Abstract
The Internet of Things is visualized as a fundamental networking model that bridges the gap between the cyber and real-world entity. Uniting the real-world object with virtualization technology is opening further opportunities for innovation in nearly every individual’s life. Moreover, the usage of smart heterogeneous multimedia devices is growing extensively. These multimedia devices that communicate among each other through the Internet form a unique paradigm called the Internet of Multimedia Things (IoMT). As the volume of the collected data in multimedia application increases, the security, reliability of communications, and overall quality of service need to be maintained. Primarily, distributed denial of service attacks unveil the pervasiveness of vulnerabilities in IoMT systems. However, the Software Defined Network (SDN) is a new network architecture that has the central visibility of the entire network, which helps to detect any attack effectively. In this regard, the combination of SDN and IoMT, termed SD-IoMT, has the immense ability to improve the network management and security capabilities of the IoT system. This article proposes an SDN-assisted two-phase detection framework, namely SD-IoMT-Protector, in which the first phase utilizes the entropy technique as the detection metric to verify and alert about the malicious traffic. The second phase has trained with an optimized machine learning technique for classifying different attacks. The outcomes of the experimental results signify the usefulness and effectiveness of the proposed framework for addressing distributed denial of service issues of the SD-IoMT system.
- Usman Ahmad, Hong Song, Awais Bilal, Mamoun Alazab, and Alireza Jolfaei. 2018. Secure passive keyless entry and start system using machine learning. In Proceedings of the International Conference on Security, Privacy, and Anonymity in Computation, Communication, and Storage. 304--313.Google Scholar
Cross Ref
- Mouhammd Alkasassbeh, Ghazi Al-Naymat, A. B. Hassanat, and Mohammad Almseidin. 2016. Detecting distributed denial of service attacks using data mining techniques. International Journal of Advanced Computer Science and Applications 7, 1 (2016), Article 59.Google Scholar
Cross Ref
- Mohammed Alsaeedi, Mohd Murtadha Mohamad, and Anas A. Al-Roubaiey. 2019. Toward adaptive and scalable OpenFlow-SDN flow control: A survey. IEEE Access 7 (2019), 107346--107379.Google Scholar
Cross Ref
- Izzat Alsmadi and Dianxiang Xu. 2015. Security of software defined networks: A survey. Computers 8 Security 53 (2015), 79--108.Google Scholar
- Sheeraz A. Alvi, Bilal Afzal, Ghalib A. Shah, Luigi Atzori, and Waqar Mahmood. 2015. Internet of Multimedia Things: Vision and challenges. Ad Hoc Networks 33 (2015), 87--111.Google Scholar
Digital Library
- Samaresh Bera, Sudip Misra, and Athanasios V. Vasilakos. 2017. Software-defined networking for Internet of tThings: A survey. IEEE Internet of Things Journal 4, 6 (2017), 1994--2008.Google Scholar
Cross Ref
- Sourav Kumar Bhoi, Mohammad S. Obaidat, Deepak Puthal, Munesh Singh, and Kuei-Fang Hsiao. 2018. Software defined network based fault detection in industrial wireless sensor networks. In Proceedings of the 2018 IEEE Global Communications Conference (GLOBECOM’18). IEEE, Los Alamitos, CA, 1--6.Google Scholar
Cross Ref
- Rodrigo Braga, Edjard Mota, and Alexandre Passito. 2010. Lightweight DDoS flooding attack detection using NOX/OpenFlow. In Proceedings of the IEEE 35th Conference on Local Computer Networks (LCN’10). 408--415.Google Scholar
Digital Library
- Zhuo Chen, Fu Jiang, Yijun Cheng, Xin Gu, Weirong Liu, and Jun Peng. 2018. XGBoost classifier for DDoS attack detection and analysis in SDN-Based cloud. In Proceedings of the IEEE International Conference on Big Data and Smart Computing (BigComp’18). 251--256.Google Scholar
Cross Ref
- Salva Daneshgadeh, Tarem Ahmed, Thomas Kemmerich, and Nazife Baykal. 2019. Detection of DDoS attacks and flash events using Shannon entropy, KOAD and Mahalanobis distance. In Proceedings of the 2019 22nd Conference on Innovation in Clouds, Internet, and Networks (ICIN’19). IEEE, Los Alamitos, CA, 222--229.Google Scholar
