Documente Academic
Documente Profesional
Documente Cultură
Acknowledgement
In the name of Allah, the Most Gracious and the Most Merciful Alhamdulillah, all praises to
Allah for the strengths and His blessing in completing this thesis. Special appreciation goes to
my supervisor Sir________________, for his supervision and constant support. His invaluable
help of constructive comments and suggestions throughout the experimental and thesis works
have contributed to the success of this research. Further I would to thank Sir ______________,
who timely checked my work and appreciated me on every step.
It is one of the infinite blessings of Allah that he bestowed me with the potential and ability to
complete and present thesis and make a material contribution towards the deep oceans of
knowledge.
Hopefully, this masters dissertation will not be the end of my journey in seeking for more
knowledge to understand the meaning of life.
3
Table of Content
Acknowledgement 02
Abstract ..04
Abstract
The global communication and data transferring trends have been leading towards the 5th
generation technology which enables the fast data transfer with less use of bandwidth. Internet of
things has made the huge networks with the involvement of business organizations, distribution,
transportation, operations, and e-commerce on the IOT networks. Since IOT devices are now
starting connected with the 5G networks due to usage pattern and behavior of users. The hackers
and DDOS attackers consider the 5G networks as easy target to attack due to the limited focus on
security and weaker existing security protocols of 5G networks. This study aims to detect and
identify the weaknesses on the 5G based IOT networks using different techniques. The review of
previous researches has also done and SDN and NFV based models and architectures are design
to detect the DDOS attacks on IOT based on 5G network and these architectures are self-
powered to mitigate, remove and minimize the DDOS attacks considering the level of attack and
Key words: Internet of things, Distributed Denial of Service (DDOS), Network functions
Chapter # 1: Introduction
1.2.Background
The concept Internet of thing (IOT) has been in consideration in technology based research
today because IOT are made of the combination of devices, objects, users, services and networks
that helps communication, data sharing, and transfer of information so that common benefits
from different areas are obtained. In technologically advanced world the IOT has been used in
different fields like hospitals, production, energy, fleet management, and distribution or supply
chain etc. The identity management approach has been used by the Internet of things (IOT)
devices so that it can be identified in large number of similar devices. The IP address mechanism
is being used to identify the region from where the device is located from among several devices.
The 5G networks are the next generation of mobile networks which is advanced and latest than
the 4G and LTE technologies which is going to be globally adopted by 2020. The capacity and
speed of data transfer in 5G is expected to increase higher density of broadband users that
facilitates the fast device to device communication with additional reliability then technologies
before. The use of 5G ensures lower latency and it further ensures less battery usage if
Modern IOT technology works to improve the living style with the help of devices which
act intelligently to do tasks and works on daily basis. The concept of IOT leads to other concepts
of smart homes and smart cities that take the way of life to new level. But it is also the fact that
internet of things (IOT) devices are not secured enough to ensure privacy of information and data
used in different domains. The different types of malwares, Botnets and Dos attacks are effecting
the efficiency of IOT devices but also keep the IOT devices vulnerable for DDOS attacks [3] and
other powerful cyber and internet based attacks [1,2].It is therefore needed to create the security
6
model to secure the 5G based IOT devices from Distributed denial of services. The weaknesses
of the IOT devices will be used to design its security and mitigate the DDOS attacks by using the
5G network. Software defined network (SDN) and network functions virtualization (NFV) are
important players in facilitating the internet of things operations using 5G and these networks are
used in designing the security model for Internet of things to get them safe from botnets and
The DOS attacks are one of commonly used weapon by hackers and attackers in I.T
networks which has now taken different shapes to damage the website and other networks badly.
A DOS attack is done to make the resources, machine and information unavailable to its users
for short and long term by disrupting the network and host and attacking the network. The
Distributed Denial of Service Attack is done via multiple systems which are infected and
compromised. The incoming traffic flooded the network and systems that actually comes from
large number of sources to block the IP and make it not accessed for actual users. DDOS attacks
are done on large servers and these are distributed via the Botnets.
