In the rapidly expanding world of Internet of Things (IoT) devices, the energy sector is increasingly leveraging these technologies to enhance efficiency and responsiveness in smart grids. However, this proliferation has also opened up new avenues for cyber threats, with IoT systems becoming prime targets for flow-based attacks such as Distributed Denial of Service (DDoS), scanning, spoofing, and data exfiltration. These attacks not only disrupt operations but also undermine the potential benefits of IoT technologies. Enter IoTShield, a groundbreaking defensive framework developed by Mah-Rukh Fida, a researcher at the School of Business, Computing and Social Sciences, University of Gloucestershire, Cheltenham, U.K.
IoTShield is a Software Defined Network (SDN) based dual-stage defensive framework designed to mitigate a variety of flow-based attacks targeting IoT systems. The framework leverages recent advancements in programmable networks, enabling each programmable switch within the connectivity layer of the network to identify a single attack category among prevalent attacks. “By deploying separate detectors for different attack categories on programmable data planes, we can significantly reduce false alarms and improve the overall security of IoT systems,” explains Fida.
The proof of concept, using the CICIoT2023 dataset, demonstrated that deploying separate detectors for DDoS and Web-based attack categories on programmable data planes reduces false alarms by 58% and 97%, respectively. Furthermore, a single DDoS attacks detector based on a lightweight Decision Tree (DT) model in the data plane achieved 80-99% accuracy in detecting different types of attack flows. Fine-grained classification is offloaded to the control plane, where a Convolutional Neural Network (CNN) classifier achieves 99% accuracy. IoTShield also significantly reduces the latency and load on the controller to perform attack detection, with only 0.14 milliseconds of additional median queuing delay.
The implications for the energy sector are profound. As smart grids become more interconnected and reliant on IoT devices, the need for robust security measures becomes paramount. IoTShield offers a promising solution to protect these critical infrastructures from cyber threats, ensuring the reliability and efficiency of energy systems. “This research not only advances the field of IoT security but also paves the way for more secure and resilient smart grids,” says Fida.
The research was recently published in the IEEE Access journal, a leading publication in the field of electrical engineering and computer science. This study represents a significant step forward in the ongoing effort to secure IoT systems and highlights the potential of programmable networks in enhancing cybersecurity. As the energy sector continues to embrace IoT technologies, innovations like IoTShield will be crucial in safeguarding these systems against evolving cyber threats.
The development of IoTShield is a testament to the power of in-network machine learning and programmable networks in addressing complex security challenges. As the field continues to evolve, we can expect to see more innovative solutions that leverage these technologies to protect critical infrastructures and ensure the reliability of IoT systems. This research not only shapes the future of IoT security but also underscores the importance of interdisciplinary collaboration in driving technological advancements.