A scalable security approach for IoT networks: Blockchain and anomaly-based IDS on hardware accelerators

cb
Thumbnail Image
Files
NgoDM_PhD2024.pdf(5.39 MB)
Full Text E-thesis
Date
2024
Authors
Ngo, Duc-Minh
Journal Title
Journal ISSN
Volume Title
Publisher
University College Cork
Published Version
Research Projects
Organizational Units
Journal Issue
Abstract
Cybersecurity plays a crucial role in today's interconnected world as cyber threats continue to rise. Moreover, with the ever-increasing dependence on digital infrastructure across industries, organizations must develop robust cybersecurity measures to detect and mitigate network attacks. This thesis studies Machine Learning and Distributed-ledger Technology to detect and mitigate network attacks in IoT networks using hardware accelerator platforms. This study researches a scalable security approach for IoT networks from the edge to the cloud, combining Blockchain technology and anomaly-based Intrusion Detection Systems. From the top-down view, the cloud layer operates a Blockchain network containing smart contracts for securely managing IoT devices. At the device layer, machine learning models are trained to detect network attacks using hardware accelerators, including GPUs (Graphics Processing Units) and FPGAs (Field-Programmable Gate Arrays). The research highlights three main key findings. Firstly, smart contracts can manage network states efficiently and consistently by recording events on a distributed ledger. The data on a Blockchain are immutable and accessible from the Internet. The Blockchain's key contribution is to ensure data integrity, providing scalability and flexibility to the network at an abstract level. Secondly, machine learning models can detect unseen attacks and achieve high detection rates. Thirdly, lightweight machine learning models can be accelerated on FPGAs, significantly reducing overhead and adapting in high-speed, real-time network environments with minimum latency. The first implemented prototype has achieved accuracies of 98.57% and 99.66% on the UNSW-NB15 and IoT-23 datasets, respectively. The inference engine was tested on different platforms: CPU, GPU, AI-microcontroller, and FPGA. In particular, the machine learning models are optimized on FPGA, resulting in a speedup compared to other platforms. The prototype FPGA-based Gateway was deployed on the Alveo U280 card (NetFPGA-PLUS) to evaluate the proposed architecture. The artificial neural network models have achieved the highest processing speed at 20Gbps with a packet loss rate of approximately 0.13%. The convolutional neural network models have produced a maximum processing speed of 8.38 Mbps, corresponding to 16,895 packets per second. The proposed approach offers innovative, scalable security solutions for IoT networks that can be mapped to the latest computing architectures.
Description
Keywords
Network architecture , Scalable security , IoT access control , Blockchain , Smart contracts , Neural networks , Hardware accelerators , NetFPGA
Citation
Ngo, D-M. 2024. A scalable security approach for IoT networks: Blockchain and anomaly-based IDS on hardware accelerators. PhD Thesis, University College Cork.
Link to publisher’s version
URI
https://hdl.handle.net/10468/17907
Collections
Research Theses
College of Science, Engineering and Food Science - Doctoral Theses
Electrical and Electronic Engineering - Doctoral Theses
Insight Centre for Data Analytics - Doctoral Theses
Copyright
© 2024, Duc-Minh Ngo.