Securing Smart Homes via Software-Defined Networking and Low-Cost Traffic Classification

by   Holden Gordon, et al.

IoT devices have become popular targets for various network attacks due to their lack of industry-wide security standards. In this work, we focus on smart home IoT device identification and defending them against Distributed Denial of Service (DDoS) attacks. The proposed framework protects smart homes by using VLAN-based network isolation. This architecture has two VLANs: one with non-verified devices and the other with verified devices, both of which are managed by the SDN controller. Lightweight stateless flow-based features, including ICMP, TCP, and UDP protocol percentage, packet count and size, and IP diversity ratio, are proposed for efficient feature collections. Further analysis is performed to minimize training data to run on resource-constrained edge devices in smart home networks. Three popular machine learning algorithms, including K-Nearest-Neighbors, Random Forest, and Support Vector Machines, are used to classify IoT devices and detect different types of DDoS attacks, including TCP-SYN, UDP, and ICMP. The system's effectiveness and efficiency are evaluated by emulating a network consisting of an Open vSwitch, Faucet SDN controller, and several IoT device traces from two different testbeds.



page 1

page 6


U-PoT: A Honeypot Framework for UPnP-Based IoT Devices

The ubiquitous nature of the IoT devices has brought serious security im...

An Efficient SDN Architecture for Smart Home Security Accelerated by FPGA

With the rise in Internet of Things (IoT) devices, home network manageme...

Securing Edge Networks with Securebox

The number of mobile and IoT devices connected to home and enterprise ne...

An SDN-IoT-based Framework for Future Smart Cities: Addressing Perspective

In this Chapter, a software-defined network (SDN)-based framework for fu...

The Dark (and Bright) Side of IoT: Attacks and Countermeasures to Identification of Smart Home Devices and Services

We present a new machine learning-based attack that exploits network pat...

Privacy-from-Birth: Protecting Sensed Data from Malicious Sensors with VERSA

There are many well-known techniques to secure sensed data in IoT/CPS sy...

Phantom Device Attack: Uncovering the Security Implications of the Interactions among Devices, IoT Cloud, and Mobile Apps

Smart home connects tens of home devices into the Internet, running a sm...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.