Low-speed internet can negatively impact incident response by causing delayed detection, ineffective response, poor collaboration, inaccurate analysis, and increased risk. Slow internet speeds can delay the receipt and analysis of data, making it difficult for security teams to access the relevant information and take action, leading to a fragmented and inadequate response. All of these factors can increase the risk of data breaches and other security incidents and their impact on IoT-enabled communication.
1. Introduction
Slow internet speeds during an incident response time can be caused by obsolete technology, network congestion, and a large number of network-connected devices
[1]. This can result in slow download and upload speeds, high latency, and poor network stability, which can significantly impact the incident response
[2]. Slow internet can lead to delayed response times, missed opportunities, customer dissatisfaction, and decreased productivity for the IoT devices
[3]. Several solutions are available to address the issue of slow internet speeds in incident response. One solution is to use software-defined networking (SDN), which can improve the network efficiency, flexibility, and scalability for the IoT devices
[4]. SDN allows for the centralized management of network resources, which can lead to a more efficient use of the available bandwidth
[5]. Additionally, upgrading hardware and software and optimizing network configurations are effective ways to enhance network performance
[6]. Another promising solution to improve internet speed is the use of virtual network functions (VNFs), which can be deployed on virtual machines to optimize the network infrastructure and enhance the overall network performance
[7]. VNFs enable organizations to scale and manage their network resources effectively, allocate resources more efficiently, and improve network performance for IoT devices
[8]. Internet speed is crucial in incident responses; however, a slow internet connection can result in sluggish reaction times, missed opportunities, unhappy clients, and diminished productivity. The causes of slow internet connections include outdated hardware, network congestion, and a large number of devices connected to a network
[9]. Improving incident response times requires finding practical solutions for sluggish internet speeds. It is anticipated that the deployment of 6G covers the development of many new technologies and improves internet connection. Furthermore, 6G will perform a revolutionary role for new technologies such as smart surfaces, zero-energy IoT devices, advanced AI techniques, AI-powered automated devices, potential quantum computing systems, humanoid robots, AI-driven air interfaces, and self-sustained networks. Moreover, future trends of digital societies, such as massive AI and self-sustained networks, will also benefit from 6G
[10]. Therefore, 6G is attractive to numerous applications, including UAV-based mobility, smart Grid 2.0, connected autonomous vehicles (CAV), hyper-intelligent healthcare, collaborative robots, Industry 5.0, Digital Twin, and Extended Reality. These applications might support many stakeholders and call for various levels of 6G security requirements. The security requirements and problems in 6G may vary greatly due to the novelty of these application domains and the potent adversaries. A federated-learning supported intrusion detection system (FSIDS) makes use of 6G-enabling technologies such software -defined networking, mobile edge computing, and network function virtualization
[11]. DeepVulSeeker is a completely automated vulnerability identification platform that uses both code graph structures and semantic elements to find vulnerabilities. However, existing methods experience shortcomings
[12].
2. Machine Learning as a Solution for Software-DNefined Networking-Based Intrusion Detection
Abubakar and Pranggono
[20][13] proposed machine learning as a solution for SDN-based intrusion detection and prevention. They further explored and highlighted the benefits and challenges of the proposed approach. They concluded that although machine learning can improve the accuracy of intrusion detection and reduce false positives, challenges related to scalability and training data availability still exist. Ahmed et al.
[21][14] proposed VNF chaining and network slicing as possible solutions. The authors also mentioned their respective benefits and limitations. Research on the VNF sphere was introduced by Wang and Zhao
[22][15], who explored the use of edge computing to improve network performance and address the challenges of latency and bandwidth requirements in incident responses. The authors provided an overview of edge computing architectures, applications, and challenges, highlighting their potential to improve incident response times and reduce network congestion. Karakus and Durresi
[23][16] contributed to the development of QoS in SDN networks and identified its potential to improve network performance and response times. They explored various QoS techniques and their effectiveness in addressing network congestion and improving the QoS in SDN. Another relevant study introduced by Li et al.
[24][17] focused on blockchain-based collaborative software-defined networking (BCSDN) The authors proposed the use of blockchain technology in SDN to improve network security and reduce the risk of cyberattacks. They discussed the potential benefits of blockchain in providing a tamper-proof record of network activities and enhancing incident response capabilities. Yang et al.
[25][18] provided an overview of current developments in network function virtualization (NFV) resource allocation. The authors generalized and examined four typical resource allocation issues: the VNF placement issue, the VNF placement and traffic routing problem, the VNF redeployment and consolidation issue, and the NFV traffic routing issue. Following that, two crucial quality of service (QoS) parameters—delay calculation models and VNF protection (availability) models—are investigated in NFV resource allocation.
Xu et al.
[26][19] proposed a hybrid-assisted dynamic intrusion detection system (HADIDS) for improving network performance. This
presea
per rch focused on the potential benefits of hybrid cloud computing in terms of scalability and cost efficiency and discussed the challenges related to security, privacy, and interoperability. Research in the sphere of VNF by Basu et al.
[27][20] addressed the problem of limited network capacity and storage that can hinder QoS in a network. To optimize the placement of VNF instances over the service function chains (SFCs) for superior service delivery, the authors proposed a dynamic VNF sharing approach called FlexShare-VNF. According to Kim and Kim’s
[28][21] research, the VNF placement approach was based on VNF characteristics and used information about each node’s resources to assign VNFs more efficiently. Furthermore, the authors suggested a method for identifying an appropriate node for placement through periodic searching of information concerning resource updates prior to VNF placement, subsequently assigning VNFs quickly upon request. Taniguchi and Shinomiya
[29][22] proposed virtualized networks to minimize computing and network resources in the event of VNF failures. The proposed method aims to ensure sustainability against multiple VNF failures, which can cause significant damage to the network, by minimizing the cost of computing and network resources. The integration of VNFs with SDN technology can significantly improve the performance and efficiency of 6G networks. By leveraging the flexibility and programmability of SDN, VNFs can be dynamically deployed and managed to meet the specific requirements of different network functions and services. This approach improves resource allocation, reduces network congestion, and enhances security by enabling the implementation of advanced network policies and protocols. Yao et al.
[30][23] proposed an anomaly detection with intrusion network framework (DINF). An anomaly detection approach leveraged both signature-based and anomaly-based techniques to enhance IoT devices. The authors recognized the limitations of using only one approach and suggested that combining them would lead to a more effective and efficient IDS. Their proposed system incorporated a signature-based approach to detect known attacks and an anomaly-based approach to identify unknown attacks. Zheng et al.
[31][24] proposed a solution to mitigate the security risks associated with the Internet of Things (IoT) by dynamically creating and deploying firewalls based on the network traffic patterns. The solution employs machine learning algorithms to analyze network traffic patterns and identify potential security threats. The identified threats are then mitigated by dynamically creating and deploying firewalls on the affected devices in the IoT network.
Table 1 shows comparison of the state-of-the-art approaches.