SDN-based Machine Learning Powered Alarm Manager for Mitigating the Traffic Spikes at the IoT Gateways

As the adoption of the Internet of Things (IoT) is gaining momentum so are the possibilities of misusing it to hamper the service provided by the IoT applications. IoT devices can be hacked to launch denial of service (DoS) or distributed DoS (DDoS) attack to overwhelm the IoT network right from the IoT gateway (IoT-G) at the edge to the IoT application server from serving the legitimate flows. Monitoring at the IoT-G is required to identify the unusual spikes in the traffic and in response, unified actions are required to provide faster and effective resilience against such attacks. To address these challenges, in this paper, we propose software-defined networking (SDN) based alarm manager design for mitigating the immediate traffic burst at the IoT-G. Our machine learning-powered alarm manager identifies the attack in the network using the historical interpretation of the traffic and generates an alarm to block the attack from overwhelming the IoT network. Based on the results, our solution is capable of detecting the security attack with around 98% precision and then mitigating it.