Collaborative Computing: Networking, Applications and Worksharing. 15th EAI International Conference, CollaborateCom 2019, London, UK, August 19-22, 2019, Proceedings

Research Article

A Security Framework to Protect Edge Supported Software Defined Internet of Things Infrastructure

Download
240 downloads
  • @INPROCEEDINGS{10.1007/978-3-030-30146-0_6,
        author={Wajid Rafique and Maqbool Khan and Nadeem Sarwar and Wanchun Dou},
        title={A Security Framework to Protect Edge Supported Software Defined Internet of Things Infrastructure},
        proceedings={Collaborative Computing: Networking, Applications and Worksharing. 15th EAI International Conference, CollaborateCom 2019, London, UK, August 19-22, 2019, Proceedings},
        proceedings_a={COLLABORATECOM},
        year={2019},
        month={8},
        keywords={SDN IoT Edge computing Security DDoS},
        doi={10.1007/978-3-030-30146-0_6}
    }
    
  • Wajid Rafique
    Maqbool Khan
    Nadeem Sarwar
    Wanchun Dou
    Year: 2019
    A Security Framework to Protect Edge Supported Software Defined Internet of Things Infrastructure
    COLLABORATECOM
    Springer
    DOI: 10.1007/978-3-030-30146-0_6
Wajid Rafique,*, Maqbool Khan, Nadeem Sarwar1, Wanchun Dou,*
  • 1: Bahria University
*Contact email: rafiqwajid@smail.nju.edu.cn, douwc@nju.edu.cn

Abstract

Managing the huge IoT infrastructure poses a vital challenge to the network community. Software Defined Networking (SDN), due to its characteristics of centralized network management has been considered as an optimal choice to manage IoT. Edge computing brings cloud recourses near the IoT to localize the cloud demands. Consequently, SDN, IoT, and edge computing can be combined into a framework to create a resourceful SDIoT-Edge architecture to efficiently orchestrate cloud services and utilize resource-limited IoT devices in a flexible way. Besides a wide adoption of IoT, the vulnerabilities present in this less secure infrastructure can be exploited by the adversaries to attack the OpenFlow channel using Distributed Denial of Service (DDoS) attacks. DDoS on OpenFlow channel have the ability to disrupt the whole network hence, providing security for the OpenFlow channel is a key challenge in SDIoT-Edge. We propose a security framework called SDIoT-Edge Security (SIESec) against the security vulnerabilities present in this architecture. SIESec prototype employs machine learning-based classification strategy, blacklist integration, and contextual network flow filtering to efficiently defend against the DDoS attacks. We perform extensive simulations using Floodlight controller and Mininet network emulator. Our results proclaim that SIESec provides extensive security against OpenFlow channel DDoS attacks and pose a very less overhead on the network.