Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Internet of Things (IoT) DDoS attack defense method and device based on SDN, equipment and medium

An IoT device and IoT technology, applied in the field of network security, can solve the problems of high cost and poor DDoS attack defense effect, and achieve the effect of increasing flexibility, improving defense effect, and reducing defense cost.

Inactive Publication Date: 2018-06-01
SHENZHEN UNIV
View PDF8 Cites 26 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to provide an SDN-based Internet of Things DDoS attack defense method, device, equipment and medium, aiming to solve the problem of poor defense effect and high cost of DDoS attacks in the Internet of Things environment

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Internet of Things (IoT) DDoS attack defense method and device based on SDN, equipment and medium
  • Internet of Things (IoT) DDoS attack defense method and device based on SDN, equipment and medium
  • Internet of Things (IoT) DDoS attack defense method and device based on SDN, equipment and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0028] figure 1 The implementation process of the SDN-based Internet of Things DDoS attack defense method provided by Embodiment 1 of the present invention is shown. For the convenience of description, only the parts related to the embodiment of the present invention are shown, and the details are as follows:

[0029] In step S101, the SDN IoT gateway collects network traffic sent by different IoT device nodes in the IoT, and sends the network traffic to the SDN controller cluster.

[0030] In the embodiment of the present invention, the Internet of Things where the SDN Internet of Things gateway is located is composed of SDN application servers, SDN controller clusters, SDN Internet of Things gateways, SDN switches, and IOT devices (Internet of Things devices, such as smart terminals, sensors), etc., Among them, the SDN IoT gateway is used to manage the routing between IOT devices, and the SDN controller cluster is used to manage the routing between different SDN IoT gateways...

Embodiment 2

[0045] Figure 5 The structure of the SDN-based Internet of Things DDoS attack defense device provided by Embodiment 2 of the present invention is shown. For the convenience of description, only the parts related to the embodiment of the present invention are shown, including:

[0046] The traffic collection unit 51 is used for the SDN IoT gateway to collect the network traffic sent by different IoT device nodes in the IoT, and send the network traffic to the SDN controller cluster.

[0047] In the embodiment of the present invention, the Internet of Things where the SDN Internet of Things gateway is located is composed of SDN application servers, SDN controller clusters, SDN Internet of Things gateways, SDN switches, and Internet of Things devices. Routing between networked devices, SDN controller clusters are used to manage routing between different SDN IoT gateways, between SDN IoT gateways and SDN switches, and between different SDN switches, different SDN IoT gateway mana...

Embodiment 3

[0058] Figure 6 The structure of the SDN-based Internet of Things DDoS attack defense device provided by Embodiment 3 of the present invention is shown. For the convenience of description, only the parts related to the embodiment of the present invention are shown, including:

[0059] The identity verification unit 61 is configured to perform identity verification on the Internet of Things device node by the SDN Internet of Things gateway when the Internet of Things device node is detected.

[0060] The connection establishment unit 62 is configured to establish a connection with the IoT device node when the SDN IoT gateway successfully verifies the identity of the IoT device node.

[0061] In the embodiment of the present invention, when the SDN Internet of Things gateway detects an IoT device node, the SDN Internet of Things gateway performs identity verification on the Internet of Things device (for example, through the physical fingerprint of the Internet of Things device...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention is applicable to the technical field of network security, provides an Internet of Things (IoT) DDoS attack defense method based on an SDN, an IoT DDoS attack defense device based on theSDN, equipment and a medium. The method comprises the steps as follows: an SDN IoT gateway collects network traffic sent by different IoT equipment nodes in the IoT where the SDN IoT gateway is located, and sends the collected network traffic to an SDN controller cluster; the SDN controller cluster sends the network traffic to an SDN application server; the SDN application server analyzes the network traffic, and sends an analysis result to the SDN controller cluster when the condition that an DDoS attack exists in the IoT is analyzed; and the SDN controller cluster coordinates the SDN IoT gateway to remit the DDoS attack in the IoT according to the analysis result. Therefore, the effect of defending with the DDoS attack under the IoT environment is effectively improved, and the flexibility of defense configuration is improved, and the defense cost is reduced.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to an SDN-based Internet of Things DDoS attack defense method, device, equipment and medium. Background technique [0002] Distributed denial of service (DDoS) attack is a common type of network attack. It uses client / server technology to combine multiple computers as an attack platform to launch DDoS attacks on one or more targets, thereby multiplying The power of denial of service attacks. With the development of cloud computing, the number of IoT devices is huge, and IoT devices have poor virus defense capabilities and strong destructive power after failure. These characteristics provide a hotbed for DDoS attacks. That is to say, in the IoT environment, IoT The huge number of networked nodes and IoT devices affect all aspects of real life, making DDoS attacks in the IoT environment more threatening and have a wider impact. [0003] For DDoS attacks, traditi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/0428H04L63/10H04L63/1408H04L63/1433H04L63/1458H04L67/10
Inventor 闫巧黄文耀罗旭鹏
Owner SHENZHEN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products