In this study, the performance of three widely used communication protocols in the Internet of Things (IoT), namely HTTP, MQTT, and CoAP, is investigated and compared under Distributed Denial-of-Service (DDoS) attacks. The primary focus of the research is to evaluate system resource consumption and performance stability of these protocols under attack conditions. Key evaluation metrics include CPU usage, RAM usage, and the time required for the system to reach a saturation state. The objective of this study is to provide an empirical analysis of protocol behavior in attack scenarios and to establish a basis for selecting appropriate communication protocols for IoT applications.
The experiments were conducted in a controlled environment over a local area network. The network topology consisted of a central router, three attacker nodes, and one target system. DDoS attacks were simulated by generating a high volume of packets or requests directed at the target system. Malicious traffic was produced using Python-based scripts, with packet transmission rates adjusted across different ranges to evaluate varying attack intensities. Wireshark was employed for network monitoring and traffic analysis, while operating system monitoring tools were used to measure system resource consumption.
In this research, the MQTT protocol was evaluated under different Quality of Service (QoS) levels, including QoS 0, QoS 1, and QoS 2. In UDP-based scenarios, the performance of CoAP was compared with MQTT (QoS 0), whereas in TCP-based scenarios, HTTP was analyzed alongside MQTT (QoS 1 and QoS 2). System saturation was defined as an abnormal and sudden increase or decrease in CPU or memory usage relative to the initial steady-state condition, and the time at which this condition occurred was used as an indicator of protocol resilience.
The CPU usage results indicate that in UDP-based scenarios, CoAP exhibits relatively higher CPU consumption compared to MQTT (QoS 0), while generally maintaining stable performance. In contrast, MQTT (QoS 0) experiences severe performance degradation after a short period in many scenarios, leading to the cessation of request processing. In TCP-based scenarios, HTTP demonstrates more uniform CPU usage compared to MQTT (QoS 1 and QoS 2), whereas MQTT, particularly at QoS 1, shows the highest CPU consumption and the lowest resistance to system saturation.
Memory consumption analysis also reveals significant differences among the protocols. In UDP-based scenarios, CoAP maintains stable RAM usage over time, with no significant fluctuations observed even under attack conditions. Conversely, MQTT (QoS 0) experiences a sharp decline in memory usage after a certain period, indicating system instability during saturation. In TCP-based scenarios, HTTP maintains relatively stable memory usage in most experiments, with occasional drops, while MQTT (QoS 1 and QoS 2) encounters sudden drops in RAM usage in the majority of scenarios.
The analysis of saturation time shows that in UDP-based scenarios with low message sizes, both CoAP and MQTT (QoS 0) exhibit similar stability durations. However, as message size increases, differences in behavior become evident. In some scenarios, MQTT (QoS 0) reaches saturation later than CoAP, while CoAP experiences performance degradation more rapidly. In TCP-based scenarios, HTTP demonstrates longer stability for small message sizes, but its saturation time decreases as message size increases.
Overall, the results of this study indicate that the selection of communication protocols in Internet of Things (IoT) systems has a direct impact on resource consumption and system resilience against DDoS attacks. Lightweight protocols such as CoAP and MQTT (QoS 0) demonstrate better performance in terms of resource usage and the time required to reach saturation. The HTTP protocol also exhibits relatively uniform resource consumption in certain scenarios; however, due to its higher processing and memory overhead compared to lightweight protocols, it shows limitations in overall resilience against DDoS attacks. In contrast, the use of higher QoS levels in MQTT leads to increased resource consumption and reduced system stability. These findings can serve as a practical reference for informed protocol selection in the design of IoT systems. |
