TY - GEN
T1 - DDoS attack mitigation in internet of things using software defined networking
AU - Ejaz Ahmed, M.
AU - Kim, Hyoungshick
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/6/8
Y1 - 2017/6/8
N2 - Securing Internet of Things (IoT) systems is a challenge because of its multiple points of vulnerability. A spate of recent hacks and security breaches has unveiled glaring vulnerabilities in the IoT. Due to the computational and memory requirement constraints associated with anomaly detection algorithms in core networks, commercial in-line (part of the direct line of communication) Anomaly Detection Systems (ADSs) rely on sampling-based anomaly detection approaches to achieve line rates and truly-inline anomaly detection accuracy in real-time. However, packet sampling is inherently a lossy process which might provide an incomplete and biased approximation of the underlying traffic patterns. Moreover, commercial routers uses proprietary software making them closed to be manipulated from the outside. As a result, detecting malicious packets on the given network path is one of the most challenging problems in the field of network security. We argue that the advent of Software Defined Networking (SDN) provides a unique opportunity to effectively detect and mitigate DDoS attacks. Unlike sampling-based approaches for anomaly detection and limitation of proprietary software at routers, we use the SDN infrastructure to relax the sampling-based ADS constraints and collect traffic flow statistics which are maintained at each SDN-enabled switch to achieve high detection accuracy. In order to implement our idea, we discuss how to mitigate DDoS attacks using the features of SDN infrastructure.
AB - Securing Internet of Things (IoT) systems is a challenge because of its multiple points of vulnerability. A spate of recent hacks and security breaches has unveiled glaring vulnerabilities in the IoT. Due to the computational and memory requirement constraints associated with anomaly detection algorithms in core networks, commercial in-line (part of the direct line of communication) Anomaly Detection Systems (ADSs) rely on sampling-based anomaly detection approaches to achieve line rates and truly-inline anomaly detection accuracy in real-time. However, packet sampling is inherently a lossy process which might provide an incomplete and biased approximation of the underlying traffic patterns. Moreover, commercial routers uses proprietary software making them closed to be manipulated from the outside. As a result, detecting malicious packets on the given network path is one of the most challenging problems in the field of network security. We argue that the advent of Software Defined Networking (SDN) provides a unique opportunity to effectively detect and mitigate DDoS attacks. Unlike sampling-based approaches for anomaly detection and limitation of proprietary software at routers, we use the SDN infrastructure to relax the sampling-based ADS constraints and collect traffic flow statistics which are maintained at each SDN-enabled switch to achieve high detection accuracy. In order to implement our idea, we discuss how to mitigate DDoS attacks using the features of SDN infrastructure.
KW - DDoS attack
KW - OpenFlow
KW - Software Defined Networking
UR - https://www.scopus.com/pages/publications/85022191276
U2 - 10.1109/BigDataService.2017.41
DO - 10.1109/BigDataService.2017.41
M3 - Conference contribution
AN - SCOPUS:85022191276
T3 - Proceedings - 3rd IEEE International Conference on Big Data Computing Service and Applications, BigDataService 2017
SP - 271
EP - 276
BT - Proceedings - 3rd IEEE International Conference on Big Data Computing Service and Applications, BigDataService 2017
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 3rd IEEE International Conference on Big Data Computing Service and Applications, BigDataService 2017
Y2 - 6 April 2017 through 10 April 2017
ER -