Fog-Assisted SDN Controlled Framework for Enduring Anomaly Detection in an IoT Network

Extensive adoption of intelligent devices with ubiquitous connectivity has increased Internet of Things (IoT) traffic tremendously. The smart devices promise to improve human life through improved safety and security through the implementation of intelligent transportation systems, optimization of power grids, and applications in human health. Devices produce a large amount of data for analytic applications running inside a cloud infrastructure. Unlike core networks, the main objective of an attack on an IoT network is to disrupt the availability of IoT data for the applications by overwhelming devices with information requests. Detection of such an attack cannot be done either in the cloud where the analytical application runs nor on the IoT device itself due to its limited computational resources. Furthermore, the standard networking paradigm does not provide an easy way to instrument and control networking nodes, for an effective mitigation of identified threats. In this paper, we propose a fog-assisted software defined networking (SDN) driven intrusion detection/prevention system (IDPS) for IoT networks. A collocated fog computational arrangement with IoT network equips proposed IDPS for timely identification of various attack models in near real time for effective neutralization of threats using SDN control. We have found our approach more effective from traditional techniques of intrusion detection in the IoT network.