Scalable and Robust Intrusion Detection System to Secure the IoT Environments using Software Defined Networks (SDN) Enabled Architecture

Abstract

– Due to the rapid development of smart devices with reduced costs and advanced sensing capabilities, the adoption of the internet of things has recently gained a lot of traction. However, such IoT devices are more vulnerable to being attacked or compromised. Moreover, traditional security mechanisms based on signatures and rules are no longer capable of detecting sophisticated intrusions. In the IoT context, the deployment of intelligent techniques in the control plane of the system architecture plays a vital role in identifying various attacks, including unknown ones. In this study, a software defined network (SDN)-based IoT anomaly intrusion detection system is proposed to detect abnormal behaviors and attacks. Five different machine learning techniques are investigated, including support vector machines, k-nearest neighbor, logistic regression, random forest, and decision trees. A scalable and robust intrusion detection system is designed based on machine learning models and placed at the SDN controller to observe and classify the behavior of IoT devices. A benchmark dataset, ToN-IoT, has been selected to test and evaluate the ML models by conducting several experiments. The obtained results have demonstrated that ML-based IDS can provide a reliable security system. Particularly, the random forest technique outperformed the other studied ML algorithms.