Distributed Denial of Service attack (DDoS) is recognized to be one of the catastrophic attacks against various digital communication entities. Software-defined networking (SDN) is an emerging technology for computer networks that uses open protocols for controlling switches and routers placed at the network edges by using specialized open programmable interfaces. In this paper, a detailed study on DDoS threats prevalent in SDN is presented. Firstly, SDN features are examined from the perspective of security, and then, a discussion on assessment of SDN security features is done. Further, two viewpoints towards protecting the networks against DDoS attacks are elaborated. In the first view, SDN utilizes its abilities to secure the conventional networks. In the second view, SDN may become a victim of the threats itself because of the centralized control mechanism. The main focus of this research work is towards discovering critical security implications in SDN while reviewing the current ongoing research studies. By emphasizing the available state of the art techniques, an extensive review towards the advancement of the SDN security is provided to the researchers and IT communities.

Software-defined networking (SDN) is an emerging paradigm in enterprise networks because of its flexible and cost-effective nature. By decoupling control and data plane, SDN can provide various defense solutions for securing futuristic networks. However, the architectural design and characteristics of SDN attract several severe attacks. Distributed Denial of Service (DDoS) is considered as a major destructive cyber attack that makes the services of controller unavailable for its legitimate users. In this research paper, an intrusion detection framework is proposed to detect DDoS attacks against SDN. The proposed framework relies on voting based ensemble model for the attack detection. Ensemble model is a combination of multiple machine learning classifiers for prediction of final results. In this research paper, we propose and analyze three ensemble models named as Voting-CMN, Voting-RKM, and Voting-CKM particularly to benchmarking datasets like UNSW-NB15, CICIDS2017, and NSL-KDD, respectively. For validation of the proposed models, a cross validation technique is used with the prediction algorithms. The effectiveness of proposed models is evaluated in terms of prominent metrics (accuracy, precision, recall, and F measure). Experimental results indicate that the proposed models achieve better performance in terms of accuracy as compared to other existing models.

Internet of Things (IoT) is one of the fastest emerging networking paradigms enabling a large number of applications for the benefit of mankind. Advancements in embedded system technology and compressed IPv6 have enabled the support of IP stack in resource constrained heterogeneous smart devices. However, global connectivity and resource constrained characteristics of smart devices have exposed them to different insider and outsider attacks, which put users’ security and privacy at risk. Various risks associated with IoT slow down its growth and become an obstruction in the worldwide adoption of its applications. In RFC 6550, the IPv6 Routing Protocol for Low Power and Lossy Network (RPL) is specified by IETF’s ROLL working group for facilitating efficient routing in 6LoWPAN networks, while considering its limitations. Due to resource constrained nature of nodes in the IoT, RPL is vulnerable to many attacks that consume the node’s resources and degrade the network’s performance. In this paper, we present a study on various attacks and their existing defense solutions, particularly to RPL. Open research issues, challenges, and future directions specific to RPL security are also discussed. A taxonomy of RPL attacks, considering the essential attributes like resources, topology, and traffic, is shown for better understanding. In addition, a study of existing cross-layered and RPL specific network layer based defense solutions suggested in the literature is also carried out.

Internet of Things is realized by a large number of heterogeneous smart devices which sense, collect and share data with each other over the internet in order to control the physical world. Due to open nature, global connectivity and resource constrained nature of smart devices and wireless networks the Internet of Things is susceptible to various routing attacks. In this paper, we purpose an architecture of Ensemble Learning based Network Intrusion Detection System named ELNIDS for detecting routing attacks against IPv6 Routing Protocol for Low-Power and Lossy Networks. We implement four different ensemble based machine learning classifiers including Boosted Trees, Bagged Trees, Subspace Discriminant and RUSBoosted Trees. To evaluate proposed intrusion detection model we have used RPL-NIDDS17 dataset which contains packet traces of Sinkhole, Blackhole, Sybil, Clone ID, Selective Forwarding, Hello Flooding and Local Repair attacks. Simulation results show the effectiveness of the proposed architecture. We observe that ensemble of Boosted Trees achieve the highest Accuracy of 94.5% while Subspace Discriminant method achieves the lowest Accuracy of 77.8% among classifier validation methods. Similarly, an ensemble of RUSBoosted Trees achieves the highest Area under ROC value of 0.98 while lowest Area under ROC value of 0.87 is achieved by an ensemble of Subspace Discriminant among all classifier validation methods. All the implemented classifiers show acceptable performance results.

In the era of digital revolution, a huge amount of data is being generated from different networks on a daily basis. Security of this data is of utmost importance. Intrusion Detection Systems are found to be one the best solutions towards detecting intrusions. Network Intrusion Detection Systems are employed as a defence system to secure networks. Various techniques for the effective development of these defence systems have been proposed in the literature. However, the research on the development of datasets used for training and testing purpose of such defence systems is equally concerned. Better datasets improve the online and offline intrusion detection capability of detection model. Benchmark datasets like KDD 99 and NSL-KDD cup 99 obsolete and do not contain network traces of modern attacks like Denial of Service, hence are unsuitable for the evaluation purpose. In this work, a detailed analysis of CIDDS-001 dataset has been done and presented. We have used different well-known machine learning techniques for analysing the complexity of the dataset. Eminent evaluation metrics including Detection Rate, Accuracy, False Positive Rate, Kappa statistics, Root mean squared error have been used to show the performance of employed machine learning techniques.

Relay node placement in wireless sensor networks for constrained environment is a critical task due to various unavoidable constraints. One of the most important constraints is unpredictable obstacles. Handling obstacles during relay node placement is complicated because of complexity involved to estimate the shape and size of obstacles. This paper presents an Obstacle-resistant relay node placement strategy (ORRNP). The proposed solution not only handles the obstacles but also estimates best locations for relay node placement in the network. It also does not involve any additional hardware (mobile robots) to estimate node locations thus can significantly reduce the deployment costs. Simulation results show the effectiveness of our proposed approach.

Relay node placement is one of the critical need of wireless sensor networks when connectivity, lifetime, fault tolerance like factors are desired in the network. In this study, we review the present relay node placement techniques and provide an overall view of this study by summarizing previous achievements. We categorize the placement strategies into four broad categories, namely, approximation, algorithms, heuristics, meta-heuristics based techniques. A taxonomy is presented to enlist the present techniques. The paper also emphasizes on the research challenges and gives an idea of potential future scope in this research domain.

We have thoroughly studied the paper of Perazzo et al., which presents a routing attack named DIO suppression attack with its impact analysis. However, the considered simulation grid of size 20mx20m does not correspond to the results presented in their paper. We believe that the incorrect simulation detail needs to be rectified further for the scientific correctness of the results. In this comment, it is shown that the suppression attack on such small sized network topology does not have any major impact on routing performance, and specific reason is discussed for such behavior.

Abstarct: In the RPL routing protocol, DODAG Information Solicitation (DIS) control messages are sent by nodes to join the network. In turn, the receiver node replies with DODAG Information Object (DIO) control message after resetting its trickle timer. A malicious node can utilize this RPL protocol behavior to perform the DIS flooding attack by sending illegitimate DIS frequently which forces normal nodes to reset their trickle timers and flood the network with DIO messages. In this study, we show that such attacks can severely degrade the performance of Low Power and Lossy Networks (LLNs) because of the increase in control packet overhead and power consumption. To address DIS flooding attacks, we propose a lightweight mitigation scheme that detects and mitigate such attacks in order to improve LLNs performance. Note:To be published in proceedings of 2019 IEEE Region 10 Conference (TENCON 2019)