Pervasive Computing Paradigms for Mental Health. Selected Papers from MindCare 2016, Fabulous 2016, and IIoT 2015

Research Article

Intrusion Prevention System Evaluation for SDN-Enabled IoT Systems

Download
157 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-74935-8_21,
        author={Alexandru Stancu and Stefan-Ciprian Arseni and Alexandru Vulpe and Octavian Fratu and Sinoma Halunga},
        title={Intrusion Prevention System Evaluation for SDN-Enabled IoT Systems},
        proceedings={Pervasive Computing Paradigms for Mental Health. Selected Papers from MindCare 2016, Fabulous 2016, and IIoT 2015},
        proceedings_a={MINDCARE \& IIOT \& FABULOUS},
        year={2018},
        month={3},
        keywords={Security Wireless Sensor Networks Intrusion detection Software Defined Networking Internet of Things},
        doi={10.1007/978-3-319-74935-8_21}
    }
    
  • Alexandru Stancu
    Stefan-Ciprian Arseni
    Alexandru Vulpe
    Octavian Fratu
    Sinoma Halunga
    Year: 2018
    Intrusion Prevention System Evaluation for SDN-Enabled IoT Systems
    MINDCARE & IIOT & FABULOUS
    Springer
    DOI: 10.1007/978-3-319-74935-8_21
Alexandru Stancu1,*, Stefan-Ciprian Arseni1,*, Alexandru Vulpe1,*, Octavian Fratu1, Sinoma Halunga1,*
  • 1: University Politehnica of Bucharest
*Contact email: alex.stancu@radio.pub.ro, stefan.arseni@radio.pub.ro, alex.vulpe@radio.pub.ro, shalunga@elcom.pub.ro

Abstract

As the importance of communication networks increases in our lives, the limitations of traditional networks start to emerge. Software Defined Networking (SDN) is the most recent paradigm in the networking industry, its purpose being to mitigate traditional network limitations, such as complexity, the difficulty of introducing new services in the network, the inability of enforcing security policies while having a network-wide view. From a security point of view, the need for middleboxes in the network, such as firewalls or Intrusion Detection/Prevention Systems (IDS/IPS) is eliminated by implementing these functionalities in software applications. As SDN has the potential of becoming a key enabler for the Internet of Things (IoT), there are specific aspects of security for IoT that need to be taken into account, for example the lack of powerful computing resources or limited battery life, making securing IoT devices more challenging. This paper addresses one of these security issues, while evaluating a simple IPS application for an SDN controller. An emulated IoT network is controlled by the SDN controller, which also runs an IPS application. When a node becomes faulty or it is compromised and it sends too much traffic, that could cause a Denial of Service (DoS) in the network, it is blocked by the controller for a configurable amount of time.