Login New user?  
04-Information Sciences Letters
An International Journal
               
 
 
 
 
 
 
 
 
 
 
 
 

Content
 

Volumes > Vol. 13 > No. 3

 
   

Cost-Efficient Method for Detecting and Mitigating the CrossPath Attack via Shared Links in SDN-Based IoT Network

PP: 497-509
doi:10.18576/isl/130305
Author(s)
A. Allakany, S. A. Nooh,
Abstract
The security of the Internet of Things (IoT) ecosystem has become a critical challenge due to a tremendous increase in the vulnerable connected IoT devices. Software-Defined Network (SDN) becomes a choice for managing IoT and offers new approaches to solve security problems. In the recent wave of distributed denial-of-service (DDoS) attacks, attackers have shifted their strategy from directly targeting the SDN controller to concentrating on specific links or area, causing disruptions in connectivity. These attacks, known as Linking Flooding Attack (LFA) and CrossPath Attack (CPA), represent a novel form of DDoS attack. Unlike conventional approaches in the literature that solely rely on automatic Machine Learning (ML) model to detect and mitigate DDoS attacks family. In this paper, we introduce a new SDN-based strategy to combat DDoS, LFA, and CPA attacks. This approach includes step-by-step network measurements to detect and pinpoint unusual link behavior, facilitating the prompt identification of potential attacks. Following this, an ML model is applied to verify if these link congestions are indicative of an attack. This method marks a departure from traditional techniques that depend entirely on automated ML models. Instead, it starts with an analysis of each links congestion before employing the ML model for attack confirmation. This strategy ensures more efficient use of SDN controller resources. Our implementation of this system as an application in the Ryu controllers application layer has shown promising results. Through our evaluations, we found that the approach notably improved link performance assessment and detection of DDoS, LFA, and CPA attacks. This advancement resulted in a more efficient use of SDN controller resources, ultimately enhancing the security of IoT networks

  Home   About us   News   Journals   Conferences Contact us Copyright naturalspublishing.com. All Rights Reserved