Flow Based Security for IoT Devices using an SDN Gateway

Peter Bull; Ron Austin; Evgenii Popov; Mak Sharma; Richard Watson

Flow Based Security for IoT Devices using an SDN Gateway

Peter Bull, Ron Austin, Evgenii Popov, Mak Sharma, Richard Watson

Research output: Chapter in Book/Report/Conference proceeding › Chapter

Abstract

With near exponential growth predicted in the number of Internet of Things (IoT) based devices within networked systems there is need of a means of providing their flexible and secure integration. Software Defined Networking (SDN) is a concept that allows for the centralised control and configuration of network devices, and also provides opportunities for the dynamic control of network traffic. This paper proposes the use of an SDN gateway as a distributed means of monitoring the traffic originating from and directed to IoT based devices. This gateway can then both detect anomalous behaviour and perform an appropriate response (blocking, forwarding, or applying Quality of Service). Initial results demonstrate that, while the addition of the attack detection functionality has an impact on the number of flow installations possible per second, it can successfully detect and block TCP and ICMP flood based attacks.

Original language	English
Title of host publication	Future Internet of Things and Cloud (FiCloud), 2016 IEEE 4th International Conference on
Publisher	IEEE
ISBN (Print)	978-1-5090-4052-0
Publication status	Published (VoR) - 26 Sept 2016

Access to Document

http://ieeexplore.ieee.org/document/7575858/

Cite this

@inbook{2693b13744204a3892a69e8a6262db7f,

title = "Flow Based Security for IoT Devices using an SDN Gateway",

abstract = "With near exponential growth predicted in the number of Internet of Things (IoT) based devices within networked systems there is need of a means of providing their flexible and secure integration. Software Defined Networking (SDN) is a concept that allows for the centralised control and configuration of network devices, and also provides opportunities for the dynamic control of network traffic. This paper proposes the use of an SDN gateway as a distributed means of monitoring the traffic originating from and directed to IoT based devices. This gateway can then both detect anomalous behaviour and perform an appropriate response (blocking, forwarding, or applying Quality of Service). Initial results demonstrate that, while the addition of the attack detection functionality has an impact on the number of flow installations possible per second, it can successfully detect and block TCP and ICMP flood based attacks.",

author = "Peter Bull and Ron Austin and Evgenii Popov and Mak Sharma and Richard Watson",

year = "2016",

month = sep,

day = "26",

language = "English",

isbn = "978-1-5090-4052-0",

booktitle = "Future Internet of Things and Cloud (FiCloud), 2016 IEEE 4th International Conference on",

publisher = "IEEE",

}

TY - CHAP

T1 - Flow Based Security for IoT Devices using an SDN Gateway

AU - Bull, Peter

AU - Austin, Ron

AU - Popov, Evgenii

AU - Sharma, Mak

AU - Watson, Richard

PY - 2016/9/26

Y1 - 2016/9/26

N2 - With near exponential growth predicted in the number of Internet of Things (IoT) based devices within networked systems there is need of a means of providing their flexible and secure integration. Software Defined Networking (SDN) is a concept that allows for the centralised control and configuration of network devices, and also provides opportunities for the dynamic control of network traffic. This paper proposes the use of an SDN gateway as a distributed means of monitoring the traffic originating from and directed to IoT based devices. This gateway can then both detect anomalous behaviour and perform an appropriate response (blocking, forwarding, or applying Quality of Service). Initial results demonstrate that, while the addition of the attack detection functionality has an impact on the number of flow installations possible per second, it can successfully detect and block TCP and ICMP flood based attacks.

AB - With near exponential growth predicted in the number of Internet of Things (IoT) based devices within networked systems there is need of a means of providing their flexible and secure integration. Software Defined Networking (SDN) is a concept that allows for the centralised control and configuration of network devices, and also provides opportunities for the dynamic control of network traffic. This paper proposes the use of an SDN gateway as a distributed means of monitoring the traffic originating from and directed to IoT based devices. This gateway can then both detect anomalous behaviour and perform an appropriate response (blocking, forwarding, or applying Quality of Service). Initial results demonstrate that, while the addition of the attack detection functionality has an impact on the number of flow installations possible per second, it can successfully detect and block TCP and ICMP flood based attacks.

UR - https://www.open-access.bcu.ac.uk/3818/

M3 - Chapter

SN - 978-1-5090-4052-0

BT - Future Internet of Things and Cloud (FiCloud), 2016 IEEE 4th International Conference on

PB - IEEE

ER -

Flow Based Security for IoT Devices using an SDN Gateway

Abstract

Access to Document

Other files and links

Fingerprint

Cite this