Zero Trust Management Over Consumer Technology-Based IoT Edge Node for SDN Communication and Control of Cyber–Physical Systems

IF 10.9 2区计算机科学 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC

IEEE Transactions on Consumer Electronics Pub Date : 2025-04-22 DOI:10.1109/TCE.2025.3563408

Haewon Byeon;Mahmood Alsaadi;Sachin Gupta;Jagdish Chandra Patni;Tariq Ahamed Ahanger;Brajesh Kumar Singh;Ajeet Kumar Srivastava;Pardaeva Shakhnoza Abdinabievna;Santhosh Boddupalli

{"title":"Zero Trust Management Over Consumer Technology-Based IoT Edge Node for SDN Communication and Control of Cyber–Physical Systems","authors":"Haewon Byeon;Mahmood Alsaadi;Sachin Gupta;Jagdish Chandra Patni;Tariq Ahamed Ahanger;Brajesh Kumar Singh;Ajeet Kumar Srivastava;Pardaeva Shakhnoza Abdinabievna;Santhosh Boddupalli","doi":"10.1109/TCE.2025.3563408","DOIUrl":null,"url":null,"abstract":"In response to the lack of effective means for detecting and locating malicious exchange nodes in data flow transmission links within the Internet of Things (IoT), this paper proposes a zero-trust management method for data flow between edge nodes based on software defined networking (SDN) communication and control of cyber-physical systems (CPS). To detect and prevent anomalous behaviors like data tampering, forwarding path anomalies, and malicious packet drops through forwarding verification by exchange nodes, SDN-ZTM applies SDN to the data transmission process between IoT edge nodes. This approach applies the SDN architecture to the transmission process of data flows between edge nodes, utilizing a fixed-length header overhead for zero-trust management of data flows, nodes, and paths, thereby enabling lightweight packet forwarding verification and malicious exchange node localization. Simulation studies and theoretical research show that SDN-ZTM offers more extensive security features than similar methods. Additionally, SDN-ZTM is a lightweight, useful solution appropriate for IoT application scenarios since it introduces a fixed-length header and has a smaller performance overhead. Experimental results show that the method introduces less than 10% forwarding delay and less than 8% throughput loss.","PeriodicalId":13208,"journal":{"name":"IEEE Transactions on Consumer Electronics","volume":"71 2","pages":"4849-4858"},"PeriodicalIF":10.9000,"publicationDate":"2025-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Consumer Electronics","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10973280/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 0

Abstract

In response to the lack of effective means for detecting and locating malicious exchange nodes in data flow transmission links within the Internet of Things (IoT), this paper proposes a zero-trust management method for data flow between edge nodes based on software defined networking (SDN) communication and control of cyber-physical systems (CPS). To detect and prevent anomalous behaviors like data tampering, forwarding path anomalies, and malicious packet drops through forwarding verification by exchange nodes, SDN-ZTM applies SDN to the data transmission process between IoT edge nodes. This approach applies the SDN architecture to the transmission process of data flows between edge nodes, utilizing a fixed-length header overhead for zero-trust management of data flows, nodes, and paths, thereby enabling lightweight packet forwarding verification and malicious exchange node localization. Simulation studies and theoretical research show that SDN-ZTM offers more extensive security features than similar methods. Additionally, SDN-ZTM is a lightweight, useful solution appropriate for IoT application scenarios since it introduces a fixed-length header and has a smaller performance overhead. Experimental results show that the method introduces less than 10% forwarding delay and less than 8% throughput loss.

查看原文本刊更多论文

基于消费者技术的物联网边缘节点用于SDN通信和网络物理系统控制的零信任管理

针对物联网（IoT）数据流传输链路中缺乏有效的恶意交换节点检测和定位手段的问题，本文提出了一种基于软件定义网络（SDN）通信和网络物理系统（CPS）控制的边缘节点间数据流零信任管理方法。SDN- ztm通过交换节点的转发验证，检测和防止数据篡改、转发路径异常、恶意丢包等异常行为，将SDN应用于物联网边缘节点之间的数据传输过程。该方法将SDN架构应用于边缘节点之间的数据流传输过程，利用固定长度的报头开销对数据流、节点和路径进行零信任管理，从而实现轻量级的数据包转发验证和恶意交换节点定位。仿真研究和理论研究表明，与同类方法相比，SDN-ZTM具有更广泛的安全特性。此外，SDN-ZTM是一种轻量级的、有用的解决方案，适用于物联网应用场景，因为它引入了固定长度的报头，并且性能开销较小。实验结果表明，该方法实现了小于10%的转发延迟和小于8%的吞吐量损失。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Consumer Electronics 工程技术-电信学

CiteScore

7.70

自引率

9.30%

发文量

审稿时长

3.3 months

期刊介绍： The main focus for the IEEE Transactions on Consumer Electronics is the engineering and research aspects of the theory, design, construction, manufacture or end use of mass market electronics, systems, software and services for consumers.