Running Head: SECURITY

Improving IOT Security with Software Defined Network

[Name of the Researcher]

[Name of the Tutor]

[Institute]

[Date]
 Security 2

Table of Contents

Introduction......................................................................................................................................3
Background to Research Problem................................................................................................4
Background..................................................................................................................................5
Research Question........................................................................................................................9
Aim and Objectives......................................................................................................................9
Motivation for Objectives............................................................................................................9
Literature Review............................................................................................................................9
Internet of Things.......................................................................................................................10
Software-Defined Networks......................................................................................................13
Evolution of Programmable Networks......................................................................................14
Advantages, and Security Risks, of Software Defined Networking..........................................15
Benefits of Software Defined Networking (SDN).................................................................16
Security Risks for SDN..........................................................................................................17
Benefits of SDN for the IoT.......................................................................................................19
Methodology..................................................................................................................................21
Qualitative Research Method.....................................................................................................22
Research Philosophy..................................................................................................................23
Data Collection..........................................................................................................................23
Data Analysis.............................................................................................................................24
Ethical Considerations...............................................................................................................24
Timeline of the Study....................................................................................................................25
Conclusions....................................................................................................................................25
References......................................................................................................................................27
 Security 3

Improving IOT Security with Software Defined Network

Introduction

The term Internet of things (IoT) indicates the set of technologies that allow any type of

device equipped with electronic components to be connected to the network (Ciungu, 2016). In

this context, the objects connected to the network can communicate with other devices by

exchanging data on their work or access information useful for their own functioning

automatically. In practice, these are devices responsible for collecting and accumulating a large

amount of data which, if not adequately stored and protected, could constitute a serious danger to

the privacy and security of personal or corporate data (Tioutiou and Diouri, 2019).

The Internet of Things is a rapidly expanding market. As the number of devices

connected to the internet increases, so do the access points vulnerable to a possible hacker attack

(Al Shuhaimi et al., 2016). The risks are those of any other DDoS attack capable of jeopardising

the security of sensitive information or data. The vulnerability of IoT devices probably depends

on the fact that manufacturers have often neglected the security problem. Only in more recent

times is it beginning to give greater importance to the protection of this type of device (Yassein

et al., 2017). Another weakness in terms of security derives from the habit of most users not to

change the default passwords to access their devices or - when these are changed often - to use

passwords that are too weak and easily decrypted.

Every IoT device that joins a network becomes a potential new point of attack, so it

becomes essential to commit to the protection of personal or corporate data. The Internet of

Things security strategy must refer to a number of essential points to ensure security (Das et al.,

2019). Software-defined networks have been receiving attention from industry and academia.
 Security 4

However, it is worth noting that the ideas of computer network programming through the

decoupling of logical control from networks have been discussed for years. SDN networks

emerged as an initiative to overcome these limitations and meet the new demands for improving

security of IoT (Li et al., 2018).

Background to Research Problem

With today’s proliferation of Internet-connected devices, the complexity of managing

security and large-scale network deployment increases (Das et al., 2019). One of the most

important emerging technologies is the Internet of Things or Internet of Things (IoT). With the

emergence of this new digital communication paradigm, objects are programmed to

autonomously monitor and control many aspects of our daily lives in sectors such as transport,

smart cities, the environment, education, health, amongst other areas. These devices generate

large volumes of data, creating a strong demand for data flow management and a difficult level

of security management to administer. Due to the complexity and heterogeneity for the

development of an architecture adaptable to this type of network (Dawoud et al., 2018).

In SDN architecture, the network control function is separate from the data transfer plan

function. In turn, network control functions can be centralized in one or more SDN controllers

(Shaghaghi et al., 2020). This new paradigm completely changes the notion of how a traditional

network works with hardware and software provided by a vendor with proprietary systems,

making innovation and large-scale network deployment difficult. SDN allows to overcome these

limitations by providing a customisable and programmable open-source environment (Kalkan

and Zeadally, 2017).

 Security 5

The challenges posed by IoT through a collaborative safety approach are more important

than ever (Shaghaghi et al., 2020). As the IoT ecosystem increases, the amount of connected

devices that are potentially vulnerable grows. Not unavoidable are vulnerable devices. Alongside

the various actors responsible for their respective roles, we must work together to reduce the

likelihood of vulnerable devices being generated and at the same time to reduce the impact on

the network of vulnerable devices (Pathak et al., 2020). Politicians have important choices to

make to shape IoT security’s future. The purpose of this article is for regulators, policy makers

and anyone interested in developing and implementing IoT security policy tools.

