IDIT-SDN: Intrusion Detection Framework for Software-defined Wireless Sensor Networks

  • Gustavo A. Nunez Segura Universidad de Costa Rica
  • Arsenia Chorti ETIS UMR8051 / CY Université / ENSEA / CNRS
  • Cíntia Borges Margi USP

Resumo


Software-Defined Networking has been used to leverage security solutions for wireless sensor networks. However, this paradigm turns networks vulnerable to distributed denial of service attacks. IDIT-SDN is a tool for Software-defined Wireless Sensor Networks devised for DoS and DDoS attacks simulation and detection. This tool provides a framework for anomaly detection and a communication protocol to share security wise information from the sensor network to the controller. We demonstrate its use by showing a cooperative DDoS attack detection and attacker identification application based on distributed (every node) and centralized (controller) anomaly detection.

Referências

Ahmad, I., Namal, S., Ylianttila, M., and Gurtov, A. (2015). Security in software defined networks: A survey. IEEE Communications Surveys & Tutorials, 17(4):2317–2346.

Alves, R. C. A., Oliveira, D., Segura, G. N., and Margi, C. B. (2017). IT-SDN: Improved architecture for SDWSN. In XXXV Simpósio Brasileiro de Redes de Computadores. Available at https://sites.google.com/usp.br/cintia/it-sdn.

Alves, R. C. A., Oliveira, D. A. G., Nunez Segura, G. A., and Margi, C. B. (2019). The Cost of Software-Defining Things: A Scalability Study of Software-Defined Sensor Networks. IEEE Access, 7:115093–115108.

Kreutz, D., Ramos, F. M. V., Veríssimo, P. E., Rothenberg, C. E., Azodolmolky, S., and Uhlig, S. (2015). Software-defined networking: A comprehensive survey. Proceedings of the IEEE, 103(1):14–76.

Luz, T. C., Nunez, G. A., Margi, C. B., and Verdi, F. L. (2019). In-network performance measurements for software defined wireless sensor networks. In 2019 IEEE 16th International Conference on Networking, Sensing and Control (ICNSC), pages 206–211.

McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., Shenker, S., and Turner, J. (2008). Openflow: Enabling innovation in campus networks. SIGCOMM Comput. Commun. Rev., 38(2):69–74.

Naous, J., Stutsman, R., Mazieres, D., McKeown, N., and Zeldovich, N. (2009). Delegating network security with more information. In Proceedings of the 1st ACM Workshop on Research on Enterprise Networking, WREN ’09, page 19–26, New York, NY, USA. ACM.

Segura, G. A. N., Chorti, A., and Margi, C. B. (2022). Centralized and Distributed Intrusion Detection for Resource-Constrained Wireless SDN Networks. IEEE Internet of Things Journal, 9(10):7746–7758.

Segura, G. A. N., Margi, C. B., and Chorti, A. (2019). Understanding the Performance of Software DefinedWireless Sensor Networks Under Denial of Service Attack. Open Journal of Internet Of Things (OJIOT). Special Issue: Proc. Int. Workshop Very Large Internet of Things (VLIoT 2019) in conjunction with the VLDB 2019.

Segura, G. N. (2021). Cooperative Intrusion Detection for Software-Defined Resource-Constrained Networks. PhD thesis, Universidade de Sao Paulo.

Skaperas, S., Mamatas, L., and Chorti, A. (2019). Real-time video content popularity detection based on mean change point analysis. IEEE Access, 7:142246–142260.
Publicado
22/05/2023
SEGURA, Gustavo A. Nunez; CHORTI, Arsenia; MARGI, Cíntia Borges. IDIT-SDN: Intrusion Detection Framework for Software-defined Wireless Sensor Networks. In: SALÃO DE FERRAMENTAS - SIMPÓSIO BRASILEIRO DE REDES DE COMPUTADORES E SISTEMAS DISTRIBUÍDOS (SBRC), 41. , 2023, Brasília/DF. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2023 . p. 56-63. ISSN 2177-9384. DOI: https://doi.org/10.5753/sbrc_estendido.2023.817.