In order to control the DDOS attacks on IOT networks a previously proposed and designed
prevention is AntibIOTic which researcher used to prevent the attacks on IOT which works as
actual antibiotic which doctor prescribed to patient and it enters into blood of patient to kill
bacterias inside. DDOS attacks damage the system from un identified multiple sources so it is
important to create a security model which play smartly and dodge the attackers by creating
botnets into system which actual detached IOT devices based on 5G and stop attackers to see it
as option for attack. This major purpose of this research is that to identify the key types of DDOS
attacks, use cases and understand the damage DDOS attacks put to the Internet of thing
networks. The model will take the IOT devices to safer environment whereas the attackers will
7
face hurdles to find the IOT device to enter and damage its information. Researchers [4,5,6] have
emphasize on the security solution of IOT devices based on 5G networks but the most of them
lacks a proper physical architecture like SDN and NFV, which this study will focus to design a
comprehensive and effective model and architecture that will make more secure IOT networks
Before emphasizing on creating the model for security from DDOS it is crucial to know how
packets transfers and forwarded in IOT devices which used 5G networks. Most of the IOT
devices today schedule the forwarding tables their own which mean internal decision of
forwarding is taken by them. The internet of things networks used routing and hosts to forward
the data to right destination after its scrutiny. It could be understand in a way that a packet reach
to the router and device which further consult to the table so that the actual destination of packet
could be identified and sent to that destination through the interface external that helps forward it
there.
In contrast the Software defined networks architecture distinct the data plane from the control
plane. To understand the network topology a intricate control intelligence is deployed over it [7].
The network further informs the controllers to alter the flow of traffic in the network. The
controllers rely on the condition and it further drop the packets at the OF switches if malwares
The Internet of things (IOT) devices are expected to move majorly on the 5G wireless
networks in coming years after the adoption of 5G technology globally. Since the internet of
things (IOT) networks are majorly based on human use and linked with the business operations
8
of organizations. The DDOS attacks can stop the services on IOT by attacking the network with
wireless network [8]. The wireless 5G networks are based on the rays and signals through which
the data actually forward, transfer and transmit to each layer of users and controllers. There are
weaker security models and architectures exist in to secure the 5G based IOT networks from
DDOS attacks and most of the existing models are limited to the small to medium size networks.
SDN is a powerful tool that is now used in different types of architectures to make networks and
devices secure [9]. There is need to use design a model on SDN based that will identify the
attackers and hackers on time and have capacity to stop the DDOS attacks with control on each
The NFV based security architecture to prevent DDOS attacks is also less focused by
researchers because of complex architecture and its implementation efforts required. There is
need to understand the components, architecture and model of the 5G networks to aupport the
internet of things devices. Furthermore there is research gap to differentiate the traditional
network based IOT and 5G based IOT in terms of exposure to risk, threat and attacks [9]. A
combined and comprehensive architecture based on SDN and NFV is needed to prevent the
DDOS attacks on IOT and provide a safer 5G based IOT model that could be installed and
Chapter # 2: The concept of DDOS attacks and Botnet on 5G based IOT Devices
The term DDOS (distributed Denial of service) attacks are one of most considered form
of cyber attacks in the modern technology era. In the 5G network the IOT devices are linked and
interconnected via the wireless broadband and LTE enabled networks. DDOS attacks controls
the 5G based devices of IOT that are linked with servers through different locations. DDOS
attacks bound the IOT network to a botnet which leads to their action that stop the server to
respond and provide information to end users (see in Figure 1). In simple words the DDOS
attacks can be understand as the scenario where at the main entrance of a retail outlet the crowd
intentionally stand which create hurdle for actual interested buyers to enter the outlet. Thus the
The DDOS attacks had different purpose in past which was to brag the rights but the
DDOS attackers and hackers today have intention to steal and obtain the important information
which is financially beneficial for them or for the purpose of revenge and competition in market.
In 5G networks the DDOS attacks can exhaust the bandwidth and link of IOT devices with the
servers. It leads the unavailability of the server, information and portals which were accessed
through the IOT devices and thus stop the operations and activity which are to be done via the
IOT networks and devices. DDOS attacks block the different resources of servers memory, port,
At the time attack the attackers make the server unavailable for the users and at the same
time they further compromise the important information on server. There are two major
techniques used for the DDOS attacks which include amplification and reflection technique. In
the reflection technique the trail and chain is hiding by the hackers and attacker transmit the
diversified packets with the bogus IP address of the targeted system which becomes the source of
information to for different packets destination so the destination servers respond and thus it
create crowded traffic stop server availability. The attacks of implication techniques are done
with reflection technique so that the damage on target would be big. Considering the DDOS
attacks the types of traffic includes UDP, TCP and ACMP. According to the [11] NTP and
SNMP are most favored types of traffic in the attacks both from reflection and amplification.
