Near real-time security system applied to SDN environments in IoT networks using convolutional neural network. (September 2020)
- Record Type:
- Journal Article
- Title:
- Near real-time security system applied to SDN environments in IoT networks using convolutional neural network. (September 2020)
- Main Title:
- Near real-time security system applied to SDN environments in IoT networks using convolutional neural network
- Authors:
- de Assis, Marcos V.O.
Carvalho, Luiz F.
Rodrigues, Joel J.P.C.
Lloret, Jaime
Proença Jr, Mario L. - Abstract:
- Highlights: The proposal of a security system for SDN environments against inward DDoS attacks. The system indirectly protects victims' servers by mitigating the DDoS at the source-end network. We evaluate and compare the efficiency of distinct fast DDoS detection techniques applied on SDNs. Graphical abstract: Abstract: The Internet of Things (IoT) paradigm brings new and promising possibilities for services and products. The heterogeneity of IoT devices highlights the inefficiency of traditional networks' structures to support their specific requirements due to their lack of flexibility. Thus, Software-defined Networking (SDN) is commonly associated with IoT since this architecture provides a more flexible and manageable network environment. As shown by recent events, IoT devices may be used for large scale Distributed Denial of Service (DDoS) attacks due to their lack of security. This kind of attack is commonly detected and mitigated at the destination-end network but, due to the massive volume of information that IoT botnets generate, this approach is becoming impracticable. We propose in this paper a near real-time SDN security system that both prevents DDoS attacks on the source-end network and protects the sources SDN controller against traffic impairment. For this, we apply and test a Convolutional Neural Network (CNN) for DDoS detection, and describe how the system could mitigate the detected attacks. The performance outcomes were performed in two test scenarios,Highlights: The proposal of a security system for SDN environments against inward DDoS attacks. The system indirectly protects victims' servers by mitigating the DDoS at the source-end network. We evaluate and compare the efficiency of distinct fast DDoS detection techniques applied on SDNs. Graphical abstract: Abstract: The Internet of Things (IoT) paradigm brings new and promising possibilities for services and products. The heterogeneity of IoT devices highlights the inefficiency of traditional networks' structures to support their specific requirements due to their lack of flexibility. Thus, Software-defined Networking (SDN) is commonly associated with IoT since this architecture provides a more flexible and manageable network environment. As shown by recent events, IoT devices may be used for large scale Distributed Denial of Service (DDoS) attacks due to their lack of security. This kind of attack is commonly detected and mitigated at the destination-end network but, due to the massive volume of information that IoT botnets generate, this approach is becoming impracticable. We propose in this paper a near real-time SDN security system that both prevents DDoS attacks on the source-end network and protects the sources SDN controller against traffic impairment. For this, we apply and test a Convolutional Neural Network (CNN) for DDoS detection, and describe how the system could mitigate the detected attacks. The performance outcomes were performed in two test scenarios, and the results pointed out that the proposed SDN security system is promising against next-generation DDoS attacks. … (more)
- Is Part Of:
- Computers & electrical engineering. Volume 86(2020)
- Journal:
- Computers & electrical engineering
- Issue:
- Volume 86(2020)
- Issue Display:
- Volume 86, Issue 2020 (2020)
- Year:
- 2020
- Volume:
- 86
- Issue:
- 2020
- Issue Sort Value:
- 2020-0086-2020-0000
- Page Start:
- Page End:
- Publication Date:
- 2020-09
- Subjects:
- Software-defined Network -- Internet of Things -- DDoS -- CNN -- Botnet -- Deep Learning
Computer engineering -- Periodicals
Electrical engineering -- Periodicals
Electrical engineering -- Data processing -- Periodicals
Ordinateurs -- Conception et construction -- Périodiques
Électrotechnique -- Périodiques
Électrotechnique -- Informatique -- Périodiques
Computer engineering
Electrical engineering
Electrical engineering -- Data processing
Periodicals
Electronic journals
621.302854 - Journal URLs:
- http://www.sciencedirect.com/science/journal/00457906/ ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.compeleceng.2020.106738 ↗
- Languages:
- English
- ISSNs:
- 0045-7906
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.680000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 14622.xml