This document provides an overview of software defined networking (SDN) and its relevance to internet of things (IoT) security. It begins by defining SDN and IoT individually, noting the growth of IoT devices. It then discusses using SDN architecture to implement IoT security, with a centralized SDN controller managing network elements. The document outlines an IoT security architecture that uses an anomaly detection engine and openflow switches to detect intrusions and mitigate attacks by blocking malicious flows. It also discusses different anomaly detection and mitigation methods that could be used. Overall, the summary discusses how SDN principles can be applied to enhance IoT security management and monitoring in a centralized, programmable way.

1. Prepared By:
Dr Amit Agrawal
ECEDept,BIET, Hyderabad
1

2. Introduction to Software
Defined Networking(SDN)
.

3. Overview
1. What is SDN?
2. Alternative APIs: XMPP, PCE, ForCES, ALTO
3. RESTful APIs and OSGi Framework
4. OpenDaylight SDN Controller Platform and Tools
Note: This is the third module of four modules on OpenFlow,
OpenFlow Controllers, SDN and NFV in this course.

4. Origins of SDN
 SDN originated from OpenFlow
 Centralized Controller
 Easy to program
 Change routing policies on the fly
 Software Defined Network (SDN)
 Initially, SDN=
 Separation of Control and Data
Plane
 Centralization of Control
 OpenFlow to talk to the data plane
 Now the definition has changed
significantly.
Application
Network Controller
Overlay (Tunnels)
Application
Switch Switch … Switch
…
Northbound
API
Southbound
API
OpenFlow

5. What is SDN?
 All of these are mechanisms.
 SDN is not a mechanism.
 It is a framework to solve a set of problems  Many solutions
SDN = Separation of
Control and
Data Planes
SDN=OpenFlow SDN = Centralization
of control plane
SDN=Standard
SouthboundAPI

6. Original Definition of SDN
“What is SDN?
The physical separation of the network control plane from the
forwarding plane, and where a control plane controls several
devices.”
1. Directly programmable
2. Agile: Abstracting control from forwarding
3. Centrally managed
4. Programmatically configured
5.Open standards-based vendor neutral
The above definition includes How.
Now many different opinions about How.
SDN has become more general. Need to define by What?

7. What = Why We need SDN?
http://www.cse.wustl.edu/~jain/cse570-13/
16-7
1. Virtualization: Use network resource without worrying about
where it is physically located, how much it is, how it is
organized, etc.
2. Orchestration: Should be able to control and manage
thousands of devices with one command.
3. Programmable: Should be able to change behavior on the fly.
4. Dynamic Scaling: Should be able to change size, quantity
5. Automation: To lower OpEx minimize manual involvement
 Troubleshooting
 Reduce downtime
 Policy enforcement
 Provisioning/Re-provisioning/Segmentation of resources
 Add new workloads, sites, devices, and resources

8. Why We need SDN? (Cont)
6. Visibility: Monitor resources, connectivity
7. Performance: Optimize network device utilization
 Traffic engineering/Bandwidth management
 Capacity optimization
 Load balancing
 High utilization
 Fast failure handling
8. Multi-tenancy: Tenants need complete control over their
addresses, topology, and routing, security
9. Service Integration: Load balancers, firewalls, Intrusion
Detection Systems (IDS), provisioned on demand and placed
appropriately on the traffic path

9. Why We need SDN? (Cont)
http://www.cse.wustl.edu/~jain/cse570-13/
16-9
10. Openness: Full choice of “How” mechanisms
 Modular plug-ins
 Abstraction:
 Abstract = Summary = Essence = General Idea
 Hide the details.
 Also, abstract is opposite of concrete
 Define tasks by APIs and not by how it should be done.
E.g., send from A to B. Not OSPF.
Ref: http://www.networkworld.com/news/2013/110813-onug-sdn-275784.html
Ref: Open Data Center Alliance Usage Model: Software Defined Networking Rev 1.0,”
http://www.opendatacenteralliance.org/docs/Software_Defined_Networking_Master_Usage_Model_Rev1.0.pdf

10. SDN Definition
 SDN is a framework to allow network administrators
to automatically and dynamically manage and control
a large number of network devices, services,
topology, traffic paths, and packet handling (quality of
service) policies using high-level languages and APIs.
Management includes provisioning, operating,
monitoring, optimizing, and managing FCAPS (faults,
configuration, accounting, performance, and security)
in a multi-tenant environment.
 Key: Dynamic  Quick
Legacy approaches such as CLI were not quick
particularly for large networks

11. Examples Alternative APIs
 Southbound APIs: XMPP (Juniper), OnePK (Cisco)
 Northbound APIs: I2RS, I2AEX, ALTO,
 Overlay: VxLAN, TRILL, LISP, STT, NVO3, PWE3,
L2VPN, L3VPN
 Configuration API: NETCONF
 Controller: PCE, ForCES

