An intelligent security architecture for sdn-assisted iot networks

Download
2021-1-26
Demirpolat, Ahmed
The rise of the Internet of Things (IoT) paradigm in the past decade has had a significant impact on all aspects of our lives through the many use cases it has made possible, including smart farming, smart homes, and remote healthcare services, among many others. While the number of smart devices and utilization scenarios aimed at supporting them grow exponentially, the large attack surface created by the interconnectivity of millions of these devices is a concerning aspect that needs to be addressed with intelligent intrusion detection and prevention techniques. This dissertation proposes a highly available software-defined network-based intelligent security architecture for IoT networks. It utilizes a weighted average ensemble model, comprised of a fewshot learning classifier, namely Prototypical Networks, and Support Vector Machines (SVM), for highly accurate intrusion detection. Also, we propose to deploy the SDN controller and network function virtualization (NFV) solutions as micro-services into a Kubernetes cluster in a public cloud to provide high availability and uptime. We evaluate the attack detection performance of the proposed model with the recently released Bot-IoT dataset consisting of real-world IoT network flows, as well as an SDN dataset we generated and the UNSW-NB15 intrusion detection dataset, and show that the proposed model achieves significantly better performance than state-of-the-art machine learning models for intrusion detection in the absence of large amounts of sample attacks in the training data. We also experimented with the attack mitigation module’s performance in a Kubernetes cluster in the public cloud, with end-to-end tests. By building up different network topologies, we showed the efficacy of the proposed solution not only with the attack detection tests but also with the attack prevention scenarios. Besides the time measurements in preventing cyber-attacks, we observed the effects of the proposed security mechanism on normal traffic and proved that the proposed solution does not cause an additional burden on the SDN controller. The proposed architecture is promising to achieve intelligent security in the future’s ubiquitous IoT networks with its low processing overhead and high intrusion detection accuracy.

Suggestions

A Novel SDN Dataset for Intrusion Detection in IoT Networks
Sarica, Alper Kaan; Angın, Pelin (2020-11-04)
The number of Internet of Things (IoT) devices and the use cases they aim to support have increased sharply in the past decade with the rapid developments in wireless networking infrastructures. Despite many advantages, the widespread use of IoT has also created a large attack surface frequently exploited by cyber criminals, requiring real-time, automated detection and mitigation of various attacks in the high-volume network traffic generated. Software-defined networking (SDN) and machine learning (ML) base...
A Case for Societal Digital Security Culture
BEN OTHMANE, Lotfi; WEFFERS, Harold; RANCHAL, Rohit; Angın, Pelin; BHARGAVA, Bharat; MOHAMAD, Mohd M (2013-07-10)
Information and communication technology systems, such as remote health care monitoring and smart mobility applications, have become indispensable parts of our lives. Security vulnerabilities in these systems could cause financial losses, privacy/safety compromises, and operational interruptions. This paper demonstrates through examples, that technical security solutions for these information systems, alone, are not sufficient to protect individuals and their assets from attacks. It proposes to complement (...
A Cloud Based Architecture for Distributed Real Time Processing of Continuous Queries
Gökalp, Mert Onuralp; Koçyiğit, Altan; Department of Information Systems (2015)
The technological advancements in Internet of Things (IoT) domain have enabled us to reshape the physical world through smart devices, sensors and actuators. The data collected by IoT devices has become a valuable asset to extract knowledge about the environment and other nearby devices. Existing IoT applications mostly store collected data in a central server and allow users to query stored data to notice and react to changes in the environment. Usually cloud and big data technologies are utilized in those...
Protedge: A few-shot ensemble learning approach to software-defined networking-assisted edge security
Demirpolat, Ahmed; Sarica, Alper Kaan; Angın, Pelin (2020-10-01)
The rise of the Internet of Things (IoT) paradigm has had a significant impact on our lives through many use cases including smart farming, smart homes, and smart healthcare among others. Due to the capacity-constrained nature of many IoT devices, edge computing has become a significant aid for IoT, replacing cloud computing to support the extremely low latency requirements. With the number of smart devices growing exponentially, the large attack surface created by these devices is concerning. Software-defi...
A Cloud Based Architecture for Distributed Real Time Processing of Continuous Queries
Gökalp, Mert Onuralp; Koçyiğit, Altan; Eren, Pekin Erhan (2015-08-28)
With the rapid pace of technological advancements in smart device, sensor and actuator technologies, the Internet of Things (IoT) domain has received significant attention. These advances have brought us closer to the ubiquitous computing vision. However, in order to fully realize this vision, devices and applications should rapidly adapt to the changes in the environment and other nearby devices. Most of the existing applications store collected data in a data store and allow users to query stored data to ...
Citation Formats
A. Demirpolat, “An intelligent security architecture for sdn-assisted iot networks,” Ph.D. - Doctoral Program, Middle East Technical University, 2021.