MP-GUARD: A novel multi-pronged intrusion detection and mitigation framework for scalable SD-IoT networks using cooperative monitoring, ensemble learning, and new P4-extracted feature set

Faculty Computer Science Year: 2024
Type of Publication: ZU Hosted Pages:
Authors:
Amir El Sayed Godaa Hassan
Journal: Computers and Electrical Engineering ELSEVIER Volume:
Keywords : MP-GUARD: , novel multi-pronged intrusion detection , mitigation    
Abstract:
The ever-increasing complexity of the Internet of Things (IoT) environment demands robust and adaptable intrusion detection frameworks, as existing approaches struggle with real-time traffic analysis, limited scalability, and static feature sets. This paper introduces MP-GUARD, a novel framework that leverages Software-Defined Networking (SDN), machine learning (ML), and a multi-controller architecture to address these challenges. MP-GUARD tackles multi-pronged intrusion attacks in IoT networks by offering real-time intrusion detection, collaborative traffic monitoring, and multi-layered attack mitigation. It achieves this through two core modules: P4-Assisted Cooperative Traffic Monitoring (CTM-P4) and Multi-Pronged Intrusion Detection and Mitigation (MPIDM). CTM-P4 facilitates real-time communication among multiple controllers, enabling dynamic feature extraction leveraging the interconnected state tables within P4-enabled switches. This module introduces a new 22-feature set (12 extracted and 10 computed) for comprehensive network analysis. MPIDM leverages the detailed network insights from CTM-P4 for attack identification and prevention. It introduces Stacked Ensemble Learning with Dynamic P4-Based Feature Selection (SELDP4-FS), achieving exceptional performance with 99.32 % accuracy, 99.24 % F1-score, and 0.49 % false positive rate. Additionally, MPIDM boasts efficient response and detection times of 16ms and 11ms, respectively. Beyond accuracy, MP-GUARD demonstrates significant advantages in terms of scalability and efficiency. The multi-controller architecture offers a 65 % reduction in overhead compared to single-controller setups. Furthermore, this work introduces the Mean Accuracy Steadiness Level (MASL) metric to assess model stability under varying traffic conditions. By combining P4-based feature extraction, dynamic feature selection, cooperative monitoring, ensemble learning, and a multi-controller architecture, MP-GUARD presents a significant contribution to IoT security, offering a scalable and adaptable solution for securing future SD-IoT deployments against evolving threats.
    
     
 
       

Author Related Publications

  • Amir El Sayed Godaa Hassan, "FOUR-PHASE PROTOCOL FOR DETECTION, DELETION, PROTECTION AND RECOVERY FROM AUTORUN VIRUS", Journal of Theoretical and Applied Information Technology, 2018 More
  • Amir El Sayed Godaa Hassan, "FOUR-PHASE PROTOCOL FOR DETECTION, DELETION, PROTECTION AND RECOVERY FROM AUTORUN VIRUS", Journal of Theoretical and Applied Information Technology, 2018 More
  • Amir El Sayed Godaa Hassan, "P4-HLDMC: A Novel Framework for DDoS and ARP Attack Detection and Mitigation in SD-IoT Networks Using Machine Learning, Stateful P4, and Distributed Multi-Controller Architecture", MDPI, 2023 More
  • Amir El Sayed Godaa Hassan, "FMDADM: A Multi-Layer DDoS Attack Detection and Mitigation Framework Using Machine Learning for Stateful SDN-Based IoT Networks", IEEE, 2023 More
  • Amir El Sayed Godaa Hassan, "LBTMA: An integrated P4-enabled framework for optimized traffic management in SD-IoT networks", ELSEVIER, 2024 More

Department Related Publications

  • Hosam Rada mohamed abdel megeed hawash, "Federated Threat-Hunting Approach for Microservice-Based Industrial Cyber-Physical System", IEEE, 2022 More
  • Hosam Rada mohamed abdel megeed hawash, "Explainability of artificial intelligence methods, applications and challenges: A comprehensive survey", Elsevier Inc, 2022 More
  • Hosam Rada mohamed abdel megeed hawash, "STLF-Net: Two-stream deep network for short-term load forecasting in residential buildings", Elsevier, 2022 More
  • Ibrahiem Mahmoud Mohamed Elhenawy, "Applying apache spark on streaming big data for health status prediction", TECH SCIENCE PRESS, 2022 More
  • Mustafa Khamis Baz Ramadan, "An Efficient method for choosing most suitable cloud storage provider reducing top security risks based on multi-criteria neutrosophic decision making", An Efficient method for choosing most suitable cloud storage provider reducing top security risks based on multi-criteria neutrosophic decision making, 2017 More
Tweet