Abstract
There has been an increase in the usage of Internet of Things (IoT), which has recently become a rising area of interest as it is being extensively used for numerous applications and devices such as wireless sensors, medical devices, sensitive home sensors, and other related IoT devices. Due to the demand to rapidly release new IoT products in the market, security aspects are often overlooked as it takes time to investigate all the possible vulnerabilities. Since IoT devices are internet-based and include sensitive and confidential information, security concerns have been raised and several researchers are exploring methods to improve the security among these types of devices. Software defined networking (SDN) is a promising computer network technology which introduces a central program named ‘SDN Controller’ that allows overall control of the network. Hence, using SDN is an obvious solution to improve IoT networking performance and overcome shortcomings that currently exist. In this paper, we (i) present a system model to effectively use SDN with IoT networks; (ii) present a solution for mitigating man-in-the-middle attacks against IoT that can only use HTTP, which is a critical attack that is hard to defend; and (iii) implement the proposed system model using Raspberry Pi, Kodi Media Center, and Openflow Protocol. Our system implementation and evaluations show that the proposed technique is more resilient to cyber-attacks.
Highlights
Special concerns have been raised for the security of Internet of Things (IoT) [1], these devices are uniquely identifiable, smart in analyzing data and making decisions, and have network capabilities that allow them to be connected to the Internet
This proposed system uses machine learning on the software defined networking (SDN) controller to monitor and analyze the current normal observed behavior on the IoT devices to detect any suspicious activities that might occur in the future, such as denial of service (DoS) attacks [17]
In order for the changes to be made, the manufacturer can either issue a software/firmware update over the internet or recall the IoT and update it manually. Neither of these choices are ideal since a device recall will be costly and updates done over the internet will likely be done through Hypertext Transfer Protocol (HTTP) anyway, creating an even bigger risk as an adversary can potentially gain control of the entire operating system on the IoT with a MITM attack
Summary
Special concerns have been raised for the security of Internet of Things (IoT) [1], these devices are uniquely identifiable, smart in analyzing data and making decisions, and have network capabilities that allow them to be connected to the Internet. SoftThings, which is a security framework on IoT devices based on SDN to capture and prevent attacks This proposed system uses machine learning on the SDN controller to monitor and analyze the current normal observed behavior on the IoT devices to detect any suspicious activities that might occur in the future, such as denial of service (DoS) attacks [17]. Comparing our proposal in this paper with other existing systems and proposals, we introduced a novelty solution of system model and implementation using SDN to secure IoT devices that use HTTP to mitigate and prevent security attacks without the need to modify the IoT devices. Kodi Media Center [19] on the devices as the software media center, and we used Openflow Protocol to implement SDN Our solution provides both confidentiality and integrity and mitigates various risks without the need to modify the IoT devices.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
