International Journal of Computer Networks and Applications

Open Access Open Access  Restricted Access Subscription Access

Scalable and Robust Intrusion Detection System to Secure the IoT Environments using Software Defined Networks (SDN) Enabled Architecture


Affiliations
1 Department of Computer Sciences, A-Jouf University, Saudi Arabia
2 Department of Computer Engineering and Networks, Al-Jouf University,, Saudi Arabia
 

..Due to the rapid development of smart devices with reduced costs and advanced sensing capabilities, the adoption of the internet of things has recently gained a lot of traction. However, such IoT devices are more vulnerable to being attacked or compromised. Moreover, traditional security mechanisms based on signatures and rules are no longer capable of detecting sophisticated intrusions. In the IoT context, the deployment of intelligent techniques in the control plane of the system architecture plays a vital role in identifying various attacks, including unknown ones. In this study, a software defined network (SDN)-based IoT anomaly intrusion detection system is proposed to detect abnormal behaviors and attacks. Five different machine learning techniques are investigated, including support vector machines, k-nearest neighbor, logistic regression, random forest, and decision trees. A scalable and robust intrusion detection system is designed based on machine learning models and placed at the SDN controller to observe and classify the behavior of IoT devices. A benchmark dataset, ToNIoT, has been selected to test and evaluate the ML models by conducting several experiments. The obtained results have demonstrated that ML-based IDS can provide a reliable security system. Particularly, the random forest technique outperformed the other studied ML algorithms.

Keywords

Intrusion Detection Systems (IDS), Attack Classification, Anomaly Detection, Machine Learning (ML), Internet of Things (IoT), Software-Defined Networks (SDN).
User
Notifications
Font Size

  • Bhunia, S. S., & Gurusamy, “Dynamic attack detection and mitigation in IoT using SDN,” In 27th International telecommunication networks and applications conference (ITNAC), 2017,pp. 1-6.

  • Moustafa, N., Turnbull, B., & Choo, K. K. R, “An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things,” in IEEE Internet of Things Journal, vol. 6(3), 2018, pp.4815-4830.

  • Sarica, A. K., & Angin, “Explainable security in SDN-based IoT networks,” in Sensors, vol. 20(24), 2020, pp. 7326.

  • Al-Akhras, M., Alawairdhi, M., Alkoudari, A., & Atawneh, S, “Using machine learning to build a classification model for iot networks to detect attack signatures,” in Int. J. Comput. Netw. Commun.(IJCNC), vol. 12, 2020, pp. 99-116.

  • Amangele, P., Reed, M. J., Al-Naday, M., Thomos, N., & Nowak, M, “Hierarchical machine learning for IoT anomaly detection in SDN,” In 2019 International Conference on Information Technologies (InfoTech), 2019-September, pp. 1-4.

  • Sangodoyin, A. O., Akinsolu, M. O., Pillai, P., & Grout, “Detection and Classification of DDoS Flooding Attacks on Software-Defined Networks: A Case Study for the Application of Machine Learning,” in IEEE Access, vol. 9, 2021, pp. 122495-122508.

  • Tsogbaatar, E., Bhuyan, M. H., Taenaka, Y., Fall, D., Gonchigsumlaa, K., Elmroth, E., & Kadobayashi, Y, “Sdn-enabled iot anomaly detection using ensemble learning,” In IFIP International Conference on Artificial Intelligence Applications and Innovations, Springer, Cham, 2020, June, pp. 268-280.

  • Cheng, H., Liu, J., Xu, T., Ren, B., Mao, J., & Zhang, “Machine learning based low-rate DDoS attack detection for SDN enabled IoT networks,” in International Journal of Sensor Networks, vol. 34(1), 2020, pp. 56-69.

  • Amangele, P., Reed, M. J., Al-Naday, M., Thomos, N., & Nowak, “Hierarchical machine learning for IoT anomaly detection in SDN,” In International Conference on Information Technologies (InfoTech), IEEE, 2019-September, pp. 1-4.

  • Sugi, S. S. S., & Ratna, S. R, “Investigation of machine learning techniques in intrusion detection system for IoT network,” In 3rd International Conference on Intelligent Sustainable Systems (ICISS), IEEE, 2020-December, pp. 1164-1167.