Background

According to Ndiaye et al. (2017), by 2025, the number of connected objects is expected

to triple from 7 to 21.5 billion, and they could be the target of 25% of cyber-attacks. Whilst these

statistics are impressive, they should come as no surprise: skilful, methodical, and thoughtful,

cybercriminals will have no trouble identifying and taking advantage of any obvious

vulnerabilities. However, as it stands, it is a bit as if the IoT was serving them as a target.

Zegzhda and Pavlenko (2018), the Internet of Everything (IoE) paradigm has been

expanding the Internet of Things (IoT) concept to provide even more relevant services to people.

IoT, often considered synonymous with IoE, represents a wide range of devices (things) capable

of connecting to the Internet to provide intelligent services by exchanging a large amount of data

in real time. These things could be, for example, computers on board a vehicle, smartphones,

refrigerators, or sources of electricity (Pathak et al., 2020).

However, IoE extends the concept of IoT by considering the association of people,

processes, data, and things (Shaghaghi et al., 2020). Through this association, IoE explores the
 Security 6

intimate relationship between these entities, being able to provide even more relevant services to

people and generating unprecedented economic opportunities for companies, individuals, and

countries. However, the advent of IoE is intrinsically linked to the solution of issues addressed

by IoT, one of the main points being the management of the massive number of things and its

integration with the current Internet.

According to Liu et al. (2020), the integration of IoT with Software Defined Networks

(SDN) pursues a way to solve the problem of managing things in IoT. SDN proposes a network

model that decouples the control plane (SDN controller role) from the switches/routing devices

(switches). By integrating IoT with SDN technology, the management procedures of IoT devices

are centralised in the SDN network control plane, providing as main advantage a significant

simplification of network management.

However, in parallel to these characteristics and advances, different security incident

reports have shown a significant growth in the number of attacks and threats against traditional

computer networks in the national and global scenario (Al Shuhaimi et al., 2016). The statistics

provided by CERT.br, for example, show that in 2015 around 722,000 security incidents were

reported in 2015, increasing to 647 thousand in 2016 and reaching 833 thousand in 2017.

Considering the global scale, there are even more alarming statistics in this same period. In 2015,

Cisco reported that about 43% of public sectors failed to provide services of security for their

infrastructure (Das et al., 2019).

In 2016, Akamai confirmed 19 mega attacks, two of which were the largest denial of

service attacks on record, reaching 623 Gbps and 555 Gbps respectively (Kalkan and Zeadally,

2017). In 2017, attacks involving ransomware grew by 36% and 6.5% of people were victims of
 Security 7

identity fraud, resulting in losses of 16 billion dollars. In 2018, this scenario added a new feature

as a 600% increase in attacks involving IoT devices was recorded (Kalkan and Zeadally, 2017).

Vandana, (2016), as a result of the presence of imminent threats against traditional

computer networks, there is a growing concern with security in the integration between IoT and

SDN. The main security challenges for the advent of IoT encompass issues of privacy,

authorisation, control of access, storage, and management of information. Regarding SDNs,

academic research reveal that they are susceptible to threats against the authenticity,

confidentiality, integrity, and availability of data and/or network components.

The capture and analysis of control plane packets from SDN networks can provide the

attacker with privileged information about switch configurations, violating the principle of

confidentiality (Pathak et al., 2020). By gaining knowledge about the network, the attacker can

spoof packets to generate a denial-of-service attack on the controller, injuring the principles of

packet integrity and controller availability, thereby compromising IoT applications.

Vilalta et al. (2016), the security of the Internet of Things (IoT) has sparked particular

worry; these gadgets are one-of-a-kind, intelligent enough to analyse and make decisions, and

have network capability to connect to the Internet. Simple home sensors to medical appliances,

autos, planes, and nuclear reactors are all examples of IoT technology. Because of the nature of

IoT, there can be no guarantee of secrecy or authenticity, making communication vulnerable to

assault. Traditional network protection measures are used to avoid external attacks by using

firewalls and intrusion detection/prevention systems on the network edge. However, due to the

unique properties of IoT networks, conventional defence methods do not operate directly with

them.
 Security 8

Han et al. (2018), a new software-defined networking (SDN) technique was recently

created in computer networking, which allows a centrally administered programme called the

SDN controller’ to govern overall network behaviour. Security threats, grain traffic filters, and

the implementation of dynamic safety policies may all be handled quickly with the controller.

The use of SDNs to secure computer networks, such as the usage of SDN controllers and

switches to firewalls, has been examined, and some academics have been looking into SDN-IoT

integration. Sood et al. studied the environmental safety, scalability, and depth research (DPI) of

SDN and IoT networks. In comparison to our previous work, we proposed a system model with

SDN to protect IoT devices utilising HTTP (Mohammed et al., 2020).