A crucial aspect today is that the threat actors while doing DDOS execute the layered attack
using diversified attack vectors to make the impact which make identification of attack purpose
complicated. Distract from goals, challenge the security system and disturb operations are major
causes of DDOS attacks. According to report of VeriSign [12] after mid of 2016 the DDOS
11
attackers design different types of attacks to damage networks. From the recently attacks the
attackers and botnets uses susceptibilities of internet of things (IOT) devices efficiently to do
DDOS. Research of [10] investigates and found that IOT devices are major source of DDOS
attacks which causes almost 96% of attacks whereas the routers contribute 3% and conceded
Linux servers also caused 1 percent of attacks. It is not only the IOT devices which got effected
by the Botnets but other internet users also disturbed. In order to comprehend the malwares on
IOT the restrictions by environment on IOT devices are needed to understand. The
The embedded Linux uses the different types of LIBC executions to dominate Internet of
The hazard of the IOT devices based on 5G is significant because the prevention and
remedies of attacks are difficult. The IOT devices on wireless networks are convenient target for
attackers. Botnets and DDOS are known threats from last decade but the major danger from it
came to knowledge from year 2016. The characteristics of internet of things malwares which
There is minimal impact of IOT based attacks on the host. Malwares get active and attack
The conventional method becomes obsolete in IOT malwares attack identification and
There are very high volume of the IOT botnets based traffic that is around 100 gbps
During the attacks of DDOS the IOT botnets generates traffic which is unconventional
like GRE and deploy the technique like DNS water torture in the Distributed denial of
service attacks.
The traffic flow from GRE gives very less opportunity to forge the network that is why
DDOS attacks are unusual in this traffic. Most 5G based IOT networks does allow the traffic
from GRE and furthermore GRE is also used in prevention architecture of DDOS attacks.
13
In figure 2 the DNS water torture structure is demonstrated. DNS structure requires fewer
inquiries from BOT and that makes it different from reflection and amplification technique. It
allows the DNS server to do the DDOS attack on victims DNS server (authoritative). Using this
technique the Bot send the query based on DNS which also contain the domain or victim. A
randomly originated prefix is written as name. The ISPs DNS server send queries to authoritative
servers of that is already overloaded then it is sent to another DNS server, it illustrate that IOT
There is a case of Krebsonsecurity.com in which the year 2016 a blog faced DDOS attack size of
over 620 gbps which were generated from the vulnerable IOT devices based on 5G networks
[13].It is the retaliation act from the ISRAEL based hackers to stop the series of blogs from
Krebs to highlight and stop DDOS attacks. At end two hackers were arrested who involve in
The second case is the OHV case which is a France based cloud computing and hosting
organization that provide the servers (virtual private)and dedicated servers. In September 2016
Mr Octave Klabaon his twitter account post that servers have been under attack of DDOS attacks
most of them are over 100 gbps with largest one was around 800 gbps [16] on next day an attack
of between 1.1 tbps to 1.5 tbps coming from IOT based devices. The traffic coming in DDOS
attack includes the TCp/ack, TCP/SYN and TCP/Ack_ PSH that are send from infected IOT
The third cases of Deutsche Telekom which is a Germany based Telecom Company. The
devices and routers are given by the Deutche Telekom to their customers having brand name
Speedport.On the month of November 2016 in end huge numbers of Deutche customers report
network disconnectivity. The issue were found as the miraj based malware that scanned first and
infect the connected devices to add them to their Botnet network.The attackers used the concept
from a blog released on 7th November 2016 in whichweakness of D1000 modems were
In the modern telecommunication and internet based networks the risks and threat of
DDOS attack has been increased. Especially the 5G networks are exposed to the threats and
attacks which used the component of this wireless network to launch the cyber-attack like DDOS
on Internet of things devices. It is the real challenge even worst then conventional networks to
identify the botnet and mitigate it because the rate of data transfer is much faster and additional
number of devices to be involved in it. At this point of time we proposed the traditional
technique of Botnet detection named Decoupling, which established into two phases.
