Cyber Threat Intelligence for Proactive Defense against Adversary in SDN-assisted IIoTs context

6:34 24/11/2022

In large-scale networks like the Industrial Internet of Things (IIoT), it is more important to monitor and enforce the security policy within an appropriate time due to the continuous widespread of cyberattacks. This is a tough challenge in traditional network architecture; thus, each network element's network management is unsuitable for a dynamic network with diverse types of devices in IIoT. In this context, Software-Defined Networking (SDN) is considered as enabling technology for flexible network management through programmability from a centralized controller. This work performs an experimental study on applying Cyber Threat Intelligence (CTI) to consecutively update the signatures of malicious actors from threat-hunting organizations to prepare the network defense strategy for IIoT networks. Such intelligence of network defenders from CTI is used as indicators to uncover the presence of malicious actors in the network. They are promptly transformed to security flow rules by the OpenFlow application through the SDN controller. The experimental results on the SDN environment show that this approach can help automatically generate and enforce security policy to protect the large-scale network against adversaries efficiently.

The diverse landscape of network models, including Software-Defined Networking (SDN), Cloud Computing (C2), and Internet of Things (IoT), is evolving to meet the demands of flexibility and performance. However, these environments face numerous security challenges due to cyber-attack complexity. Traditional defense mechanisms are no longer effective against modern attacks. Therefore,...
As data driven-based Windows malware detectors become increasingly prevalent, the need for robust evaluation and enhancement of adversarial malware generation techniques also becomes imperative, as malicious actors will adapt and enhance their malware to evade detection. There are numerous works that introduce new techniques or enhancements for adversarial malware. One...