Fog-Assisted SDN Controlled Framework for Enduring Anomaly Detection in an IoT Network

Extensive adoption of intelligent devices with ubiquitous connectivity has increased Internet of Things (IoT) traffic tremendously. The smart devices promise to improve human life through improved safety and security through the implementation of intelligent transportation systems, optimization of power grids, and applications in human health. Devices produce a large amount of data for analytic applications running inside a cloud infrastructure. Unlike core networks, the main objective of an attack on an IoT network is to disrupt the availability of IoT data for the applications by overwhelming devices with information requests. Detection of such an attack cannot be done either in the cloud where the analytical application runs nor on the IoT device itself due to its limited computational resources. Furthermore, the standard networking paradigm does not provide an easy way to instrument and control networking nodes, for an effective mitigation of identified threats. In this paper, we propose a fog-assisted software defined networking (SDN) driven intrusion detection/prevention system (IDPS) for IoT networks. A collocated fog computational arrangement with IoT network equips proposed IDPS for timely identification of various attack models in near real time for effective neutralization of threats using SDN control. We have found our approach more effective from traditional techniques of intrusion detection in the IoT network.

[1]  Mahmoud Ammar,et al.  Journal of Information Security and Applications , 2022 .

[2]  Filip De Turck,et al.  Network Function Virtualization: State-of-the-Art and Research Challenges , 2015, IEEE Communications Surveys & Tutorials.

[3]  Evangelos P. Markatos,et al.  An active splitter architecture for intrusion detection and prevention , 2006, IEEE Transactions on Dependable and Secure Computing.

[4]  Arputharaj Kannan,et al.  Decision tree based light weight intrusion detection using a wrapper approach , 2012, Expert Syst. Appl..

[5]  Sotiris Ioannidis,et al.  MIDeA: a multi-parallel intrusion detection architecture , 2011, CCS '11.

[6]  Mahesh Chandra Govil,et al.  A comparative analysis of SVM and its stacking with other classification algorithm for intrusion detection , 2016, 2016 International Conference on Advances in Computing, Communication, & Automation (ICACCA) (Spring).

[7]  Bu-Sung Lee,et al.  Software defined network based adaptive routing for data replication in Data Centers , 2013, 2013 19th IEEE International Conference on Networks (ICON).

[8]  Adam Dunkels,et al.  Contiki - a lightweight and flexible operating system for tiny networked sensors , 2004, 29th Annual IEEE International Conference on Local Computer Networks.

[9]  Pavle Vuletic,et al.  A transparent and scalable anomaly-based DoS detection method , 2016, Comput. Networks.

[10]  Jiang Zhu,et al.  Fog Computing: A Platform for Internet of Things and Analytics , 2014, Big Data and Internet of Things.

[11]  Yuting Zhang,et al.  Reduction of quality (RoQ) attacks on Internet end-systems , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[12]  John C. Grundy,et al.  An Analysis of the Cloud Computing Security Problem , 2016, APSEC 2010.

[13]  Giovanni Chiola,et al.  Slow DoS attacks: definition and categorisation , 2013, Int. J. Trust. Manag. Comput. Commun..

[14]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[15]  J. Stephen Judd,et al.  Neural network design and the complexity of learning , 1990, Neural network modeling and connectionism.

[16]  Laizhong Cui,et al.  When big data meets software-defined networking: SDN for big data and big data for SDN , 2016, IEEE Network.

[17]  S. Kumar,et al.  Smurf-based Distributed Denial of Service (DDoS) Attack Amplification in Internet , 2007, Second International Conference on Internet Monitoring and Protection (ICIMP 2007).

[18]  Richard R. Brooks,et al.  Deceiving entropy based DoS detection , 2015, Comput. Secur..

[19]  Mark Crovella,et al.  Mining anomalies using traffic feature distributions , 2005, SIGCOMM '05.

[20]  Jugal K. Kalita,et al.  A multi-step outlier-based anomaly detection approach to network-wide traffic , 2016, Inf. Sci..

[21]  Ailton Akira Shinoda,et al.  Using Mininet for emulation and prototyping Software-Defined Networks , 2014, 2014 IEEE Colombian Conference on Communications and Computing (COLCOM).