For support of dynamic IoT security functional network (SDN/vNF (virtual network

function) authentication, authorisation, and accounting (AAA) management, Zarca et al.

developed a cyber situational security awareness framework (Das et al., 2019). The SDTCP, or

software-defined network traffic control protocol, was proposed by Lu et al. as a solution to TCP

in cast-problems for IoT-applications (SDN). To minimise the bandwidth of the background flux,

transmit rate, the SDTCP has made improvements to the open gate for TCP ACK packets.

Medhane et al. (2020), introduced Soft Things, a security architecture for SDN-based IoT

devices, to capture and prevent threats. The proposed system employs the machine learning

capabilities of the SDN controller to monitor and analyse current IoT device behaviour in order

to detect suspicious actions such as Denial-of-Service (DoS) assaults in the future.

Research Question

How Software Defined Network help to improve the security of IoT?

 Security 9

Aim and Objectives

The main aim of this study is to analyse the role of Software Defined Network in

improving security of IoT. The objectives of the study are following below.

 To analyse the concept and fundamentals of IoT and Software Defined Network.

 To analyse the use of SDN in IoT to improve the system’s performance and enhance

its security.

 To analyse the system model for SDN with IoT that helps to prevent man-in-the-

middle attack.

 To analyse the relationship between SDN and IoTs.

Motivation for Objectives

These objectives will encourage the community to develop security solutions for the IoT,

highlighting how SDNs can support this goal. Through this objectives, researcher hope that

readers can understand the main concepts and how to relate the IoT and SDNs and identify open

research challenges regarding existing threats and countermeasures. In addition, readers will

learn about a network behaviour in the face of a denial-of-service attack and will have the

opportunity to learn about the use of tools for extracting and analysing data from the network.

Literature Review

This chapter introduces the concepts, threats, and security issues by focusing on the IOT

security and SDN, as well as the main advantages in the relationship between these two models.

The chapter follows a theoretical/practical approach. The theoretical part introduces the
 Security 10

fundamentals of IoT and SDNs. Also, the theoretical part presents how these models are related

and why this relationship brings significant advantages in terms of network security.

Internet of Things

The concept of “Internet of Things” describes a very important stage in the development

of the global network, characterized by the connection of a large number of devices that carry

out automated data processing without human intervention (Al Shuhaimi et al., 2016). The main

purpose of the Internet is the implementation of the transport function: the integration of private

computer networks, individual users and data processing centres (DPC). The physical layer of

the global network is quite static and is being improved mainly in quantitative terms by

increasing the capacity of communication channels and channel-forming equipment.

According to Zegzhda and Pavlenko (2018), the significant increase in traffic is leading

to the development of more powerful routers and improvements in routing protocols and network

principles. In the construction of modern networks, in addition to the traditional infrastructure

level of data transmission, containing routing and switching equipment, a control level is

distinguished. Separating transmission and management functions virtualizes the network

infrastructure and dramatically increases utilisation and centralizes resource management by

implementing Software Defined Network (SDN) technology designed to cope with dynamic

change (Shaghaghi et al., 2020). This approach is already being applied in data centres when

building cloud services and is rapidly gaining popularity in corporate networks and provider

networks.

Liu et al. (2020), the applied value of the Internet is a number of specialized services

implemented on its basis - DNS, e-mail (e-mail), file transfer (FTP), the World Wide Web,
 Security 11

streaming media, etc. The services provided are in continuous development, transforming society

and socialising interaction within the network. Most applications use a user-service interaction

model and reflect the emerging information society. An important stage in the development of

the Internet is the emergence of the concept of cloud computing. The concept is based on the

principle of common use of the provider’s software and hardware infrastructure. This approach

allows users to reduce costs and, if necessary, flexibly increase information resources.

Wen et al. (2016), increasingly, we hear about hacking devices and their use for

malicious purposes, and all security issues are resolved individually by each device and software

manufacturer. Given the proliferation of smart objects and the increasing sophistication of

targeted attacks, it is not surprising that increased attention is paid to security in protocol design.

Security measures can be roughly divided into four areas - connection, identification, encryption

of transmitted traffic, and application security.

Wen et al. (2016), the introduction of the ubiquitous Internet of Things is still a distant

prospect. A smart state, smart cities and even a smart home at this stage of development are still

exotic, especially in our country. IoT implementations are not happening on a global scale, but

within companies. The technology of smart things is able to increase labour productivity

primarily in the manufacturing segment, logistics business, transport, and energy companies. The

complexity of implementation lies in the fact that no manufacturer has a complete solution that

includes all the components. It is necessary to use a large number of systems from different

manufacturers, and how accurately the implemented solution will meet the tasks and

requirements of the competitive environment depends on their correct selection and integration.

