Defending SDN-based IoT Networks Against DDoS Attacks Using Markov Decision Process

The emerging Internet of Things (IoT) has increased the complexity and difficulty of network administration. Fortunately, Software-Defined Networking (SDN) provides an easy and centralized approach to administer a large number of IoT devices and can greatly reduce the workload of network administrators. SDN-based implementation of networks, however, has also introduced new security concerns, such as increasing number of DDoS attacks. This paper introduces an easy and lightweight defense strategy against DDoS attacks on IoT devices in a SDN environment using Markov Decision Process (MDP) in which optimal policies regarding handling network flows are determined with the intention of preventing DDoS attacks.

[1]  Rodrigo Braga,et al.  Lightweight DDoS flooding attack detection using NOX/OpenFlow , 2010, IEEE Local Computer Network Conference.

[2]  Guofei Gu,et al.  Attacking software-defined networks: a first feasibility study , 2013, HotSDN '13.

[3]  Jun Bi,et al.  On the cascading failures of multi-controllers in Software Defined Networks , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[4]  Edjard de Souza Mota,et al.  A replication component for resilient OpenFlow-based networking , 2012, 2012 IEEE Network Operations and Management Symposium.

[5]  Akbar Siami Namin,et al.  A Markov Decision Process to Determine Optimal Policies in Moving Target , 2018, CCS.

[6]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[7]  Ann Gordon-Ross,et al.  An MDP-based application oriented optimal policy for wireless sensor networks , 2009, CODES+ISSS '09.

[8]  Andrei V. Gurtov,et al.  Security in Software Defined Networks: A Survey , 2015, IEEE Communications Surveys & Tutorials.