Abstract:
Extensive adoption of intelligent devices with ubiquitous connectivity
has increased Internet of Things (IoT) traffic tremendously.
The smart devices promise to improve human life through improved
safety and security through the implementation of intelligent transportation
systems, optimization of power grids,and applications in
human health. Devices produce a large amount of data for analytic
applications running inside a cloud infrastructure. Unlike core networks,
the main objective of an attack on an IoT network is to disrupt
the availability of IoT data for the applications by overwhelming devices
with information requests. Detection of such an attack cannot
be done either in the cloud where the analytical application runs nor
on the IoT device itself due to its limited computational resources.
Furthermore, the standard networking paradigm does not provide an
easy way to instrument and control networking nodes for an effective
mitigation of identified threats. In this work, we propose a fogassisted
software defined networking (SDN) driven intrusion deteciv
v
tion/prevention system (IDPS) for IoT networks. A collocated fog
computational arrangement with IoT network equips proposed IDPS
for timely identification of various attack models in near real time for
effective neutralization of threats using SDN control. We have evaluated
our proposed scheme using machine learning and controller
performance metrics i.e. accuracy, precision, f1 score , successful
and unsuccessful detection of possible attacks, packet loss and
throughput etc. We have also evaluated our scheme on renowned
network traces to prove the idea. We have found our approach more
effective in contrast to traditional techniques for intrusion detection
in the IoT network. Moreover, we have presented and evaluated a
scheme for detection of botnets in IoT network, keeping in view the
other very important aspect of DDoS attack detection and prevention.
