Botnet Prevention using Blockchain for SDN based IoT Devices

doi:10.21203/rs.3.rs-5182918/v1

Download PDF

Research Article

Botnet Prevention using Blockchain for SDN based IoT Devices

https://doi.org/10.21203/rs.3.rs-5182918/v1

This work is licensed under a CC BY 4.0 License

Version 1

posted

You are reading this latest preprint version

The Internet of Things (IoT) sector is being targeted by increasing botnets that can disrupt networks. This paper solves this problem by introducing a Software Defined Networks (SDNs) and blockchain integrated system focused on blocking IOT device botnets, such as Mirai.

Their goal is to construct a model that combines the controllability of SDN with the unchangeable and distributed features in blockchain. It would detect botnet activities through network traffic analysis, improve security with blockchain and be a scalable solution for large networks of devices.

The efficacy of this model was tested in a simulated environment, which resembles actual network situations. Ryu controllers synced Open vSwitch instances with emulated IoT devices using a blockchain platform made of Hyperledger Fabric. Finally, testing was carried out in Mininet, for network emulation and also ger- mini, for botnet attack simulation. Ryu applications running over x-trust-domain interfaces were developed to capture and detect botnet behaviours; as necessary, they both dropped malicious packets and took enforcement actions.

The results proved the efficiency of the developed model to detect botnet attacks and to increase network security. Peripheral nature and scope of centralized model meant it could be deployed at a larger scale. This study paves the way for implementing proactive security solutions within IoT ecosystems.

Botnet

Prevention

Blockchain

SDN

Internet of Things

Cybersecurity

Botnets have the ability to create widespread data breach, and are masters at bypass- ing security protocols for carrying out brutal DDoS attacks Hayat et al (2022b)Ibrahim et al (2022a). With the rise in cyber threats there are defenses that we utilize and need to create new defenses but with constant vigilance Woodiss-Field et al (2024). It is targeted to develop a blockchain driven architecture in order to secure the IoT devices from the botnets using Blockchain technology [3] [4]. As a multi-layered secu- rity shield, Cyber Threats are kept at bay by blockchain technology Kumar et al (2022). Authors of Sˇarac et al (2021) treated it as a good barrier against cyber threats within our internet connected world.

We highlight the importance of collaboration between Software Defined Networking (SDN) and blockchain technology in this paper. The decentralization of blockchain can remove a single point of failure in SDN, leading to powerful defense Feng et al (2021)Mishra et al (2021). Our research is important given the 2016 Mirai botnet attack shut down a number of global ISPs [3]. Using blockchain can make these security measures faster Eustis (2019). Blockchain, by maintaining a precise and immutable ledger of account information quickly uncovers and remedies problems in the network, which enhances its resilience ABBASSI and Benlahmer (2022).

This post contains our commitment to blockchain that makes perfect sense on proof of thought and demonstration in network security improvement, securing cyber space etc. It intends to transform theoretical possibilities in revisable IoT deployments specifi- cally protecting IoT devices from botnet attacks in SDN based devices Shareef et al (2024). Theory paired with hands on “real world” cyber attacks in an environment simulated using simulation software.

The revolutionary blockchain framework to fight against Distributed Denial of Service (DDoS) attacks on Internet of Things (IoT)- based networks is presented in the cited study Ibrahim et al (2022b). The transaction is secured by combining decentralized Software-Defined Networking (SDN) and blockchain technology. Even with deploy- ment problems, such as scalability and privacy, the researchers adopted that ongoing research can advance technology.

BlockBot: An Architecture for Blockchain Based Botnet Detection in IIoT- salim2022blockchain BlockBot: An Architecture for Auditable and Trustworthy BotNet Detection in Industrial IoTs Salim et al (2022). Even though it is not easy to combine blockchain and IIoT; the authors stress how mature security methods are riddled with shortcomings, and elaborate some of them that transfer benefits includ- ing blockchain-integrated federated learning.

