scholarly journals Mitigating DDoS Attacks in SDN-Based IoT Networks Leveraging Secure Control and Data Plane Algorithm

2021 ◽  
Vol 11 (3) ◽  
pp. 929
Author(s):  
Song Wang ◽  
Karina Gomez ◽  
Kandeepan Sithamparanathan ◽  
Muhammad Rizwan Asghar ◽  
Giovanni Russello ◽  
...  
Keyword(s):  
Denial Of Service ◽  
Network Connectivity ◽  
Network Evolution ◽  
Ddos Attacks ◽  
Level Control ◽  
Secure Control ◽  
Data Plane ◽  
Upper Level ◽  
Iot Devices ◽  
The One

Software-Defined Networking (SDN) and Internet of Things (IoT) are the trends of network evolution. SDN mainly focuses on the upper level control and management of networks, while IoT aims to bring devices together to enable sharing and monitoring of real-time behaviours through network connectivity. On the one hand, IoT enables us to gather status of devices and networks and to control them remotely. On the other hand, the rapidly growing number of devices challenges the management at the access and backbone layer and raises security concerns of network attacks, such as Distributed Denial of Service (DDoS). The combination of SDN and IoT leads to a promising approach that could alleviate the management issue. Indeed, the flexibility and programmability of SDN could help in simplifying the network setup. However, there is a need to make a security enhancement in the SDN-based IoT network for mitigating attacks involving IoT devices. In this article, we discuss and analyse state-of-the-art DDoS attacks under SDN-based IoT scenarios. Furthermore, we verify our SDN sEcure COntrol and Data plane (SECOD) algorithm to resist DDoS attacks on the real SDN-based IoT testbed. Our results demonstrate that DDoS attacks in the SDN-based IoT network are easier to detect than in the traditional network due to IoT traffic predictability. We observed that random traffic (UDP or TCP) is more affected during DDoS attacks. Our results also show that the probability of a controller becoming halt is 10%, while the probability of a switch getting unresponsive is 40%.

scholarly journals Mathematical model on distributed denial of service attack through Internet of things in a network

2019 ◽  
Vol 8 (1) ◽  
pp. 486-495 ◽  
Author(s):  
Bimal Kumar Mishra ◽  
Ajit Kumar Keshri ◽  
Dheeresh Kumar Mallick ◽  
Binay Kumar Mishra
Keyword(s):  
Mathematical Model ◽  
Internet Of Things ◽  
Equilibrium Points ◽  
Denial Of Service ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Denial Of Service Attack ◽  
Different Types ◽  
Service Attack ◽  
Iot Devices

Abstract Internet of Things (IoT) opens up the possibility of agglomerations of different types of devices, Internet and human elements to provide extreme interconnectivity among them towards achieving a completely connected world of things. The mainstream adaptation of IoT technology and its widespread use has also opened up a whole new platform for cyber perpetrators mostly used for distributed denial of service (DDoS) attacks. In this paper, under the influence of internal and external nodes, a two - fold epidemic model is developed where attack on IoT devices is first achieved and then IoT based distributed attack of malicious objects on targeted resources in a network has been established. This model is mainly based on Mirai botnet made of IoT devices which came into the limelight with three major DDoS attacks in 2016. The model is analyzed at equilibrium points to find the conditions for their local and global stability. Impact of external nodes on the over-all model is critically analyzed. Numerical simulations are performed to validate the vitality of the model developed.

scholarly journals Machine-Learning-Enabled DDoS Attacks Detection in P4 Programmable Networks

2021 ◽  
Vol 30 (1) ◽  
Author(s):  
Francesco Musumeci ◽  
Ali Can Fidanci ◽  
Francesco Paolucci ◽  
Filippo Cugini ◽  
Massimo Tornatore
Keyword(s):  
Machine Learning ◽  
Real Time ◽  
Transmission Control Protocol ◽  
Denial Of Service ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Worst Case ◽  
Latency Reduction ◽  
Data Plane ◽  
Network Switches