In first phase it proactively detects the command and control channel which shows
suspicious activity. Monitor and analyze the flow of network traffic are detection techniques. On
the second phase emphasize on low level where Deep packet inspection is used to understand the
In the first phase the monitoring of the high level flow detection permit the analysis and
evaluation of large size data quickly. since the traffic is massive in initial phase the deep analysis
is not suitable. Due to this reason the detailed analysis is done in second stage considering those
peers which were suspected in first stage. Those sensors who were responsible for obtaining the
flows of traffic network are also analyzed using advanced detection facility and this process is
named Flow based Monitoring. The detailed analysis is done by the DPI like SNORT [17]. It
further act as the sensor in the lower granularity. While going through both the phases the
detection management loops are defined which were included in the use case of 5G networks
based IOT device security in research [18]. This use case is also considered as important point to
After the confirmation of Botnet on networks post second phase then the deception
approach to stop and compete with the Botnet are deployed so that the attacks like DDOS which
could be result of ti would be reduced. The implementation of the Honeynet which is customized
and virtualized as actuator so that it could isolate Botnets by making the Botnet zombies (clones)
to deceive and remove the Botnets from the network [19]. This technique keeps the Botnet
attacker unaware that its attack is being disabled and removes via Hnet.Sensors and Actuators
are also implementing in the network to secure the IOT devices and this will be named as NFV
application.
For the purpose of operation the network packets are being accessed by the sensors and DPI.
Hnet ensures security by detecting the Command and control channel based network flow which
then directed to rivaled Bots and original bots are blocked as result. A SDN application is
implemented so that the flow table is reconfigure over the virtual switches that have features as
follows,
In order to start the second detection control loop the network flow transfer the data
The network flow send the flows of peers to HNet and in that place the these flows is
isolated to stop DDOS attacks and learn new ways of changing the patterns of Botnet
behavior.
The Figure 5 demonstrates the overall architecture and flow of identify and prevent the
Botnets in the 5G based networks which further helps the controllers to keep the IOT devices
safer.
17
In the first phase of high level detection the technique used will be one which recognizes
the pattern which is used in SELFNET to identify the bahaviour of peers. The DPI that supports
the 5G will analyze the network packets considering the types of botnet. At this phase of
detection includes the Monitoring and analysis layers (sub layers) that equipped the sublayer of
Autonomic management to control the security issues. Furthermore the causes, symptoms are
With a pool of sensors and actuators already deployed in the network, 5G mobile users
can move from one location to another, implying that deployed detection or mitigation
Functions will need to be adapted accordingly. They should be moved following users mobility,
in order to continue monitoring and analyzing those UEs under inspection (detection phase) or
even emulating their behaviors (mitigation phase) as was previously done. As an example,
consider the 5G mobile scenario.One or more UEs served from RAN1 move and are served by
RAN2. In the case that they were being analyzed (by a DPI) or emulated (by a HNet) in RAN1,
the corresponding sensors and/or actuators capabilities will be dynamically migrated to RAN2 to
keep their detection and mitigation processes up and running (either with new deployments or re-
using existing applications in RAN2). For scalability purposes, multiple distributed SDN
18
controllers may be deployed to control specific segments of the network, all managed by the
On the basis of design principles the IOT architecture is proposed which is demonstrated
in Figure 6 as well. Among the four layered architecture device layer is first one in which
diversified formats of data is obtained by the sensors for IOT application that are used in
different domains. Few of the devices play role of actuators which receives commands from
network and perform their tasks accordingly. The second layer is communication layer in
which the SDN controller controls the data transfer and this layer is based on routers and
gateways. Third is computing layer which supports the billing and accounting process consist of
SDN controllers. In this layer the data forwarding as per need is controlled. In service layer the
One central or different SDN controllers can perform control function with cooperation
as per the existing deployment capacity. The focus of this study is on creating horizontal IOT
architecture and the scope of this study does not cover the interoperability of dispersed software
defined network controllers. Further this study emphasizes on SDN philosophy which confirms
20
that physical deployment of controllers is distributed but they are centralized actually. The ability
a) Controllers on SDN: The SDN controllers controls and process the data and perform
functions like,
It manages the equipment; configure the routers, 5G networks, virtual network control,
policy and procedure implementation for data processing under devices corresponding
Function of SDN controller includes adding and modifying the gateways supported
service, storing the policies, along with apprising the regulations and algorithms of data
center.
The management of topology like calculation of routing and understanding the intensity
of DDOS attacks
Maintenance and Operations for example maintaining the logs of operations, alarm any
issue, monitor the user interface and monitor the Internet of things (IOT) devices
Detecting the on network verification service access along with identifying the conflicts.