The work in Shafi and Basit (2019) addresses a new technique to fight against DDos

Botnet attacks on IOT based devices. An effective defense against these is to quickly transfer the data into a blockchain-based system of storage as soon as an attack has taken place. The case has attracted academic interest towards a possible role for blockchain in controlling DDoS attacks.

Rathore et al (2019) presents a decentralized security model for IoT networks based on blockchain known as BlockSecIoTNet approach. Ahmed et al (2019) covers different security strategies in blockchain and tributes to the vulnerability of scalability before finding a solution for privacy and seriousness.

The detection study of securing IoT from mirai bot attacks using blockchain was dis- cussed in Hayat et al (2022a)’s article, as they used blockchain derived digital leger. It touches on IoT security measures and recognizes integration difficulties.

SDN and blockchain-based IoT multi-levelsecurity solution Roy and Srirama (2022). A study by Asif et al (2022) suggests a model combining machine learning, blockchain, and SDN to deal with botnet attacks.

Blockchain and reputation-based systems for botnet detection in Internet of Things networks Khan et al (2022) strategy. The research in Ahsan et al (2022) proposes how blockchain can be helpful for preventing Botnet activity and shows the implications of botnet mitigation with Blockchain.

This research presents new approach to defense against malicious computer systems, with particular reference to the Internet of Things (IoT). The strategy intercon- nects software-defined networking (SDN) and blockchain technology to harness SDNs’ unparalleled network management skills on the one hand, and secure, user-friendly features rooted in blockchains on the other.

That being said, the fundamental innovation of this approach is combining blockchain techonology with SDN management to form a fortified defensive tool for the probable botnet threats. As shown in Figure 1,the expression was quite constant among differ- ent sublines Centralised control, As we all know being having centralised brain, SDN completely mitigates the problem of securing the whole IoT network from a single point. This central framework allows security protocols to be quickly enforced across all connecting devices.

The blockchain model presented in the research of this paper is planned to be com- patible with the SDN controller. This necessitates the need of linking SDN controllers to blockchains for credible authentication. This configuration further helps to control activities in the network system, thereby promoting security by scrutinizing functions and prescribing regulations. This allows the SDN controller to auto-trigger and isolate compromised devices or shutdown harmful traffic using whatever actions is supported by the underlying network if any malicious activities detected through the blockchain. Powered by decentralized record-keeping technology and cutting-edge cryptographic tools, blockchain form this new method for data storing across devices environment safely and securely. This creates a high level of stability and security in storage as well as the management.

Instead, we solve the problems associated with traditional hierarchies commonly exploited as insecure ratlines. We hope to do so by embedding protocol auditable smart contracts, which list and authenticate all SDN controllers in our network. Every controller would have a specific ID that is registered on the blockchain, which guar- antee only legitimate devices to commit network operations.

The security protocols for the established blockchain model are engaged in case of a risk to botnet attack. Smart contracts by themselves are embed software defined network- ing (SDN) controllers that take autonomous action within a set of SDN infrastructure. Such responses could involve quarantining infected devices, blocking malicious traffic or notifying security admins for additional security countermeasures.

3.1 Evaluation Metrics

It addresses an approach to lighten the above issues in the Internet of Things (IoT) backdrop on harmful computer systems, encasing equally Network Management and User friendly but secure characteristics of Software Defined Networking (SDN) and Blockchain technology respectively. Based on that strategy, integration of SDN and blockchain has the potential to be a robust countermeasure to future botnet threats. SDN provides central controllers over the network and protection for each inimpla- mented security protocol.

The blockchain model is running well with the SDN controller, which it regularly checks network operations and imposes rules to eliminate threats. Powered by a set of strong cryptographic algorithms, Blockchain relies on decentralized ledger system to create a structured framework for storing data securely.

To fix one of the most serious issues of traditional hierarchical systems, our approach puts into practice smart contracts to record and validate all SDN controllers (regis- tered with their unique ID on the blockchain). This configuration limits the entry of only permitted devices to the network.

