Detecting Denial of Service Attacks in Internet of Things Using Software-Defined Networking and Ensemble Learning

Keywords: Denial of Service Attacks, Intrusion Detection System, Cumulative Learning, Software-Based Network, Internet of Things

Abstract

The Internet of Things (IoT) is a novel approach to automate connections between smart devices without involving humans. The utilization of this structure is growing, and its application range is continually expanding. We confront additional issues as the usage of these networks grows, such as the presence of attackers and combating their attacks. These networks' performance may be improved, and their development can be accelerated, with new solutions to these difficulties. A new method for improving IoT security is proposed in this research, which is based on software-based network and collaborative learning. The suggested solution divides the network domain into numerous subdomains, each with its own controller for exchanging security rules with other subdomains. All of a subnet's node traffic is routed through the subnet's control node in this topology. As a result, each controller node employs an integrated learning model to continually evaluate network traffic data and detect assaults. This learning model incorporates an artificial neural network, a decision tree, and a New Biz model that uses statistical information gathered from each data stream to identify the likely existence of assaults. NSL-KDD database data was utilised to assess the proposed method's performance, and its accuracy in identifying denial of service attacks was compared to earlier approaches.

Downloads

Download data is not yet available.

Author Biographies

Adil H. Mohammed, Department of Communication and Computer Engineering, Cihan University-Erbil, Kurdistan Region, Iraq.

Adil Mohammed is an Assistant Lecture  with a M.Sc. degree in Communication Engineering, teaching in the Department of Communication and Computer at Cihan University-Erbil, Kurdistan Region, F.R. Iraq. He has a B.Sc. degree in Electrical and Electronic Engineering, M.Sc. degree in Communication Engineering and EW.

Shima Rashidi, ‎Department of Computer Science, College of Science and Technology, University of Human Development, Sulaymaniyah, Kurdistan Region, Iraq

Shima Rashidi is an Assistant Lecturer at the Department of computer science, College of science and technology, University of Human Development. She got a B.Sc. and an M.Sc. degree in computer science from the University of Tabriz. Now, she is a Ph.D. student at the University of Science and Technology, Tehran, Iran. Her research interests are in ensemble learning, semi-supervised learning, and social network analysis

References

J. Li, M. Siddula, X. Cheng, W. Cheng, Z. Tian and Y. Li. Approximate data aggregation in sensor equipped IoT networks. Tsinghua Science and Technology, vol. 25, no. 1, pp. 44-55, 2019.

J. Marietta and B. Mohan. A review on routing in internet of things. Wireless Personal Communications, vol. 111, no. 1, pp. 209-233, 2020.

X. Dong, Z. Yu, W. Cao, Y. Shi, and Q. Ma, X. A survey on ensemble learning. Frontiers of Computer Science, vol. 14, no. 2, pp. 241-258, 2020.

G. Perrone, M. Vecchio, R. Pecori, and R. Giaffreda. The Day After Mirai: A Survey on MQTT Security Solutions After the Largest Cyber-Attack Carried Out through an Army of IoT Devices. In: 2nd International Conference on Internet of Things, Big Data and Security, IoTBDS, pp. 246-25, 2017.

S. Andy, B. Rahardjo and B. Hanindhito. Attack Scenarios and Security Analysis of MQTT Communication Protocol in IoT System. In: 2017 4th International Conference on Electrical Engineering, Computer Science and Informatics (EECSI), pp. 1-6, 2017.

X. Liu, T. Zhang, N. Hu, P. Zhang and Y. Zhang. The method of internet of things access and network communication based on MQTT. Computer Communications, vol. 153, pp. 169-176, 2020.

S. N. Firdous, Z. Baig and A. Ibrahim. Modelling and evaluation of malicious attacks against the IOT MQTT protocol. 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 748-755, 2017.

H. Ramos, S. Villalba, R and Lacuesta. MQTT Security: A Novel Fuzzing Approach. Wireless Communications and Mobile Computing, 2018.

A. Vähä-Sipilä, “mqtt fuzz”., 2015. Available from: https://github.com/F-Secure/mqtt_fuzz

N. Moustafa, B. Turnbull and K. Choo. An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things. IEEE Internet of Things Journal, vol. 6, no. 3, pp. 4815-4830, 2018.

N. F. Syed, Z. Baig, A. Ibrahim and C. Valli. Denial of service attack detection through machine learning for the IoT. Journal of Information and Telecommunication, vol. 4, no. 4, pp. 482-503, 2020.

C. Kharkongor, T. Chithralekha and R. Varghese. A SDN controller with energy efficient routing in the internet of things (IoT). Procedia Computer Science, vol. 89, pp. 218-227, 2016.

W. Zhe, C. Wei and L. Chunlin. DoS attack detection model of smart grid based on machine learning method. In: 2020 IEEE International Conference on Power, Intelligent Computing and Systems (ICPICS), pp. 735-738, 2020.

S. Dong and M. Sarem. DDoS attack detection method based on improved KNN with the degree of DDoS attack in software defined networks. IEEE Access, vol. 8, pp. 5039-5048, 2019.

M. Bharati and M. Ramageri. Data mining techniques and applications. Indian Journal of Computer Science and Engineering, vol. 1, no. 4, pp. 301-305, 2010.

R. Bala and R. Nagpal. A review on kdd cup99 and nsl nsl-kdd dataset. International Journal of Advanced Research in Computer Science, vol. 10, no. 2, pp. 64-67, 2010.

Published
2022-08-20
How to Cite
1.
Mohammed A, Rashidi S, Salih Y. Detecting Denial of Service Attacks in Internet of Things Using Software-Defined Networking and Ensemble Learning. cuesj [Internet]. 20Aug.2022 [cited 1Oct.2022];6(2):49-6. Available from: https://journals.cihanuniversity.edu.iq/index.php/cuesj/article/view/667
Section
Research Article