Real-time intrusion detection and prevention system for SDN-based IoT networks

Download
2021-9
Sarıça, Alper Kaan
The significant advances in wireless networks with the 5G networks have made possible a variety of new IoT use cases. 5G and beyond networks will significantly rely on network virtualization technologies such as SDN and NFV. The prevalence of IoT and the large attack surface it has created calls for SDN-based intelligent security solutions that achieve real-time, automated intrusion detection and mitigation. In this thesis, we propose a real-time intrusion detection and mitigation system for SDN, which aims to provide autonomous security in the IoT networks. The proposed approach is built upon automated flow feature extraction and classification of flows using random forest classifier at the SDN application layer. We present an SDN-specific dataset we generated for IoT and provide performance of the proposed intrusion detection model. In addition to the model performances, we provide network experiment results in the presence and absence of our proposed security mechanism. Experiment results demonstrate that the proposed security approach is promising to achieve real-time, highly accurate detection and mitigation of attacks in SDN-managed IoT networks.

Suggestions

Explainable Security in SDN-Based IoT Networks
Sarica, Alper Kaan; Angın, Pelin (2020-12-01)
The significant advances in wireless networks in the past decade have made a variety of Internet of Things (IoT) use cases possible, greatly facilitating many operations in our daily lives. IoT is only expected to grow with 5G and beyond networks, which will primarily rely on software-defined networking (SDN) and network functions virtualization for achieving the promised quality of service. The prevalence of IoT and the large attack surface that it has created calls for SDN-based intelligent security solut...
ARTEMIS: An intrusion detection system for mqtt attacks in internet of things
Ciklabakkal, Ege; Dönmez, Ataberk; Erdemir, Mert; Suren, Emre; YILMAZ, MUSTAFA TUĞRUL; Angın, Pelin (2019-10-01)
The Internet of Things (IoT) is now being used increasingly in transportation, healthcare, agriculture, smart home and city systems. IoT devices, the number of which is expected to reach 25 billion all over the world by 2021, are required to be deployed very fast, taking into account commercial pressures. This results in a very important layer, i.e. security, being either completely neglected or having significant shortcomings. Since IoT has a heterogeneous structure, there is a need for intrusion detection...
Mobile traffic modelling for wireless multimedia sensor networks in IoT
Al-Turjman, Fadi; Radwan, Ayman; Mumtaz, Shahid; Rodriguez, Jonathan (2017-11-01)
Wireless sensor networks suffer from some limitations such as energy constraints and the cooperative demands essential to perform multi-hop geographic routing for real-time applications. Quality of Service (QoS) depends to a great extent on offering participating nodes an incentive for collaborating. In this paper, we present a novel traffic model for a new-generation of sensor networks that supports a wide range of communication-intensive real-time multimedia applications. The model is used to investigate ...
Multimedia communication in wireless sensor networks
Gurses, E; Akan, OB (2005-07-01)
The technological advances in Micro ElectroMechanical Systems (MEMS) and wireless communications have enabled the realization of wireless sensor networks (WSN) comprised of large number of low-cost, low-power multifunctional sensor nodes. These tiny sensor nodes communicate in short distances and collaboratively work toward fulfilling the application specific objectives of WSN. However, realization of wide range of envisioned WSN applications necessitates effective communication protocols which can address ...
GreenSlice: An Energy-Efficient Secure Network Slicing Framework
Akin, Ozan; Gulmez, Umut Can; Sazak, Ozan; Yagmur, Osman Ufuk; Angın, Pelin (2022-02-01)
The fifth generation of telecommunication networks comes with various use cases such as Enhanced Mobile Broadband, Ultra-Reliable and Low Latency Communications and Massive Machine Type Communications. These different types of communications have diverse requirements that need to be satisfied while they utilize the same physical infrastructure. By leveraging Software Defined Network (SDN) and Virtual Network Function (VNF) technologies, the 5G network slicing concept can provide end-to-end logical networks ...
Citation Formats
A. K. Sarıça, “Real-time intrusion detection and prevention system for SDN-based IoT networks,” M.S. - Master of Science, Middle East Technical University, 2021.