Abstract
As the importance of communication networks increases in our lives, the limitations of traditional networks start to emerge. Software Defined Networking (SDN) is the most recent paradigm in the networking industry, its purpose being to mitigate traditional network limitations, such as complexity, the difficulty of introducing new services in the network, the inability of enforcing security policies while having a network-wide view. From a security point of view, the need for middleboxes in the network, such as firewalls or Intrusion Detection/Prevention Systems (IDS/IPS) is eliminated by implementing these functionalities in software applications. As SDN has the potential of becoming a key enabler for the Internet of Things (IoT), there are specific aspects of security for IoT that need to be taken into account, for example the lack of powerful computing resources or limited battery life, making securing IoT devices more challenging. This paper addresses one of these security issues, while evaluating a simple IPS application for an SDN controller. An emulated IoT network is controlled by the SDN controller, which also runs an IPS application. When a node becomes faulty or it is compromised and it sends too much traffic, that could cause a Denial of Service (DoS) in the network, it is blocked by the controller for a configurable amount of time.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Stancu, A., Halunga, S., Suciu, G., Vulpe, A.: An overview study of software defined networking. In: 2015 14th International Conference on Informatics in Economy (IE 2015), Bucharest, pp. 50–55, 30 April–3 May 2015
Vilata, R., Munoz, R., Casellas, R., Martinez, R.: Enabling internet of things with software defined networking. CTTC (2015)
Akin, G., Karaarslan, E., Bük, O., Uçar, E.: SDN architecture fundamentals and DOS prevention basics: a case study with openflow. In: International Scientific Conference, UNITECH 2015, Gabrovo (2015)
Flauzac, O., González, C., Hachani, A., Nolot, F.: SDN based architecture for IoT and improvement of the security. In: 2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops (WAINA), Gwangiu, pp. 688–693 (2015). https://doi.org/10.1109/WAINA.2015.110
Hakiri, A., Berthou, P., Gokhale, A., Abdellatif, S.: Publish/subscribe-enabled software defined networking for efficient and scalable IoT communications. IEEE Commun. Mag. 53(9), 48–54 (2015). https://doi.org/10.1109/MCOM.2015.7263372
Buratti, C., et al.: Testing protocols for the internet of things on the EuWIn platform. IEEE Internet Things J. 3(1), 124–133 (2016). https://doi.org/10.1109/JIOT.2015.2462030
Jing, Q., Vasilakos, A.V., Wen, J., Jingwei, L., Qiu, D.: Security of the Internet of Things: perspectives and challenges. Wirel. Netw. 20(8), 2481–2501 (2014)
Sicaria, S., Rizzardia, A., Griecob, L.A., Coen-Porisinia, A.: Security, privacy and trust in Internet of Things: the road ahead. Comput. Netw. 76, 146–164 (2015)
Nguyen, K.T., Laurent, M., Oualha, N.: Survey on secure communication protocols for the Internet of Things. Ad Hoc Netw. 32, 17–31 (2015)
Olivier, F., Carlos, G., Florent, N.: New security architecture for IoT network. Procedia Comput. Sci. 52, 1028–1033 (2015)
Martinez-Julia, P., Skarmeta, A.F.: Empowering the Internet of Things with software defined networking. In: White Paper, IoT6 - FP7 European research project (2014)
Stancu, A., Halunga, S., Vulpe, A., Suciu, G., Fratu, O., Popovici, E.C.: A comparison between several software defined networking controllers. In: 12th International Conference on Advanced Technologies, Systems and Services in Telecommunications (TELSIKS 2015), Niš, Serbia, pp. 223–226, 14–17 October 2015
Acknowledgments
This work has been funded by University Politehnica of Bucharest, through the “Excellence Research Grants” Program, UPB – GEX. Identifier: UPB–EXCELENTA–2016 project “Platform for Studying Security in IoT”, contract number 96/2016 (PaSS-IoT), by UEFISCDI Romania under grants no. 20/2012 “Scalable Radio Transceiver for Instrumental Wireless Sensor Networks - SaRaT-IWSN” and 262EU/2014 eWALL support project and by the European Commission by FP7 IP project no. 610658/2013 “eWALL for Active Long Living - eWALL”.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Stancu, A., Arseni, SC., Vulpe, A., Fratu, O., Halunga, S. (2018). Intrusion Prevention System Evaluation for SDN-Enabled IoT Systems. In: Oliver, N., Serino, S., Matic, A., Cipresso, P., Filipovic, N., Gavrilovska, L. (eds) Pervasive Computing Paradigms for Mental Health. FABULOUS MindCare IIOT 2016 2016 2015. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 207. Springer, Cham. https://doi.org/10.1007/978-3-319-74935-8_21
Download citation
DOI: https://doi.org/10.1007/978-3-319-74935-8_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-74934-1
Online ISBN: 978-3-319-74935-8
eBook Packages: Computer ScienceComputer Science (R0)