TY - GEN
T1 - Detection and Mitigation of LFA Attack in SDN-IoT Network
AU - Allakany, Alaa
AU - Yadav, Geeta
AU - Paul, Kolin
AU - Okamura, Koji
N1 - Funding Information:
Acknowledgements. This research was supported by the Strategic International Research Cooperative Program, Japan Science and Technology Agency (JST) SICORP Grant Number JPMJSC16H3 and JSPS KAKENHI Grant Number JP16K00480.
Publisher Copyright:
© 2020, Springer Nature Switzerland AG.
PY - 2020
Y1 - 2020
N2 - The security of the Internet of Things (IoT) ecosystem has become a critical challenge due to a tremendous increase in the vulnerable connected IoT devices. Software-Defined Network (SDN) becomes a choice for managing IoT and offers new approaches to solve security problems. Link flooding attack (LFA), cut off the network connectivity on a particular target area of the network. This attack uses legitimate, and low density flows to flood selected links of the target area. Therefore, these flows can not be easily distinguished by traditional approaches. In this paper, firstly, we present a framework for IoT network based on SDN designed for security solutions against LFA attack. The presented framework consists of an SDN controller connected with SDN switches and SDN switches integrated with the IoT-getaway. Secondly, we proposed a scheme that employs hop-by-hop network measurement to capture abnormal link performance for detecting LFA. Afterward, it employs a centralized traffic engineering to eliminate link bottlenecks and mitigating LFA. The proposed scheme will be developed as an application at the application layer of POX controller. The evaluation demonstrates that the proposed method can effectively optimize the process of measuring link performance for detecting and mitigating LFA.
AB - The security of the Internet of Things (IoT) ecosystem has become a critical challenge due to a tremendous increase in the vulnerable connected IoT devices. Software-Defined Network (SDN) becomes a choice for managing IoT and offers new approaches to solve security problems. Link flooding attack (LFA), cut off the network connectivity on a particular target area of the network. This attack uses legitimate, and low density flows to flood selected links of the target area. Therefore, these flows can not be easily distinguished by traditional approaches. In this paper, firstly, we present a framework for IoT network based on SDN designed for security solutions against LFA attack. The presented framework consists of an SDN controller connected with SDN switches and SDN switches integrated with the IoT-getaway. Secondly, we proposed a scheme that employs hop-by-hop network measurement to capture abnormal link performance for detecting LFA. Afterward, it employs a centralized traffic engineering to eliminate link bottlenecks and mitigating LFA. The proposed scheme will be developed as an application at the application layer of POX controller. The evaluation demonstrates that the proposed method can effectively optimize the process of measuring link performance for detecting and mitigating LFA.
UR - http://www.scopus.com/inward/record.url?scp=85083970043&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85083970043&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-44038-1_101
DO - 10.1007/978-3-030-44038-1_101
M3 - Conference contribution
AN - SCOPUS:85083970043
SN - 9783030440374
T3 - Advances in Intelligent Systems and Computing
SP - 1087
EP - 1096
BT - Web, Artificial Intelligence and Network Applications - Proceedings of the Workshops of the 34th International Conference on Advanced Information Networking and Applications, WAINA 2020
A2 - Barolli, Leonard
A2 - Amato, Flora
A2 - Moscato, Francesco
A2 - Enokido, Tomoya
A2 - Takizawa, Makoto
PB - Springer
T2 - Workshops of the 34th International Conference on Advanced Information Networking and Applications, WAINA 2020
Y2 - 15 April 2020 through 17 April 2020
ER -