Abstract Distributed Denial of Service (DDoS) attacks represent a major concern in modern Software Defined Networking (SDN), as SDN controllers are sensitive points of failures in the whole SDN architecture. Recently, research on DDoS attacks detection in SDN has focused on investigation of how to leverage data plane programmability, enabled by P4 language, to detect attacks directly in network switches, with marginal involvement of SDN controllers. In order to effectively address cybersecurity management in SDN architectures, we investigate the potential of Artificial Intelligence and Machine Learning (ML) algorithms to perform automated DDoS Attacks Detection (DAD), specifically focusing on Transmission Control Protocol SYN flood attacks. We compare two different DAD architectures, called Standalone and Correlated DAD, where traffic features collection and attack detection are performed locally at network switches or in a single entity (e.g., in SDN controller), respectively. We combine the capability of ML and P4-enabled data planes to implement real-time DAD. Illustrative numerical results show that, for all tested ML algorithms, accuracy, precision, recall and F1-score are above 98% in most cases, and classification time is in the order of few hundreds of $$\upmu \text {s}$$ μ s in the worst case. Considering real-time DAD implementation, significant latency reduction is obtained when features are extracted at the data plane by using P4 language. Graphic Abstract

scholarly journals ADAPTIVE ENTROPY-BASED DETECTION AND MITIGATION OF DDOS ATTACKS IN SOFTWARE DEFINED NETWORKS

2020 ◽  
pp. 399-410
Author(s):  
Jawad Dalou' ◽  
Basheer Al-Duwairi ◽  
Mohammad Al-Jarrah
Keyword(s):  
Denial Of Service ◽  
Attack Detection ◽  
Point Of View ◽  
Software Defined Networks ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Control Plane ◽  
Data Plane ◽  
And Control ◽  
Sdn Controller

Software Defined Networking (SDN) has emerged as a new networking paradigm that is based on the decoupling between data plane and control plane providing several benefits that include flexible, manageable, and centrally controlled networks. From a security point of view, SDNs suffer from several vulnerabilities that are associated with the nature of communication between control plane and data plane. In this context, software defined networks are vulnerable to distributed denial of service attacks. In particular, the centralization of the SDN controller makes it an attractive target for these attacks because overloading the controller with huge packet volume would result in bringing the whole network down or degrade its performance. Moreover, DDoS attacks may have the objective of flooding a network segment with huge traffic volume targeting single or multiple end systems. In this paper, we propose an entropy-based mechanism for Distributed Denial of Service (DDoS) attack detection and mitigation in SDN networks. The proposed mechanism is based on the entropy values of source and destination IP addresses of flows observed by the SDN controller which are compared to a preset entropy threshold values that change in adaptive manner based on network dynamics. The proposed mechanism has been evaluated through extensive simulation experiments.

scholarly journals AntibIoTic: Protecting IoT Devices Against DDoS Attacks

2017 ◽  
Author(s):  
Michele De Donno ◽  
Nicola Dragoni ◽  
Alberto Giaretta ◽  
Manuel Mazzara
Keyword(s):  
Denial Of Service ◽  
Main Idea ◽  
Denial Of Service Attacks ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Dos Attacks ◽  
The World ◽  
Iot Devices

The 2016 is remembered as the year that showed to the world how dangerous distributed Denial of Service attacks can be. Gauge of the disruptiveness of DDoS attacks is the number of bots involved: the bigger the botnet, the more powerful the attack. This character, along with the increasing availability of connected and insecure IoT devices, makes DDoS and IoT the perfect pair for the malware industry. In this paper we present the main idea behind AntibIoTic, a palliative solution to prevent DoS attacks perpetrated through IoT devices.

scholarly journals Survey of DoS/DDoS attacks in IoT

2021 ◽  
Vol 3 (1) ◽  
pp. 23-28
Author(s):  
Rozan Khader ◽  
Derar Eleyan
Keyword(s):  
Smart Cities ◽  
Denial Of Service ◽  
Wearable Devices ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Iot Security ◽  
Counter Measures ◽  
Security Issues ◽  
Iot Devices ◽  
Internet Of Thing

The term internet of thing (IoT) has gained much popularity in the last decade. Which can be defined as various connected devices over the internet. IoT has rapidly  spread to include all aspects of our lives. For instance, smart houses, smart cities, and variant wearable devices. IoT devices work to do their desired goals, which is to develop a person life with his/her minimal involvement. At the same time, IoT devices have many weaknesses, which attackers exploit to affect these devices security. Denial of Service (DoS) and Distributed Denial of Service (DDoS) are considered the most common attacks that strike IoT security. The main aim of these attacks is to make victim systems down and inaccessible for legitimate users by malicious malware. This paper objective is to discuss and review security issues related to DoS/DDoS Attacks and their counter measures i.e. prevention based on IoT devices layers structure.

