Mitigating DDoS Attacks in SDN-Based IoT Networks Leveraging Secure Control and Data Plane Algorithm

Software-Defined Networking (SDN) and Internet of Things (IoT) are the trends of network evolution. SDN mainly focuses on the upper level control and management of networks, while IoT aims to bring devices together to enable sharing and monitoring of real-time behaviours through network connectivity. On the one hand, IoT enables us to gather status of devices and networks and to control them remotely. On the other hand, the rapidly growing number of devices challenges the management at the access and backbone layer and raises security concerns of network attacks, such as Distributed Denial of Service (DDoS). The combination of SDN and IoT leads to a promising approach that could alleviate the management issue. Indeed, the flexibility and programmability of SDN could help in simplifying the network setup. However, there is a need to make a security enhancement in the SDN-based IoT network for mitigating attacks involving IoT devices. In this article, we discuss and analyse state-of-the-art DDoS attacks under SDN-based IoT scenarios. Furthermore, we verify our SDN sEcure COntrol and Data plane (SECOD) algorithm to resist DDoS attacks on the real SDN-based IoT testbed. Our results demonstrate that DDoS attacks in the SDN-based IoT network are easier to detect than in the traditional network due to IoT traffic predictability. We observed that random traffic (UDP or TCP) is more affected during DDoS attacks. Our results also show that the probability of a controller becoming halt is 10%, while the probability of a switch getting unresponsive is 40%.

[1]  Yacine Ghamri-Doudane,et al.  Self-Organized SDN Controller Cluster Conformations against DDoS Attacks Effects , 2016, 2016 IEEE Global Communications Conference (GLOBECOM).

[2]  Tao Xiaofeng,et al.  SDN based next generation Mobile Network with Service Slicing and trials , 2014, China Communications.

[3]  Zhiyang Li,et al.  An Efficient DDoS Detection with Bloom Filter in SDN , 2016, 2016 IEEE Trustcom/BigDataSE/ISPA.

[4]  J. Naren,et al.  Field Monitoring and Automation Using IOT in Agriculture Domain , 2016 .

[5]  Gregory Blanc,et al.  ArOMA: An SDN based autonomic DDoS mitigation framework , 2017, Comput. Secur..

[6]  Sungrae Cho,et al.  A feasible method to combat against DDoS attack in SDN network , 2015, 2015 International Conference on Information Networking (ICOIN).

[7]  Jong Hyuk Park,et al.  OpCloudSec: Open cloud software defined wireless network security for the Internet of Things , 2018, Comput. Commun..

[8]  Xiangyang Li,et al.  An SDN-supported collaborative approach for DDoS flooding detection and containment , 2015, MILCOM 2015 - 2015 IEEE Military Communications Conference.

[9]  T. Chithralekha,et al.  Resource management of switches and Controller during saturation time to avoid DDoS in SDN , 2016, 2016 IEEE International Conference on Engineering and Technology (ICETECH).

[10]  Gerhard P. Hancke,et al.  A Survey on 5G Networks for the Internet of Things: Communication Technologies and Challenges , 2018, IEEE Access.

[11]  Javier Carmona-Murillo,et al.  Detection and Mitigation of DoS and DDoS Attacks in IoT-Based Stateful SDN: An Experimental Approach , 2020, Sensors.

[12]  L. Javier García-Villalba,et al.  SDN: Evolution and Opportunities in the Development IoT Applications , 2014, Int. J. Distributed Sens. Networks.

[13]  P. Fettke,et al.  Industry 4.0 , 2014, Bus. Inf. Syst. Eng..

[14]  Jagdeep Singh,et al.  Detection and mitigation of DDoS attacks in SDN: A comprehensive review, research challenges and future directions , 2020, Comput. Sci. Rev..

[15]  James Michaelis,et al.  SPF: An SDN-based middleware solution to mitigate the IoT information explosion , 2016, 2016 IEEE Symposium on Computers and Communication (ISCC).

