TY - JOUR
T1 - SFaaS
T2 - Keeping an eye on IoT fusion environment with security fusion as a service
AU - Kuo, Chien Ting
AU - Chi, Po Wen
AU - Chang, Victor
AU - Lei, Chin Laung
N1 - Publisher Copyright:
© 2018 Elsevier B.V.
PY - 2018/9
Y1 - 2018/9
N2 - Currently, Internet of Things (IoT) applications are being fused with multiple technologies. Software-defined networking (SDN) is a core component of IoT fusion environments because of its concept of programmable networking in which a network manager can process each network flow using software programs. SDN is a powerful and flexible solution for the IoT communication infrastructure offering a centralized control architecture. However, the infrastructure is based on the hypothesis that all switches are trusted and follow programmed commands to handle packets. This means that if the switches are compromised by an attacker and do not follow the order of the network manager, a huge network disaster will occur. In this study, we propose a concept of Security Fusion as a Service (SFaaS) for addressing this issue. Based on this concept, we design two detection mechanisms fused on a softwarized switch topology measurement architecture environment to detect the attack models. We evaluate, analyze, and simulate our mechanisms and the softwarized measurement architecture service and demonstrate the high performance of detection and damage reduction to prove the validity of the SFaaS concept.
AB - Currently, Internet of Things (IoT) applications are being fused with multiple technologies. Software-defined networking (SDN) is a core component of IoT fusion environments because of its concept of programmable networking in which a network manager can process each network flow using software programs. SDN is a powerful and flexible solution for the IoT communication infrastructure offering a centralized control architecture. However, the infrastructure is based on the hypothesis that all switches are trusted and follow programmed commands to handle packets. This means that if the switches are compromised by an attacker and do not follow the order of the network manager, a huge network disaster will occur. In this study, we propose a concept of Security Fusion as a Service (SFaaS) for addressing this issue. Based on this concept, we design two detection mechanisms fused on a softwarized switch topology measurement architecture environment to detect the attack models. We evaluate, analyze, and simulate our mechanisms and the softwarized measurement architecture service and demonstrate the high performance of detection and damage reduction to prove the validity of the SFaaS concept.
KW - Compromised SDN switch
KW - IoT fusion environment
KW - IoT security
KW - SFaaS
KW - Switch topology
UR - http://www.scopus.com/inward/record.url?scp=85040992226&partnerID=8YFLogxK
U2 - 10.1016/j.future.2017.12.069
DO - 10.1016/j.future.2017.12.069
M3 - Article
AN - SCOPUS:85040992226
SN - 0167-739X
VL - 86
SP - 1424
EP - 1436
JO - Future Generation Computer Systems
JF - Future Generation Computer Systems
ER -