Cross Ref
- Jisa David and Ciza Thomas. 2015. DDoS attack detection using fast entropy approach on flow-based network traffic. Procedia Computer Science 50 (2015), 30--36.Google Scholar
Cross Ref
- Neelam Dayal and Shashank Srivastava. 2018. An RBF-PSO based approach for early detection of DDoS attacks in SDN. In Proceedings of the 2018 10th International Conference on Communication Systems and Networks (COMSNETS’18). 17--24.Google Scholar
Cross Ref
- Olivier Flauzac, Carlos González, Abdelhak Hachani, and Florent Nolot. 2015. SDN based architecture for IoT and improvement of the security. In Proceedings of the 2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops. 688--693.Google Scholar
Digital Library
- Yoav Freund and Robert E. Schapire. 1996. Experiments with a new boosting algorithm. In Proceedings of the 13th International Conference on Machine Learning (ICML’96). 148--156.Google Scholar
Digital Library
- Nachikethas A. Jagadeesan and Bhaskar Krishnamachari. 2014. Software-defined networking paradigms in wireless networks: A survey. ACM Computing Surveys 47, 2 (2014), Article 27.Google Scholar
- R. T. Kokila, S. Thamarai Selvi, and Kannan Govindarajan. 2014. DDoS detection and analysis in SDN-based environment using support vector machine classifier. In Proceedings of the 6th International Conference on Advanced Computing (ICoAC’14). 205--210.Google Scholar
Cross Ref
- Diego Kreutz, Fernando Ramos, and Paulo Verissimo. 2013. Towards secure and dependable software-defined networks. In Proceedings of the 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. ACM, New York, NY, 55--60.Google Scholar
Digital Library
- Minzhao Lyu, Dainel Sherratt, Arunan Sivanathan, Hassan Habibi Gharakheili, Adam Radford, and Vijay Sivaraman. 2017. Quantifying the reflective DDoS attack capability of household IoT devices. In Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks. ACM, New York, NY, 46--51.Google Scholar
Digital Library
- Xinlei Ma and Yonghong Chen. 2014. DDoS detection method based on chaos analysis of network traffic entropy. IEEE Communications Letters 18, 1 (2014), 114--117.Google Scholar
Cross Ref
- Syed Akbar Mehdi, Junaid Khalid, and Syed Ali Khayam. 2011. Revisiting traffic anomaly detection using software defined networking. In Proceedings of the International Workshop on Recent Advances in Intrusion Detection. 161--180.Google Scholar
Digital Library
- Pritish Mishra, Deepak Puthal, Mayank Tiwary, and Saraju P. Mohanty. 2019. Software defined IoT systems: Properties, state of the art, and future research. IEEE Wireless Communications 26, 6 (2019), 64--71.Google Scholar
Digital Library
- Shunsuke Oshima, Takuo Nakashima, and Toshinori Sueyoshi. 2010. Early DoS/DDoS detection method using short-term statistics. In Proceedings of the 2010 International Conference on Complex, Intelligent, and Software Intensive Systems. 168--173.Google Scholar
Digital Library
- Deepak Puthal, Saraju P. Mohanty, Sanjivani Ashok Bhavake, Graham Morgan, and Rajiv Ranjan. 2019. Fog computing security challenges and future directions [energy and security]. IEEE Consumer Electronics Magazine 8, 3 (2019), 92--96.Google Scholar
Cross Ref
- Deepak Puthal, Surya Nepal, Rajiv Ranjan, and Jinjun Chen. 2016. Threats to networking cloud and edge datacenters in the Internet of Things. IEEE Cloud Computing 3, 3 (2016), 64--71.Google Scholar
Cross Ref
- Edwin Raczko and Bogdan Zagajewski. 2017. Comparison of support vector machine, random forest and neural network classifiers for tree species classification on airborne hyperspectral APEX images. European Journal of Remote Sensing 50, 1 (2017), 144--154.Google Scholar
Cross Ref
- S. P. Raja, T. Dhiliphan Rajkumar, and Vivek Pandiya Raj. 2018. Internet of Things: Challenges, issues and applications. Journal of Circuits, Systems and Computers 27, 12 (2018), 1830007.Google Scholar
Cross Ref
- Shalli Rani, Syed Hassan Ahmed, Rajneesh Talwar, Jyoteesh Malhotra, and Houbing Song. 2017. IoMT: A reliable cross layer protocol for Internet of Multimedia Things. IEEE Internet of Things Journal 4, 3 (2017), 832--839.Google Scholar
