Industrial Cyber-Physical Systems (CPSs) require flexible and tolerant communication networks to overcome commonly occurring security problems and denial-of-service such as links failure and networks congestion that might be due to direct or indirect network attacks. In this work, we take advantage of Software-defined networking (SDN) as an important networking paradigm that provide real-time fault resilience since it is capable of global network visibility and programmability. We consider OpenFlow as an SDN protocol that enables interaction between the SDN controller and forwarding plane of network devices. We employ multiple machine learning algorithms to enhance the decision making in the SDN controller. Integrating machine learning with network resilience solutions can effectively address the challenge of predicting and classifying network traffic and thus, providing real-time network resilience and higher security level. The aim is to address network resilience by proposing an intelligent recommender system that recommends paths in real-time based on predicting link failures and network congestions. We use statistical data of the network such as link propagation delay, the number of packets/bytes received and transmitted by each OpenFlow switch on a specific port. Different state-of-art machine learning models has been implemented such as logistic regression, K-nearest neighbors, support vector machine, and decision tree to train these models in normal state, links failure and congestion conditions. The models are evaluated on the Mininet emulation testbed and provide accuracies ranging from around 91–99% on the test data. The machine learning model with the highest accuracy is utilized in the intelligent recommender system of the SDN controller which helps in selecting resilient paths to achieve a better security and quality-of-service in the network. This real-time recommender system helps the controller to take reactive measures to improve network resilience and security by avoiding faulty paths during path discovery and establishment.
Citation: Abhishek Savaliya, Rutvij H. Jhaveri, Qin Xin, Saad Alqithami, Sagar Ramani, Tariq Ahamed Ahanger. Securing industrial communication with software-defined networking[J]. Mathematical Biosciences and Engineering, 2021, 18(6): 8298-8313. doi: 10.3934/mbe.2021411
Industrial Cyber-Physical Systems (CPSs) require flexible and tolerant communication networks to overcome commonly occurring security problems and denial-of-service such as links failure and networks congestion that might be due to direct or indirect network attacks. In this work, we take advantage of Software-defined networking (SDN) as an important networking paradigm that provide real-time fault resilience since it is capable of global network visibility and programmability. We consider OpenFlow as an SDN protocol that enables interaction between the SDN controller and forwarding plane of network devices. We employ multiple machine learning algorithms to enhance the decision making in the SDN controller. Integrating machine learning with network resilience solutions can effectively address the challenge of predicting and classifying network traffic and thus, providing real-time network resilience and higher security level. The aim is to address network resilience by proposing an intelligent recommender system that recommends paths in real-time based on predicting link failures and network congestions. We use statistical data of the network such as link propagation delay, the number of packets/bytes received and transmitted by each OpenFlow switch on a specific port. Different state-of-art machine learning models has been implemented such as logistic regression, K-nearest neighbors, support vector machine, and decision tree to train these models in normal state, links failure and congestion conditions. The models are evaluated on the Mininet emulation testbed and provide accuracies ranging from around 91–99% on the test data. The machine learning model with the highest accuracy is utilized in the intelligent recommender system of the SDN controller which helps in selecting resilient paths to achieve a better security and quality-of-service in the network. This real-time recommender system helps the controller to take reactive measures to improve network resilience and security by avoiding faulty paths during path discovery and establishment.
[1] | K. D. Kim, P. R. Kumar, An overview and some challenges in cyber-physical systems, J. Indian Inst. Sci., 93 (2013), 341-352. |
[2] | G. Greenwood, J. Gallagher, E. Matson, Cyber-physical systems: the next generation of evolvable hardware research and applications, in 18th Asia Pacific Symposium on Intelligent and Evolutionary Systems, (2015), 285-296. |
[3] | H. He, C. Maple, T. Watson, A. Tiwari, J. Mehnen, Y. Jin, et al., The security challenges in the IoT enabled cyber-physical systems and opportunities for evolutionary computing other computational intelligence, in 2016 IEEE Congress on Evolutionary Computation (CEC), (2015), 1015-1021. |
[4] | H. Toral-Cruz, D. He, A. D. Mihovska, K. K. R. Choo, M. K. Khan, Reliable and Secure e-Health Networks, Wireless Pers. Commun., 117 (2021), 1-6. doi: 10.1007/s11277-021-08104-z |
[5] | P. Pandey, R. Litoriya, Securing e-health networks from counterfeit medicine penetration using blockchain, Wireless Pers. Commun., 117 (2021), 7-25. doi: 10.1007/s11277-020-07041-7 |