If it detects a botnet attack, the blockchain model triggers security protocols. In this scenario, the SDN controllers that work within smart contracts take actions necessary to mitigate an incident: such as isolating compromised devices, dropping malicious traffic or notifying network security administrators.

Let’s dive deeper to unveil the efficiency of our network design. Its intricate nature should be explored to cover more nuanced points all lovingly crafted. It should yield for us a careful design, deliberate test and an outstanding output through sheer hardwork. See Figure 2 That prominent mask yields a much stronger explanation — the next most complete version on this topic. The design is strategic, with unique details. And the Awareness Diagram provides a likely framework to unlock that understanding — breaking down what we know in useful ways, helping us discover new insights. It is certainly going to help in breaking out the whole topic just to become less complex.

The initial round of testing was a controlled packet transmission from many hosts to switches and was designed to make sure the system actually works. Figure 3, the initial success.

We decided to pursue a high-containment clinical trial. To explore high data transfer, we used a popular network emulator called Mininet and artificially pushed its limits to simulate some serious cyberattack scenarios as if they were really happening in production on top of a set of 4 devices custom fit for the task. Undertaking this rigorous work increased the quality of our study and improved its intensity making it even higher than expected. The strides we have made in these areas are the start of our next endeavors to combating enduring cyber threats.

Figure 4 demonstrates that our findings are reliable and valid, as reflected in suc- cessive Figure. The experiment was so sophisticated that the focused devices were isolated from all the network core, thus we maintained for ourselves only a drama of cyber threats but confirmed our model resistant against it. This somehow proves our model is capable of a flag capturing and botnet chaos preventing operation against modern cyber threats.

After comprehensive testing, we then conducted a thorough preliminary analysis of our network system to determine if it was operational and available. It was a key-job to achieve our main target-network optimization that most thoroughly checked every network components.

Full-end audit of the Open vSwitch (OVS) database to characterize the network behavior and identify possible security vulnerabilities.

As expensive as the audit was in terms of human resources, it provided insights into the network architecture showing interfaces, ports and how they worked with each other. It also provided visibility into what units controlled the flow entries of network switches.

Therefore, with due care each piece of information was gathered, clearly documented and illustrated in the form of charts as presented in Figure 5.

In this demonstration, we provide an evidence using our approach by implementing a novel blockchain and Software-Defined Networking (SDN) to network protection for improving the security status of variable IoT environment based on our recent study. Trusted to fight botnet threats by large scale trials, it separates the vulnerable IoT devices from other part of networks so as to increase the security status and maintain its continuous operation.

The findings of the paper provide support towards operationalization of the presented theoretical concepts, and seed demonstration our approach’s efficacy for attacking botnet threats with respect their realization in SDN-IoT infrastructure based on Blockchain technology.

A smart defense against botnet threats depends on the ability of control systems to accurately recognize devices with anomalous rate of data transmission – a fundamental feature of our security model.

4.1 Detection Rate

Here the first botnet detctection rate was almost 60%. This improved considerably to 95% by employing blockchain with Software-Defined Networking (SDN). This is primarily due to of the industry’s circuit breaker SDN on network control and security, as well as the decentralization, integrity, privacy center block chain. Thus data were collected to provide an indication of all aspects incorporated in the figure, this is a intentional step by step process as presented in Figure 6.

4.2 Network Traffic

With SDN integration, our network traffic analysis went from 500 Mbps to only 350 Mbps, a 30% decrease. This gives you a lot more potential for flexibility and adds in some real time inspections. Blockchain technology also has a security aspect to tighten network security, so that it can reduce the occurrence of botnet at its source. you can see in 7.

4.3 DDoS Attacks

Botnet and DDoS Attacks have been grossly reduced, and this type of enforcement- model does wonderfully in making network security effective. Post-mitigation, daily DDoS Attacks reduced to 3 from 15 per day. This is further depicted in Figure 8, which also shows how the model normalized DDoS Attacks.