Cross Ref
- Ahmad-Reza Sadeghi, Christian Wachsmann, and Michael Waidner. 2015. Security and privacy challenges in Industrial Internet of Things. In Proceedings of the 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC’15). IEEE, Los Alamitos, CA, 1--6.Google Scholar
Digital Library
- Kshira Sagar Sahoo, Sanjaya Kumar Panda, Sampa Sahoo, Bibhudatta Sahoo, and Ratnakar Dash. 2019. Toward secure software-defined networks against distributed denial of service attack. Journal of Supercomputing 75, 8 (2019), 4829--4874.Google Scholar
Cross Ref
- Kshira Sagar Sahoo, Deepak Puthal, Mayank Tiwary, Joel J. P. C. Rodrigues, Bibhudatta Sahoo, and Ratnakar Dash. 2018. An early detection of low rate DDoS attack to SDN based data center networks using information distance metrics. Future Generation Computer Systems 89 (2018), 685--697.Google Scholar
Digital Library
- Kshira Sagar Sahoo, Deepak Puthal, Mayank Tiwary, Muhammad Usman, Bibhudatta Sahoo, Zhenyu Wen, Biswa P. S. Sahoo, and Rajiv Ranjan. 2019. ESMLB: Efficient switch migration-based load balancing for multi-controller SDN in IoT. IEEE Internet of Things Journal 7, 7 (2019), 5852--5860.Google Scholar
Cross Ref
- Kshira Sagar Sahoo, Mayank Tiwary, Sampa Sahoo, Rohit Nambiar, Bibhudatta Sahoo, and Ratnakar Dash. 2018. A learning automata-based DDoS attack defense mechanism in software defined networks. In Proceedings of the 24th Annual International Conference on Mobile Computing and Networking. 795--797.Google Scholar
Digital Library
- Keshav Sood, Shui Yu, and Yong Xiang. 2015. Software-defined wireless networking opportunities and challenges for Internet-of-Things: A review. IEEE Internet of Things Journal 3, 4 (2015), 453--463.Google Scholar
Cross Ref
- Jiafu Wan, Chin-Feng Lai, Houbing Song, Muhammad Imran, and Dongyao Jia. 2019. Software-defined industrial Internet of Things. Wireless Communications and Mobile Computing 2019 (2019), Article 7947638.Google Scholar
- Rui Wang, Zhiping Jia, and Lei Ju. 2015. An entropy-based distributed DDoS detection mechanism in software-defined networking. In Proceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA Conference, Vol. 1. IEEE, Los Alamitos, CA, 310--317.Google Scholar
Digital Library
- Qiao Yan, Wenyao Huang, Xupeng Luo, Qingxiang Gong, and F. Richard Yu. 2018. A multi-level DDoS mitigation framework for the Industrial Internet of Things. IEEE Communications Magazine 56, 2 (2018), 30--36.Google Scholar
Digital Library
- Yu-Hunag Chu, Min-Chi Tseng, Yao-Ting Chen, Yu-Chieh Chou, and Yan-Ren Chen. 2010. A novel design for future on-demand service and security. In Proceedings of the 12th IEEE International Conference on Communication Technology (ICCT’10). IEEE, Los Alamitos, CA, 385--388.Google Scholar
Index Terms
SDN-Assisted DDoS Defense Framework for the Internet of Multimedia Things
Recommendations
Software-defined Networking-based DDoS Defense Mechanisms
Distributed Denial of Service attack (DDoS) is recognized to be one of the most catastrophic attacks against various digital communication entities. Software-defined networking (SDN) is an emerging technology for computer networks that uses open ...
A comprehensive survey of DDoS defense solutions in SDN: Taxonomy, research challenges, and future directions
Highlights- Identified high quality research articles in the field of SDN-aimed DDoS attacks using a systematic literature review protocol.
AbstractThe recent emergence of technologies such as Network Functions Virtualization (NFV), Intent based Networking, Internet of Things (IoT), 5G, and Cloud Computing have led to the rapid growth of networks. The inflexibility and vendor-...
Overview of DDoS Attack Research Under SDN
Machine Learning for Cyber SecurityAbstractSoftware Defined Network (SDN) has been developed and applied gradually in recent years. SDN decouples the data plane from the control plane to implement centralized control, improving network operation efficiency and simplifying network ...






Comments