An IRS for SDN-based IoT networks

نوع: Type: thesis

مقطع: Segment: masters

عنوان: Title: An IRS for SDN-based IoT networks

ارائه دهنده: Provider: Ehsan Shahrokhi Mina

اساتید راهنما: Supervisors: Reza Mohammadi (Ph. D) - Mohammad Nassiri (Ph. D)

اساتید مشاور: Advisory Professors:

اساتید ممتحن یا داور: Examining professors or referees: Mahdi Abbasi (Ph. D) - Mehdi Sakhaei Nia (Ph. D)

زمان و تاریخ ارائه: Time and date of presentation: 2023/02/09

مکان ارائه: Place of presentation: http://vc.basu.ac.ir/eng-thesis04

چکیده: Abstract: With the help of the Internet of Things, various programs and devices can interact and talk with each other and even humans through the Internet connection. Since IoT devices may transmit and manage sensitive information, advanced mechanisms need to be developed to achieve success in these networks and whenever cyber attacks and threats occur in the Internet of Things network, appropriate security levels should be used to identify and reduce these threats. Also, because many low-end commercial devices do not support strong security mechanisms, IoT networks are prone to attacks such as denial of service and distributed denial of service, Therefore, creating a centralized security system to prevent attacks in these networks is a basic necessity. In this thesis, using software-defined networks, an intrusion response system is proposed to identify and prevent denial of service attacks on Internet of Things networks. This proposed system uses the capabilities of software-defined networks and has three main modules which are: 1- Extraction and collection of traffic flow Features 2- Attack detection 3- Attack prevention and machine learning algorithms and neural networks are used in its detection module. The focus of this research has been on UDP-flood attacks and the algorithms used have been trained to detect this type of attack. This system settles on the controller of software-defined network and by continuously monitoring the traffic flows, it detects whether the incoming flows are healthy or attacked. According to the results obtained in the test environment of the software-defined network simulator, it was found that the proposed system, in addition to the high accuracy of attack detection is able to prevent them in time and restore the network state to the state before the attack. The results showed that the accuracy of this method has improved by 2% compared to the previous methods.

فایل: ّFile: Download فایل