21
b) The Routers/ gateways: These are used for forwarding the data throughout the
networks. Gateways have the capability to store and cache its data along with it gateways
follows SDN controllers orders to process the data. The security control, management of
node and converting protocols are also functions of Gateways. In order to process the
It provides the ability to function to create connection between IOT devices along with
forward the data forwarding to the gateways that are distant.so that data processing
Analyze and process IOT devices data transfer specially through wireless broadband and
5G.
c) The Storage center and Data processing: As per the instructions of controllers this
module stores the data which is in network and collected from IOT devices. Controller
further processes the mining of data, reasoning, converting the format under this
component. This component actually came out from the communication layer because its
task is to arrange and provide data in required formats to each user like gateways. The
data which is aggregated and cached from devices (IOT) comes under responsibility of
this component. This component have capability to process the data and remove obsolete
data which were collected by sensors but SDN controllers can not programmed this
component.
d) The Billing and Accounting center: The IOT services uses storage and computing
resources majorly unlike network service that uses network bandwidth. If demanded it
provides the additional services but with backing of developers. It is needed that latest
billing and accounting mechanisms considered. Process of billing and accounting uses
data, consumer time and uses applications services. But it is needed to measure the
resources and its types used by routers and controllers. The policies related to billing are
not in the scope of this research, but the mechanism to measure resources that were used
is gone through Software defined network NBI (North bound interface). The main
Operations and logic of internet of Things services like rules, programs and algorithm
The policies and mechanism for caching and storage of data like kind of data cached and
The preservation and operation for network tools for example alarms, logs and ONF
In the SBI (South Bound Interface) emphasizes to support the different requests and
communication between gateways and controller. Furthermore the router configuration is done
with it OpenFlow protocols. OpenFlow further extend its scope to support the devices which
It is needed to implement the IOT architecture to validate the proposed one furthermore
its performance should be evaluated before reaching final outcomes. IOT modules is implement
in real and virtual devices both which is then tested using diversified test networks. On virtual
machines the analysis of the performance is done as well. The implementation of controller is
done on POX which is a platform to develop and make prototype of network quickly in control
application that will enhance communication with OpenFlow switches [20]. POX provides the
functions like maintenance of topology, measuring path of routers, interact with switch using
OpenFlow but this study go ahead to deploy POX functions that are useful in configuring flow
tables in routers. The control plane on IOT instructed POX to configure flow table along with
The deployment of the routers/ gateways are done via vSwitch [21] which is virtual
switch that backing OpenFlow. During implementation the Node management along with data
caching and storage is applied. The data obtained will be stored in routers and it will be
processed as needed by algorithms given by developers of IOT which further then given to
gateways when needed. The open vSwitch 2.3.0 is used during the implementation and testing
process which also configured the routers in similar way where data routing and storing of
sensed data can be done. In the implementation of SDN NBI the JSON is used which
summarized the internet of things services. In Figure 7 demonstrates that in test networks the
data field is deployed. The test field duration in figure is used to understand the duration of
Figure 7: The JSON Data fields via NBI Software defined Networks on IOT
In the testing of prototype for the purpose of SDN south bound interface the openFlow
1.0 is used. In Figure 8 the different fields of extended openFlow protocol is being demonstrated.
Further along with the normal (standard) openFlow fields two additional fields are included to
guide the type of data format will be required to transfer and cache of data from gateway.
25
In order to demonstrates the IOT services which we provided in this IOT architecture a demo
setup has been set in our laboratory so that IOT applications implementation can be test under
diversified scenarios.
The figure 9 demonstrates the structure of Test network setup. Via the connection
gateways the Rasberry Pi is configured. The devices used in networks include the smartphones
and beacons. Three beacons 1,2 and 3 are deployed in workroom near the door, where other
three 4,5,and 6 are deployed in the conference room. The corresponding Raspberry Pis started
the beacons. Beacons are further linked with smartphones via Bluetooth and to each
corresponding Raspberry Pi whereas Smartphones are linked with Raspberry Pi via WIFI
technology. The first scenario is set to test Lab check in in network which is deployed in a way
that students when approaching to laboratory then will get the map popping reminds him to do
using which student can attach to the network. In Figure 6 (a) those beacons are also shown
which are detected by devices but do not have connections yet. Student can chose a beacon to
connect enters his name and Student ID to complete the check in process as demonstrated. Their
The laboratory in charge and even professor can check the students presence in Lab on
his Smartphone screen. Professor can connect his smartphone via Raspberry Pi2 to network by
sending the request to Respberry Pi 2 regarding Request Lab. There is possibility of connecting
the Raspberry pi 2 via the path Raspberry Pi 2 -- gateway 2 -- routers but connecting to
connection is sent which helps finding the path Router- Gateway 1- Raspberry Pi 1. The
professor will get the list of students checked in in laboratory as shown in Figure. The
The second scenario is set up in a way which demonstrates the Conference Room
booking and test on network is done. This service is implemented to confirm the booking or
busy of conference room because when someone enter in conference room a popping came ask
to book the conference room. Person is then enters his name and the time he will use conference
room which Raspberry Pi 2 will store. If any other person or management wants to know the
status of conference room they can obtain the information from network.