  • Bhunia, S. S., & Gurusamy, “Dynamic attack detection and mitigation in IoT using SDN,” In 27th International telecommunication networks and applications conference (ITNAC), 2017,pp. 1-6.

  • Sarica, A. K., & Angin, “Explainable security in SDN-based IoT networks,” in Sensors, vol. 20(24), 2020, pp. 7326.

  • Moustafa, N., Turnbull, B., & Choo, K. K. R, “An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things,” in IEEE Internet of Things Journal, vol. 6(3), 2018, pp.4815-4830.

  • Al-Akhras, M., Alawairdhi, M., Alkoudari, A., & Atawneh, S, “Using machine learning to build a classification model for iot networks to detect attack signatures,” in Int. J. Comput. Netw. Commun.(IJCNC), vol. 12, 2020, pp. 99-116.

  • Tsogbaatar, E., Bhuyan, M. H., Taenaka, Y., Fall, D., Gonchigsumlaa, K., Elmroth, E., & Kadobayashi, Y, “Sdn-enabled iot anomaly detection using ensemble learning,” In IFIP International Conference on Artificial Intelligence Applications and Innovations, Springer, Cham,, 2020, June, pp. 268-280.

  • Sangodoyin, A. O., Akinsolu, M. O., Pillai, P., & Grout, “Detection and Classification of DDoS Flooding Attacks on Software-Defined Networks: A Case Study for the Application of Machine Learning,” in IEEE Access, vol. 9, 2021, pp. 122495-122508.

  • Cheng, H., Liu, J., Xu, T., Ren, B., Mao, J., & Zhang, “Machine learning based low-rate DDoS attack detection for SDN enabled IoT networks,” in International Journal of Sensor Networks, vol. 34(1), 2020, pp. 56-69.

  • Polat, H., Polat, O., & Cetin, “Detecting DDoS attacks in softwaredefined networks through feature selection methods and machine learning models,” in Sustainability, vol. 12(3), 2020, pp. 1035.

  • Amangele, P., Reed, M. J., Al-Naday, M., Thomos, N., & Nowak, “Hierarchical machine learning for IoT anomaly detection in SDN,” In International Conference on Information Technologies (InfoTech), IEEE, 2019-September, pp. 1-4.

  • Sugi, S. S. S., & Ratna, S. R, “Investigation of machine learning techniques in intrusion detection system for IoT network,” In 3rd International Conference on Intelligent Sustainable Systems (ICISS), IEEE, 2020-December, pp. 1164-1167.

  • Zeleke, E. M., Melaku, H. M., & Mengistu, F. G, “Efficient Intrusion Detection System for SDN Orchestrated Internet of Things,” in Journal of Computer Networks and Communications, vol.2021, pp. 14.

  • Bagui, S., Wang, X., & Bagui, S, “Machine Learning Based Intrusion Detection for IoT Botnet,” in International Journal of Machine Learning and Computing, vol. 11(6), 2021, pp. 399-406.

  • Satheesh, N., Rathnamma, M. V., Rajeshkumar, G., Sagar, P. V., Dadheech, P., Dogiwal, S. R., ... & Sengan, S, “Flow-based anomaly intrusion detection using machine learning model with software defined networking for OpenFlow network,” in Microprocessors and Microsystems, vol. 79, 2020, pp.103285.

  • Jafarian, T., Masdari, M., Ghaffari, A., & Majidzadeh, K, “Security anomaly detection in software‐ defined networking based on a prediction technique,” in International Journal of Communication Systems, vol. 33(14), 2020, pp. e4524.

  • Dey, S. K., & Rahman, M, “Effects of machine learning approach in flow-based anomaly detection on software-defined networking,” in Symmetry, vol. 12(1), 2020, pp. 7.

  • Moustafa, N, “A new distributed architecture for evaluating AI-based security systems at the edge: Network TON_IoT datasets,” in Sustainable Cities and Society, vol. 72, 2021, pp. 102994.

  • Moustafa, Nour, “New Generations of Internet of Things Datasets for Cybersecurity Applications based Machine Learning: TON_IoT Datasets,” in Proceedings of the eResearch Australasia Conference, Brisbane, Australia, 2019.

  • https://research.unsw.edu.au/projects/toniot-datasets.