[16]  Hyoungshick Kim,et al.  DDoS Attack Mitigation in Internet of Things Using Software Defined Networking , 2017, 2017 IEEE Third International Conference on Big Data Computing Service and Applications (BigDataService).

[17]  In Lee,et al.  The Internet of Things (IoT): Applications, investments, and challenges for enterprises , 2015 .

[18]  Yan Zhen,et al.  Application of Internet of Things in Smart Grid Power Transmission , 2012, 2012 Third FTRA International Conference on Mobile, Ubiquitous, and Intelligent Computing.

[19]  Lei Guo,et al.  An Efficient SDN-Based DDoS Attack Detection and Rapid Response Platform in Vehicular Networks , 2018, IEEE Access.

[20]  Tzonelih Hwang,et al.  BSN-Care: A Secure IoT-Based Modern Healthcare System Using Body Sensor Network , 2016, IEEE Sensors Journal.

[21]  F. R. Yu,et al.  Effective software-defined networking controller scheduling method to mitigate DDoS attacks , 2017 .

[22]  Jose Ordonez-Lucena,et al.  Network Slicing for 5G with SDN/NFV: Concepts, Architectures, and Challenges , 2017, IEEE Communications Magazine.

[23]  S. Mercy Shalinie,et al.  Learning-Driven Detection and Mitigation of DDoS Attack in IoT via SDN-Cloud Architecture , 2020, IEEE Internet of Things Journal.

[24]  Shashank Srivastava,et al.  Analyzing behavior of DDoS attacks to identify DDoS detection features in SDN , 2017, 2017 9th International Conference on Communication Systems and Networks (COMSNETS).

[25]  S. S. Sonavane,et al.  Smart Poultry Farm Monitoring Using IOT and Wireless Sensor Networks , 2016 .

[26]  Maurizio Morisio,et al.  Connected Car , 2016, ACM Comput. Surv..

[27]  Xiaojiang Du,et al.  A detection method for a novel DDoS attack against SDN controllers by vast new low-traffic flows , 2016, 2016 IEEE International Conference on Communications (ICC).

[28]  H. Kim,et al.  A SDN-oriented DDoS blocking scheme for botnet-based attacks , 2014, 2014 Sixth International Conference on Ubiquitous and Future Networks (ICUFN).

[29]  Ioannis Chatzigiannakis,et al.  Developing an IoT Smart City framework , 2013, IISA 2013.

[30]  Tooska Dargahi,et al.  A Survey on the Security of Stateful SDN Data Planes , 2017, IEEE Communications Surveys & Tutorials.

[31]  Deepak Puthal,et al.  Building Scalable Cyber-Physical-Social Networking Infrastructure Using IoT and Low Power Sensors , 2018, IEEE Access.

[32]  Marc St-Hilaire,et al.  Early detection of DDoS attacks against SDN controllers , 2015, 2015 International Conference on Computing, Networking and Communications (ICNC).

[33]  Joaquín B. Ordieres Meré,et al.  Smart factories in Industry 4.0: A review of the concept and of energy management approached in production based on the Internet of Things paradigm , 2014, 2014 IEEE International Conference on Industrial Engineering and Engineering Management.

[34]  Christian Damsgaard Jensen,et al.  The application of Software Defined Networking on securing computer networks: A survey , 2019, J. Netw. Comput. Appl..

[35]  Ling Zhihao,et al.  The research and implement of smart home system based on Internet of Things , 2011, 2011 International Conference on Electronics, Communications and Control (ICECC).

[36]  Deokjai Choi,et al.  Time-based DDoS detection and mitigation for SDN controller , 2015, 2015 17th Asia-Pacific Network Operations and Management Symposium (APNOMS).

[37]  S. Revathi,et al.  DDoS Detection and Alleviation in IoT using SDN (SDIoT-DDoS-DA) , 2020 .

[38]  Sufian Hameed,et al.  Leveraging SDN for collaborative DDoS mitigation , 2017, 2017 International Conference on Networked Systems (NetSys).