Securing Smart Homes via Software-Defined Networking and Low-Cost Traffic Classification
This addresses security for smart home users, but it is incremental as it builds on existing SDN and ML techniques.
The paper tackles securing smart homes against DDoS attacks by proposing a framework that uses SDN-based VLAN isolation and lightweight traffic features, achieving device identification and attack detection with machine learning algorithms evaluated on emulated networks.
IoT devices have become popular targets for various network attacks due to their lack of industry-wide security standards. In this work, we focus on smart home IoT device identification and defending them against Distributed Denial of Service (DDoS) attacks. The proposed framework protects smart homes by using VLAN-based network isolation. This architecture has two VLANs: one with non-verified devices and the other with verified devices, both of which are managed by the SDN controller. Lightweight stateless flow-based features, including ICMP, TCP, and UDP protocol percentage, packet count and size, and IP diversity ratio, are proposed for efficient feature collections. Further analysis is performed to minimize training data to run on resource-constrained edge devices in smart home networks. Three popular machine learning algorithms, including K-Nearest-Neighbors, Random Forest, and Support Vector Machines, are used to classify IoT devices and detect different types of DDoS attacks, including TCP-SYN, UDP, and ICMP. The system's effectiveness and efficiency are evaluated by emulating a network consisting of an Open vSwitch, Faucet SDN controller, and several IoT device traces from two different testbeds.