SDN Based DDos Mitigating Approach Using Traffic Entropy for IoT Network

Abstract

The Internet of Things (IoT) has been widely adopted in various domains including smart cities, healthcare, smart factories, etc. In the last few years, the fitness industry has been reshaped by the introduction of smart fitness solutions for individuals as well as fitness gyms. The IoT fitness devices collect trainee data that is being used for various decision-making. However, it will face numerous security and privacy issues towards its realization. This work focuses on IoT security, especially DoS/DDoS attacks. In this paper, we have proposed a novel blockchain-enabled protocol (BEP) that uses the notion of a self-exposing node (SEN) approach for securing fitness IoT applications. The blockchain and SDN architectures are employed to enhance IoT security by a highly preventive security monitoring, analysis and response system. The proposed approach helps in detecting the DoS/DDoS attacks on the IoT fitness system and then mitigating the attacks. The BEP is used for handling Blockchain-related activities and SEN could be a sensor or actuator node within the fitness IoT system. SEN provides information about the inbound and outbound traffic to the BEP which is used to analyze the DoS/DDoS attacks on the fitness IoT system. The SEN calculates the inbound and outbound traffic features' entropies and transmits them to the Blockchain in the form of transaction blocks. The BEP picks the whole mined blocks' transactions and transfers them to the SDN controller node. The controller node correlates the entropies data of SENs and decides about the DoS or DDoS attack. So, there are two decision points, one is SEN, and another is the controller. To evaluate the performance of our proposed system, several experiments are performed and results concerning the entropy values and attack detection rate are obtained. The proposed approach has outperformed the other two approaches concerning the attack detection rate by an increase of 11% and 18% against Approach 1 and Approach 2 respectively.