12. XMPP
 Extensible Messaging and Presence Protocol
 Extensible  Using XML
 Similar to SMTP email protocol but for near real-time
communication
 Each client has an ID, e.g., john@wustl.edu/mobile (John’s
mobile phone)
 Client sets up a connection with the server  Client is online
 Presence: Server maintains contact addresses and may let other
contacts know that this client is now on-line
 Messaging: When a client sends a “chat” message to another
clients, it is forwarded to these other clients
 Messages are “pushed” ( real-time) as opposed to “polled” as
in SMTP/POP emails.
Client Client
…
Server Server
Client Client
…
Ref: P. Saint-Andre, et al., “XMPP: The Definitive Guide,” O’Reilly, 2009, 320 pp., ISBN:9780596521264 (Safari Book)

13. SDN Controller Functions
RESTfulAPI OSGi Frameork
PCEP SMTP XMPP BGP OpenFlow
V1.0
OpenFlow
V1.1
OpenFlow
V1.4
Network Element Network Element Network Element
Controller API (Java, REST)
Controller
Service Abstraction Layer (SAL)
Southbound
Protocols
Network
Elements
Overlay Tunnels (VxLAN, NVGRE, …)
Network Service Functions Network Orchestration
Function
Management
Function
Slicing
Manager
Topology
Manager …
Host
Tracker
Protocol
Plug-ins
Northbound
APIs
Ref: T. Nadeau and K. Gray, “SDN,” O’Reilly, 2013, 384 pp, ISBN:978-1-449-34230-2 (Safari Book)

14. Prepared By:
Dr Amit Agrawal
ECEDept,BIET, Hyderabad
1
4

15. Motivation: Why SDN in
IOT?
Really?
??
15

16. Outline
16
Introduction
1. State of the art
Internet of Things
Software Defined Networking
Security applied in Internet of
Things
2. IoT Security with SDN
3. Experimental results
4. Conclusions and future lines

17. Planning of the Master
Thesis
Begin:
July
2015
Novembe
r 2015
Januar
y
2016
SDN,
IOT,
Algorithm
s
,
Methods
SDNPy,tIOhoT
,n,
AlgoMritinhimnest,,
MOpeethnodday
sligh
t
Octobe
r
2015
Security
algorith
m
End:
Februar
y 2016
17
Agil
e

18. IoT is here now and Growing!
Cisco: “50 billions smart devices by 2020”
HP: “A couple of security concerns on a single device such as a mobile phone
can quickly turn to 50 or 60 concerns when considering multiple IoT devices in
an interconnected home or business.”
Mario Campolargo, DG
Connect, European
Commission:
“IoT will boost the economy
while improving our citizens’
lives. In order to enable a fast
uptake of the IoT, key issues
like
18
an
d
identification,
privacy
security and
semanti
c
interoperability have to
be
tackled. “

19. Internet of Things
(IoT)
ITU-IoT: “global infrastructure for the information society, enabling
advanced services by interconnecting (physical and virtual) things
based on existing and evolving interoperable information and
communication technologies”
Sensors
Gateway
s
Actuator
s
WS
N
IoT
applications
 Smart Cities
 Smart
Lighting
 Air pollution
 Smart roads
 River floods
 …
19

20. Sofware Defined
Networking
SDN: viable alternative network architecture that splits the network control and
forwarding functions enabling the network control to become directly
programmable and the underlying infrastructure to be abstracted for
applications and network services.
SDN architecture
- Directly programmable
- Agile
- Centraly managed
- Programmatically
configured
- Open standards based
and Vendor neutral
20

21. SDN
Controller
SW1
CISC
O
SW2
Alcat
el
SW3
Junip
er
ADMI
N
21

22. OpenFlo
w
OpenFlow: provides an open protocol to program the flow-table in different
switches and routers and establish a shared management of the traffic flow.
For example, a network administrator can partition traffic into production and
research flows.
Communication of OF Switch with a Controller
- Flow Table with an action
associated to each flow entry, to tell
the switch to process the flow
- Secure channel connects the switch
to a remote control process (called
the controller)
- The OpenFlow Protocol, which
provides an open and standard way for
a controller to communicate with a
switch.
22

23. IoT Security
Architecture
Malware
Monitor
Generic Architecture Network
Intrusion Detection System
(ANIDS)
-Anomaly detection engine: detects
any occurence of intrusion either
online or offline.
-Pre-processing: misuse
detection aproach
-Matching mechanism: attacks can
be detected using anomaly-based
approach
- Elastic load balancer: network
traffic slicing – SDN controller
-Detectors: OF_SW inspect each
packet received and mantain flow
statistics
-Decision module: performs
correlation
between flows to detect attacks.
23