  • Gad, A. R., Nashat, A. A., & Barkat, T. M, “Intrusion Detection System Using Machine Learning for Vehicular Ad Hoc Networks Based on ToN-IoT Dataset,” in IEEE Access, vol. 9, 2021, pp. 142206-142217.

  • Sarhan, M., Layeghy, S., Moustafa, N., Gallagher, M., & Portmann, M, “Feature Extraction for Machine Learning-based Intrusion Detection in IoT Networks,” in arXiv:2018.12722 v1, N1, 2021.

  • Binbusayyis, A., & Vaiyapuri, T, “Identifying and benchmarking key features for cyber intrusion detection: An ensemble approach,” in IEEE Access, vol. 7, 2019, pp. 106495-106513.

  • Chen, P., Li, F., Wu, C, "Research on intrusion detection method based on Pearson correlation coefficient feature selection algorithm," J. Phys. Conf. Ser, vol. 1757(1), 012054, 2021, pp.10.

  • Precision and recall definition | deepai, https://deepai.org/machinelearning-glossary-and-terms/precision-andrecal

  • Negandhi, P., Trivedi, Y., & Mangrulkar, R, “Intrusion detection system using random forest on the NSL-KDD dataset,” In Emerging Research in Computing, Information, Communication and Applications, Springer, vol. , 2019, pp. 519-531.

  • Almseidin, M., Alzubi, M., Kovacs, S., & Alkasassbeh, M, “Evaluation of machine learning algorithms for intrusion detection system,” In 2017 IEEE 15th International Symposium on Intelligent Systems and Informatics (SISY), 2017-September, pp. 000277-000282.

  • B. Ingre, A. Yadav, and A. K. Soni, “Decision tree based intrusion detection system for NSL-KDD dataset,” in Information and Communication Technology for Intelligent Systems (ICTIS), vol. 2. Cham, Switzerland:Springer, 2018, pp. 207–218.

  • C. Ioannou and V. Vassiliou, ‘‘An intrusion detection system for constrained WSN and IoT nodes based on binary logistic regression,’’ in Proc. 21st ACM Int. Conf. Modeling, Anal. Simulation Wireless Mobile Syst. Oct. 2018, pp. 259–263.

  • Mohammadi, M., Rashid, T. A., Karim, S. H. T., Aldalwie, A. H. M., Tho, Q. T., Bidaki, M., ... & Hosseinzadeh, M, “A comprehensive survey and taxonomy of the SVM-based intrusion detection systems,” in Journal of Network and Computer Applications, vol. 178, 2021, pp. 102983.


Abstract Views: 137

PDF Views: 1




  • Scalable and Robust Intrusion Detection System to Secure the IoT Environments using Software Defined Networks (SDN) Enabled Architecture

Abstract Views: 137  |  PDF Views: 1

Authors

Tahani M. Alshammari
Department of Computer Sciences, A-Jouf University, Saudi Arabia
Faeiz M. Alserhani
Department of Computer Engineering and Networks, Al-Jouf University,, Saudi Arabia

Abstract


..Due to the rapid development of smart devices with reduced costs and advanced sensing capabilities, the adoption of the internet of things has recently gained a lot of traction. However, such IoT devices are more vulnerable to being attacked or compromised. Moreover, traditional security mechanisms based on signatures and rules are no longer capable of detecting sophisticated intrusions. In the IoT context, the deployment of intelligent techniques in the control plane of the system architecture plays a vital role in identifying various attacks, including unknown ones. In this study, a software defined network (SDN)-based IoT anomaly intrusion detection system is proposed to detect abnormal behaviors and attacks. Five different machine learning techniques are investigated, including support vector machines, k-nearest neighbor, logistic regression, random forest, and decision trees. A scalable and robust intrusion detection system is designed based on machine learning models and placed at the SDN controller to observe and classify the behavior of IoT devices. A benchmark dataset, ToNIoT, has been selected to test and evaluate the ML models by conducting several experiments. The obtained results have demonstrated that ML-based IDS can provide a reliable security system. Particularly, the random forest technique outperformed the other studied ML algorithms.

Keywords


Intrusion Detection Systems (IDS), Attack Classification, Anomaly Detection, Machine Learning (ML), Internet of Things (IoT), Software-Defined Networks (SDN).

References





DOI: https://doi.org/10.22247/ijcna%2F2022%2F217701