SDN-Enabled Secure IoT Architecture

Karmakar, Kallol Krishna; Varadharajan, Vijay; Nepal, Surya; Tupakula, Uday

doi:10.1109/JIOT.2020.3043740

Author(s)

Karmakar, Kallol Krishna

Varadharajan, Vijay

Nepal, Surya

Tupakula, Uday

Publication Date

2021-04-15

Abstract

<p>The Internet of Things (IoT) is increasingly being used in applications ranging from precision agriculture to critical national infrastructure by deploying a large number of resource-constrained devices in hostile environments. These devices are being exploited to launch attacks in cyber systems. As a result, security has become a significant concern in the design of IoT-based applications. In this article, we present a security architecture for IoT networks by leveraging the underlying features supported by software-defined networks (SDNs). Our security architecture not only restricts network access to authenticated IoT devices but also enforces fine granular policies to secure the flows in the IoT network infrastructure. The authentication is achieved using a lightweight protocol to authenticate IoT devices. Authorization is achieved using a dynamic policy driven approach. Such an integrated security approach involving authentication of IoT devices and enables authorized flows to protect IoT networks from malicious IoT devices and attacks. We have implemented and validated our architecture using ONOS SDN Controller and Raspbian Virtual Machines, and demonstrated how the proposed security mechanisms can counteract malware packet injection, DDoS attacks using Mirai, spoofing/masquerading, and man-in-the-middle attacks. An analysis of the security and performance of the proposed security mechanisms and their applications is presented in this article.</p>

Citation

IEEE Internet of Things Journal, 8(8), p. 6549-6564

ISSN

2327-4662

Link

https://hdl.handle.net/1959.11/56793

Language

en

Publisher

Institute of Electrical and Electronics Engineers

Title

SDN-Enabled Secure IoT Architecture

Type of document

Journal Article

Entity Type

Publication

Author(s)	Karmakar, Kallol Krishna Varadharajan, Vijay Nepal, Surya Tupakula, Uday
Publication Date	2021-04-15
Abstract	<p>The Internet of Things (IoT) is increasingly being used in applications ranging from precision agriculture to critical national infrastructure by deploying a large number of resource-constrained devices in hostile environments. These devices are being exploited to launch attacks in cyber systems. As a result, security has become a significant concern in the design of IoT-based applications. In this article, we present a security architecture for IoT networks by leveraging the underlying features supported by software-defined networks (SDNs). Our security architecture not only restricts network access to authenticated IoT devices but also enforces fine granular policies to secure the flows in the IoT network infrastructure. The authentication is achieved using a lightweight protocol to authenticate IoT devices. Authorization is achieved using a dynamic policy driven approach. Such an integrated security approach involving authentication of IoT devices and enables authorized flows to protect IoT networks from malicious IoT devices and attacks. We have implemented and validated our architecture using ONOS SDN Controller and Raspbian Virtual Machines, and demonstrated how the proposed security mechanisms can counteract malware packet injection, DDoS attacks using Mirai, spoofing/masquerading, and man-in-the-middle attacks. An analysis of the security and performance of the proposed security mechanisms and their applications is presented in this article.</p>
Citation	IEEE Internet of Things Journal, 8(8), p. 6549-6564
ISSN	2327-4662
Link	https://hdl.handle.net/1959.11/56793
Language	en
Publisher	Institute of Electrical and Electronics Engineers
Title	SDN-Enabled Secure IoT Architecture
Type of document	Journal Article
Entity Type	Publication

SDN-Enabled Secure IoT Architecture

Files: