime, energy consumption, and throughput improvements of 15%, 25%, and 60%, respectively. Keywords: IoT; DDoS; DoS; security challenges; LEACH 1. Introduction The Internet of Things (IoT) has proven to be a new trend for government, education, sports, industries, military, and oil and gas. It is projected that the acceptance of IoT will keep growing. Nowadays, there are over 23 billion IoT-connected devices worldwide. This number will continue to rise until it reaches 30 billion by the year 2025, and perhaps over 60 billion by the end of 2030 [1,2]. The fundamental idea of IoT is linking up smart devices to communicate through the internet. These smart devices are equipped with sensors connected to the internet that are uniquely identifiable, communicating with each other to perform complex tasks [3,4]. As such, these devices require the ability to collect, process, and transmit data through various channels [5]. The advent of the IoT has provided industries like oil and gas, transportation, health- care, education, homes, sports, and automobile industries with new and innovative ways of handling business operations, including procurement, manufacturing, and the distribution of goods and services [6,7]. The advantage of the IoT is that it enables devices (things) to send and receive data from one another when connected, and to control the operations of other devices remotely [8]. For instance, IoT can be employed for a smooth gas pipeline op- eration, where a temperature sensor attached to the gas pipeline can aid the endeavor. The sensor emits readings to an engineer’s mobile phone, who can then remotely shut off the pipeline in case of a data abnormality. This occurs because of the unbounded connections of IoT devices, which communicate with one another. On the other hand, because of the Electronics 2021, 10, 1282. https://doi.org/10.3390/electronics10111282 https://www.mdpi.com/journal/electronics