Salman et al. (2017), the evolution of wireless sensor networking technologies has

resulted in the inclusion of IoT in the daily lives of modern citizens. Studies carried out by Cisco
 Security 12

estimate that in 2021 there will be about 8.3 billion personal portable devices connected to the

world wide web, generating a traffic of up to 49 exabytes per month. This new network model

connects the most varied computing devices to the Internet, requiring flexible networks to

accommodate a high level of scalability and heterogeneity.

Xue et al. (2019), the main solutions to IoT challenges are founded on technologies such

as cloud computing. The main challenge of an IoT network is to limit the capacity of computing

resources in edge devices (end devices). Cloud computing addresses the challenges related to big

data, providing computing resources over the Internet, and following the client/server model.

However, the challenge of managing scalability remains. To address it, one attempt is to propose

the concept of fog computing. This approach simplifies the dissemination of cloud data and

services, bringing them closer to the edge.

These solutions require the definition and standardisation of a set of protocols and

network technologies, which can increase the complexity of these networks, making network

management difficult and aggravating the problem of heterogeneity (Dawoud et al., 2018). This

fact generates a demand for equally scalable management systems capable of simplifying the

burden of network maintenance by promoting heterogeneity.

Software-Defined Networks

Software Defined Networking (SDN) is a new paradigm for redesigning

telecommunications networks from the point of view of software engineering (Mohammed et al.,

2020). The argument is that today’s networks are essentially designed to “master the complexity”

behind existing technologies, rather than “draw simplicity” from lessons learned. Scott Shenker,

one of the creators of the idea, argues that abstractions play a big role in computer science,
 Security 13

protecting high-end software from the complexity that exists at lower levels. That is, an

abstraction is nothing more than a black box with interfaces.

The fundamental purpose of communication networks is to transfer data from one point

to another. One of the main features involved in data transfer is packet forwarding (data unit

handled in the network layer of TCP/IP architecture). This functionality determines the way

packets are transferred between the different intermediary network equipment (Yassein et al.,

2017). Typically, networks are built with lots of equipment, including routers, switches, and

intermediary devices such as firewalls, load balancers, and intrusion detection systems. Each of

these different devices needs to be configured in a specific way to perform their respective tasks

associated with packet handling. Therefore, efficiently forwarding packages between equipment

is essential.

Salman et al. (2017), in traditional networks, the configuration regarding packet

forwarding decisions and the physical configuration of devices is combined in the same network

equipment. Through this approach, after the initial definition of the flow management

(forwarding policy), the only way to adjust this policy is through the individual configuration of

the equipment. This characteristic causes limitations regarding the administration of large-scale

networks, as it demands the individual configuration of each network equipment, requiring a

high level of knowledge from its operators.

Furthermore, new demands for network traffic configuration have been originated by

emerging trends in communication technologies, such as mobility, social relations, and Big Data

(Shaghaghi et al., 2020). Due to the existing limitations in traditional networks and the new

demands for configuring network traffic, the need to rethink the way packets are routed in the

network emerges.
 Security 14

Xue et al. (2019), SDN networks emerged as an initiative to overcome these limitations

and meet the new demands for network traffic configuration. These networks were cited in the

IEEE Computer Society report as one of 23 technologies that promise to change the world by

2022. In the data plan, the needs of the physical infrastructure for data forwarding are addressed,

involving network equipment such as switches and routers. The control plane comprises the

decision-making in the forwarding of packets in the network, enabling the programming of the

paths that will be used by data flows and representing network intelligence. Through SDN

networks, it is expected to simplify the management of large-scale networks in order to meet the

requirements of the new network traffic configuration demands.

Evolution of Programmable Networks

The main initiatives that contributed to the emergence of SDNs are the Open Signaling

working group (OPENSIG), IETF Network Configuration (NETCONF), Active Networking,

Devolved Control of ATM Networks (DCAN), 4D Project and Ethane (Pathak et al., 2020).

Ndiaye et al. (2017), the General Switch Management Protocol (GSMP) was one of the

main results of this initiative. This initiative is officially concluded and the latest version of the

GSMP protocol was published in June 2002. The Active Networking initiative also started in

1995 with the objective of providing network infrastructures that could be programmable to

better adapt to specific services. To achieve this goal, Active Networking considered two

approaches: (1) user-programmable switches; and (2) capsules. The first approach provided for

channel management to transfer input and output bands. The second approach advocated that

programs could be fragmented and loaded into users’ messages to be interpreted and executed by
 Security 15

routers. Despite the diverse efforts of this initiative, Active Networking was never considered for

industry adoption due to performance and security limitations.

