Securing Smart Homes via Software-Defined Networking and Low-Cost Traffic Classification

IoT devices have become popular targets for various network attacks due to their lack of industry-wide security standards. In this work, we focus on the classification of smart home IoT devices and defending them against Distributed Denial of Service (DDoS) attacks. The proposed framework protects smart homes by using VLAN-based network isolation. This architecture includes two VLANs: one with non-verified devices and the other with verified devices, both of which are managed by a SDN controller. Lightweight, stateless flow-based features, including ICMP, TCP and UDP protocol percentage, packet count and size, and IP diversity ratio, are proposed for efficient feature collection. Further analysis is performed to minimize training data to run on resource-constrained edge devices in smart home networks. Three popular machine learning models, including K-Nearest-Neighbors, Random Forest, and Support Vector Machines, are used to classify IoT devices and detect different DDoS attacks based on TCP-SYN, UDP, and ICMP. The system’s effectiveness and efficiency are evaluated by emulating a network consisting of an Open vSwitch, Faucet SDN controller, and flow traces of several IoT devices from two different testbeds. The proposed framework achieves an average accuracy of 97%in device classification and 98% in DDoS detection with average latency of 1.18 milliseconds.

[1]  Min Huang,et al.  OpenFlow-based low-overhead and high-accuracy SDN measurement framework , 2018, Trans. Emerg. Telecommun. Technol..

[2]  A. Matrawy,et al.  Bottleneck Analysis of Traffic Monitoring using Wireshark , 2007, 2007 Innovations in Information Technologies (IIT).

[3]  Theophilus A. Benson,et al.  Detecting Volumetric Attacks on loT Devices via SDN-Based Monitoring of MUD Activity , 2019, SOSR.

[4]  Fernando A. Kuipers,et al.  SDN and Virtualization Solutions for the Internet of Things: A Survey , 2016, IEEE Access.

[5]  May Aye Chan Aung,et al.  Detection and mitigation of wireless link layer attacks , 2017, 2017 IEEE 15th International Conference on Software Engineering Research, Management and Applications (SERA).

[6]  Hui Zhao,et al.  DDoS Attack Identification and Defense Using SDN Based on Machine Learning Method , 2018, 2018 15th International Symposium on Pervasive Systems, Algorithms and Networks (I-SPAN).

[7]  Ayman I. Kayssi,et al.  Software Defined IoT security framework , 2017, 2017 Fourth International Conference on Software Defined Systems (SDS).

[8]  Ayman I. Kayssi,et al.  IoT survey: An SDN and fog computing perspective , 2018, Comput. Networks.

[9]  J. Haskel,et al.  The Internet of Things and economic growth in a panel of countries , 2019, Economics of Innovation and New Technology.

[10]  Nick Feamster,et al.  Machine Learning DDoS Detection for Consumer Internet of Things Devices , 2018, 2018 IEEE Security and Privacy Workshops (SPW).

[11]  Wei Ni,et al.  Anatomy of Threats to the Internet of Things , 2019, IEEE Communications Surveys & Tutorials.

[12]  Ramesh Karri,et al.  Deep Packet Field Extraction Engine (DPFEE): A pre-processor for network intrusion detection and denial-of-service detection systems , 2015, 2015 33rd IEEE International Conference on Computer Design (ICCD).

[13]  Jinshu Su,et al.  OverWatch: A Cross-Plane DDoS Attack Defense Framework with Collaborative Intelligence in SDN , 2018, Secur. Commun. Networks.

[14]  Vijay Sivaraman,et al.  Classifying IoT Devices in Smart Environments Using Network Traffic Characteristics , 2019, IEEE Transactions on Mobile Computing.

[15]  Amiya Nayak,et al.  An Intelligent Traffic Classification in SDN-IoT: A Machine Learning Approach , 2020, 2020 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom).

[16]  Guangxia Xu,et al.  SDN-Based Data Transfer Security for Internet of Things , 2018, IEEE Internet of Things Journal.

[17]  Carey E. Priebe,et al.  Sparse Projection Oblique Randomer Forests , 2015, J. Mach. Learn. Res..

[18]  Yao Zheng,et al.  DDoS Attack Protection in the Era of Cloud Computing and Software-Defined Networking , 2014, 2014 IEEE 22nd International Conference on Network Protocols.

[19]  Guangjie Han,et al.  Policy and network-based intrusion detection system for IPv6-enabled wireless sensor networks , 2014, 2014 IEEE International Conference on Communications (ICC).

[20]  Mohammad Reza Parsaei,et al.  Network Traffic Classification using Machine Learning Techniques over Software Defined Networks , 2017 .

[21]  Erman Özer,et al.  Detection of DDoS attack via deep packet analysis in real time systems , 2017, 2017 International Conference on Computer Science and Engineering (UBMK).

[22]  David K. Y. Yau,et al.  Realtime DDoS Defense Using COTS SDN Switches via Adaptive Correlation Analysis , 2018, IEEE Transactions on Information Forensics and Security.

[23]  Ali Kashif Bashir,et al.  Towards sFlow and adaptive polling sampling for deep learning based DDoS detection in SDN , 2020, Future Gener. Comput. Syst..

[24]  Khin Mi Mi Aung,et al.  A Survey on SDN Based Security in Internet of Things , 2018 .

[25]  Behnam Dezfouli,et al.  The Impact of DoS Attacks onResource-constrained IoT Devices: A Study on the Mirai Attack , 2021, ArXiv.

[26]  Sufian Hameed,et al.  Understanding Security Requirements and Challenges in Internet of Things (IoT): A Review , 2019, J. Comput. Networks Commun..

[27]  Jingyu Wang,et al.  DEEP NEURAL NETWORKS FOR APPLICATION AWARENESS IN SDN-BASED NETWORK , 2018, 2018 IEEE 28th International Workshop on Machine Learning for Signal Processing (MLSP).

[28]  Behnam Dezfouli,et al.  A Quantitative Study of DDoS and E-DDoS Attacks on WiFi Smart Home Devices , 2020, IEEE Internet of Things Journal.

[29]  Qi Lu,et al.  System Design of Network Data classification Based on Deep Packet Inspection , 2021 .

[30]  Jon Crowcroft,et al.  TCP in the Internet of Things: From Ostracism to Prominence , 2018, IEEE Internet Computing.

[31]  Jin-Hee Han,et al.  Security considerations for secure and trustworthy smart home system in the IoT environment , 2015, 2015 International Conference on Information and Communication Technology Convergence (ICTC).

[32]  Tam N. Nguyen,et al.  The Challenges in ML-Based Security for SDN , 2018, 2018 2nd Cyber Security in Networking Conference (CSNet).

[33]  Raouf Boutaba,et al.  PayLess: A low cost network monitoring framework for Software Defined Networks , 2014, 2014 IEEE Network Operations and Management Symposium (NOMS).

[34]  Sufian Hameed,et al.  SDN Based Collaborative Scheme for Mitigation of DDoS Attacks , 2018, Future Internet.

[35]  Gaël Varoquaux,et al.  Scikit-learn: Machine Learning in Python , 2011, J. Mach. Learn. Res..

[36]  Chao Wang,et al.  DDoS Attack Detection Using Flow Entropy and Clustering Technique , 2015, 2015 11th International Conference on Computational Intelligence and Security (CIS).