Internet of Things (IoT) has become a point of attraction to the industry and academia recently. The IoT is becoming popular because of the lesser prices and easy availability of smart devices. The IoT network consists of heterogeneous devices with limited computational and power resources, and not equipped dynamically to respond to abnormalities. Besides, some of the IoT nodes in an IoT network are attached with vulnerabilities. To ensure the security for such types of IoT networks, we propose a reactive defense mechanism and integrated proactive defense mechanism of an software- defined IoT (SD-IoT) network. The reactive defense mechanism provides the maximum number of hard to exploit vulnerable IoT nodes along the path to the base station, after reconfiguration. To reconfigure the IoT network topology, we develop and implement a reconfiguration algorithm, using the software-defined networking (SDN) controller. The algorithm reconfigures the topology, when the intrusion is detected in the IoT network.

In the integrated proactive defense mechanism, we use cyber deception along with the Moving Target Defense (MTD). The cyber deception includes the decoy system and attracts the attacker towards itself. On the interaction of the attacker, the decoy system captures the intentions of the attacker. The MTD makes the attack surface hard by shuffling the connections between IoT nodes. To analyze the effectiveness of our proposed defense mechanisms, we measure the security metrics using the Hierarchical Attack Representation Model (HARM).

The results of our reactive defense mechanism and integrated proactive defense mechanism show the increase in attack efforts.

In summary, the contributions of the thesis are; 1) To develop a reactive defense mechanism and reconfiguration algorithm to changes the IoT network topology on intrusion detection and to calculate the mean-time-to- compromise (MTTC) security metric that shows the effectiveness of our defense mechanism; 2) To develop an integrated proactive defense mechanism, implement the cyberdeception and MTD as defense strategies, develop, implement and calculate the security metrics (i.e., Attack Path Variation, Attack Path Exposure, mean-time-to-security-failure and Defense cost) to show the effectiveness of our defense mechanism.