[6] | A. Khamparia, D. Gupta, V. H. C. De Albuquerque, Internet of health things-driven deep learning system for detection and classification of cervical cells using transfer learning, J. Supercomput, 76 (2020), 8590-8608. |
[7] | G. S. Aujla, R. Chaudhary, K. Kaur, S. Garg, N. Kumar, R. Ranjan, SAFE: SDN-assisted framework for edge-cloud interplay in secure healthcare ecosystem, IEEE Trans. Ind. Inf., 15 (2019), 469-480. doi: 10.1109/TII.2018.2866917 |
[8] | J. Li, J. Cai, F. Khan, A. U. Rehman, V. Balasubramaniam, J. Sun, et al., A secured framework for sdn-based edge computing in IOT-enabled healthcare system, IEEE Access, 8 (2020), 135479-135490. doi: 10.1109/ACCESS.2020.3011503 |
[9] | A. C. Baktir, C. Tunca, A. Ozgovde, G. Salur, C. Ersoy, SDN-based multi-tier computing and communication architecture for pervasive healthcare, IEEE Access, 6 (2018), 56765-56781. doi: 10.1109/ACCESS.2018.2873907 |
[10] | Y. Meng, Z. Huang, G. Shen, C. Ke, SDN-based security enforcement framework for data sharing systems of smart healthcare, IEEE Trans. Network Serv. Manage., 17 (2019), 308-318. |
[11] | Y. Li, Z. P. Cai, H. Xu, LLMP: exploiting LLDP for latency measurement in software-defined data center networks, J. Comput. Sci. Technol., 33 (2018), 277-285. doi: 10.1007/s11390-018-1819-2 |
[12] | M. J. F. Alenazi, J. P. G. Sterbenz, Evaluation an comparison of several graph robustness metrics to improve network resilience, 2015 7th International Workshop on Reliable Networks Design and Modeling (RNDM), (2015), 7-13. |
[13] | F. Morone, L. Ma, H. Makse, A. Scala, Enhancing network resilience via self-healing, in 2016 IEEE Workshop on Environmental, Energy, and Structural Monitoring Systems (EESMS), (2016), 1-5. |
[14] | A. Mauthe, D. Hutchison, E. K. Cetinkaya, I. Ganchev, J. Rak, James P. G. Sterbenz, et al., Disaster-resilient communication networks: Principles and best practices, in 2016 8th International Workshop on Resilient Networks Design and Modeling (RNDM), (2016), 1-10. |
[15] | M. Tanha, D. Sajjadi, J. Pan, Enduring node failures through resilient controller placement for software defined networks, in 2016 IEEE Global Communications Conference (GLOBECOM), (2016), 1-7. |
[16] | L. Ren, Y. Qin, B. Wang, P. Zhang, P. B. Luh, R. Jin, Enabling resilient microgrid through programmable network, IEEE Trans. Smart Grid, 8 (2017), 2826-2836. doi: 10.1109/TSG.2016.2589903 |
[17] | A. Modarresi, S. Gangadhar, J. P. G. Sterbenz, A framework for improving network resilience using SDN and fog nodes, in 2017 9th International Workshop on Resilient Networks Design and Modeling (RNDM), (2017), 1-7. |
[18] | H. Maziku, S. Shetty, Software defined networking enabled resilience for IEC 61850-based substation communication systems, in 2017 International Conference on Computing, Networking and Communications (ICNC), (2017), 690-694. |
[19] | A. Hussein, A. Chehab, A. Kayssi, I. H. Elhajj, Machine learning for network resilience: The start of a journey, in 2018 Fifth International Conference on Software Defined Systems (SDS), (2018), 59-66. |
[20] | R. H. Jhaveri, R. Tan, A. Easwaran, S. V. Ramani, Managing industrial communication delays with software-defined networking, in 2019 IEEE 25th International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA), (2019), 1-11. |
[21] | R. H. Jhaveri, R. Tan, S. V. Ramani, Real-time QoS routing scheme in SDN-based robotic cyber-physical systems QoS routing with SDN for manufacturing robotics, in 2019 IEEE 5th International Conference on Mechatronics System and Robots (ICMSR), (2019), 18-23. |
[22] | R. Sagar, R. Jhaveri, C. Borrego, Applications in security and evasions in machine learning: A survey, Electronics, 9 (2020), 97. doi: 10.3390/electronics9010097 |
[23] | S. P. R-M, P. K. R. Maddikunta, M. Parimala, S. Koppu, T. R. Gadekallua, C. L. Chowdhary, et al., An effective feature engineering for DNN using hybrid PCA-GWO for intrusion detection in IoMT architecture, Comput. Commun., 160 (2020), 139-149. doi: 10.1016/j.comcom.2020.05.048 |
[24] | C. Iwendi, M. A. Alqarni, J. H. Anajemba, A. S. Alfakeeh, Z. Zhang, A. K. Bashir, Robust navigational control of a two-wheeled self-balancing robot in a sensed environment, IEEE Access, 7 (2019), 82337-82348. doi: 10.1109/ACCESS.2019.2923916 |
[25] | J. H. Anajemba, T. Yue, C. Iwendi, M. Alenezi, M. Mittal, Optimal cooperative offloading scheme for energy efficient multi-access edge computation, IEEE Access, 8 (2020), 53931-53941. doi: 10.1109/ACCESS.2020.2980196 |
[26] | C. Iwendi, S. Khan, J. H. Anajemba, M. Mittal, M. Alenezi, M. Alazab, The use of ensemble models for multiple class and binary class classification for improving intrusion detection systems, Sensors, 20 (2020), 2559. doi: 10.3390/s20092559 |
[27] | T. R. Gadekallu, N. Khare, S. Bhattacharya, S. Singh, P. K. Maddikunta, I. Ra, et al., Early detection of diabetic retinopathy using PCA-firefly based deep learning model, Electronics, 9 (2020), 274. doi: 10.3390/electronics9020274 |
[28] | S. Bhattacharya, P. K. R. Maddikunta, Q. V. Pham, T. R. Gadekallu, C. L. Chowdhary, M. Alazab, et al., Deep learning and medical image processing for coronavirus (COVID-19) pandemic: A survey, Sustainable Cities Soc., 65 (2021), 102589. doi: 10.1016/j.scs.2020.102589 |