Arquitetura de IPS para redes IoT sobrepostas em SDN
Abstract
The programmability resulting from the Software Defined Networking (SDN) approach facilitates the integration of the functionalities of firewalls, Intrusion Prevention Systems (IPS) and switching gear, allowing fast reconfiguration of the network in case of anomaly detection. In this paper, the proposed architecture aims to structure a distributed security measure integrating firewall, IPS, switches and a controller entity to support Internet of Things (IoT) instances, allowing the identification of anomalous behavior of IoT devices by the IPS, thus leading the SDN to block the attacks as near as possible to the sources, reducing the volume of malicious traffic and isolating the infected device from the rest of the network.References
Bonomi, F., Milito, R., Zhu, J., and Addepalli, S. (2012). Fog computing and its role in the internet of things. In Proceedings of the rst edition of the MCC workshop on Mobile cloud computing, pages 13–16, Helsinki, Finland. ACM.
Bull, P., Austin, R., Popov, E., Sharma, M., and Watson, R. (2016). Flow based security for IoT devices using an SDN gateway. In 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), pages 157–163, Vienna, Austria. IEEE.
Cho, E. J., Kim, J. H., and Hong, C. S. (2009). Attack model and detection scheme for botnet on 6LoWPAN. In Asia-Pacic Network Operations and Management Symposium, pages 515–518, Jeju, South Korea. Springer.
de Jesus, W. P., da Silva, D. A., de Sousa, Jr., R. T., and da Frota, F. V. L. (2014). Analysis of SDN contributions for cloud computing security. In 2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing, pages 922–927.
Ferreira, H. G. C. and de Sousa Jr, R. T. (2017). Security analysis of a proposed internet of things middleware. Cluster Computing, 20(1):651–660.
Gubbi, J., Buyya, R., Marusic, S., and Palaniswami, M. (2013). Internet of Things (IoT): A vision, architectural elements, and future directions. Future Generation Computer Systems, 29(7):1645–1660.
Hamza, A., Gharakheili, H. H., and Sivaraman, V. (2018). Combining mud policies with sdn for iot intrusion detection. In Proceedings of the 2018 Workshop on IoT Security and Privacy, pages 1–7. ACM.
Jin, R. and Wang, B. (2013). Malware detection for mobile devices using software-dened networking. In 2013 Second GENI Research and Educational Experiment Workshop, pages 81–88. IEEE.
Kasinathan, P., Pastrone, C., Spirito, M. A., and Vinkovits, M. (2013). Denial-of-service detection in 6LoWPAN based internet of things. In 2013 IEEE 9th international conference on wireless and mobile computing, networking and communications (WiMob), pages 600–607, Lyon, France. IEEE.
Kolias, C., Kambourakis, G., Stavrou, A., and Voas, J. (2017). DDoS in the IoT: Mirai and other botnets. Computer, 50(7):80–84.
Kreutz, D., Ramos, F. M., Verissimo, P., Rothenberg, C. E., Azodolmolky, S., and Uhlig, S. (2015). Software-dened networking: A comprehensive survey. Proceedings of the IEEE, 103(1):14–76.
Lear, E., Romascanu, D., and Droms, R. (2019). Manufacturer usage description specication.
Mell, P. and Grance, T. (2011). The NIST Denition of Cloud Computing. Technical report, National Institute of Standards and Technology, Gaithersburg, MD, USA.
Raza, S., Wallgren, L., and Voigt, T. (2013). SVELTE: Real-time intrusion detection in the internet of things. Ad hoc networks, 11(8):2661–2674.
Roesch, M. (1999). Snort: Lightweight intrusion detection for networks. In Proceedings of LISA '99: 13th Systems Administration Conference, pages 229–238, Seattle, WA, USA.
Bull, P., Austin, R., Popov, E., Sharma, M., and Watson, R. (2016). Flow based security for IoT devices using an SDN gateway. In 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), pages 157–163, Vienna, Austria. IEEE.
Cho, E. J., Kim, J. H., and Hong, C. S. (2009). Attack model and detection scheme for botnet on 6LoWPAN. In Asia-Pacic Network Operations and Management Symposium, pages 515–518, Jeju, South Korea. Springer.
de Jesus, W. P., da Silva, D. A., de Sousa, Jr., R. T., and da Frota, F. V. L. (2014). Analysis of SDN contributions for cloud computing security. In 2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing, pages 922–927.
Ferreira, H. G. C. and de Sousa Jr, R. T. (2017). Security analysis of a proposed internet of things middleware. Cluster Computing, 20(1):651–660.
Gubbi, J., Buyya, R., Marusic, S., and Palaniswami, M. (2013). Internet of Things (IoT): A vision, architectural elements, and future directions. Future Generation Computer Systems, 29(7):1645–1660.
Hamza, A., Gharakheili, H. H., and Sivaraman, V. (2018). Combining mud policies with sdn for iot intrusion detection. In Proceedings of the 2018 Workshop on IoT Security and Privacy, pages 1–7. ACM.
Jin, R. and Wang, B. (2013). Malware detection for mobile devices using software-dened networking. In 2013 Second GENI Research and Educational Experiment Workshop, pages 81–88. IEEE.
Kasinathan, P., Pastrone, C., Spirito, M. A., and Vinkovits, M. (2013). Denial-of-service detection in 6LoWPAN based internet of things. In 2013 IEEE 9th international conference on wireless and mobile computing, networking and communications (WiMob), pages 600–607, Lyon, France. IEEE.
Kolias, C., Kambourakis, G., Stavrou, A., and Voas, J. (2017). DDoS in the IoT: Mirai and other botnets. Computer, 50(7):80–84.
Kreutz, D., Ramos, F. M., Verissimo, P., Rothenberg, C. E., Azodolmolky, S., and Uhlig, S. (2015). Software-dened networking: A comprehensive survey. Proceedings of the IEEE, 103(1):14–76.
Lear, E., Romascanu, D., and Droms, R. (2019). Manufacturer usage description specication.
Mell, P. and Grance, T. (2011). The NIST Denition of Cloud Computing. Technical report, National Institute of Standards and Technology, Gaithersburg, MD, USA.
Raza, S., Wallgren, L., and Voigt, T. (2013). SVELTE: Real-time intrusion detection in the internet of things. Ad hoc networks, 11(8):2661–2674.
Roesch, M. (1999). Snort: Lightweight intrusion detection for networks. In Proceedings of LISA '99: 13th Systems Administration Conference, pages 229–238, Seattle, WA, USA.
Published
2019-09-02
How to Cite
GONÇALVES, Daniel; KFOURI, Guilherme; DUTRA, Bruno; DE ALENCASTRO, João; DE CALDAS FILHO, Francisco; MARTINS, Lucas; ALBUQUERQUE, Robson; DE SOUSA JR., Rafael.
Arquitetura de IPS para redes IoT sobrepostas em SDN. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 19. , 2019, São Paulo.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2019
.
p. 309-322.
DOI: https://doi.org/10.5753/sbseg.2019.13980.
