Professional Documents
Culture Documents
net/publication/352762116
Preventive Determination and Avoidance of DDoS Attack with SDN over the IoT
Networks
CITATIONS READS
0 339
5 authors, including:
Some of the authors of this publication are also working on these related projects:
All content following this page was uploaded by Md. Jahidul Islam on 26 June 2021.
Abstract—The Internet of Things (IoT) is growing increasingly computers. The evolving SDN paradigm provides a way for
along with the development of security issues. The IoT system IoT devices to be managed safely. First and foremost, we
is unable in protecting against ransomware and various forms offer a simple framework based on the SDN paradigm [3]
of malicious threats. The way a vast number of IoT devices are
treated is uncomfortable and insecure. Security problems have [4]. A controller pool of SDN-IoT controllers, IoT gateway-
become increasingly important with the spread of IoT devices. integrated SDN-IoT switches, and IoT appliances compose
The Software-Defined Networking (SDN) paradigm provides a the provided structure [5]. An algorithm for detection and
way to control IoT devices securely. For the IoT paradigm, we mitigation of DDoS attacks using the suggested SDN-IoT
have suggested a general system for detecting and mitigating system is then recommended, and the Similarity to Cosine
Distributed Denial-of-Service (DDoS) attacks using an SDN.
The proposed architecture consists of a pool of controllers of the packet message rate vectors at boundary SD IoT shift
comprising SDN controllers, IoT gateway-integrated. Also, we ports is used in the proposed algorithm to determine whether
have offered an IoT DDoS attack detection and mitigation the DDoS attacks occur in the IoT. Eventually, experimental
algorithm attached to the proposed SDN IoT platform. Finally, show that the proposed algorithm provided is remarkably
the proposed algorithm shows the experimental results that have efficient, and the proposed architecture adapts to disparate and
improved performance and the proposed architecture adapts to
heterogeneous and fragile devices to enhance IoT security. vulnerable IoT security enhancement devices.
Index Terms—Internet of Things, IoT Security, Denial of Fig. 1 show how to occurs DDoS attack.
Service, DDoS, IoT Attacks, IoT
I. I NTRODUCTION
The IoT is a paradigm for all the different Internet-
connected devices that are not conventional computers. This
covers everything from smart refrigerators, speakers, cameras,
washing machines, vehicles, traffic lights, airplane engines,
and home monitoring systems to fitness trackers and smart-
watches. As the access to broadband internet networks in-
creases and processors become more accessible, more Wi-
Fi devices are being developed. In the next decade, IoT will
be linked to billions of devices with several vulnerabilities.
There are no security protocols and no processing and storage
resources for these networking devices to allow re walls and
diagnostic tools [1]. Also, they do not link to the Internet
directly via Wi-Fi. A lot of examples have shown in recent
Fig. 1. DDoS Attack Over the IoT Network
years that IoT is susceptible to viruses. The majority of IoT
appliances could anonymously become accomplices to DDos
Based on the above discussion, these paper contributions as
attacks without security precautions [2]. A DoS attack attempts
follows:
to disrupt a network or online resource by its victim, usually
with an overwhelming excess of the type of operation it would • An SDN IoT framework comprising of a pool of SDN
typically receive. This might take the form of requests from controllers and IoT gateway that is capable of dealing
registered and prospective users for authentication, game-play with the DDoS attacks.
processor cycles, notifications, download requests, etc. The • A DDoS attacks detecting algorithm based on the Sim-
DDoS attack shows the ubiquity of vulnerabilities in IoT, and ilarity to Cosine packet message rate vectors to identify
the DDoS attack was inadvertently applied to multiple IoT the attacks and defeat the attackers on time.
978-1-6654-3843-8/21/$31.00 ©2021 IEEE
Organization: This paper has been organized as follows: aims to centralize network intelligence into one network aspect
the background knowledge and literature are discussed in as shown in Fig. 3. Intelligent centralization, however, has its
section II. Most importantly, the proposed model has been stability, scalability, and elasticity drawbacks, and this is the
presented in section III. Section IV is analyzed the result main issue for SDN.
and performance evolution properly. Moreover, limitations and
future works also shown in section V Finally, we conclude this
paper in section VI with limitations and future plans as well.
Algorithm 1: Distributed Denial of service Attack Fig. 6. Environment Desing using Mininet
Detection and Mitigation Algorithm for SDN IoT
Input: Set of all boundary SDN IoT switches.
easy to handle and hide, but also creates security problems.
Output: DDoS attack and detection
Similar to SDN, via the programmable SDN-IoT architecture,
1 if α ∈ edge then
SD-IoT can provide proactive schemes for detecting and
2 while m ≤ sm do
minimizing DDoS assaults.
3 while j ≤ 2k do
This section describes the steps involved in simulating an
4 foreach ∆t do
SDN DDoS attack. The first thing we need to do to perform
5 count = the num of P kin
the simulation is to build the network. A command line on
6 λj = count / ∆t
terminal orders the creation of a system with one switch, one
7 end
controller, and six hosts. Fig. 7 and 8 shows the command line
8 end
used to create the network.
9 end
10 X = {λi }where i = 2, 4, 6, ....., 2k
11 Y = {λj }where j = 1, 3, 5, ....., 2k − 1
12 Calculate ρX, Y by Equation1
13 if ηU ≤ ρx, Y ≤ 1 then
14 s =s + 1
15 end
16 end
Authors Technologies Application DDoS Attack Detection DDoS Attack Prevetion Algorithms
Silva et al. [12] SDN & ML IoT YES YES No
Bawany et al. [21] SDN IoT YES YES No
Wang et al. [22] SDN Cloud Computing YES YES No
Ahmed et al. [23] SDN IoT YES YES No
Sahoo et al. [24] SDN IoT YES NO No
Tuan et al. [25] SDN & ML ISP Networks YES YES No
Proposed SDN & ML IoT YES YES YES