Advantages, and Security Risks, of Software Defined Networking

It is a long-standing practice for organisations to choose to increase the bandwidth of

their network by purchasing more hardware (Kalkan and Zeadally, 2017). This ineffective

approach, if additional network resources are not used fully, may be a costly mistake.

Technology is progressing, but history can repeat itself. A first transformation, which began

since the days of mainframe network protocols (for example, Systems Network Architecture),

resulted in widespread adoption of the protocol Transmission Control Protocol / IP. This change

was in line with the introduction of the personal computer (PC) using processing technology of

client-server type.

Medhane et al. (2020), Today there is a new, rapid, and disruptive transition from use of

PCs to that of mobile devices, such as smartphones. This time the key is the introduction of

virtualisation and cloud computing models and, apparently, the future of networking will

increasingly rely on software automatisms. One wonders what networks will develop and how

the dynamics of demands imposed by end users, trade and government institutions will be

responded to by a modern network infrastructure.

Han et al. (2018), The growth in the number of connected devices and their dispersion

worldwide has made the devices themselves as well as their network traffic more complex and

difficult to manage. There are very high costs incurred to reconfigure such devices manually and

thus meet any change need. Moreover, the configuration of a traditional network is often

difficult, if not almost impossible, to react promptly to human mistakes and/or malicious events.
 Security 16

The virtualisation process of SDN (Software Defined Networking) significantly enhances

network efficiency and thus simplifies management and enables solutions that improve capacity

without over-commitment.

Benefits of Software Defined Networking (SDN)

The new concept of the SDN framework is based on traditional network design. To

simplify policy implementation via a centralised controller, use software-based controls. The

Application Program Interface (ARP) protocol separates data and control functions for network

devices, like routers or switches (Shaghaghi et al., 2020). Divided into three separate logical

layers is the SDN architecture: the application layer, the control layer, and the data laying. SDN

applications that communicate network requirements to the SDN controller are included in the

application layer. The SDN software controller, on the other hand, interprets these requirements

and implements the dictates of the control layer network policy to determine how data should

flow from network devices (Kalkan and Zeadally, 2017).

Ndiaye et al. (2017), the SDN controller is the SDN architecture nerve centre, it manages

all complex functions and converts requirements into specific low-level regulations. Finally,

after authorisation is received by an SDN controller, the data layer contains a network device

such as routers and switches that flow data. Basically, SDN disconnects network control from

transmission features.

Security Risks for SDN

Salman et al. (2017), Many of the security problems typical of traditional network

architecture are exposed to SDN architecture. Unfortunately, additional security threats are also
 Security 17

introduced by the new centralised SDN features, which allow for more flexibility, real time

programming and control simplification. The SDN’s overall design of its architecture, which is

divided into the three levels of control, application, and data, involves various security risks.

Xue et al. (2019), the possibility of attacks on the SDN controller in the control layer is

one of the most significant risk factors. The SDN controller is also its nerve centre due to its

centre structure. The attackers simply have to focus on the SDN controller to manipulate their

entire network. If an attacker is able to gain access, the invaded SDN controller may be used to

control the network devices (for example, switches) under his/her control, in order to blank all

traffic. For instance, sending unnecessary road traffic to the target to exhaust their resource, to

launch dangerous attacks against other targets.

Medhane et al. (2020), In order to limit this risk, the security of the SDN controller

hosting system must be improved and unauthorised access to the controller itself must be

prevented. In addition, Distributed Denial-of-Service (DDoS) attacks are subject to the control

layer. SDN switches can block a large amount of queries from the controller and possibly cause

query delays or lost queries. Multiple physical controllers should be in parallel rather than just

one to protect against DDoS attacks. With switches connected to several SDN controllers, the

switch master can be used by one controller. If a master controller needs to process a high

request load, it can divert it to another less busy controller that is the master for some of the

switches that are assigned.

Wen et al. (2016), An attackers who manage to interfere with the SDN controller can

interfere with SDN apps, manipulate security apps, and reprogram network traffic flow via the

SDN. Switches are vulnerable to Denial-of-Service (DoS) attacks as far as the data layer is

concerned. A hostile user may block excessive load switches, causing a loss of valid packets if
 Security 18

the buffer capacity of a switch are exceeded. Many ways to counter these attacks include

proactive caching of rule, registration of rule and reduction of the communication time between

the switch and the SDN controller. Increased switch buffer capacity may also decrease the risk of

a DoS attack.

