Abstract
The current paper addresses relevant network security vulnerabilities introduced by network devices within the emerging paradigm of Internet of Things (IoT) as well as the urgent need to mitigate the negative effects of some types of Distributed Denial of Service (DDoS) attacks that try to explore those security weaknesses. We design and implement a Software-Defined Intrusion Detection System (IDS) that reactively impairs the attacks at its origin, ensuring the “normal operation” of the network infrastructure. Our proposal includes an IDS that automatically detects several DDoS attacks, and then as an attack is detected, it notifies a Software Defined Networking (SDN) controller. The current proposal also downloads some convenient traffic forwarding decisions from the SDN controller to network devices. The evaluation results suggest that our proposal timely detects several types of cyber-attacks based on DDoS, mitigates their negative impacts on the network performance, and ensures the correct data delivery of normal traffic. Our work sheds light on the programming relevance over an abstracted view of the network infrastructure to timely detect a Botnet exploitation, mitigate malicious traffic at its source, and protect benign traffic.
Highlights
According to [1], in the beginning of 2018, more than 50% of the world population used the Internet (85% in Europe and 95% in North America)
We perform a Distributed Denial of Service (DDoS) attack with a spoofed IP address
We have presented a security system based on the Software Defined Networking (SDN) paradigm at the client side to ensure in a centralized way the “normal operation” of a domestic or business networking scenario
Summary
According to [1], in the beginning of 2018, more than 50% of the world population used the Internet (85% in Europe and 95% in North America). Attacks ever seen [4] This attack was possible due to security weaknesses that allowed the non-authorized remote access to Internet of Things (IoT) devices. In this way, non-identified attackers have installed a Botnet (i.e., Mirai) at a very high number of IoT devices. Non-identified attackers have installed a Botnet (i.e., Mirai) at a very high number of IoT devices These devices were located at network domains geographically separated from each other. At a specific instant of time, through the botnet, the compromised IoT devices simultaneously generated a high amount of traffic towards specific Internet Servers, exhausting their resources. The services normally provided by those servers were down for several hours due to the huge difficulty to neutralize every attack source
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
