An SDN-Based Prototype for Dynamic Detection and Mitigation of DoS Attacks in IoT

Abstract

Internet of Things (IoT) networks and devices are getting adopted in various sectors like the healthcare, smart environment, smart cities, etc. These networks generate a huge amount of data from various sensors and other IoT devices including wearable ones connected to it. As the use of IoT networks and devices increases, security concerns are also getting top priority. There is no standard protocol available till now to completely protect these IoT devices from Denial of Services (DoS) and Distributed Denial of Services (DDoS) attacks. To identify and mitigate these attacks, continuous monitoring of the network and dynamic decision-making are required. With the help of Software Defined Network (SDN) principles in IoT, the security threats can be effectively and dynamically handled on IoT devices. This paper proposes a novel mechanism for early detection and mitigation of the abnormal behaviors in IoT by using SDN principles. This prototype model is well suited for smart networks like smart homes, healthcare, agriculture etc., where multiple interconnected microcontroller boards are used in the communication process. The model can ensure attack detection in the gateway device as well as in SDN controller so that it can ensure twin layer protection. To learn the behavior pattern of the attacks, the real-time DoS attacks are conducted on a small ThingSpeak cloud based IoT network, which includes NodeMCU board and few sensors. This threat modeling is the basis for our attack detection and mitigation model proposed in this work. Finally, this research work has simulated the proposed SDN based prototype model in Mininet and conducted the experiments by initiating different DoS attacks randomly. From this, it is observed that, our model is capable of detecting the known attacks with almost 98.5% accuracy rate.