A Survey on SDN-based Intrusion Detection Systems on the Internet of Thing: Concepts, Issues, and Blockchain Applications

2021 ◽  
Author(s):  
Heba A. Hassan ◽  
Ezz E. Hemdan ◽  
Walid El-Shafai ◽  
Mona Shokair ◽  
Fathi E. Abd El-Samie
Keyword(s):  
Intrusion Detection ◽  
Computer Networks ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Survey Study ◽  
The Internet ◽  
Detection Systems ◽  
Systems Software ◽  
The Internet Of Things ◽  
Sdn Controller

Abstract With the accelerated development of computer networks utilization and the enormous growth of the number of applications running on top of it, network security becomes more significant. Intrusion Detection Systems (IDS) is considered as one of the essential tools utilized to protect computer networks and information systems. Software-defined network (SDN) architecture is used to provide network monitoring and analysis mechanism due to the programming environment of the SDN controller. On the other hand intrusion detection system is developed to monitor incoming traffic to the SDN network; hence it enables SDN to adjust security service insertion. This paper presents a survey study for SDN with the Internet of Things (IoT) and its improved versions like SDN-based IDS and SDN-based IoT. Likewise, discussing the IoT and its problems, especially the security aspects and solutions to overcome these problems. Finally, a brief description of the Blockchain concept and how it can be merged with an SDN-based IoT system to further enhance its security aspects is provided.

scholarly journals Intrusion Detection into Cloud-Fog-Based IoT Networks Using Game Theory

2020 ◽  
Vol 2020 ◽  
pp. 1-9
Author(s):  
Poria Pirozmand ◽  
Mohsen Angoraj Ghafary ◽  
Safieh Siadat ◽  
Jiankang Ren
Keyword(s):  
Game Theory ◽  
Nash Equilibrium ◽  
Internet Of Things ◽  
Intrusion Detection ◽  
Detection System ◽  
Human Life ◽  
Intrusion Detection Systems ◽  
The Internet ◽  
Detection Systems ◽  
The Internet Of Things

The Internet of Things is an emerging technology that integrates the Internet and physical smart objects. This technology currently is used in many areas of human life, including education, agriculture, medicine, military and industrial processes, and trade. Integrating real-world objects with the Internet can pose security threats to many of our day-to-day activities. Intrusion detection systems (IDS) can be used in this technology as one of the security methods. In intrusion detection systems, early and correct detection (with high accuracy) of intrusions is considered very important. In this research, game theory is used to develop the performance of intrusion detection systems. In the proposed method, the attacker infiltration mode and the behavior of the intrusion detection system as a two-player and nonparticipatory dynamic game are completely analyzed and Nash equilibrium solution is used to create specific subgames. During the simulation performed using MATLAB software, various parameters were examined using the definitions of game theory and Nash equilibrium to extract the parameters that had the most accurate detection results. The results obtained from the simulation of the proposed method showed that the use of intrusion detection systems in the Internet of Things based on cloud-fog can be very effective in identifying attacks with the least amount of errors in this network.

scholarly journals An Ensemble of a Prediction and Learning Mechanism for Improving Accuracy of Anomaly Detection in Network Intrusion Environments

2021 ◽  
Vol 13 (18) ◽  
pp. 10057
Author(s):  
Imran ◽  
Faisal Jamil ◽  
Dohyeun Kim
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
The Internet ◽  
Detection Accuracy ◽  
Learning Mechanism ◽  
Detection Systems ◽  
Network Applications ◽  
Network Intrusion

The connectivity of our surrounding objects to the internet plays a tremendous role in our daily lives. Many network applications have been developed in every domain of life, including business, healthcare, smart homes, and smart cities, to name a few. As these network applications provide a wide range of services for large user groups, the network intruders are prone to developing intrusion skills for attack and malicious compliance. Therefore, safeguarding network applications and things connected to the internet has always been a point of interest for researchers. Many studies propose solutions for intrusion detection systems and intrusion prevention systems. Network communities have produced benchmark datasets available for researchers to improve the accuracy of intrusion detection systems. The scientific community has presented data mining and machine learning-based mechanisms to detect intrusion with high classification accuracy. This paper presents an intrusion detection system based on the ensemble of prediction and learning mechanisms to improve anomaly detection accuracy in a network intrusion environment. The learning mechanism is based on automated machine learning, and the prediction model is based on the Kalman filter. Performance analysis of the proposed intrusion detection system is evaluated using publicly available intrusion datasets UNSW-NB15 and CICIDS2017. The proposed model-based intrusion detection accuracy for the UNSW-NB15 dataset is 98.801 percent, and the CICIDS2017 dataset is 97.02 percent. The performance comparison results show that the proposed ensemble model-based intrusion detection significantly improves the intrusion detection accuracy.