Liu et al. (2020), The message exchange between the control layer and the data layer is

subject to attacks by people in the centre. In order to take control of the controller, an attacker

can amend the rules sent by the SDN controller to switches. The encryption of messages using

digital signatures protects the integrity and verifies the authenticity of messages, one of the most

effective measures against this situation.

According to Zegzhda and Pavlenko (2018), Real-time programming is also subject to

major vulnerabilities in the application layer. In addition, the attacker can control traffic flow via

the SDN controller if it succeeds in compromising SDN security applications. The entire network

is also affected when SDN applications are compromised. 9 To reduce this risk of security

considerably, it is essential that safe coding practises are implemented and binding, integrated

into the software development cycle through extensive change control and integrity checking

processes.

Liu et al. (2020), The new way to respond to the dynamics of service requirements is to

virtualize the server, mobile devices and cloud computing. The traditional three-network

architecture is becoming insufficient to meet the increased demands with these technologies.

SDN architecture virtualizes and makes networks flexible and programmable. Software and SDN

are becoming more and more a rule in the future of networking. Security in practical use of SDN,

on the other hand, means first of all adequately controlling the critical safety risks of the SDN

controller and applications.

 Security 19

Benefits of SDN for the IoT

Wen et al. (2016), The development of new emerging technologies such as the IoT and

intelligent environments require network infrastructures that can support the management of high

levels of scalability, data traffic, mobility, and security threats. The continuous evolution and

growth of the Internet represents a huge challenge for developers and telecommunications

companies. An alternative solution to solve this great challenge is presented by another emerging

technology such as SDN.

Salman et al. (2017), The benefits of SDN for managing the IoT are outlined below. The

centralisation of information in the SDN controller provides a complete global vision of the

network, enabling automation through the application programming interface (API) and

continuous control of massive connection demands. This centralisation simplifies large-scale

management of IoT devices.

Ndiaye et al. (2017), the flexibility to manage data storage to continuously analyse,

process and maximize the performance of the flow of information between IoT devices. IoT

environments are made up of various types of end devices in which all the information generated

can be processed locally using mputation at the edges, avoiding network traffic congestion. As a

result, network management can be even more critical with the use of current application and

protocol environments. The flexible configuration capability of SDN allows you to dynamically

change network behavior based on traffic patterns, detected incidents, and security policy

changes on all connected devices in an IoT environment.

Xue et al. (2019), because of the large number of connected IoT devices, network

infrastructures that support Scalability are necessary. A system automation with protocols can be
 Security 20

created with SDN from a centralised point, which permits macro data flow management. You

also can define a communication and security policy for network-connected devices and even

define these policies in advance of the connectivity request, which basically enables dynamic

management without taking the new connected devices into account. SDN enables an inherent

scalability because of its centralised application and protocol management design, which enables

scalable network extensions to be reacted to if necessary.

A significant cost reduction is possible with the abstraction of network equipment like

switches, routers, and intermediate devices (Yassein et al., 2017). In traditional networks, these

teams use proprietary systems that are programmed to establish complex protocols in real time

with specific rules. Therefore, a challenge can be resolved by applying software-defined

networks to the proper policy configuration to fulfil the specific requirements of IoT apps.

According to study conducted by Salman et al. (2017), the architecture of SDN allows a

complete Programmability of all the devices connected in an infrastructure due to the global

vision of the network. SDN offers the opportunity to develop new network functionality and

applications without the need to individually configure each device or wait for the equipment

manufacturers to develop (Das et al., 2019). This allows dynamic adaptation to change in

network topologies, material damage to equipment, dynamic configurations, and implementation

of multiple network policies ideal for IoT environments. Currently the various test scenarios that

allow the use of SDN for the IoT are still under development. However, there are adaptable tools

and protocols in test environments that can be used to analyse the functionality and adaptability

of both technologies.
 Security 21

Methodology

This study will use of qualitative research method to evaluate the research question “role

of Security Define Network in IoT. Qualitative research is the presentation of non-numerical

data. A number of approaches to data collection and analysis are refers to the term "qualitative

research methods" (Dawoud et al., 2018). They try to understand human experiences and explain

social phenomena in particular. One of the methods of looking at social reality is quality

research. Qualitative research focuses more on creating the right questions than on finding the

correct answers. Regardless of the theory of a researcher, the most common methods for

collecting qualitative data are interviews and observations.

This study will use the primary qualitative research method. A semi-structured interview

will be carried out for the collection of data. The most common methods of acquiring qualitative

data are individual interviews, focus groups and observations. The objective of the semi-

structured individual interview is to collect data using conversational approaches by interviewing

participants face-to-face (or remotely). The interview then takes a guide which contains a list of

open questions or topics to be discussed during the session (Kalkan and Zeadally, 2017). The

purpose is to identify patients, practitioners and other participants' points of view, opinions,

attitudes and experiences.