Cyber-Physical System and Internet of Things Security

2021 ◽  
pp. 328-357
Author(s):  
Thomas Ulz ◽  
Sarah Haas ◽  
Christian Steger
Keyword(s):  
Internet Of Things ◽  
Public Awareness ◽  
Denial Of Service ◽  
The Internet ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Industrial Iot ◽  
Confidential Data ◽  
Iot Devices ◽  
The Internet Of Things

An increase of distributed denial-of-service (DDoS) attacks launched by botnets such as Mirai has raised public awareness regarding potential security weaknesses in the Internet of Things (IoT). Devices are an attractive target for attackers because of their large number and due to most devices being online 24/7. In addition, many traditional security mechanisms are not applicable for resource constraint IoT devices. The importance of security for cyber-physical systems (CPS) is even higher, as most systems process confidential data or control a physical process that could be harmed by attackers. While industrial IoT is a hot topic in research, not much focus is put on ensuring information security. Therefore, this paper intends to give an overview of current research regarding the security of data in industrial CPS. In contrast to other surveys, this work will provide an overview of the big CPS security picture and not focus on special aspects.

scholarly journals ABS-DDoS: An Agent-Based Simulator about Strategies of Both DDoS Attacks and Their Defenses, to Achieve Efficient Data Forwarding in Sensor Networks and IoT Devices

2018 ◽  
Vol 2018 ◽  
pp. 1-11 ◽  
Author(s):  
Franks González-Landero ◽  
Iván García-Magariño ◽  
Raquel Lacuesta ◽  
Jaime Lloret
Keyword(s):  
Sensor Networks ◽  
Precision Agriculture ◽  
Denial Of Service ◽  
Ambient Assisted Living ◽  
Current Approach ◽  
Ddos Attacks ◽  
Data Forwarding ◽  
Defense Strategies ◽  
Agent Based ◽  
Iot Devices

Sensor networks and Internet of Things (IoT) are useful for many purposes such as military defense, sensing in smart homes, precision agriculture, underwater monitoring in aquaculture, and ambient-assisted living for healthcare. Efficient and secure data forwarding is essential to maintain seamless communications and to provide fast services. However, IoT devices and sensors usually have low processing capabilities and vulnerabilities. For example, attacks such as the Distributed Denial of Service (DDoS) can easily hinder sensor networks and IoT devices. In this context, the current approach presents an agent-based simulation solution for exploring strategies for defending from different DDoS attacks. The current work focuses on obtaining low-consuming defense strategies in terms of processing capabilities, so that these can be applied in sensor networks and IoT devices. The experimental results show that the simulator was useful for (a) defining defense and attack strategies, (b) assessing the effectiveness of defense strategies against attack ones, and (c) defining efficient defense strategies with low response times.

scholarly journals IFACNN: efficient DDoS attack detection based on improved firefly algorithm to optimize convolutional neural networks

2021 ◽  
Vol 19 (2) ◽  
pp. 1280-1303
Author(s):  
Jiushuang Wang ◽  
◽  
Ying Liu ◽  
Huifen Feng
Keyword(s):  
Internet Of Things ◽  
Firefly Algorithm ◽  
Denial Of Service ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Detection Scheme ◽  
Ddos Attack ◽  
Improved Firefly Algorithm ◽  
Iot Devices ◽  
Ddos Attack Detection