24. IoT Security
Architecture
Simplified model of Architecture Intrusion Detection
System
24
- Collector module: collects flow and periodically export it to Anomaly Detection
module
-Anomaly Detection module: for every time window this module inspects the
flows received from the Collector modules
-Anomaly Mitigation module: neutralize indentified attacks, inserting flow-entries
in the flow table of the of the Open Flow switch in order to block the undesired
attacks

25. Anomaly detection and
mitigation
Anomaly
detection
methods
- Statistical methods and systems
- Classification-based methods and systems
- Clustering and Outlier-based methods and
systems
- Soft computing methods and systems
- Knowledge-based methods and systems
Anomaly
mitigation
methods
- Rate Limitting : regulation of the rate at which flows
are allowed to inject packets into the network
25
- Flow interruption : the flow rule is directly removed
from
the SDN
controller

26. IoT Security with SDN
26

27. IoT Security
architecture
SDN/NFV Edge
Node
Temperatur
e Sensor
Air
pollution
Sensor
27
Gateway
s
Standar
d
Deviatio
n
Condition

28. Prepared By:
Dr Amit Agrawal
ECEDept,BIET, Hyderabad
2
8

29. ANALYTICS FOR IOT: MAKING SENSE OF DATA
FROM SENSORS
Muralidhar Somisetty, CTO, Innohabit
Technologies
Feb 17,
2017
IIoT Course @ IISc
CCE

30. Our Vision & Mission: “Innovation as Habit”
We Innovate by building Compelling Products.
We Build Other’s Innovations with our Technical Competencies and Cutting-Edge Solutions.
We Offer Business Services by setting up and operating
businesses. We Trigger Innovations through Start-up
Mentoring programs.
Making Ideas
Actionable
A Contextual Intelligence Platform
with Machine Learning Analytics
to offer solutions for IoT, Retail
and Enterprises.
A SaaS Product for Product
Leaders. India’s First Product
Management Software in the
market.
(Cisco)
Predictive
Network
Health
Analytics
(Cisco)
Smart
Waste
Manageme
nt
with IoT/Analytics.
Muralidhar Somisetty
Technologist, Entrepreneur, Product Evangelist, Mentor and Certified Yoga Instructor.
Current (Work): CTO, Innohabit Technologies. Member, IEEE Computer Society, Bangalore.
Past (Work) : Senior Engineering and Product Management Leader at Cisco Systems, India.
Education: B.Tech,ECE (NIT @ Warangal) & M.S Computer Science (University of Illinois @ Urbana
Champaign)
Experience: Telecom, OSS, SaaS, Network Analytics, Machine Learning(ML) & Internet-of-Things
(IoT).

31. OurCompany Vision and Mission
We Build
Amazing
Products
Innovative
We Setup
Businesses
Build, Operate and
Transfer
We Build
Your
Innovations
Partner for
Solutions
We Trigger
Innovations
Mentoring
Innovators
“Innovation is our
Habit”

32. IMAGINE: WHAT IF THINGS START TO
THINK

33. 5
http://cdn2.hubspot.net/hubfs/338908/images/Blog_Pictures/Humor_in_IoT
.jpg

34. What is Human Perceptionof IntelligentThings?
Internet of
Things
Digital
Human
Artificial
Intelligence
A Boon?
A Threat?
An
Opportunity?

35. Is Artificial Intelligence
an Angel or
Demon?

36. EthicalAI :Efforton tomakeAI an Angel.
Source:
OpenAI.com

37. Letus stepbackand go throughthejourney….
What is Big-Data?
What is Data Analytics?
How BI, Analytics & AI are related to each other?
What is the role of Analytics in IoT?
What is the Value of Analytics in
Industrial IoT?

38. “Welcome to the Internet of Customers. Behind every app, every device, and every connection, is a
customer. Billions of them. And each and every one is speeding toward the future.” Salesforce.com

39. BIG-DATA
Big data is the term for a collection of data sets so large and complex
that it becomes difficult to process using on-hand database
management tools or traditional data processing applications.
Social
Media
Mobil
e
Internet of
Things /
Sensors
Video and
Media We
b
Clou
d

41. Volume(Scale)
13
From 0.8 zettabytes to 35.2 Zettabytes of data
Earthscope:
67 terabytes of
data
LHC: 15 petabytes of
data
Imagine the volume of data from
104
satellites launched by ISRO…

43. HOW BIG-DATAIS DIFFERENTFROM TRADITIONALDATABASE?
• Structured /Relational Data
• Cost goes up with data
size/growth
• Well defined models & schemas
• ERP, CRM, SCM, BI, App data
Traditional data management
Big
Data
• Unstructured data
• Scaling at low costs
• Flexibility and complex
analytics
• Distributed processing

44. WHAT IS DATAANALYTICS?
Data Analytics is the science (and art!) of applying statistical
techniques to large data sets to obtain actionable insights for
making smart decisions.
It is the process to uncover hidden patterns, unknown correlations,
trends, and any other useful business information
It is Business Intelligence on steroids.

