روش ترکیبی جدیدی مبتنی بر الگوریتم¬های هوشمند جهت تشخیص نفوذ در SDN-IoT
محورهای موضوعی : مهندسی برق و کامپیوتر
ذکریا رئیسی
1
,
فضلالله ادیبنیا
2
,
مهدی یزدیان دهکردی
3
1 - دانشکده مهندسی کامپیوتر، دانشگاه یزد، ایران
2 - دانشکده مهندسی کامپیوتر، دانشگاه یزد، ایران
3 - دانشکده مهندسی کامپیوتر، دانشگاه یزد، ایران
کلید واژه: شبکههای نرمافزارمحور, الگوریتمهای هوشمند, اینترنت اشیا, تشخیص نفوذ, یادگیری ماشین,
چکیده مقاله :
در سالهای اخیر، کاربرد اینترنت اشیا در جوامع بهطور گستردهای رشد یافته و از طرفی، فناوري جدیدي به نام شبکههاي نرمافزارمحور جهت حل چالشهاي اینترنت اشیا پیشنهاد شده است. چالشهای موجود در این شبکههای نرمافزارمحور و اینترنت اشیا موجب گردیده که امنیت SDN-IoT به یکی از نگرانیهای مهم این شبکهها تبدیل شود. از طرف دیگر، الگوریتمهاي هوشمند فرصتی بوده که بهکارگیری آنها در موارد متعددی از جمله امنیت و تشخیص نفوذ، موجب پیشرفت چشمگیري شده است. البته سیستمهای تشخیص نفوذ جهت محیط SDN-IoT، همچنان با چالش نرخ هشدار غلط بالا مواجه هستند. در این مقاله یک روش ترکیبی جدید مبتنی بر الگوریتمهای هوشمند پیشنهاد شده که جهت دسترسی به نتایج خوبی در زمینه تشخیص نفوذ، الگوریتمهای نظارتی دروازه بازگشتی مکرر و طبقهبند غیرنظارتی -k میانگین را ادغام میکند. نتایج شبیهسازی نشان میدهند که روش پیشنهادی با بهرهگیری مزایای هر کدام از الگوریتمهای ادغامشده و پوشش معایب یکدیگر، نسبت به روشهاي دیگر مانند روش Hamza داراي دقت بیشتری و بالاخص نرخ هشدار غلط کمتري است. همچنین روش پیشنهادی توانسته نرخ هشدار غلط را به 1/1% کاهش داده و دقت را در حدود 99% حفظ کند.
In recent years, the use of Internet of Things in societies has grown widely. On the other hand, a new technology called Software Defined Networks has been proposed to solve the challenges of the Internet of Things. The security problems in these Software Defined Networks and the Internet of Things have made SDN-IoT security one of the most important concerns. On the other hand, the use of intelligent algorithms has been an opportunity that these algorithms have been able to make significant progress in various cases such as image processing and disease diagnosis. Of course, intrusion detection systems for SDN-IoT environment still face the problem of high false alarm rate and low accuracy. In this article, a new hybrid method based on intelligent algorithms is proposed. The proposed method integrates the monitoring algorithms of frequent return gate and unsupervised k-means classifier in order to obtain suitable results in the field of intrusion detection. The simulation results show that the proposed method, by using the advantages of each of the integrated algorithms and covering each other's disadvantages, has more accuracy and a lower false alarm rate than other methods such as the Hamza method. Also, the proposed method has been able to reduce the false alarm rate to 1.1% and maintain the accuracy at around 99%.
[1] J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, "Internet of Things (IoT): a vision, architectural elements and future directions," Future Generation Computer Systems, vol. 29, no. 7, pp. 1645-1660, Sep. 2013.
[2] R. Kushwah, P. K. Batra, and A. Jain, "Internet of things architectural elements, challenges and future directions," in Proc. 6th Int. Conf. on Signal Processing and Communication, ICSC'20, 5 pp., Noida, India, 5-7 Mar. 2020.
[3] A. Koohang, C. S. Sargent, J. H. Nord, and J. Paliszkiewicz, "Internet of Things (IoT): from awareness to continued use," International J. of Information Management, vol. 62, Article ID: 102442-, Feb. 2020.
[4] U. Farooq, N. Tariq, M. Asim, T. Baker, and A. Al-Shamma'a, "Machine learning and the internet of things security: solutions and open challenges," J. of Parallel and Distributed Computing, vol. 162, pp. 89-104, Apr. 2022.