Qualitative Research Method

The primary qualitative research method will be utilised for this study. The method is

chosen according to the study's goals and objectives. To understand the logical basis of a

qualitative approach rather than a quantitative approach, it is important to recognise the presence

of some points of contact between them and their specific characteristics (Mohammed et al.,
 Security 22

2020). The third is that qualitative research has no single theoretical or methodological basis, just

as the identification of the quantitative approach and positivism is erroneous.

Vandana, (2016), also believes that the qualitative approach is not based on a certain

theory and is marked as a set of theoretical orientations and methods. To define a qualitative

approach, a new context for consideration of the problem needs to go beyond very abstract

dichotomous divisions.

Research Philosophy

Interpretivist philosophy is suitable for the small scale and in depth research, so the

researcher will follow the thoughts of the interpretive school. In qualitative research, the

philosophy of the interpreters is also appropriate and appropriate. The research philosophy

administers the information source, type, and improvement. Basically, a research philosophy is

to believe in the collection, division and use of information about a miracle. Although it seems

important for researchers to be able to produce information, they are committed to providing

information as an integral feature. The assumptions of the sources and the idea of information

depend upon every "phase of the research process" (Das et al., 2019).

Data Collection

There are two different types of data, primary and secondary (Yassein et al., 2017). The

word 'primary data' refers to data or information directly obtained from participants in research.

Secondary data refers to information gathered or published in research papers, articles, libraries,

and journals from unofficial sources. In this investigation primary will be used. A combination of

primary and secondary data or data collection methods, on the other hand, is associated with the
 Security 23

method of mixed methods. The research effort depends heavily on primary data acquisition. A

series of interviews with senior managers and supply chain management professionals were

conducted with the aim of examining SDN's role in IoT security. Moreover, the secondary

research role of SDN in IoT security will be played to give information on the rationale for a full

change in current procedures.

Data Analysis

This study will use content analysis technique for the analysis of data. Researchers who

use qualitative methods for data analysis stress that research goals and materials are to be

considered and different methods selected. Analyzing the data collected is, like every research

process, a necessary step in drawing conclusions. Qualitative data cannot be analysed quickly or

easily. Content analysis is an elaborate and comprehensive method that can show that a social

reality is complex (Al Shuhaimi et al., 2016).

Ethical Considerations

It is recognised that during research ethical problems need to be taken seriously (Tioutiou

and Diouri, 2019). Moral reflection is a research activity where researchers can solve various

moral issues. Researchers understand the problem from all necessary referrals, as if they do not

agree with the incorrect provision of data, and the researchers can predict the ethical aspects of

this project.

Furthermore, the main guiding principles of human research are usually qualitative

research. Regardless of the nature of the research, the participant's consent requirements and

protection of his privacy and privacy are often the same. Specific ethical problems in terms of
 Security 24

access, relationship building, data use and results of publishers can be raised by qualitative

studies. Researchers should consider issues of consent, privacy, confidentiality of data and

relations between researchers and participants in the process of developing, evaluating and

conducting a research project.

Timeline of the Study

Figure 1: Timeline of the Study

Conclusions

In conclusion, it is anticipated that this will presents the main contributions that SDN

provides for the security of IoT. The number of devices with heterogeneous connectivity

increases every day, which is why it is necessary to create network architectures oriented

towards the new generation of the Internet. SDN offers a high degree of scalability,

dependability, security, and performance. Centralising network intelligence in the SDN

 Security 25

controller enables the control, configuration, and management of complex networks in a more

efficient way.

SDN-based IoT networks have established themselves as a solution to the main

challenge’s characteristic of traditional IoT and IoE, such as heterogeneity, scalability, and big

data. However, this integration becomes susceptible to threats against the confidentiality,

integrity and availability of data, services, and network applications. This study will introduce

the top security threats and defences in SDN-based IoT networks.

 Security 26

References

Al Shuhaimi, F., Jose, M. and Singh, A.V., 2016, September. Software defined network as

solution to overcome security challenges in IoT. In 2016 5th International Conference on

Reliability, Infocom Technologies and Optimization (Trends and Future Directions)

(ICRITO) (pp. 491-496). IEEE.

Ciungu, R.S., 2016. Improving IoT security with software defined networking (Master's thesis,

Universitat Politècnica de Catalunya).