4.4 Flow Rule

With adding blockchain technology, we have decreased the time required for updating rules by a factor of 2 — 10 seconds to 5 seconds per rule. Automations of these aspects by FTISCON has allowed us to accelerate such operations include authenticating smart contracts and validating rules via blockchain consensus, which drives efficient, secure rule execution. An illustrative example is provided in Figure 9.

4.5 Security Compliance

After conducting a comprehensive test we can now confirm the extra-secure 95% effi- ciency offered by way of this colored coin-enhanced blockchain model. It serves as a powerful protection system against botnets for IoT devices to work efficiently. This high level of performance is clearly demonstrated in Figure 10.

4.6 Unauthorized Access

Blockchain provides Decentralization, Immutable Records, and Data Verification as its core features making the number of unauthorized network access attempted weekly reduces from 200 to 50 only. This high performance is shown in Figure 11.

4.7 System Performance

According to our analyses, we see a small (between 0.5 and 1.0) increase in latency, which is an acceptable trade-off for the great security improvements against botnets achieved by implementing SDN on the IoT networks. This can be seen by referring to Figure 12.

4.8 Packet Loss

As a result, our implementation of the system witnessed a drastic reduction in package loss from 2.5% to only 0.01%, thus establishing the robustness and practicability of the system in traffic management with blockchain technology. These represent a special to bring the security of the complete system up and even in an automatic way to traffic management. The performance gained is shown in 13.

Our security measures are designed to be botnet resistant and provide device-specific threat protection for IoT. By utilising blockchain technology, we remove the single point failure risk — conspiracy — hence providing integrity of data like no other. Our process uses smart contracts to automatically trigger security measures, which can decrease the time-to-response and optimize for efficiency. This would make use of SDNs centralized control, harnessing blockchain decentralized trust to result in a resistible security measure for IoT devices.

In this article, we provide the first security investigation on IoT SDN-based devices in the face with the emerging botnet threat. In this work, we present an innovative security scheme to combine SDN and blockchain technology. The idea, in short, is to anticipate botnet attacks and eliminate them efficiently before any damage is done.

Using blockchain technology in our new SDN model, we propose a novel botnet defence solution. This demonstrates its agility and flexibility, making it perfect for the fast- growing IoT industry. Our model works on blockchain but more importantly, it acts as a trust enhancing, experience improving and a security layer for users.

Testing the model in a large IoT environment and other use case of detecting hidden botnet attacks has proved that this model is viable, as ISPs can then have “A New Partner” to help them minimize their risk. This has wide-ranging implications for a future that will have more secure and resilient IoT ecosystems — turning the robust cybersecurity system from a want to an urgent need as connected devices grow.

We have a long-term solution for that, which could minimize threats and save IoT in the future. It is a revolution in technology that literally creates our world and the way we participate in it. Supporting our model to help community adoption will provide good protection for this ongoing transformation.