<abstract><p>Network security has become considerably essential because of the expansion of internet of things (IoT) devices. One of the greatest hazards of today's networks is distributed denial of service (DDoS) attacks, which could destroy critical network services. Recent numerous IoT devices are unsuspectingly attacked by DDoS. To securely manage IoT equipment, researchers have introduced software-defined networks (SDN). Therefore, we propose a DDoS attack detection scheme to secure the real-time in the software-defined the internet of things (SD-IoT) environment. In this article, we utilize improved firefly algorithm to optimize the convolutional neural network (CNN), to provide detection for DDoS attacks in our proposed SD-IoT framework. Our results demonstrate that our scheme can achieve higher than 99% DDoS behavior and benign traffic detection accuracy.</p></abstract>

scholarly journals DDoS attack detection using deep learning

2021 ◽  
Vol 10 (2) ◽  
pp. 382
Author(s):  
Thapanarath Khempetch ◽  
Pongpisit Wuttidittachotti
Keyword(s):  
Deep Learning ◽  
Short Term Memory ◽  
Denial Of Service ◽  
Attack Detection ◽  
Ddos Attacks ◽  
Ddos Attack ◽  
Attack Surface ◽  
Iot Devices ◽  
Ddos Attack Detection ◽  
Flow Of Information

<span id="docs-internal-guid-58e12f40-7fff-ea30-01f6-fbbed132b03c"><span>Nowadays, IoT devices are widely used both in daily life and in corporate and industrial environments. The use of these devices has increased dramatically and by 2030 it is estimated that their usage will rise to 125 billion devices causing enormous flow of information. It is likely that it will also increase distributed denial-of-service (DDoS) attack surface. As IoT devices have limited resources, it is impossible to add additional security structures to it. Therefore, the risk of DDoS attacks by malicious people who can take control of IoT devices, remain extremely high. In this paper, we use the CICDDoS2019 dataset as a dataset that has improved the bugs and introducing a new taxonomy for DDoS attacks, including new classification based on flows network. We propose DDoS attack detection using the deep neural network (DNN) and long short-term memory (LSTM) algorithm. Our results show that it can detect more than 99.90% of all three types of DDoS attacks. The results indicate that deep learning is another option for detecting attacks that may cause disruptions in the future.</span></span>

scholarly journals Detection and Mitigation of Flood Attacks in IPv6 Enabled Software Defined Networks

2020 ◽  
pp. 1-9
Author(s):  
O. Ashimi Quadri ◽  
Adeniji Oluwashola David
Keyword(s):  
Network Architecture ◽  
Denial Of Service ◽  
Cost Effective ◽  
Centralized Control ◽  
Ddos Attacks ◽  
Control Plane ◽  
Network Resources ◽  
Effective Manner ◽  
Data Plane ◽  
Experimental Testbed

Software-defined networking (SDN) is an emerging technology, which provides network architecture that decouples the control plane from the data plane. Due to the centralized control, the network becomes more dynamic, and the network resources are managed in a more efficient and cost-effective manner. The centralization of the control plane requires robust and real-time security techniques. The security Techniques will protect it from any sign of vulnerabilities associated with the network such as a distributed denial of service (DDoS) attacks. The problem of the data-plane is that the attack is hard to be tracked by the SDN controlling plane. This makes the switches to be more susceptible against these types of attacks and hence it is very important to have quick provisional methods in place to prevent the switches from breaking down as soon as first signs of an attack are detected. To resolve this problem, the research developed a mechanism that detects and mitigates flood attacks in IPv6 enabled software to define networks. An experimental testbed was developed using sFlow technique, floodlight controller, and OpenFlow version 1.3. A mitigation algorithm was also developed and was tested with a simulation tool Mininet. The real network traffic was tested on the testbed to investigate the effective mitigation of a DDoS attack. The mitigation time performance for IPv6 was 46.6% while IPv4 was 66.6%. Also, The result gathered from the experiment showed that both the response and detection times were 4 secs while the mitigation time was 7secs respectively. The overall control time being 11 secs. The experimental Testbed result shows that the developed testbed outperformed the previous methods with the ability to detect threats on the network faster. The result from the IPv6 testbed is a probable solution to mitigate the threats posed by DDoS attacks on the IPv6 enabled SDN network resources.

Sign in / Sign up

Export Citation Format

Share Document