Deakin University
Browse
1/1
2 files

SeArch: a collaborative and intelligent NIDS architecture for SDN-based cloud IoT networks

journal contribution
posted on 2019-08-01, 00:00 authored by Tri Gia Nguyen, Trung V Phan, Binh T Nguyen, Chakchai So-In, Zubair BaigZubair Baig, Surasak Sanguanpong
The explosive rise of intelligent devices with ubiquitous connectivity have dramatically increased Internet of Things (IoT) traffic in cloud environment and created potential attack surfaces for cyber-attacks. Traditional security approaches are insufficient and inefficient to address security threats in cloud-based IoT networks. In this vein, Software Defined Networking (SDN), Network Function Virtualization (NFV) and Machine Learning techniques introduce numerous advantages that can effectively resolve cybersecurity matters for cloud-based IoT systems. In this paper, we propose a collaborative and intelligent network-based intrusion detection system (NIDS) architecture, namely SeArch, for SDN-based cloud IoT networks. It composes a hierarchical layer of intelligent IDS nodes working in collaboration to detect anomalies and formulate policy into the SDN-based IoT gateway devices to stop malicious traffic as fast as possible. We first describe a new NIDS architecture with a comprehensive analysis in terms of the system resource and path selection optimizations. Next, the system process logic is extensively investigated through main consecutive procedures, including Initialization, Runtime Operation and Database Update. Afterwards, we conduct a detailed implementation of the proposed solution in an SDN-based environment and perform a variety of experiments. Finally, evaluation results of the SeArch architecture yield outstanding performance in anomaly detection and mitigation as well as bottleneck problem handling in the SDN-based cloud IoT networks in comparison with existing solutions.

History

Journal

IEEE access

Volume

7

Pagination

107678 - 107694

Publisher

Institute of Electrical and Electronics Engineers

Location

Piscataway, N.J.

ISSN

2169-3536

eISSN

2169-3536

Language

eng

Publication classification

C1 Refereed article in a scholarly journal

Copyright notice

2019, IEEE