[5] P. Mishra, A. Biswal, S. Garg, R. Lu, M. Tiwary, and D. Puthal, "Software defined internet of things security: properties, state of the art, and future research," IEEE Wireless Communications, vol. 27, no. 3, pp. 10-16, Jun. 2020.
[6] A. E. Omolara, et al., "The internet of things security: a survey encompassing unexplored areas and new insights," Computers & Security, vol. 112, Article ID: 102494, Jan. 2022.
[7] X. Guo, H. Lin, Z. Li, and M. Peng, "Deep-reinforcement-learning-based QoS-aware secure routing for SDN-IoT," IEEE Internet of Things J., vol. 7, no. 7, pp. 6242-6251, Dec. 2019.
[8] P. K. Sharma, J. H. Park, Y. S. Jeong, and J. H. Park, "SHSec: SDN based secure smart home network architecture for internet of things," Mobile Networks and Applications, vol. 24, pp. 913-924 2018.
[9] S. Rathore, B. W. Kwon, and J. H. Park, "BlockSecIoTNet: blockchain-based decentralized security architecture for IoT network," J. of Network and Computer Applications, vol. 143, pp. 167-177, Oct. 2019.
[10] H. Honar Pajooh, M. Rashid, F. Alam, and S. Demidenko, "Multi-layer blockchain-based security architecture for internet of things," Sensors, vol. 21, no. 3, Article ID: 772, 2021.
[11] A. Dawoud, S. Shahristani, and C. Raun, "Deep learning and software-defined networks: towards secure IoT architecture," Internet of Things, vol. 3-4, pp. 82-89, Oct. 2018.
[12] N. McKeown, et al., "OpenFlow: enabling innovation in campus networks," ACM Sigcomm Computer Communication Review, vol. 38, no. 2, pp. 69-74, Apr. 2008.
[13] M. Babiker Mohamed, et al., "A comprehensive survey on secure software‐defined network for the Internet of Things," Trans. on Emerging Telecommunications Technologies, vol. 33, no. 1, Article ID: e4391, Jan. 2022.
[14] D. Sovilj, P. Budnarain, S. Sanner, G. Salmon, and M. Rao, "A comparative evaluation of unsupervised deep architectures for intrusion detection in sequential data streams," Expert Systems with Applications, vol. 159, Article ID: 113577, Nov. 2020.
[15] C. W. Chang, C. Y. Chang, and Y. Y. Lin, "A hybrid CNN and LSTM-based deep learning model for abnormal behavior detection," Multimedia Tools and Applications, vol. 81, no. 2, pp. 1-19, Apr. 2022.
[16] K. Smagulova and A. P. James, "A survey on LSTM memristive neural network architectures and applications," the European Physical J. Special Topics, vol. 228, no. 10, pp. 2313-2324, Oct. 2019.
[17] N. Alqudah, M. Y. Qussai, "Machine learning for traffic analysis: a review," Procedia Computer Science, vol. 170, pp. 911-916, 2020.
[18] S. K. Tayyaba, M. A. Shah, O. A. Khan, and A. W. Ahmed, "Software defined network (SDN) based internet of things (IoT) a road ahead," in Proc. of the International Conf. on Future Networks and Distributed Systems, Article ID: 15, 8 pp., Cambridge, UK, 19-20, Jul. 2017.
[19] R. Bhatia, S. Benno, J. Esteban, T. V. Lakshman, and J. Grogan, "Unsupervised machine learning for network-centric anomaly detection in IoT," in Proc. of the 3rd ACM Context Workshop on Big Data, Machine Learning and Artificial Intelligence for Data Communication Networks, pp. 42-48, Orlando, FL, USA, 9-9 Dec .2019.
[20] D. Arellanes and K. K. Lau, "Evaluating IoT service composition mechanisms for the scalability of IoT systems," Future Generation Computer Systems, vol. 108, pp. 827-848, Mar. 2020.
[21] S. Bera, S. Misra, and A. V. Vasilakos, "Software-defined networking for internet of things: a survey," IEEE Internet of Things J., vol. 4, no. 6, pp. 1994-2008, Aug. 2017.
[22] M. Singh and G. Baranwal, "Quality of Service (QoS) in internet of things," in Proc. 3rd Int. Conf. on Internet of Things: Smart Innovation and Usages, IoT-SIU'18, 6 pp., Bhimtal, India, 23-24 Feb. 2018.
[23] T. A. Nguyen, D. Min, and E. Choi, "A hierarchical modeling and analysis framework for availability and security quantification of IoT infrastructures," Electronics, vol. 9, no. 1, Article ID: 155, Jan. 2020.