The third scenario is that professor wants to conduct conference with students when he
has free time and students are present in the lab. To check the students presence he can use the
Lab check in service to confirm the number of students present there. Further professor will use
conference room booking service to find which conference room is free. Professor may found it
27
complex to dual check availability of students and conference room. So he wants a service which
could facilitate this issue by discussing it with the IOP developers. Developers found no need to
install new beacon because vi Raspberry pi 1 they use both services students list and conference
room. A new application is developed by the IOT developers which ensure number of students in
lab and also confirms the availability of conference room. This information will be uploaded to
students in lab and availability of conference room. It ensures providing the information of
conference possibility and students available, the controller then upload this information on
router. Without adding new sensors this IOT service can be used. When query is initiated to
know conference possibility it will be the router who find students quantity and conference
rooms free from Raspberry Pi 1 & 2 the result if which directly send to professors Smartphone.
The three major dormancies are calculated during the implementation of above scenario.
It took almost 420 minutes to installed the new service like conference possibility to router by
controller; this value came out after ten tests. The time it took actually covers the time which
controller used to resolve JSON, understand and transmit it to router, and duration router takes to
get it implemented for the purpose of configuring the correspondence. Further ten experiments
also demonstrate that it took 58 minutes to router when a new path is requested and responded.
The whole process includes the routers request to controller; controller measurements of path,
information sharing with router and router get it installed and started using the Flow table. The
average value measured for the transmission of request from Raspberry Pi 2 to raspberry Pi 1 and
28
receiving the data is 0.8 minute. The measurements of different test scenarios demonstrates that
proposed IOT architecture is useful in introducing, and installing with fast pace by reusing the
data and service does exist. It is also found that SDN technique demonstrates its effectiveness for
IOT services.
Trip time and rate of packet loss in both new and existing IOT services by comparing values.
The whole experiment includes 10 routers, nine hosts and single controller which work as virtual
The figure & demonstrates the network topology in which the measurement to send
packet to receiving host named H1 to H9. Two conditions are applied to evaluation first one is
that a path exists between the host and second is no path in SDN controller performance
evaluation.
29
The figure number 11 demonstrates the Round trip time average for the paths that exist
already showing the functions of large number of routers in between hosts. Whereas in figure 12
the condition of round trip time in no host existence is demonstrates. Under this scenario the
nearest gateway to sending host transmit the request of packet forwarding to controller. In order
to configure the Flow table it is controller who measures corresponding path needs and send the
data back to openFlow communication. On the basis of flow table the packets then transfer to
second router. It is important to remember that controller communicate to every node via
openFlow from its message source to its destination. The router have information about packet
receiving before it actually receives that is why the packet immediately transferred. In case of no
configuration of Flow table because of network interruption the request of forwarding directly
reached to controllers router. But there is no need now controller to measure the path because it
has this information based on the request of first router. Because all of gateways with path are
setup before time, there will be no difference found in Round trip time (RTT) with the increment
In the figure # 10 the rate of packet loss is shown because the IOT service uses different
rates to send the packets and that receiver and sender have diversified paths exist also. While
conducting this test the bandwidth of network is set at 300M level p/s whereas the data send
through applications are transfer with different rates. A test were also conducted in condition
with paths exist between hosts. Controller plays important role in identifying the path.
31
virtualize network as building blocks using the technology of virtualization [22], [23]. The
blocks further created communication services in a chain process. The architecture of NFV is
created as it uses single or more virtual machines to support and operate the process and software
like storage, cloud, switches and servers on network. It minimizes the effort because the
customization of network functions is not needed. With the inclusion of SDN and NFV in IOT
architecture the efficiency and flexibility of network is influenced whereas programmability also
influenced [23], [24], [25]. By using the Open Flow based software defined networks at the time
of NFV execution helps achieving the functions of Internet of things (IOT) based networking for
example firewall control, routing, more secure tunneling in routers and servers along with it
further give preference to control the traffic QoS under the circumstance of centralized
controller[25].
