research-article

SDN-based Mitigation of Scanning Attacks for the 5G Internet of Radio Light System

Authors:

Krzysztof Cabaj,

Marcin Gregorczyk,

Wojciech Mazurczyk,

Piotr Nowakowski,

Piotr ŻórawskiAuthors Info & Claims

ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and Security

Article No.: 49, Pages 1 - 10

https://doi.org/10.1145/3230833.3233248

Published: 27 August 2018 Publication History

Abstract

Currently 5G communication networks are gaining on importance among industry, academia, and governments worldwide as they are envisioned to offer wide range of high-quality services and unfaltering user experiences. However, certain security, privacy and trust challenges need to be addressed in order for the 5G networks to be widely welcomed and accepted. That is why in this paper, we take a step towards these requirements and we introduce a dedicated SDN-based integrated security framework for the Internet of Radio Light (IoRL) system that is following 5G architecture design. In particular, we present how TCP SYN-based scanning activities which typically comprise the first phase of the attack chain can be detected and mitigated using such an approach. Enclosed experimental results prove that the proposed security framework has potential to become an effective defensive solution.

References

[1]

J. Cosmas, et. al. - 5G Internet of Radio Light Services for Supermarkets, 14th China International Forum on Solid State Lighting: International Forum on Wide Bandgap Semiconductors China (SSLChina: IFWS), Beijing, China, 2017, pp. 69--73,

[2]

J. Cosmas, et. al. - A Scalable and License Free 5G Internet of Radio Light Architecture for Services in Train Stations, European Wireless 2018; 24th European Wireless Conference

[3]

D. Kreutz, F. V. Ramos, P. Verissimo, C. Rothenberg, S. Azodolmolky, S. Uhlig. Software-Defined Networking: A Comprehensive Survey, Proc. of the IEEE, 103(1):14--76, January 2015

[4]

S. A. Mehdi, J. Khalid, S. A. Khayam, Revisiting Traffic Anomaly Detection Using Software Defined Networking, Proc. of the 14th International conference on Recent Advances in Intrusion Detection (RAID 2011), pp. 161--180, 2011

Digital Library

[5]

A. Zaalouk, R. Khondoker, R. Marx, K. Bayarou, OrchSec: An Orchestrator-Based Architecture For Enhancing Network-Security Using Network Monitoring and SDN Control Functions, In Proc. of Network Operations and Management Symposium (NOMS), pp. 1--9, 2014

[6]

S. Shin, G. Gu, CloudWatcher: Network security monitoring using OpenFlow in dynamic cloud networks (or: How to provide security monitoring as a service in clouds?), In Proc. of 20th IEEE International Conference on Network Protocols (ICNP), USA, 2012, pp. 1--6.

Digital Library

[7]

R. Jin, B. Wang, Malware Detection for Mobile Devices Using Software-Defined Networking, Proc. of GENI Research and Educational Experiment Workshop (GREE '13), pp. 81--88, 2013

Digital Library

[8]

J. M. Ceron, C. B. Margi, L. Z. Granville, MARS: An SDN-Based Malware Analysis Solution, IEEE Symposium on Computers and Communication (ISCC), Messina, 2016, pp. 525--530

[9]

K. Cabaj, W. Mazurczyk - Using Software-Defined Networking for Ransomware Mitigation: the Case of CryptoWall, IEEE Network, November/December 2016, pp. 14--20

Digital Library

[10]

K. Cabaj, M. Gregorczyk, W. Mazurczyk - Software-Defined Networking-based Crypto Ransomware Detection Using HTTP Traffic Characteristics, Computers and Electrical Engineering, Vol. 66, pp. 353--368, February 2018

Digital Library

[11]

S. Shin, V. Yegneswaran, P. Porras, and G. Gu: AVANT-GUARD: Scalable and Vigilant Switch Flow, Management in Software-defined Networks, CCS '13, pp. 413--424, 2013

Digital Library

[12]

H. Wang, L. Xu, and G. Gu: FloodGuard: A DoS Attack Prevention Extension in Software-Defned Networks, the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 239--250, 2015.

