VI. CONCLUSIONS
In this paper, we describe a general framework for SD-IoT composed of an SD-IoT controller pool with controllers, SD-IoT switches integrated with the IoT gateway, and terminal IoT devices. Then, we propose an algorithm for detecting and mitigating DDoS attacks with the proposed SD-IoT framework. In the proposed algorithm, we obtain the threshold value of the cosine similarity of the vectors of the packet-in rate at the ports of the SD-IoT boundary switches; we use the threshold value to determine whether a DDoS attack has occurred, find the real DDoS attacker, and block the DDoS attack at the source. Finally, the simulation results show that the proposed algorithm can find the IoT device from which a DDoS attack is launched within a shorter time period, quickly handle and mitigate the DDoS attack, and ultimately improve the unveiled glaring vulnerabilities in IoT, in which the terminal devices have computational and memory requirement constraints. Future work will focus on how to proactively defend against DDoS attacks in SD-IoT. In addition, dynamic load-balancing algorithms in the controller pool will be designed and implemented, and more efficient algorithms for detecting and mitigating DDoS attacks based on the SD-IoT framework will be investigated.
