Virtual IoT HoneyNets to Mitigate Cyberattacks in SDN/NFV-Enabled IoT Networks

Zarca, Alejandro Molina; Bernabé, Jorge Bernal; Skarmeta, Antonio F.; Calero, José M. Alcaraz

doi:10.1109/jsac.2020.2986621

Cited by 90 publications

(51 citation statements)

References 41 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Although it is out of the scope of this paper, for the sake of completeness, it is worth mentioning that our framework when deployed in the smart building testbed scenario, enforces a mitigation plan that 1) re-configures the vAAA (virtual authentication agent), 2) enables a vChannelProtection to establish secure DTLs communications, 3) enforces new traffic filtering rules with SDN to drop malicious traffic, and 4) optionally turns-off and/or flashes the IoT device. These reaction countermeasures are being implemented and evaluated in the scope of Anastacia EU project [26], [48], [49], and are beyond the scope of this paper, which focuses on evaluating the machine learning mechanisms to detect the cyber-attacks in IoT systems.…”

Section: B Anomaly-based Intrusion Detectionmentioning

confidence: 99%

A Machine Learning Security Framework for Iot Systems

et al. 2020

Self Cite

View full text Add to dashboard Cite

Internet of Things security is attracting a growing attention from both academic and industry communities. Indeed, IoT devices are prone to various security attacks varying from Denial of Service (DoS) to network intrusion and data leakage. This paper presents a novel machine learning (ML) based security framework that automatically copes with the expanding security aspects related to IoT domain. This framework leverages both Software Defined Networking (SDN) and Network Function Virtualization (NFV) enablers for mitigating different threats. This AI framework combines monitoring agent and AIbased reaction agent that use ML-Models divided into network patterns analysis, along with anomalybased intrusion detection in IoT systems. The framework exploits the supervised learning, distributed data mining system and neural network for achieving its goals. Experiments results demonstrate the efficiency of the proposed scheme. In particular, the distribution of the attacks using the data mining approach is highly successful in detecting the attacks with high performance and low cost. Regarding our anomalybased intrusion detection system (IDS) for IoT, we have evaluated the experiment in a real Smart building scenario using one-class SVM. The detection accuracy of anomalies achieved 99.71%. A feasibility study is conducted to identify the current potential solutions to be adopted and to promote the research towards the open challenges.

show abstract

Section: B Anomaly-based Intrusion Detectionmentioning

confidence: 99%

A Machine Learning Security Framework for Iot Systems

et al. 2020

Self Cite

View full text Add to dashboard Cite

show abstract

“…In [15], Galeano et al propose a entropy-based solution to detect and mitigate DDoS Attacks in IoT-Based systems relying on SDN. Likewise, authors in [5] relies on a similar approach for automatic management virtual IoT honeynets to mitigate cyberattacks. However, those research works did not followed a semantic-based approach for the security orchestration, whereby allowing formal verification and conflict detection of the security policies enforced in the system, inferring meaningful conclusions that can be used to drive the orchestration.…”

Section: Nfv/sdn-based Security Orchestration In Iotmentioning

confidence: 99%

“…To this aim, NFV can rely on virtualization and Cloud computing techniques to provide elastic capabilities needed to achieve a fast reaction and recovery from cyberattacks. In this sense, lightweight Virtual network Security Functions (VSF) such as vFirewalls [3], vAAA [4], vIDS or vIoT-Honeynet [5] can be dynamically allocated and orchestrated in the IoT domain, while the SDN approach can help to dynamically (re)configure the network by software, splitting the control and data planes. This security management can be driven by orchestration policies and security intents, that can be translated into security configurations to configure, manage and deploy the associated VSFs and VNFs across edges, fog nodes and Cloud data centers.…”

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Semantic-Aware Security Orchestration in SDN/NFV-Enabled IoT Systems

Zarca

Bagaa

Bernabé

et al. 2020

Sensors

Self Cite

View full text Add to dashboard Cite

IoT systems can be leveraged by Network Function Virtualization (NFV) and Software-Defined Networking (SDN) technologies, thereby strengthening their overall flexibility, security and resilience. In this sense, adaptive and policy-based security frameworks for SDN/NFV-aware IoT systems can provide a remarkable added value for self-protection and self-healing, by orchestrating and enforcing dynamically security policies and associated Virtual Network Functions (VNF) or Virtual network Security Functions (VSF) according to the actual context. However, this security orchestration is subject to multiple possible inconsistencies between the policies to enforce, the already enforced management policies and the evolving status of the managed IoT system. In this regard, this paper presents a semantic-aware, zero-touch and policy-driven security orchestration framework for autonomic and conflict-less security orchestration in SDN/NFV-aware IoT scenarios while ensuring optimal allocation and Service Function Chaining (SFC) of VSF. The framework relies on Semantic technologies and considers the security policies and the evolving IoT system model to dynamically and formally detect any semantic conflict during the orchestration. In addition, our optimized SFC algorithm maximizes the QoS, security aspects and resources usage during VSF allocation. The orchestration security framework has been implemented and validated showing its feasibility and performance to detect the conflicts and optimally enforce the VSFs.

show abstract

“…The work carried out by Yuan et al [27] has used a secret sharing mechanism in order to forward secured data for effective control over the attacks of varied kinds. The work of Zarca et al [28] [29] has developed a comprehensive architecture of the security, considering network function virtualization for dealing with existing cybersecurity problems over IoT architecture that uses SDN. The author has used a honeynet strategy in order to address this problem.…”

mentioning

confidence: 99%

A Framework for Identifying and Mitigating Malicious Flow in Software Defined Network Deployed over an IoT Ecosystem

Ravindra¹,

Shankaraiah²

2020

INDJCSE

View full text Add to dashboard Cite

With the rising demand for incorporating smartness over a security operation in networking technologies, Software Defined Network (SDN) has been witnessed to be extensively researched. SDN is one of the integral parts of operation in large scale networking operations e.g., Internet-of-Things (IoT), owing to its highly flexible communication protocols and centralized controlling features. Although there has been an extensive review of literature towards the security aspect of SDN, they do not offer full-fledged solutions especially if the adversary is unknown. Therefore, the proposed manuscript presents a novel framework capable of identifying the degree of severity of the attack from the rate of request message originated from a switch of SDN node and offers a decisive operation of resisting such malicious flows using an auxiliary agent. The auxiliary agent resides in the data plane and works alongside a switch to identify and confirm malicious flow. This information is further updated to the SDN controller, which can further take action that leads to isolating the adversary and allowing only flows with validated legitimacy. The study outcome shows, the proposed system excels better both in security and communication performance.

show abstract

Virtual IoT HoneyNets to Mitigate Cyberattacks in SDN/NFV-Enabled IoT Networks

Cited by 90 publications

References 41 publications

A Machine Learning Security Framework for Iot Systems

A Machine Learning Security Framework for Iot Systems

Semantic-Aware Security Orchestration in SDN/NFV-Enabled IoT Systems

A Framework for Identifying and Mitigating Malicious Flow in Software Defined Network Deployed over an IoT Ecosystem

Contact Info

Product

Resources

About