Digital Library

[13]

G. Shang, P. Zhe, X. Bin, H. Aiqun, R. Kui: FloodDefender: Protecting data and control plane resources under SDN-aimed DoS attacks, IEEE INFOCOM 2017 -IEEE Conference on Computer Communications, pp. 1--9, 2017

[14]

J. Boite, P.-A. Nardin, F. Rebecchi, M. Bouet, and V. Conan: Statesec: Stateful monitoring for DDoS protection in software defined networks, 2017 IEEE Conference on Network Softwarization (NetSoft), pp. 1--9, 2017

[15]

Huiqiang Yuwen, Liancheng Zhang, Zhenxing Wang, Yazhou Kong: Probability-based delay scheme for resisting SDN scanning, 2016 2nd IEEE International Conference on Computer and Communications (ICCC), pp. 1096--1101, 2016

[16]

Z. Zhao, F. Liu, D. Gong, L. Chen, F. Xiang, Y. Li: An SDN-based IP hopping communication scheme against scanning attack, 2017 IEEE 9th International Conference on Communication Software and Networks (ICCSN), pp. 559--564, 2017

[17]

S. Shirali-Shahreza, Y. Ganjali: Protecting Home User Devices with an SDN-Based Firewall, IEEE Transactions on Consumer Electronics, Volume 64, Issue 1, pp. 92--100, 2018

[18]

S. Dotcenko, A. Vladyko, I. Letenko: A fuzzy logic-based information security management for software-defined networks, 16th International Conference on Advanced Communication Technology, pp. 167--171, 2014

[19]

R. Mohammadi, R. Javidan and M. Conti, SLICOTS: An SDN-Based Lightweight Countermeasure for TCP SYN Flooding Attacks, in IEEE Transactions on Network and Service Management, vol. 14, no. 2, pp. 487--497, June 2017

Cited By

Coêlho RSilva RMartimiano LLeonardo E(2024)IoT and 5G Networks: A Discussion of SDN, NFV and Information SecurityJournal of the Brazilian Computer Society10.5753/jbcs.2024.302130:1(212-227)Online publication date: 10-Aug-2024
https://doi.org/10.5753/jbcs.2024.3021
Sobrinho ÁVilarim MBarbosa ACandeia Gurjão EF. S. Santos DValadares DDias da Silva L(2024)Challenges and Opportunities in Mobile Network Security for Vertical Applications: A SurveyACM Computing Surveys10.1145/369644657:2(1-36)Online publication date: 21-Sep-2024
https://dl.acm.org/doi/10.1145/3696446
Everson DCheng L(2024)A Survey on Network Attack Surface MappingDigital Threats: Research and Practice10.1145/36400195:2(1-25)Online publication date: 10-Jan-2024
https://dl.acm.org/doi/10.1145/3640019
Show More Cited By

Index Terms

SDN-based Mitigation of Scanning Attacks for the 5G Internet of Radio Light System
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Distributed packet inspection for network security purposes in software-defined networking environments
ARES '20: Proceedings of the 15th International Conference on Availability, Reliability and Security

5G networks are foreseen to offer rich ubiquitous communication infrastructure with wide range of high-quality services. However, as they are formed using a mix of modern network technologies ensuring their security is crucial. Currently, Software ...
A Survey of Network Virtualization Techniques for Internet of Things Using SDN and NFV

Internet of Things (IoT) and Network Softwarization are fast becoming core technologies of information systems and network management for the next-generation Internet. The deployment and applications of IoT range from smart cities to urban computing and ...
A survey on Blockchain solutions in DDoS attacks mitigation: Techniques, open challenges and future directions
Abstract
With the proliferation of new technologies such as the Internet of Things (IoT) and Software-Defined Networking (SDN) in recent years, the Distributed Denial of Service (DDoS) attack vector has broadened and opened new opportunities ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and Security