32
things whereas in figure 14 the SDN-OF and NFV based network architecture is demonstrated.
The network effectiveness and quickness of the Internet of things (IOT) is influenced by the
Figure 14: IOT Network Architecture using SDN- OF and NFV technologies
The significance of controller in SDN based architecture is very high. Controller manages
the QOS, network firewall, routers, balancing of load and ensure network charging. The control
needed for the development and implementation the system effectively. The limitation of
controller is that it can not manage the whole network in case of large size networks [26], [27].
33
The research of Hu et al. [26] conducts the survey to find controllers performance and suggest
the method to improve performance of controllers. The [27] investigated that the in a Software
defined network the controllers are placed in a way which is bodily, hierarchically and rationally
distributed. [28] Demonstrates a model of efficient programming in which the algorithms are
designed to control the software defined networks. It is motivating idea to use 4G networks of
cellular in M2M (machine to machine) communiqu which is proposed by [29]. The framework
which was proposed highly dependable on architecture based on 4G cellular network. To design
the Software defined network (SDN) the extended MINA (multi network information
architecture) is planned with SDN controller which is layered [30]. But there is need to proposed
and implement the Internet of Things (IOT) architecture which is based on SDN and NFV is
implemented on it because previous studies have not covered this area. This study proposed and
Figure 15: A general SDN based IOT framework with NFV implementation
The figure 15 by considering the studies on Internet of Things Architecture propose the
implementation of NFV on SDN based IOT architecture. Control layer have Internet of things
(IOT) servers which supports diversified applications and APIs. In the control layer the
distributed operating system based SDN controllers are placed. For the purpose of network data
forwarding the distributed operating system supports the centralized control along with the
understanding of the Internet of things (IOT) in the network environment which is physically
distributed. The Internet of things (IOT) gateways and SDN switches are placed on infrastructure
layer for the purpose to access diversified IOT devices like the sensors and RFIDs via control
interface of data plane. It is crucial to have effective distributed operating system that can run the
proposed SDN (software defined network) IOT framework/ architecture. Being on the control
plane the distributed operating system work as mind of Software defined network based Internet
of things (IOT) framework where implementation of NFV is happening. It further provides the
centralized control and makes the IOT more visible. It is more of a challenge to design first and
then execute the distributed operating system which can handle the needs of diversified
In order to resolve this problem, the SDN associations like ONF and openFlow have
emphasized to standardize the APIs. The study of [31] proposed the NOSIX which help to
enhance performance of SDN switches and leads to portability of these switches. A light weight
layer based on portability for the Software defined network operating systems are providing in
NOSIX. The research of [32] and [33] discussed the critical issues and resolve these related to
35
availability, scalability and performance of a control plane based on software defined network.
The implementation and designing of the operating system based on SDN works for Internet of
things is in process.
36
6.1. Conclusion
The emphasize of this paper is to understand the types of DDOS attacks and
vulnerabilities which IOT devices demonstrates to the attackers along with weaknesses of the 5G
network which motivates the hackers to perform DDOS attacks on these networks. For the
prevention of DDOS attacks and Botnet attacks on 5G based Internet of things devices that are in
millions spreading across the world there is need to fully understand the architecture of IOT and
wireless networks. The ways attackers plan their attacks on IOT are also identified to prepare the
models and architecture which can stops these attacks and timely identifies the entrance of
hackers into networks. The model and architecture of NFV and SDN are proposed, implemented
and tested to make sure the security and prevention of DDOS attacks on the IOT devices are
stopped. The secure model is also made to make 5G networks more reliable, secure and stable
while hosting the IOT devices and controlling the traffic flow over it.
The development of layered architecture along with the programmable devices which
were open as well on diversified data levels were implemented as well. This study demonstrates
in detail the principle of design and architecture of network. Implementation of IOT architecture,
three kinds of tests and evaluation of the implementation and performance of tests are also done
in this study. Review of previous works on NFV implementation along with proposed brief
architecture of NFV on SDN networks are demonstrates. The of designing and implementing the
horizontal IOT solution based on SDN is that it supports the different services covering
diversified domains by facing different scenarios in work environment. The architecture which
was proposed not only helps to run IOT services but fast pace service provision is also ensured.