A Review on Intrusion Detection Systems and Techniques

2020 ◽  
Vol 28 (Supp02) ◽  
pp. 65-91
Author(s):  
Nitesh Singh Bhati ◽  
Manju Khari ◽  
Vicente García-Díaz ◽  
Elena Verdú
Keyword(s):  
Network Security ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Security System ◽  
Intrusion Detection Systems ◽  
The Internet ◽  
Detection Techniques ◽  
Detection Systems ◽  
Network Security System

An Intrusion Detection System (IDS) is a network security system that detects, identifies, and tracks an intruder or an invader in a network. As the usage of the internet is growing every day in our society, the IDS is becoming an essential part of the network security system. Therefore, the proper research and implementation of IDSs are required. Today, with the help of improved technologies at our disposal, many solutions have been found to create many intrusion detection systems. However, it is difficult to identify the perfect solution from the vast options we have available. Hence, motivated by the need of a better security system, this paper presents a survey of different published solutions that have been developed and/or researched on the topic of intrusion detection techniques during the period from 2000 to 2019, including the accuracy of the output. With the help of this survey, an all-inclusive view of the different papers would be at one’s disposal.

scholarly journals A critical review of intrusion detection systems in the internet of things: techniques, deployment strategy, validation strategy, attacks, public datasets and challenges

Cybersecurity ◽  
2021 ◽  
Vol 4 (1) ◽  
Author(s):  
Ansam Khraisat ◽  
Ammar Alazab
Keyword(s):  
Internet Of Things ◽  
Intrusion Detection ◽  
Communication Systems ◽  
Intrusion Detection Systems ◽  
The Internet ◽  
Detection Systems ◽  
Advantages And Disadvantages ◽  
Deployment Strategy ◽  
The Internet Of Things ◽  
Validation Strategy

AbstractThe Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made IoT a target of malicious activities, opening the door to a possible attack on the end nodes. To this end, Numerous IoT intrusion detection Systems (IDS) have been proposed in the literature to tackle attacks on the IoT ecosystem, which can be broadly classified based on detection technique, validation strategy, and deployment strategy. This survey paper presents a comprehensive review of contemporary IoT IDS and an overview of techniques, deployment Strategy, validation strategy and datasets that are commonly applied for building IDS. We also review how existing IoT IDS detect intrusive attacks and secure communications on the IoT. It also presents the classification of IoT attacks and discusses future research challenges to counter such IoT attacks to make IoT more secure. These purposes help IoT security researchers by uniting, contrasting, and compiling scattered research efforts. Consequently, we provide a unique IoT IDS taxonomy, which sheds light on IoT IDS techniques, their advantages and disadvantages, IoT attacks that exploit IoT communication systems, corresponding advanced IDS and detection capabilities to detect IoT attacks.

scholarly journals Multiclass Classification Procedure for Detecting Attacks on MQTT-IoT Protocol

Complexity ◽  
2019 ◽  
Vol 2019 ◽  
pp. 1-11 ◽  
Author(s):  
Hector Alaiz-Moreton ◽  
Jose Aveleira-Mata ◽  
Jorge Ondicol-Garcia ◽  
Angel Luis Muñoz-Castañeda ◽  
Isaías García ◽  
...  
Keyword(s):  
Intrusion Detection ◽  
Ensemble Methods ◽  
Intrusion Detection Systems ◽  
Machine Learning Techniques ◽  
The Internet ◽  
Classification Models ◽  
Sensors And Actuators ◽  
Detection Systems ◽  
Learning Techniques ◽  
The Internet Of Things

The large number of sensors and actuators that make up the Internet of Things obliges these systems to use diverse technologies and protocols. This means that IoT networks are more heterogeneous than traditional networks. This gives rise to new challenges in cybersecurity to protect these systems and devices which are characterized by being connected continuously to the Internet. Intrusion detection systems (IDS) are used to protect IoT systems from the various anomalies and attacks at the network level. Intrusion Detection Systems (IDS) can be improved through machine learning techniques. Our work focuses on creating classification models that can feed an IDS using a dataset containing frames under attacks of an IoT system that uses the MQTT protocol. We have addressed two types of method for classifying the attacks, ensemble methods and deep learning models, more specifically recurrent networks with very satisfactory results.

scholarly journals OPTIMIZATION ALGORITHMS FOR INTRUSION DETECTION SYSTEM: A REVIEW

2020 ◽  
Vol 8 (8) ◽  
pp. 217-225
Author(s):  
Sheren Sadiq ◽  
Adel Sabry Eesa
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Optimization Algorithms ◽  
Intrusion Detection Systems ◽  
The Internet ◽  
Good Source ◽  
Detection Systems ◽  
Bee Colony ◽  
System A

With the growth and development of the Internet, the devices and the hosts connected to the Internet have become the target for attackers and intruders. Consequently, the integrity of systems and data has become more sophisticated. Meanwhile, many institutions suffer from money-losing or other losses due to attacks on computer systems. Accordingly, the detection of intrusion and attacks has become a challenge and a vital necessity at the same time. Many different methods were used to build intrusion detection systems (IDSs), and all these methods seek to a plus the efficiency of intrusion detection systems. This paper is a survey which tries to covers some of the optimization algorithms used in the field of intrusion detection in past ten years such as Artificial Bee Colony (ABC), Genetic Algorithm (GA), Cuttlefish Algorithms (CFA), and Particle Swarm Optimization (PSO). It is hoped that this review will provide useful insights about the intrusion detection literature and is a good source for anyone interested in applying one of the used optimization algorithms in the field of intrusion detection.

Sign in / Sign up

Export Citation Format

Share Document