Funding

Not applicable

Conflict of interest/Competing interests

Not applicable

Ethics approval and consent to participate

Not applicable

Consent for publication

Not applicable

Data availability

Not applicable

Materials availability

Not applicable

Code availability

Not applicable

Author contribution

Not applicable

ABBASSI Y, Benlahmer H (2022) Bcsdn-iot: Towards an iot security architecture based on sdn and blockchain. International journal of electrical and computer engineering systems 13(2):155–163
Ahmed Z, Danish SM, Qureshi HK, et al (2019) Protecting iots from mirai botnet attacks using blockchains. In: 2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), IEEE, pp 1–6
Ahsan M, Khan MK, Umair M (2022) A blockchain-based botnet prevention system for sdn-based iot networks using machine learning. IEEE Access 10:1–1. https:// doi.org/10.1109/ACCESS.2022.3151238
Asif M, Khan MA, Khan MA (2022) Blockchain-based collaborative botnet detec- tion and mitigation system for sdn-enabled iot networks. Journal of Net- work and Computer Applications 202:105038. https://doi.org/https://doi.org/10. 1016/j.jnca.2022.105038, URL https://www.sciencedirect.com/science/article/pii/ S1084804522003585
Eustis AG (2019) The mirai botnet and the importance of iot device security. In: 16th International Conference on Information Technology-New Generations (ITNG 2019), Springer, pp 85–89
Feng H, Yan X, Zhou N, et al (2021) A cross-domain collaborative ddos defense scheme based on blockchain-sdn in the iot. In: Proceedings of the 2021 ACM International Conference on Intelligent Computing and its Emerging Applications, pp 77–82
Hayat RF, Aurangzeb S, Aleem M, et al (2022a) Ml-ddos: A blockchain-based mul- tilevel ddos mitigation mechanism for iot environments. IEEE Transactions on Engineering Management pp 1–1. https://doi.org/10.1109/TEM.2022.3151236
Hayat RF, Aurangzeb S, Aleem M, et al (2022b) Ml-ddos: A blockchain-based mul- tilevel ddos mitigation mechanism for iot environments. IEEE Transactions on Engineering Management
Ibrahim M, Hanif M, Ahmad S, et al (2022a) Sdn based ddos mitigating approach using traffic entropy for iot network. CMC Comput Mater Contin 70:5651–5665
Ibrahim RF, Abu Al-Haija Q, Ahmad A (2022b) Ddos attack prevention for internet of thing devices using ethereum blockchain technology. Sensors 22(18):6806
Khan MA, Asif M, Khan MA (2022) A blockchain-based botnet mitigation system for sdn-enabled iot networks using reputation. IEEE Access 10. https://doi.org/10. 1109/ACCESS.2022.3151237
Kumar R, Kumar P, Tripathi R, et al (2022) A distributed intrusion detection system to detect ddos attacks in blockchain-enabled iot network. Journal of Parallel and Distributed Computing 164:55–68
Mishra A, Gupta B, Perakovi´c D, et al (2021) Defensive approach using blockchain technology against distributed denial of service attacks. In: International Conference on Smart Systems and Advanced Computing (Syscom-2021)
Rathore S, Kwon BW, Park JH (2019) Blockseciotnet: Blockchain-based decentralized security architecture for iot network. Journal of Network and Computer Applications 143:167–177
Roy DG, Srirama S (2022) A blockchain-based cyber attack detection scheme for decentralized internet of things using software-defined network. Soft- ware: Practice and Experience https://doi.org/https://doi.org/10.1002/ spe.3039, URL https://onlinelibrary.wiley.com/doi/abs/10.1002/spe.3039, https://onlinelibrary.wiley.com/doi/pdf/10.1002/spe.3039
Salim MM, Comivi AK, Nurbek T, et al (2022) A blockchain-enabled secure digital twin framework for early botnet detection in iiot environment. Sensors 22(16):6133
Sˇarac M, Pavlovi´c N, Bacanin N, et al (2021) Increasing privacy and security by inte- grating a blockchain secure interface into an iot device security gateway architecture. Energy Reports 7:8075–8082
Shafi Q, Basit A (2019) Ddos botnet prevention using blockchain in software defined internet of things. In: 2019 16th international Bhurban conference on applied sciences and technology (IBCAST), IEEE, pp 624–628
Shareef SK, Chaitanya RK, Chennupalli S, et al (2024) Enhanced botnet detection in iot networks using zebra optimization and dual-channel gan classification. Scientific Reports 14(1):17148
Woodiss-Field A, Johnstone MN, Haskell-Dowland P (2024) Examination of tradi- tional botnet detection on iot-based bots. Sensors 24(3):1027

The authors declare no competing interests.

Download PDF

Version 1

posted

You are reading this latest preprint version

Botnet Prevention using Blockchain for SDN based IoT Devices

Status:

Version 1

Abstract

Figures

1 Introduction

2 Related Work

3 Methods

3.1 Evaluation Metrics

4 Results

5 Conclusion

Declarations

References

Additional Declarations

Status:

Version 1