Abstract
With the exponential evolution of the Internet of Things (IoT), ensuring network security has become a big challenge for network administrators. Network security is based on multiple independent devices such as firewall, IDS/IPS, NAC where the main role is to monitor the information exchanged between the inside and outside perimeters of the enterprises networks. However, the administration of these network devices can be complex and tedious if it is performed independently on each of them. In recent years, with the introduction of the Software Defined Networking concept (SDN) offers many opportunities by providing a centralized and programmable administration. In this article, we propose a distributed SDN architecture for IoT with a coupled controllers/IDS, by using APIs to dynamically analyze, detect and delete malicious flows. The management of network security is therefore simplified, dynamic and scalable with this approach. We also present the deployment of a real network to test our solution.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
References
Flauzac, O., Nolot, F., Rabat, C., Steffenel, L.A.: Grid of security: a new approach of the network security. In: 3rd International Conference on Network and System Security (NSS 2009), October 2009, Gold Coast, Australia, pp. 67–72 (2009)
Sezer, S., et al.: Are we ready for SDN? implementation challenges for software-defined networks. IEEE Commun. Mag. 51(7), 36–43 (2013)
Lara, A., Kolasani, A., Ramamurthy, B.: Network innovation using OpenFlow: a survey. IEEE Commun. Surv. 16, 493–512 (2014)
Wang, S., Li, D., Xia, S.: The problems and solutions of network update in SDN: a survey. In: IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 474–479 (2015)
Hu, F., Hao, Q., Bao, K.: A survey on software-defined network and OpenFlow: from concept to implementation. IEEE Commun. Surv. 16, 2181–2206 (2014)
Javid, T., Riaz, T., Rasheed, A.: A layer2 firewall for software defined network. In: Conference on Information Assurance and Cyber Security (CIACS), pp. 1–4. IEEE (2014)
Othman, W.M., Chen, H., Al-Moalmi, A., Hadi, A.N.: Implementation and performance analysis of SDN firewall on POX controller. In: IEEE 9th International Conference on Communication Software and Networks (ICCSN), Guangzhou, pp. 1461–1466 (2017)
Pena, J.G.V., Yu, W.E.: Development of a distributed firewall using software defined networking technology. In: 4th IEEE International Conference on Information Science and Technology (ICIST), pp. 449–452 (2014)
Flauzac, O., Gonzalez, C., Nolot, F.: Original secure architecture for IoT based on SDN. In: International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS), pp. 1–6 (2015)
Tootoonchian, A., Ganjali, Y.: HyperFlow: a distributed control plane for OpenFlow. In: Proceedings of the 2010 Internet Network Management Conference on Research on Enterprise Networking, vol. 103, pp. 3–3 (2010)
Jeong, C., Ha, T., Narantuya, J., Lim, H., Kim, J.: Scalable network intrusion detection on virtual SDN environment. In: IEEE 3rd International Conference on Cloud Networking (CloudNet), pp. 264–265 (2014)
Sayeed, M.A., Sayeed, M.A., Saxena, S.: Intrusion detection system based on Software Defined Network firewall. In: 1st International Conference on Next Generation Computing Technologies (NGCT), pp. 379–382 (2015)
Chen, P.J., Chen, Y.W.: Implementation of SDN based network intrusion detection and prevention system. In: International Carnahan Conference on Security Technology (ICCST), pp 141–146 (2015)
Abubakar, A., Pranggono, B.: Machine learning based intrusion detection system for software defined networks. In: Seventh International Conference on Emerging Security Technologies (EST), pp. 138–143 (2017)
Tang, T.A., Mhamdi, L., McLernon, D., Zaidi, S.A.R., Ghogho, M.: Deep learning approach for Network Intrusion Detection in Software Defined Networking. In: International Conference on Wireless Networks and Mobile Communications (WINCOM), Fez, pp. 258–263 (2016)
Vandana, C.P.: Security improvement in IoT based on Software defined networking. Int. J. Sci. Eng. Technol. Res. (IJSETR) 5(1), 2327–4662 (2016)
Bull, P., Austin, R., Popov, E., Sharma, M., Watson, R.: Flow based security for IoT devices using an SDN gateway. In: IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), Vienna, pp. 157–163 (2016)
Gonzalez, C., Flauzac, O., Nolot, F., Jara, A.: A novel distributed SDN-secured architecture for the IoT. In: International Conference on Distributed Computing in Sensor Systems (DCOSS), Washington, DC, pp. 244–249 (2016)
Gonzalez, C., Charfadine, S.M., Flauzac, O., Nolot, F.: SDN-based security framework for the IoT in distributed grid. In: International Multidisciplinary Conference on Computer and Energy Science (SpliTech), Split, pp. 1–5 (2016)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Mahamat Charfadine, S., Flauzac, O., Nolot, F., Rabat, C., Gonzalez, C. (2019). Secure Exchanges Activity in Function of Event Detection with the SDN. In: Mendy, G., Ouya, S., Dioum, I., Thiaré, O. (eds) e-Infrastructure and e-Services for Developing Countries. AFRICOMM 2018. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 275. Springer, Cham. https://doi.org/10.1007/978-3-030-16042-5_28
Download citation
DOI: https://doi.org/10.1007/978-3-030-16042-5_28
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-16041-8
Online ISBN: 978-3-030-16042-5
eBook Packages: Computer ScienceComputer Science (R0)