Das, R.K., Maji, A.K. and Saha, G., 2019. Prospect of improving internet of things by

incorporating software-defined network. In Advances in communication, devices and

networking (pp. 537-544). Springer, Singapore.

Dawoud, A., Shahristani, S. and Raun, C., 2018. Deep learning and software-defined networks:

Towards secure IoT architecture. Internet of Things, 3, pp.82-89.

Han, Z., Li, X., Huang, K. and Feng, Z., 2018. A software defined network-based security

assessment framework for cloudIoT. IEEE Internet of Things Journal, 5(3), pp.1424-

1434.

Kalkan, K. and Zeadally, S., 2017. Securing internet of things with software defined

networking. IEEE Communications Magazine, 56(9), pp.186-192.

Li, J., Zhao, Z., Li, R. and Zhang, H., 2018. Ai-based two-stage intrusion detection for software

defined iot networks. IEEE Internet of Things Journal, 6(2), pp.2093-2102.

Liu, L., Feng, W., Chen, C., Zhang, Y., Lan, D., Yuan, X. and Vashisht, S., 2020, July. BS-IoT:

Blockchain Based Software Defined Network Framework for Internet of Things. In IEEE

INFOCOM 2020-IEEE Conference on Computer Communications Workshops

(INFOCOM WKSHPS) (pp. 496-501). IEEE.

 Security 27

Medhane, D.V., Sangaiah, A.K., Hossain, M.S., Muhammad, G. and Wang, J., 2020.

Blockchain-enabled distributed security framework for next-generation IoT: an edge

cloud and software-defined network-integrated approach. IEEE Internet of Things

Journal, 7(7), pp.6143-6149.

Mohammed, A.H., KHALEEFAH, R.M. and Abdulateef, I.A., 2020, June. A review software

defined networking for internet of things. In 2020 International Congress on Human-

Computer Interaction, Optimization and Robotic Applications (HORA) (pp. 1-8). IEEE.

Ndiaye, M., Hancke, G.P. and Abu-Mahfouz, A.M., 2017. Software defined networking for

improved wireless sensor network management: A survey. Sensors, 17(5), p.1031.

Pathak, G., Gutierrez, J. and Rehman, S.U., 2020. Security in low powered wide area networks:

Opportunities for software defined network-supported solutions. Electronics, 9(8),

p.1195.

Salman, O., Elhajj, I., Chehab, A. and Kayssi, A., 2017, May. Software defined iot security

framework. In 2017 Fourth International Conference on Software Defined Systems

(SDS) (pp. 75-80). IEEE.

Shaghaghi, A., Kaafar, M.A., Buyya, R. and Jha, S., 2020. Software-defined network (SDN) data

plane security: issues, solutions, and future directions. Handbook of Computer Networks

and Cyber Security, pp.341-387.

Tayyaba, S.K., Shah, M.A., Khan, O.A. and Ahmed, A.W., 2017, July. Software defined

network (sdn) based internet of things (iot) a road ahead. In Proceedings of the

international conference on future networks and distributed systems (pp. 1-8).

 Security 28

Tioutiou, A. and Diouri, O., 2019, November. Improving IoT Security with Software Defined

Networking (SDN). In International Conference on Advanced Communication Systems

and Information Security (pp. 233-238). Springer, Cham.

Vandana, C., 2016. Security improvement in iot based on software defined networking

(sdn). International Journal of Science, Engineering and Technology Research

(IJSETR), 5(1), pp.2327-4662.

Vilalta, R., Ciungu, R., Mayoral, A., Casellas, R., Martinez, R., Pubill, D., Serra, J., Munoz, R.

and Verikoukis, C., 2016, December. Improving security in Internet of Things with

software defined networking. In 2016 IEEE global communications conference

(GLOBECOM) (pp. 1-6). IEEE.

Wen, Z., Liu, X., Xu, Y. and Zou, J., 2016. A RESTful framework for Internet of things based on

software defined network in modern manufacturing. The International Journal of

Advanced Manufacturing Technology, 84(1-4), pp.361-369.

Xue, C., Xu, N. and Bo, Y., 2019, April. Research on key technologies of software-defined

network based on blockchain. In 2019 IEEE International Conference on Service-

Oriented System Engineering (SOSE) (pp. 239-2394). IEEE.

Yassein, M.B., Aljawarneh, S., Al-Rousan, M., Mardini, W. and Al-Rashdan, W., 2017,

November. Combined software-defined network (SDN) and Internet of Things (IoT). (pp.

1-6). IEEE.

Zegzhda, D.P. and Pavlenko, E.Y., 2018. Cyber-sustainability of software-defined networks

based on situational management. Automatic Control and Computer Sciences, 52(8),

pp.984-992.