An intelligent security architecture for sdn-assisted iot networks

Demirpolat, Ahmed
The rise of the Internet of Things (IoT) paradigm in the past decade has had a significant impact on all aspects of our lives through the many use cases it has made possible, including smart farming, smart homes, and remote healthcare services, among many others. While the number of smart devices and utilization scenarios aimed at supporting them grow exponentially, the large attack surface created by the interconnectivity of millions of these devices is a concerning aspect that needs to be addressed with intelligent intrusion detection and prevention techniques. This dissertation proposes a highly available software-defined network-based intelligent security architecture for IoT networks. It utilizes a weighted average ensemble model, comprised of a fewshot learning classifier, namely Prototypical Networks, and Support Vector Machines (SVM), for highly accurate intrusion detection. Also, we propose to deploy the SDN controller and network function virtualization (NFV) solutions as micro-services into a Kubernetes cluster in a public cloud to provide high availability and uptime. We evaluate the attack detection performance of the proposed model with the recently released Bot-IoT dataset consisting of real-world IoT network flows, as well as an SDN dataset we generated and the UNSW-NB15 intrusion detection dataset, and show that the proposed model achieves significantly better performance than state-of-the-art machine learning models for intrusion detection in the absence of large amounts of sample attacks in the training data. We also experimented with the attack mitigation module’s performance in a Kubernetes cluster in the public cloud, with end-to-end tests. By building up different network topologies, we showed the efficacy of the proposed solution not only with the attack detection tests but also with the attack prevention scenarios. Besides the time measurements in preventing cyber-attacks, we observed the effects of the proposed security mechanism on normal traffic and proved that the proposed solution does not cause an additional burden on the SDN controller. The proposed architecture is promising to achieve intelligent security in the future’s ubiquitous IoT networks with its low processing overhead and high intrusion detection accuracy.
Citation Formats
A. Demirpolat, “An intelligent security architecture for sdn-assisted iot networks,” Ph.D. - Doctoral Program, Middle East Technical University, 2021.