SDN Based DDos Mitigating Approach Using Traffic Entropy for IoT Network

IF 2 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

Cmc-computers Materials & Continua Pub Date : 2022-01-01 DOI:10.32604/cmc.2022.017772

Muhammad Ibrahim, Muhammad Hanif, Shabir Ahmad, Faisal Jamil, Tayyaba Sehar, Yunjung Lee, Dohyeun Kim

{"title":"SDN Based DDos Mitigating Approach Using Traffic Entropy for IoT Network","authors":"Muhammad Ibrahim, Muhammad Hanif, Shabir Ahmad, Faisal Jamil, Tayyaba Sehar, Yunjung Lee, Dohyeun Kim","doi":"10.32604/cmc.2022.017772","DOIUrl":null,"url":null,"abstract":": The Internet of Things (IoT) has been widely adopted in various domains including smart cities, healthcare, smart factories, etc. In the last few years, the fitness industry has been reshaped by the introduction of smart fitness solutions for individuals as well as fitness gyms. The IoT fitness devices collect trainee data that is being used for various decision-making. However, it will face numerous security and privacy issues towards its realization. This work focuses on IoT security, especially DoS/DDoS attacks. In this paper, we have proposed a novel blockchain-enabled protocol (BEP) that uses the notion of a self-exposing node (SEN) approach for securing fitness IoT applications. The blockchain and SDN architectures are employed to enhance IoT security by a highly preventive security monitoring, analysis and response system. The proposed approach helps in detecting the DoS/DDoS attacks on the IoT fitness system and then mitigating the attacks. The BEP is used for handling Blockchain-related activities and SEN could be a sensor or actu-ator node within the fitness IoT system. SEN provides information about the inbound and outbound traffic to the BEP which is used to analyze the DoS/DDoS attacks on the fitness IoT system. The SEN calculates the inbound and outbound traffic features’ entropies and transmits them to the Blockchain in the form of transaction blocks. The BEP picks the whole mined blocks’ transactions and transfers them to the SDN controller node. The controller node correlates the entropies data of SENs and decides about the DoS or DDoS attack. So, there are two decision points, one is SEN, and another is the controller. To evaluate the performance of our proposed system, several experiments are performed and results concerning the entropy values and attack detection rate are obtained. The proposed approach has outperformed the other two approaches concerning the attack detection rate by an increase of 11% and 18% against Approach 1 and Approach 2 respectively.","PeriodicalId":10440,"journal":{"name":"Cmc-computers Materials & Continua","volume":"62 1","pages":""},"PeriodicalIF":2.0000,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cmc-computers Materials & Continua","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.32604/cmc.2022.017772","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 3

Abstract

: The Internet of Things (IoT) has been widely adopted in various domains including smart cities, healthcare, smart factories, etc. In the last few years, the fitness industry has been reshaped by the introduction of smart fitness solutions for individuals as well as fitness gyms. The IoT fitness devices collect trainee data that is being used for various decision-making. However, it will face numerous security and privacy issues towards its realization. This work focuses on IoT security, especially DoS/DDoS attacks. In this paper, we have proposed a novel blockchain-enabled protocol (BEP) that uses the notion of a self-exposing node (SEN) approach for securing fitness IoT applications. The blockchain and SDN architectures are employed to enhance IoT security by a highly preventive security monitoring, analysis and response system. The proposed approach helps in detecting the DoS/DDoS attacks on the IoT fitness system and then mitigating the attacks. The BEP is used for handling Blockchain-related activities and SEN could be a sensor or actu-ator node within the fitness IoT system. SEN provides information about the inbound and outbound traffic to the BEP which is used to analyze the DoS/DDoS attacks on the fitness IoT system. The SEN calculates the inbound and outbound traffic features’ entropies and transmits them to the Blockchain in the form of transaction blocks. The BEP picks the whole mined blocks’ transactions and transfers them to the SDN controller node. The controller node correlates the entropies data of SENs and decides about the DoS or DDoS attack. So, there are two decision points, one is SEN, and another is the controller. To evaluate the performance of our proposed system, several experiments are performed and results concerning the entropy values and attack detection rate are obtained. The proposed approach has outperformed the other two approaches concerning the attack detection rate by an increase of 11% and 18% against Approach 1 and Approach 2 respectively.

查看原文本刊更多论文

基于SDN的物联网网络流量熵DDos缓解方法

物联网(IoT)已广泛应用于智慧城市、医疗保健、智能工厂等各个领域。在过去的几年里，随着智能健身解决方案的引入，健身行业已经被重塑。物联网健身设备收集学员数据，用于各种决策。然而，它的实现将面临许多安全和隐私问题。这项工作的重点是物联网安全，特别是DoS/DDoS攻击。在本文中，我们提出了一种新的支持区块链的协议(BEP)，该协议使用自暴露节点(SEN)方法的概念来保护健身物联网应用程序。采用区块链和SDN架构，通过高度预防性的安全监控、分析和响应系统，增强物联网安全性。提出的方法有助于检测对物联网健身系统的DoS/DDoS攻击，然后减轻攻击。BEP用于处理与区块链相关的活动，SEN可以是健身物联网系统中的传感器或执行器节点。SEN向BEP提供有关入站和出站流量的信息，BEP用于分析健身物联网系统上的DoS/DDoS攻击。SEN计算入站和出站的流量特征熵，并以交易块的形式发送给区块链。BEP选择整个开采区块的交易并将其传输到SDN控制节点。控制节点将SENs的熵数据进行关联，并决定是DoS还是DDoS攻击。这里有两个决策点，一个是SEN，另一个是控制器。为了评估我们提出的系统的性能，进行了几个实验，得到了关于熵值和攻击检测率的结果。与方法1和方法2相比，该方法的攻击检测率分别提高了11%和18%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Cmc-computers Materials & Continua 工程技术-材料科学：综合

CiteScore

5.30

自引率

19.40%

发文量

345

审稿时长

1 months

期刊介绍： This journal publishes original research papers in the areas of computer networks, artificial intelligence, big data management, software engineering, multimedia, cyber security, internet of things, materials genome, integrated materials science, data analysis, modeling, and engineering of designing and manufacturing of modern functional and multifunctional materials. Novel high performance computing methods, big data analysis, and artificial intelligence that advance material technologies are especially welcome.