[22]  Andrei V. Gurtov,et al.  SDN Based Inter-Technology Load Balancing Leveraged by Flow Admission Control , 2013, 2013 IEEE SDN for Future Networks and Services (SDN4FNS).

[23]  Byrav Ramamurthy,et al.  Network Innovation using OpenFlow: A Survey , 2014, IEEE Communications Surveys & Tutorials.

[24]  Thierry Turletti,et al.  A Survey of Software-Defined Networking: Past, Present, and Future of Programmable Networks , 2014, IEEE Communications Surveys & Tutorials.

[25]  Tom H. Luan,et al.  Fog Computing: Focusing on Mobile Users at the Edge , 2015, ArXiv.

[26]  Khin Mi Mi Aung,et al.  A loss-free multipathing solution for data center network using software-defined networking approach , 2012, 2012 Digest APMRC.

[27]  Ibrahim Khalil,et al.  Design and implementation of a secure cloud-based billing model for smart meters as an Internet of things using homomorphic cryptography , 2017, Future Gener. Comput. Syst..

[28]  Gaurang Panchal,et al.  Behaviour Analysis of Multilayer Perceptrons with Multiple Hidden Neurons and Hidden Layers , 2011 .

[29]  B. B. Gupta,et al.  Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a Cloud computing environment , 2017, Neural Computing and Applications.

[30]  Munesh Chandra Trivedi,et al.  Detection techniques of DDoS attacks: A survey , 2017, 2017 4th IEEE Uttar Pradesh Section International Conference on Electrical, Computer and Electronics (UPCON).

[31]  Klara Nahrstedt,et al.  Safety, Security, and Privacy Threats Posed by Accelerating Trends in the Internet of Things , 2020, ArXiv.

[32]  Victor C. M. Leung,et al.  FADE: Forwarding Assessment Based Detection of Collaborative Grey Hole Attacks in WMNs , 2013, IEEE Transactions on Wireless Communications.

[33]  Lida Xu,et al.  The internet of things: a survey , 2014, Information Systems Frontiers.

[34]  R. R. Rejimol Robinson,et al.  Ranking of machine learning algorithms based on the performance in classifying DDoS attacks , 2015, 2015 IEEE Recent Advances in Intelligent Computational Systems (RAICS).

[35]  Narmeen Zakaria Bawany,et al.  DDoS Attack Detection and Mitigation Using SDN: Methods, Practices, and Solutions , 2017, Arabian Journal for Science and Engineering.

[36]  B. B. Gupta,et al.  Security in Internet of Things: issues, challenges, taxonomy, and architecture , 2017, Telecommunication Systems.

[37]  Nour Moustafa,et al.  UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set) , 2015, 2015 Military Communications and Information Systems Conference (MilCIS).

[38]  Laura Galluccio,et al.  SDN-WISE: Design, prototyping and experimentation of a stateful SDN solution for WIreless SEnsor networks , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[39]  Basil S. Maglaris,et al.  Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments , 2014, Comput. Networks.

[40]  Raouf Boutaba,et al.  PolicyCop: An Autonomic QoS Policy Enforcement Framework for Software Defined Networks , 2013, 2013 IEEE SDN for Future Networks and Services (SDN4FNS).

[41]  Rodrigo Roman,et al.  Mobile Edge Computing, Fog et al.: A Survey and Analysis of Security Threats and Challenges , 2016, Future Gener. Comput. Syst..

[42]  Jugal K. Kalita,et al.  An empirical evaluation of information metrics for low-rate and high-rate DDoS attack detection , 2015, Pattern Recognit. Lett..

[43]  Tao Zhang,et al.  Fog and IoT: An Overview of Research Opportunities , 2016, IEEE Internet of Things Journal.

[44]  Yonghong Chen,et al.  DDoS Detection Method Based on Chaos Analysis of Network Traffic Entropy , 2014, IEEE Communications Letters.

[45]  Atay Ozgovde,et al.  How Can Edge Computing Benefit From Software-Defined Networking: A Survey, Use Cases, and Future Directions , 2017, IEEE Communications Surveys & Tutorials.

[46]  Winston Khoon Guan Seah,et al.  A new multi classifier system using entropy-based features in DDoS attack detection , 2018, 2018 International Conference on Information Networking (ICOIN).

[47]  Hui Li,et al.  A Parallel Intrusion Detection System for High-Speed Networks , 2004, ACNS.