August 2018

603 pages

ISBN:9781450364485

DOI:10.1145/3230833

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

Universität Hamburg: Universität Hamburg

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 August 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

Horizon 2020 Framework Programme

Conference

ARES 2018

ARES 2018: International Conference on Availability, Reliability and Security

August 27 - 30, 2018

Hamburg, Germany

Acceptance Rates

ARES '18 Paper Acceptance Rate 128 of 260 submissions, 49%;

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

14
Total Citations
View Citations
242
Total Downloads

Downloads (Last 12 months)14
Downloads (Last 6 weeks)4

Reflects downloads up to 09 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Coêlho RSilva RMartimiano LLeonardo E(2024)IoT and 5G Networks: A Discussion of SDN, NFV and Information SecurityJournal of the Brazilian Computer Society10.5753/jbcs.2024.302130:1(212-227)Online publication date: 10-Aug-2024
https://doi.org/10.5753/jbcs.2024.3021
Sobrinho ÁVilarim MBarbosa ACandeia Gurjão EF. S. Santos DValadares DDias da Silva L(2024)Challenges and Opportunities in Mobile Network Security for Vertical Applications: A SurveyACM Computing Surveys10.1145/369644657:2(1-36)Online publication date: 21-Sep-2024
https://dl.acm.org/doi/10.1145/3696446
Everson DCheng L(2024)A Survey on Network Attack Surface MappingDigital Threats: Research and Practice10.1145/36400195:2(1-25)Online publication date: 10-Jan-2024
https://dl.acm.org/doi/10.1145/3640019
Coelho WComarela GVillaça R(2024)Early Detection and Classification of Malicious Activities in Network and Cloud Services2024 IEEE 13th International Conference on Cloud Networking (CloudNet)10.1109/CloudNet62863.2024.10815800(1-9)Online publication date: 27-Nov-2024
https://doi.org/10.1109/CloudNet62863.2024.10815800
Oh IYoon YSahlabadi MKim HYim K(2024)Security Elements and Threat Analysis of 5G Mobile Network Based on 3GPP 5G NR StandardAdvances in Intelligent Networking and Collaborative Systems10.1007/978-3-031-72322-3_10(97-106)Online publication date: 15-Sep-2024
https://doi.org/10.1007/978-3-031-72322-3_10
Ayodele BButtigieg V(2023)SDN as a defence mechanism: a comprehensive surveyInternational Journal of Information Security10.1007/s10207-023-00764-123:1(141-185)Online publication date: 6-Oct-2023
https://doi.org/10.1007/s10207-023-00764-1
Kholidy HKamaludeen R(2022)An Innovative Hashgraph-based Federated Learning Approach for Multi Domain 5G Network Protection2022 IEEE Future Networks World Forum (FNWF)10.1109/FNWF55208.2022.00033(139-146)Online publication date: Oct-2022
https://doi.org/10.1109/FNWF55208.2022.00033
Aryal BAbbas RCollings I(2021)SDN Enabled DDoS Attack Detection and Mitigation for 5G NetworksJournal of Communications10.12720/jcm.16.7.267-275(267-275)Online publication date: 2021
https://doi.org/10.12720/jcm.16.7.267-275
Yurekten ODemirci M(2021)SDN-based cyber defenseFuture Generation Computer Systems10.1016/j.future.2020.09.006115:C(126-149)Online publication date: 1-Feb-2021
https://dl.acm.org/doi/10.1016/j.future.2020.09.006
Liu YPeng JKang JIliyasu ANiyato DEl-Latif A(2020)A Secure Federated Learning Framework for 5G NetworksIEEE Wireless Communications10.1109/MWC.01.190052527:4(24-31)Online publication date: Aug-2020
https://doi.org/10.1109/MWC.01.1900525
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents