Skip to main content
SpringerLink
Log in

Detection and Mitigation of LFA Attack in SDN-IoT Network

  • Conference paper
  • First Online:
Book cover Web, Artificial Intelligence and Network Applications (WAINA 2020)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1150))

Abstract

The security of the Internet of Things (IoT) ecosystem has become a critical challenge due to a tremendous increase in the vulnerable connected IoT devices. Software-Defined Network (SDN) becomes a choice for managing IoT and offers new approaches to solve security problems. Link flooding attack (LFA), cut off the network connectivity on a particular target area of the network. This attack uses legitimate, and low density flows to flood selected links of the target area. Therefore, these flows can not be easily distinguished by traditional approaches. In this paper, firstly, we present a framework for IoT network based on SDN designed for security solutions against LFA attack. The presented framework consists of an SDN controller connected with SDN switches and SDN switches integrated with the IoT-getaway. Secondly, we proposed a scheme that employs hop-by-hop network measurement to capture abnormal link performance for detecting LFA. Afterward, it employs a centralized traffic engineering to eliminate link bottlenecks and mitigating LFA. The proposed scheme will be developed as an application at the application layer of POX controller. The evaluation demonstrates that the proposed method can effectively optimize the process of measuring link performance for detecting and mitigating LFA.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 229.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 299.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Huadong, M., Liang, L., Anfu, Z., Dong, Z.: On networking of Internet of Things: explorations and challenges. IEEE Internet Things J. 3, 441–452 (2016)

    Article  Google Scholar 

  2. Mostafa, U., Sarit, M., Hyunseok, C., Lakshman, T.V.: SDN-based multiprotocol edge switching for IoT service automation. IEEE J. Sel. Areas Commun. 36(12), 2775–2786 (2018)

    Article  Google Scholar 

  3. Da, Y., Lianming, Z., Kun, Y.: A DDoS attack detection and mitigation with software-defined Internet of Things framework. IEEE Access 6, 24694–24705 (2018)

    Article  Google Scholar 

  4. Wajid, R., Nanjing, U., Xin, H., Zifan, L., Yuhu, S., Wanchun, D.: CFADefense: a security solution to detect and mitigate crossfire attacks in software-defined IoT-edge (2019)

    Google Scholar 

  5. Yaser, J., Mohammed, A., Mahmoud, A., Elhadj, B., Ala, D., Brij, G., Ahamed, D.: Software-defined system support for enabling ubiquitous mobile edge computing. Comput. J. 60, 1443–1457 (2017)

    Article  Google Scholar 

  6. Soo, L., Min, K., and Virgil. G.: CoDef: collaborative defense against large-scale link-flooding attacks. In: Proceedings of the ACM CoNEXT (2013)

    Google Scholar 

  7. Soo, L., Virgil, G.: FLoc: dependable link access for legitimate traffic in flooding attacks. In: Proceedings of the IEEE ICDCS (2010)

    Google Scholar 

  8. Qian, W., Feng, X., Man, Z., Zhibo, W., Hongyu, D.: Mitigating link flooding attacks with active link obfuscation Arxiv (2017)

    Google Scholar 

  9. Ali, S.T., Sivaraman, V., Radford, A., Jha, S.: A survey of securing networks using software defined networking. IEEE Trans. Reliab. 64(3), 1086–1097 (2015)

    Article  Google Scholar 

  10. Christos, L., Vasileios, K., Xenofontas, D.: A novel framework for modeling and mitigating distributed link flooding attacks. In: IEEE INFOCOM (2016)

    Google Scholar 

  11. Soo, L., Min, K., Virgil, G.: CoDef: collaborative defense against large-scale link-flooding attacks. In: Proceedings of the Nninth ACM Conference on Emerging Networking Experiments and Technologies, pp. 417–428. ACM (2013)

    Google Scholar 

  12. Lei, X., Xiapu, L., Edmond, C., Xian, Z.: Towards detecting target link flooding attack. In: 28th Large Installation System Administration Conference (LISA14), pp. 90–105 (2014)

    Google Scholar 

  13. Adrichem, V., Doerr, C., Kuipers, F.: OpenNetMon: network monitoring in OpenFlow software-defined networks. In: Network Operations and Management Symposium (NOMS), pp. 1–8. IEEE (2014)

    Google Scholar 

  14. Alaa, A., Koji, O.: Latency monitoring in software-defined networks. In: CFI 2017 (2017)

    Google Scholar 

  15. Siris, V.A., Papagalou, F.: Application of anomaly detection algorithms for detecting SYN flooding attacks. Comput. Commun. 29, 1433–1442 (2006)

    Article  Google Scholar 

Download references

Acknowledgements

This research was supported by the Strategic International Research Cooperative Program, Japan Science and Technology Agency (JST) SICORP Grant Number JPMJSC16H3 and JSPS KAKENHI Grant Number JP16K00480.

Author information

Authors and Affiliations

  1. Cybersecurity Center, Kyushu University, Fukuoka, Japan

    Alaa Allakany

  2. Faculty of Computers and Information, Kafrelsheikh University, Kafr ElSheikh, Egypt

    Alaa Allakany

  3. Indian Institute of Technology, New Delhi, New Delhi, India

    Geeta Yadav & Kolin Paul

  4. Research Institute for Information Technology, Kyushu University, Fukuoka, Japan

    Koji Okamura

Authors
  1. Alaa Allakany
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Geeta Yadav
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kolin Paul
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Koji Okamura
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Koji Okamura .

Editor information

Editors and Affiliations

  1. Department of Information and Communication Engineering, Fukuoka Institute of Technology, Fukuoka, Japan

    Leonard Barolli

  2. Department of Electrical Engineering and Information Technology, University of Naples “Frederico II”, Naples, Italy

    Flora Amato

  3. Department of Political Science, University of Campania Luigi Vanvitelli, Caserta, Italy

    Francesco Moscato

  4. Faculty of Business Administration, Rissho University, Tokyo, Japan

    Tomoya Enokido

  5. Department of Advanced Sciences, Hosei University, Tokyo, Japan

    Makoto Takizawa

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Allakany, A., Yadav, G., Paul, K., Okamura, K. (2020). Detection and Mitigation of LFA Attack in SDN-IoT Network. In: Barolli, L., Amato, F., Moscato, F., Enokido, T., Takizawa, M. (eds) Web, Artificial Intelligence and Network Applications. WAINA 2020. Advances in Intelligent Systems and Computing, vol 1150. Springer, Cham. https://doi.org/10.1007/978-3-030-44038-1_101

Download citation

Publish with us

Policies and ethics

Search

Navigation