[24] R. Swami, M. Dave, and V. Ranga, "Voting‐based intrusion detection framework for securing software‐defined networks," Concurrency and Computation: Practice and Experience, vol. 32, no. 24, Article ID: e5927, 25 Dec. 2020.
[25] I. Rabet, et al., "SDMob: SDN-based mobility management for IoT networks," J. of Sensor and Actuator Networks, vol. 11, no. 1, Article ID: 8, 2022.
[26] B. Alzahrani and N. Fotiou, "Enhancing internet of things security using software-defined networking," J. of Systems Architecture, vol. 110, Article ID: pp. 101779, Nov. 2020.
[27] A. Hamza, H. H. Gharakheili, and V. Sivaraman, "Combining MUD policies with SDN for IoT intrusion detection," in Proc. of the Workshop on IoT Security and Privacy, 7 pp., Budapest, Hungary, 20-20, Aug. 2018.
[28] G. Shravanya, N. H. Swati, R. P. Rustagi, and O. Sharma, "Securing distributed SDN controller network from induced DoS attacks," in Proc., IEEE International Conf. on Cloud Computing in Emerging Markets, CCEM'19, pp. 9-16, Bengaluru, India, 19-20 Sept. 2019.
[29] A. Hamza, H. H. Gharakheili, T. A. Benson, and V. Sivaraman, "Detecting volumetric attacks on lot devices via SDN-based monitoring of mud activity," in Proc. of the ACM Symp. on SDN Research, pp. 36-48, San Jose, CA, USA, 3-4 Apr. 2019.
[30] C. Xu, H. Lin, Y. Wu, X. Guo, and W. Lin, "An SDN FV-based DDoS defense technology for smart cities," IEEE Access, vol. 7, pp. 137856-137874, 2019.
[31] O. Salman, I. H. Elhajj, A. Chehab, and A. Kayssi, "A machine learning based framework for IoT device identification and abnormal traffic detection," Trans. on Emerging Telecommunications Technologies, vol. 33, no. 3, Article ID: e3743, Mar. 2022.
[32] F. A. F. Silveira, F. Lima-Filho, F. S. D. Silva, A. D. M. B. Junior, and L. F. Silveira, "Smart detection-IoT: a DDoS sensor system for Internet of Things," in Proc. Int. Conf. on Systems, Signals, and Image Processing, IWSSIP'20, pp. 343-348, Niteroi, Brazil, 1-3 Jul. 2020.
[33] A. Wani and S. Revathi, "DDoS detection and alleviation in IoT using SDN (SDN IoT-DDoS-DA)," J. of the Institution of Engineers (India): Series B, vol. 101, no. 3, pp. 117-128, Apr. 2020.
[34] M. P. Novaes, L. F. Carvalho, J. Lloret, and M. L. Proenca, "Long short-term memory and fuzzy logic for anomaly detection and mitigation in software-defined network environment," IEEE Access, vol. 8, pp. 83765-83781, 2020.
[35] Y. Meidan, et al., "A novel approach for detecting vulnerable IoT devices connected behind a home NAT," Computers & Security, vol. 97, Article ID: 101968, Oct. 2020.
[36] S. H. Khan, A. R. Arko, and A. Chakrabarty, "Anomaly detection in IoT using machine learning," In: S. Misra, A. K. Tyagi, V. Piuri, and L. Garg (Eds.), Artificial Intelligence for Cloud and Edge Computing Springer, Chap, pp. 237-254, 2022.
[37] M. Abdullahi, et al., "Detecting cybersecurity attacks in internet of things using artificial intelligence methods: a systematic literature review," Electronics, vol. 11, no. 2, Article ID: e3743198, 2022.
[38] M. V. Assis, L. F. Carvalho, J. Lloret, and M. L. Proença Jr, "A GRU deep learning system against attacks in software defined networks," J. of Network and Computer Applications, vol. 177, Article ID: 102942, 2021.
[39] A. S. Alshra'a, A. Farhat, and J. Seitz, "Deep learning algorithms for detecting denial of service attacks in software-defined networks," Procedia Computer Science, vol. 191pp. 254-263, 2021.
[40] A. Likas, N. Vlassis, and J. J. Verbeek, "The global k-means clustering algorithm," Pattern Recognition, vol. 36, no. 2, pp. 451-461, Feb. 2003.
[41] J. Zhang, Y. Ling, X. Fu, X. Yang, G. Xiong, and R. Zhang, "Model of the intrusion detection system based on the integration of spatial-temporal features," Computers & Security, vol. 89, Article ID: 101681, Feb. 2020.
