The DAG blockchain: A secure edge assisted honeypot for attack detection and multi-controller based load balancing in SDN 5G

Software-defined networking (SDN) has increased the need for security due to the participation of illegitimate packets resulting from poor processing times and inadequate resource utilizations. In recent days, wireless 5G users, e.g., Internet of Things (IoT) users, have accessed networks from great distances due to their mobility, which requires multiple handovers between communication technologies. However, the process generates illegitimate packets due to connectivity changes. This paper addresses the security issue by using a modified blockchain and handover authentication. The access points (APs) in the infrastructure plane authenticate the 5G users with a hash generation using their identities and pseudo IDs with a lightweight QUARK algorithm. If an excessive number of users are connected with the same AP, then the users’ handover is performed by edge servers based on probabilities. In the data plane, OpenFlow switches perform a flow rule validation and a honeypot implementation for performing the packet validation. Classification of packets into normal, malicious and suspicious packets is also performed at the edge server using a capsule neural network (CapsNet). Deployment of NFV-enabled virtual switches (vSwitch) reduces switch overloading based on the load threshold. For faster validation, a directed acyclic graph (DAG) is implemented at the control plane to store the hashed credentials of the users for authentication and the hashed flow rules for flow rule validation. Suspicious packet validation is performed at the control plane by the controller using the Soft Actor–Critic (SAC) algorithm, and the Honey Badger Optimization algorithm (HBO) is used to select an optimal underloaded controller for efficient load balancing. This model is developed in NS-3, and the results show that our model outperforms the existing approaches in terms of QoS metrics such as bandwidth, response time, delay and packet loss, and security metrics such as detection accuracy and authentication time.