International Journal of Electrical and Computer Engineering (IJECE) Vol. 10, No. 3, June 2020, pp. 3166~3175 ISSN: 2088-8708, DOI: 10.11591/ijece.v10i3.pp3166-3175  3166 Journal homepage: http://ijece.iaescore.com/index.php/IJECE Ransomware protection in loT using software defined networking Azka Wani 1 , S. Revathi 2 1 Department of Computer Applications, Crescent B S Abdur Rahman Institute of Science and Technology, India 2 Department of Computer Science and Engineering, Crescent B S Abdur Rahman Institute of Science and Technology, India Article Info ABSTRACT Article history: Received Mar 23, 2019 Revised Dec 8, 2019 Accepted Jan 7, 2020 Internet of things (IoT) is the network of physical objects connected to provide various services. IoT is expanding rapidly, and is positively influencing many areas. The impact of IoT is evident in medical field, manufacturing units and livestock. The IoT is also vulnerable to many cyber threats, owing to its limited resources and battery operation. In contemporary times the security threats like DDoS, botnet malware, man in the middle, flood attacks and ransomware are affecting the smooth functioning of IoT. Ransomware has emerged as one of the biggest threat in cyber world. Ransomware is a type of malware that stops the access to files by encrypting them and decrypts the files only when a ransom is paid. The negligence towards the IoT ransomware can result in disastrous outcomes. In this paper, the growth of ransomware attacks for past few years is shown with special focus on ransomwares threatening IoT. A detection mechanism for IoT ransomware attack is presented that is designed after study of ransomware for IoT. The proposed model monitors the incoming IoT traffic through Software Defined Network (SDN) gateway. It uses policies framed in SDN controller for detection and alleviation of ransomware in IoT. Keywords: CoAP Crypto ransomware IoT OpenFlow Ransomware Copyright © 2020 Institute of Advanced Engineering and Science. All rights reserved. Corresponding Author: Azka Wani, Department of Computer Applications, Crescent B S Abdur Rahman Institute of Science and Technology, Vandalur, Chennai- 600048, India. Email: graceazka@gmail.com 1. INTRODUCTION The Internet of Things (IoT) is formed by connecting physical devices. The IoT devices include ordinary objects from day to day life, which interact with each other to make human lives easier. The IoT devices are deployed at various environments for automation and smart data transfer from one IoT domain to another with least or no human intervention [1]. IoT devices are setup in places like homes, offices, hospitals, vehicles, roads, markets and industries etc [2, 3]. IoT has undoubtedly led to the innovation of smart world but IoT devices are highly vulnerable to a wide range of attacks. An indirect communication of individual to individual smart devices also makes IoT vulnerable to a range of attacks [4]. The security measures in IoT and the resistance of IoT devices against the recent attacks is one of the major concern faced by IoT [5]. IoT security has been in news recently, due to DDoS, botnet, malware and ransomware attacks on IoT devices[6]. The early variants ransomware first came up in the late 1980s [7]. The newer versions of ransomware have been around for a couple of years and lately have posed a big threat for IoT as well [8, 9]. Ransomware is a combination of ransom and malware. Ransomware encrypts the personal files of a victim and makes those unusable, allows decryption and release of the files after a ransom is paid to the ransomware creator. The attacker through cryptocurrency or credit card asks for the payment of ransom. Ransomware attacks are becoming stronger and it is hard to devise a prevention method. IoT devices, which already have