Detecting Denial of Service Attacks in Internet of Things Using Software-Defined Networking and Ensemble Learning
Abstract
The Internet of Things (IoT) is a novel approach to automate connections between smart devices without involving humans. The utilization of this structure is growing, and its application range is continually expanding. We confront additional issues as the usage of these networks grows, such as the presence of attackers and combating their attacks. These networks' performance may be improved, and their development can be accelerated, with new solutions to these difficulties. A new method for improving IoT security is proposed in this research, which is based on software-based network and collaborative learning. The suggested solution divides the network domain into numerous subdomains, each with its own controller for exchanging security rules with other subdomains. All of a subnet's node traffic is routed through the subnet's control node in this topology. As a result, each controller node employs an integrated learning model to continually evaluate network traffic data and detect assaults. This learning model incorporates an artificial neural network, a decision tree, and a New Biz model that uses statistical information gathered from each data stream to identify the likely existence of assaults. NSL-KDD database data was utilised to assess the proposed method's performance, and its accuracy in identifying denial of service attacks was compared to earlier approaches.
Downloads
References
J. Li, M. Siddula, X. Cheng, W. Cheng, Z. Tian and Y. Li. Approximate data aggregation in sensor equipped IoT networks. Tsinghua Science and Technology, vol. 25, no. 1, pp. 44-55, 2019.
J. Marietta and B. Mohan. A review on routing in internet of things. Wireless Personal Communications, vol. 111, no. 1, pp. 209-233, 2020.
X. Dong, Z. Yu, W. Cao, Y. Shi, and Q. Ma, X. A survey on ensemble learning. Frontiers of Computer Science, vol. 14, no. 2, pp. 241-258, 2020.
G. Perrone, M. Vecchio, R. Pecori, and R. Giaffreda. The Day After Mirai: A Survey on MQTT Security Solutions After the Largest Cyber-Attack Carried Out through an Army of IoT Devices. In: 2nd International Conference on Internet of Things, Big Data and Security, IoTBDS, pp. 246-25, 2017.
S. Andy, B. Rahardjo and B. Hanindhito. Attack Scenarios and Security Analysis of MQTT Communication Protocol in IoT System. In: 2017 4th International Conference on Electrical Engineering, Computer Science and Informatics (EECSI), pp. 1-6, 2017.
X. Liu, T. Zhang, N. Hu, P. Zhang and Y. Zhang. The method of internet of things access and network communication based on MQTT. Computer Communications, vol. 153, pp. 169-176, 2020.
S. N. Firdous, Z. Baig and A. Ibrahim. Modelling and evaluation of malicious attacks against the IOT MQTT protocol. 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 748-755, 2017.
H. Ramos, S. Villalba, R and Lacuesta. MQTT Security: A Novel Fuzzing Approach. Wireless Communications and Mobile Computing, 2018.
A. Vähä-Sipilä, “mqtt fuzz”., 2015. Available from: https://github.com/F-Secure/mqtt_fuzz
N. Moustafa, B. Turnbull and K. Choo. An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things. IEEE Internet of Things Journal, vol. 6, no. 3, pp. 4815-4830, 2018.
N. F. Syed, Z. Baig, A. Ibrahim and C. Valli. Denial of service attack detection through machine learning for the IoT. Journal of Information and Telecommunication, vol. 4, no. 4, pp. 482-503, 2020.
C. Kharkongor, T. Chithralekha and R. Varghese. A SDN controller with energy efficient routing in the internet of things (IoT). Procedia Computer Science, vol. 89, pp. 218-227, 2016.
W. Zhe, C. Wei and L. Chunlin. DoS attack detection model of smart grid based on machine learning method. In: 2020 IEEE International Conference on Power, Intelligent Computing and Systems (ICPICS), pp. 735-738, 2020.
S. Dong and M. Sarem. DDoS attack detection method based on improved KNN with the degree of DDoS attack in software defined networks. IEEE Access, vol. 8, pp. 5039-5048, 2019.
M. Bharati and M. Ramageri. Data mining techniques and applications. Indian Journal of Computer Science and Engineering, vol. 1, no. 4, pp. 301-305, 2010.
R. Bala and R. Nagpal. A review on kdd cup99 and nsl nsl-kdd dataset. International Journal of Advanced Research in Computer Science, vol. 10, no. 2, pp. 64-67, 2010.
Copyright (c) 2022 Adil H. Mohammed, Shima Rashidi, Yusra A. Salih
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Authors who publish with this journal agree to the following terms:
1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License [CC BY-NC-ND 4.0] that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).