It further enables the reuse of data and devices on Internet of things infrastructure. The
37
evaluation process and implementation process confirms the feasibility and effectiveness of
using IOT architecture and implementation of NFC based on SDN.The additional security of
network is not emphasized on the proposed architecture but it is considerable thing that security
is an important aspect of Software defined network. Strict security procedures must be imposed
so that a more protected controller is ensured. Higher security also confirms the trust in entities
and help making strong policy in network operations, functions and security. In order to secure
the network availability, reliability and privacy of resources, data and information in an IOT
References
[1] K. York, Dyn statement on 10/21/2016 DDoS attack." Dyn Blog, October 2016.
[2] S. Hilton, Dyn Analysis Summary Of Friday October 21 Attack." Dyn Blog, Oct. 2016.
malwares," in Proceedings of the 1st International Conference on Se-curity, Privacy, and Trust
[4] M. Ballano, Is there an Internet-of-Things vigilante out there?." Symantec Blog, October
[5] W. Grange, Hajime worm battles Mirai for control of the Internet of Things." Symantec
[6] C. Cimpanu, New malware intentionally bricks IoT devices." Bleeping Computer, April
[8]V. Tikhvinsky, "5G and internet of things as next elements of mobile world", LastMile, vol.
[9]W. Ejaz, A. Anpalagan, M. Imran, M. Jo, M. Naeem, S. Qaisar and W. Wang, "Internet of
Things (IoT) in 5G Wireless Communications", IEEE Access, vol. 4, pp. 10310-10314, 2016.
39
Source:http://blog.level3.com/security/attack-of-things/
mitigating-ntp-based-ddos-attacks/.
[12] "Verisign Distributed Denial of Service Report Volume 3, Issue 2 - 2nd Quarter 2016," in
Verisign. Source:https://www.verisign.com/assets/report-ddos-trends-Q22016.pdf.
Source:https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/.
Source:https://krebsonsecurity.com/2016/09/alleged-vdos-proprietors-arrested-in-israel/.
Source:https://krebsonsecurity.com/2016/09/the-democratization-of-censorship/.
[16] R. Millman, "OVH suffers 1.1Tbps DDoS attack,"in News, SC Magazine UK, 2016.
Source:http://www.scmagazineuk.com/ovh-suffers-11tbps-ddos-attack/article/524826/.
[17] Sourcefire, Inc., Snort: An open source network intrusion detection and prevention
[18] M. Gil Perez and G. Bernini, Self-protection against botnet attacks -Solutions by 5G PPP
[19] W. Fan, D. Fernandez, and Z. Du, Versatile virtual honeynet management framework,
Jan. 2017.
40
[22] R. Jain and S. Paul,Network virtualization and software defined networking for cloud
computing: a survey,IEEE Communications Magazine, vol. 51, no. 11, pp. 24-31, Nov. 2013.
doi: 10.1109/MCOM.2013.6658648.
[23] Open Networking Foundation OpenFlowEnabled SDN and Net work Functions
https://www.opennetworking.org/images/stories/downloads/sdnresources/solutionbriefs/sb
[25] V. R. Tadinada,Software defined newtorks: redefining the future of internet in IoT and
cloud era,in Proc. International Conference on Future Internet of Things and Cloud, Barcelona,
[26] F. Hu, Q. Hao, and K. Bao,Survey on softwaredefined network and OpenFlow: from
concept to implementation,IEEE Communications Surveys & Tutorials, vol. 16, no. 4, pp.
algorithmic policies,in Proc. ACM SIGCOMM 2015, Hong Kong, China,pp. 87-98.
Symposium on Wireless Personal Multimedia Communications, Atlantic, USA, pp. 1-6, June,
2013.
[30] Z. Qin, G. Denker, C. Giannelli, et al.,A software defined networking architec ture for the
internetofthings,in Proc. IEEE Network Operations and Manage ment Symposium, Krakow,
[31] M. Raju, A. Wundsam, and M. Yu,NOSIX: a lightweight portability layer for the SDN
OS,ACM SIGCOMM Computer Communication Review, vol. 44, no.2, pp. 29-35, accessed
October 2017
[32] ONOS. (2015, Apr. 6). Raising the Bar on SDN Control Plane Performance and Scalability
ONOSBlackbirdperformancegeneralaudienceApr7.pdf
[33] ONOS. (2015, Apr. 6). Raising the Bar on SDN Control Plane Performance, Scalability,
October 2017