A time-efficient approach toward DDoS attack detection in IoT network using SDN

Jalal Bhayo, Riaz Jafaq, Awais Ahmed, Sufian Hameed, Syed Attique Shah*

*Corresponding author for this work

    Research output: Contribution to journalArticlepeer-review

    48 Citations (SciVal)

    Abstract

    As the usability of Internet of Things (IoT) devices increases, the security threats and vulnerabilities associated with these resource-constrained IoT devices also rise. One of the major threats to IoT devices is Distributed Denial of Service (DDoS). To make the security of IoT devices effective and resilient, continuous monitoring and early detection, along with adaptive decision making, are required. These challenges can be addressed with software-defined networking (SDN), which provides an opportunity for effectively managing the DDoS threats faced by IoT devices. This research proposes a novel SDN-based secure IoT framework that can detect the vulnerabilities in IoT devices or malicious traffic generated by IoT devices using the session IP counter and IP Payload analysis. The framework’s DDoS attack detection module consisting of the proposed algorithms can easily detect the DDoS attack in the SD-IoT network by analyzing different parameters even with a large traffic volume. These techniques are implemented on an SDN controller and tested by generating a large volume of traffic from a compromised node, which is then detected and notified. According to the results and comparative analysis, the proposed framework detects DDoS attacks in the early stage with high accuracy and detection rate from 98% to 100%, having a low false-positive rate.
    Original languageEnglish
    Pages (from-to)3612-3630
    Number of pages19
    JournalIEEE Internet of Things Journal
    Volume9
    Issue number5
    DOIs
    Publication statusPublished (VoR) - 19 Jul 2021

    Keywords

    • Distributed Denial-of-Service (DDoS) attacks
    • Internet of Things (IoT)
    • SDNWISE
    • software-defined networking (SDN)

    Fingerprint

    Dive into the research topics of 'A time-efficient approach toward DDoS attack detection in IoT network using SDN'. Together they form a unique fingerprint.

    Cite this