IoT-NetSec: Policy-Based IoT Network Security Using OpenFlow

Abstract: Along with widespread adoption of the Internet of Things (IoT), concerns about IoT security have been highlighted in numerous reports. Recently, there have been proposal to leverage software-defined networking (SDN) to augment IoT device security with network-level measures. We argue that existing general-purpose security solutions using SDN are impractical for supporting today's home and corporate networks. This paper proposes a policy-based networklayer framework, called IOT-NETSEC, that provides a finegrain… Show more

“…Survey papers [1], [19], [20], [45], [42], [5], [6], [38], [18], [3] [7], [179], [181], [185] Security OpenFlow Survey papers…”

“…2) Proposed Framework: In [185], authors proposed an IoT-NETSEC framework based on SDN technology consisting of the following building blocks: device policy repository, IoT device registration, security flow role installer, statistic collector. The proposed framework monitors the traffic of IoT devices across the network to ensure three basic rules: only approved communications are allowed and everything else is denied, monitor the network traffic, and protect the IoT device against three attacks such as port scanning DOS, DDOS.…”

Towards Software-Defined-Networking-based IoT: A Systematic Literature Review on Management Frameworks and Open Challenges

“…Survey papers [1], [19], [20], [45], [42], [5], [6], [38], [18], [3] [7], [179], [181], [185] Security OpenFlow Survey papers…”

“…2) Proposed Framework: In [185], authors proposed an IoT-NETSEC framework based on SDN technology consisting of the following building blocks: device policy repository, IoT device registration, security flow role installer, statistic collector. The proposed framework monitors the traffic of IoT devices across the network to ensure three basic rules: only approved communications are allowed and everything else is denied, monitor the network traffic, and protect the IoT device against three attacks such as port scanning DOS, DDOS.…”

Towards Software-Defined-Networking-based IoT: A Systematic Literature Review on Management Frameworks and Open Challenges

“…The analysis is carried out by comparing the conventional IoT based environment and the proposed SDN based IoT environment. However, for an effective benchmarking, the study outcome is compared with standard OpenFlow based security protocol [30] and recent work carried out by Yin et al [31] towards resisting denial of service attack termed as DaD in this analysis. The work carried out by Nobakht et al [30] has developed a policy-based flow monitoring system where OpenFlow is used for security.…”

“…However, for an effective benchmarking, the study outcome is compared with standard OpenFlow based security protocol [30] and recent work carried out by Yin et al [31] towards resisting denial of service attack termed as DaD in this analysis. The work carried out by Nobakht et al [30] has developed a policy-based flow monitoring system where OpenFlow is used for security. The approach presented by Yin et al [31] has used a concept of where different components of SDN and IoT are linked together using gateway while a similar-based approach (Cosine) is applied for assessing the inbound packet flow for assessing vulnerability.…”

“…The outcome is shown in Figure 5, and Figure 6 highlights that the proposed system offers better delay performance as well as effective in reducing the number of malicious requests, respectively, for increasing iteration as compared to the existing approach. This is because the OpenFlow-based security approach [30] has been using policy rules for access, which is highly time and resource-consuming for the increasing number of ports. Apart from this, the rules are not updated at an equal interval, which results in missing the identification of malicious nodes.…”

A Framework for Identifying and Mitigating Malicious Flow in Software Defined Network Deployed over an IoT Ecosystem

Smart contract based policies for the Internet of Things