MP-GUARD: A novel multi-pronged intrusion detection and mitigation framework for scalable SD-IoT networks using cooperative monitoring, ensemble learning, and new P4-extracted feature set

Faculty Computer Science Year: 2024
Type of Publication: ZU Hosted Pages:
Authors:
Wael Said AbdelMageed Mohamed
Journal: Computers and Electrical Engineering ELSEVIER Volume:
Keywords : MP-GUARD: , novel multi-pronged intrusion detection , mitigation    
Abstract:
The ever-increasing complexity of the Internet of Things (IoT) environment demands robust and adaptable intrusion detection frameworks, as existing approaches struggle with real-time traffic analysis, limited scalability, and static feature sets. This paper introduces MP-GUARD, a novel framework that leverages Software-Defined Networking (SDN), machine learning (ML), and a multi-controller architecture to address these challenges. MP-GUARD tackles multi-pronged intrusion attacks in IoT networks by offering real-time intrusion detection, collaborative traffic monitoring, and multi-layered attack mitigation. It achieves this through two core modules: P4-Assisted Cooperative Traffic Monitoring (CTM-P4) and Multi-Pronged Intrusion Detection and Mitigation (MPIDM). CTM-P4 facilitates real-time communication among multiple controllers, enabling dynamic feature extraction leveraging the interconnected state tables within P4-enabled switches. This module introduces a new 22-feature set (12 extracted and 10 computed) for comprehensive network analysis. MPIDM leverages the detailed network insights from CTM-P4 for attack identification and prevention. It introduces Stacked Ensemble Learning with Dynamic P4-Based Feature Selection (SELDP4-FS), achieving exceptional performance with 99.32 % accuracy, 99.24 % F1-score, and 0.49 % false positive rate. Additionally, MPIDM boasts efficient response and detection times of 16ms and 11ms, respectively. Beyond accuracy, MP-GUARD demonstrates significant advantages in terms of scalability and efficiency. The multi-controller architecture offers a 65 % reduction in overhead compared to single-controller setups. Furthermore, this work introduces the Mean Accuracy Steadiness Level (MASL) metric to assess model stability under varying traffic conditions. By combining P4-based feature extraction, dynamic feature selection, cooperative monitoring, ensemble learning, and a multi-controller architecture, MP-GUARD presents a significant contribution to IoT security, offering a scalable and adaptable solution for securing future SD-IoT deployments against evolving threats.
    
     
 
       

Author Related Publications

  • Wael Said AbdelMageed Mohamed, "A big data approach to sentiment analysis using greedy feature selection with cat swarm optimization-based long short-term memory neural networks", Springer Nature, 2018 More
  • Wael Said AbdelMageed Mohamed, "Improving the reconstruction of dental occlusion using a reconstructed‑based identical matrix point technique", Springer Nature Switzerland AG, 2021 More
  • Wael Said AbdelMageed Mohamed, "Connection-Adjustable Network Slicing Process for Heterogeneous Service Handling in Real-Time Applications", American Scientific Publishers, 2022 More
  • Wael Said AbdelMageed Mohamed, "Space Division Multiple Access for Cellular V2X Communications", Tech Science Press, 2022 More
  • Wael Said AbdelMageed Mohamed, "A Multi-Factor Authentication-Based Framework for Identity Management in Cloud Applications", Tech Science Press, 2021 More

Department Related Publications

  • Osama Mohamed Abdelsalam Ahmed Elkomy, "MT-nCov-Net: A Multitask Deep-Learning Framework for Efficient Diagnosis of COVID-19 Using Tomography Scans", IEEE, 2021 More
  • Osama Mohamed Abdelsalam Ahmed Elkomy, "Two-Stage Deep Learning Framework for Discrimination between COVID-19 and Community-Acquired Pneumonia from Chest CT scans.", ELSEVIER, 2021 More
  • Osama Mohamed Abdelsalam Ahmed Elkomy, "Efficient model for emergency departments: Real case study", Computers, Materials and ContinuaComputers, Materials and Continua, 2022 More
  • Ehab Roshdy Mohamed, "SEMANTIC REPRESENTATION OF MUSIC DATABASE USING NEW ONTOLOGY-BASED SYSTEM", Journal of Theoretical and Applied Information Technology, 2020 More
  • Khalied Mohamed Hosny, "SEMANTIC REPRESENTATION OF MUSIC DATABASE USING NEW ONTOLOGY-BASED SYSTEM", Journal of Theoretical and Applied Information Technology, 2020 More
Tweet