Krishnan, Prabhakar and Jain, Kurunandan and Buyya, Rajkumar and Vijayakumar, Pandi and Nayyar, Anand and Bilal, Muhammad and Song, Houbing (2022) MUD-Based Behavioral Profiling Security Framework for Software-Defined IoT Networks. IEEE Internet of Things Journal, 9 (9). pp. 6611-6622. ISSN 2327-4662
Full text not available from this repository.Abstract
The rapid development and deployment of Internet of Things (IoT) devices in modern networks and Industry 4.0 have attracted substantial interest from cybersecurity researchers. In this study, we propose a software-defined framework that improves network intrusion detection systems by using manufacturer usage description (MUD) to enhance the behavioral monitoring in IoT networks. We aim to explore whether Industrial IoT (IIoT) devices typically serve a common role in cyber-physical systems, and their communications exhibit predictable patterns that can be defined in MUD profile(s) formally and succinctly. We design a framework that utilizes the concept of digital twins and software-defined networking to improve the security of IIoT environments. The MUD data are profiled, and the actions are evaluated on the network digital twin before they are used in the physical network. The behavioral profiling system is updated in real time, thereby improving the overall system security and compliance to policies in the IoT deployment. Evaluation results show that our solution outperforms existing approaches substantially in terms of attack detection accuracy, predicting security incidents, response time, and resource usage.