45. How BI,Analytics,DataScience arerelated?

46. Value (Tiers) of DataAnalytics

47. “It is the intelligence of machines and the branch of computer science that aims to
create it. It
is the study and design of intelligent agents, where an intelligent agent is a system that
perceives it environment and takes actions to maximize the chances of success.”

48. Branches of Artificial
Intelligence

49. Machine Learning
A subfield of computer science (CS) and artificial intelligence (AI) that deals with the
construction and
study of systems that can learn from data, rather than follow only explicitly programmed
instructions.”

51. 14/05/2016
Startup Product
Management
23
Man Vs
Machine

52. BIG-DATA VENDOR
LANDSCAPE
Structure
d
Commerci
al
Open
source
Unstructure
d
(RDBM
S)
(NoSQL
DB)

53. IOT  ANALYTICS TECHNOLOGY/VENDOR
CHOICES

54. Retail
e r
Syste
m s
Data
Sourc
es
Data
Integratio
n
Data
Storag
e
Data
Analyti
cs
Data
Visualizatio
n/ Insights
POS
Data
NFC
Tags
IoT
Sens
or s
Brand
Partners
Bluetoot
h
Beacon
s
Wi-
Fi
Publi
c
Data
Customer
s
Data
Connectors
ETL
Jobs
API
s
Streaming Data
Queues
NoSQ
L
Big-
Data
Traditional Data
warehouse (Like
Oracle, Teradata)
Streaming, Analytics
Engine
Machine
Learning
Analytical
Models
Deep
Learning
Visualization
Tools
Dwell-Time
Analysis
FootFall
Demographics Campaign
Effectiveness
A Typical Big-Data Analytics Technology
Stack

55. UNDER-THE-HOOD OF BIG-DATAANALYTICS

57. MLAlgorithms Mind Map:
When to choosewhat?
Source: http://scikit-
learn.org/

58. 16
14/05/20
3
0
Tools and Frameworks for Machine/Deep
Learning

59. Analytics in
IoT
DIVERSE
APPLICATIONS

60. Source: IoT World Forum (IBM,
Cisco)
IOT Reference
Model

61. Analogy between Human Body and
CognitiveIoT

62. Why is Analytics important in IoT
context?
Making sense from endless sea of data
from
sensors is humanly impossible.
 (Automate) Decision Making
 Operations Efficiency
 Preventive Maintenance
 Supply Chain Optimization
 Competitive Edge
 OPEX Savings
 …
 …

63. When AI meets
IoT
Artificial Intelligence provides us the framework and tools to go
beyond trivial real-time decision and automation use cases for IoT.

64. Home Automation:Autonomous Vacuum
Cleaners
• Learns Home Layout and Remembers It.
• Adapts to Different Surfaces or New Items
• Improvises on movement pattern for efficiency
• Knows when to recharge and automatically
docks itself
• Smart IoT Device controlled via remote
MobileApp
• Piezoelectric , Optical Onboard Sensors
• Employs Machine Learning to Adapt and
Improvise.
Machine Learning in Action

65. Smart Retail: Brick is the IoT AND Mortar is Data
Analytics
Source: Cisco IoT Retal White
Paper

66. Autonomous Cars
• Computer Vision / Neural
Networks
• Deep Learning in Action
SmartTransportation

67. Analytics for IndustrialIoT

68. Source: McKinsey Industry
4.0

69. AI to IA: Value of Data Analytics in
Industrial IoT
In the industrial space, there is a great deal of interest in using analytics to optimize asset maintenance,
production operations, supply chain, product design, field service, and other areas.

70. TopAnalyticsApplicationsinIndustrialIoT
Top-
3
Source: https://iot-analytics.com/product/industrial-analytics-report-
201617/

71. BenefitsofAnalyticsAdoptioninIndustrialIoT
Top-
3
Source: https://iot-analytics.com/product/industrial-analytics-report-
201617/

72. “Thecars are going around thetrack withthousands ofsensors and everytimeitgoes past the pit
wall they download a load ofdata, and therace engineers tellthedriver how to drive in
response tothat data. That’swhat we’ve got todo toour factories, weneed tohave that pit
wall somewhere tomake sure that your machinery, your systems are working better than the
nextguy’s.”
- Ken Young, ManufacturingTechnology Centre, UK

73. THANK
YOU
Thoughts/Questions
Welcome
muralidhars@innohabit.co
@muralidhar