A SDN-based Network Intrusion Detection System to Overcome UPnP Security Drawbacks

Abstract

Internet of Things (IoT) can be defined as an intelligent infrastructure service that provides the means by which information can be exchanged through the interconnection of devices and people. While IoT services continue to be developed, the need to overcome its drawbacks is great. One weakness of IoT is that its technical characteristics expose it to diverse security threats. Because technical equipment has several limitations including restrictive hardware options and low power, it is vulnerable to physical attack or other security threats. In particular, universal plug and play (UPnP) plays a crucial role in connecting heterogeneous devices for IoT services to enable information exchange between them. However, UPnP has inherent security-related drawbacks because it is operated using simple service discovery protocol and user datagram protocol (UDP). Solving the issues of network security and access by unauthorized users is now critical. In this paper, we analyze security vulnerabilities of UPnP, define the rules for distributed Denial-of-service attack situations, attempt to overcome the drawbacks of Software-defined-networking (SDN)-based network intrusion detection systems. Also, we propose to establish an internal IP address of a network device in the virtual environment and present rules to prevent attack scenarios. © Springer Science+Business Media Singapore 2016.