Deakin University
Browse

SeArch: A Collaborative and Intelligent NIDS Architecture for SDN-Based Cloud IoT Networks

Version 2 2024-06-05, 23:49
Version 1 2019-08-03, 11:55
journal contribution
posted on 2024-06-05, 23:49 authored by TG Nguyen, TV Phan, BT Nguyen, C So-In, Zubair BaigZubair Baig, S Sanguanpong
The explosive rise of intelligent devices with ubiquitous connectivity have dramatically increased Internet of Things (IoT) traffic in cloud environment and created potential attack surfaces for cyber-attacks. Traditional security approaches are insufficient and inefficient to address security threats in cloud-based IoT networks. In this vein, Software Defined Networking (SDN), Network Function Virtualization (NFV) and Machine Learning techniques introduce numerous advantages that can effectively resolve cybersecurity matters for cloud-based IoT systems. In this paper, we propose a collaborative and intelligent network-based intrusion detection system (NIDS) architecture, namely SeArch, for SDN-based cloud IoT networks. It composes a hierarchical layer of intelligent IDS nodes working in collaboration to detect anomalies and formulate policy into the SDN-based IoT gateway devices to stop malicious traffic as fast as possible. We first describe a new NIDS architecture with a comprehensive analysis in terms of the system resource and path selection optimizations. Next, the system process logic is extensively investigated through main consecutive procedures, including Initialization, Runtime Operation and Database Update. Afterwards, we conduct a detailed implementation of the proposed solution in an SDN-based environment and perform a variety of experiments. Finally, evaluation results of the SeArch architecture yield outstanding performance in anomaly detection and mitigation as well as bottleneck problem handling in the SDN-based cloud IoT networks in comparison with existing solutions.

History

Journal

IEEE Access

Volume

7

Pagination

107678-107694

Location

Piscataway, N.J.

Open access

  • Yes

ISSN

2169-3536

eISSN

2169-3536

Language

English

Publication classification

C1 Refereed article in a scholarly journal

Copyright notice

2019, IEEE

Publisher

IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC