Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Detection method, defense method and detection device for Internet of Things DDoS based on distributed machine learning and block chain, and storage medium

A machine learning and detection device technology, applied in the field of data processing, can solve the problems of insufficient DDoS traffic identification and filtering efficiency, insufficient early warning of similar attacks, etc., to achieve improved identification accuracy, low hardware performance requirements, and iterative optimization Effect

Active Publication Date: 2021-08-06
NORTHEAST FORESTRY UNIVERSITY
View PDF7 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Although the above method can intercept some DDoS targeting the Internet of Things environment, and introduces the block chain to realize the sharing of malicious attack information, there are still some problems, such as the identification and filtering efficiency of DDoS traffic is not high enough, and the shared information is not enough to enable Other edge nodes give early warning to similar attacks, etc.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Detection method, defense method and detection device for Internet of Things DDoS based on distributed machine learning and block chain, and storage medium
  • Detection method, defense method and detection device for Internet of Things DDoS based on distributed machine learning and block chain, and storage medium
  • Detection method, defense method and detection device for Internet of Things DDoS based on distributed machine learning and block chain, and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0049] Embodiment one, refer to figure 1 , Figure 3-Figure 4 , illustrating this embodiment, a method for detecting DDoS in the Internet of Things based on distributed machine learning and blockchain, comprising the following steps:

[0050] Step 1, the traffic monitoring and filtering module obtains the traffic input by the edge node, and judges whether the traffic is an abnormal connection, if so, execute step 3, if not, execute step 2;

[0051] Among them, the traffic monitoring and filtering module can capture and analyze traffic, capture data packets flowing through the network card, and filter abnormal traffic by establishing rules.

[0052] Among them, the establishment rules specifically include:

[0053] Step 11, within a unit time, if a source ip sends access times v exceeding the set upper limit, it is determined to be abnormal.

[0054] Step 1 and 2: After receiving the SYN message, the traffic monitoring and filtering module responds with a specific cookie. If...

Embodiment 2

[0090] Embodiment two, refer to figure 2 , to illustrate this embodiment, the present invention proposes a DDoS detection device for the Internet of Things based on distributed machine learning and blockchain, including a traffic monitoring and filtering module, a machine learning module and a blockchain module; the traffic monitoring and filtering module It is used to receive traffic sent by edge nodes, and to filter and feature extract abnormal traffic; the machine learning module is used to learn and detect abnormal traffic; the block chain module is used to store abnormal traffic; the traffic monitoring and filtering module The extracted features are transmitted to the blockchain module; edge nodes obtain abnormal traffic data from the blockchain module and transmit them to the machine learning module.

[0091]The traffic monitoring and filtering module described in this embodiment has a traffic forwarding function, a traffic interception function and a feature extraction...

Embodiment 3

[0094] Embodiment three, refer to Figure 5 Illustrate this embodiment, a kind of Internet of things DDoS defense method based on distributed machine learning and block chain, comprises the following steps:

[0095] S110. Run the detection device described in Embodiment 2 at the entrance of the Internet of Things network, and start the Spark MLlib distributed machine learning framework;

[0096] S120. When the user uses the Internet of Things device, the traffic monitoring and filtering module captures and extracts its characteristic value and records it locally as a machine learning data set;

[0097] S130. After encountering abnormal traffic, the edge node records the abnormal connection information and uploads it to the blockchain;

[0098] S140. All edge nodes use the machine learning model to detect the abnormal connection information, and if it is a DDoS attack, verify the block information and record it locally;

[0099] S150. The blockchain module synchronizes all ed...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a detection method, a defense method and a detection device for Internet of Things DDoS based on distributed machine learning and a block chain, and a storage medium, and belongs to the technical field of data processing. The detection method specifically comprises the following steps that a flow monitoring and filtering module judges whether input flow is abnormal connection or not, when it is judged that the input flow is abnormal connection, abnormal flow characteristics are recorded, and then information is signed and uploaded to a block chain. When all the edge nodes receive the broadcast, the edge nodes obtain the feature from the block chain, detect abnormal traffic, and synchronously broadcast to all the edge nodes and intercept the DDoS traffic if the DDoS traffic is determined, thereby solving the problems that the identification and filtering efficiency of the DDoS traffic is not high enough, and shared information is not enough to enable other edge nodes to early warn similar attacks in advance in the prior art.. Therefore, the DDoS attack information can be shared in real time, early warning can be conveniently made in advance, and the DDoS detection efficiency is improved.

Description

technical field [0001] The present application relates to a detection and defense method, in particular to an Internet of Things DDoS detection and defense method, detection device and storage medium based on distributed machine learning and blockchain, and belongs to the field of data processing technology. Background technique [0002] Since 2019, the 5G network has been officially commercialized, and its speed has a qualitative leap compared with 4G, providing a development foundation for the era of the Internet of Everything. The development of 5G has driven the explosive growth of industrial applications related to IoT devices. According to statistics, by 2020, there will be more than 20 billion IoT devices worldwide. The ubiquitous smart wearable devices, smart homes, and driverless cars have brought great convenience to people's daily life. [0003] While bringing various life conveniences to users, it also brings many hidden related security issues. DDoS (Distribute...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06N20/00G16Y40/10G06F16/27
CPCG06F21/56G06F16/27G06N20/00G16Y40/10
Inventor 李清锋张培风韩家鹏周雨昂吴本龙
Owner NORTHEAST FORESTRY UNIVERSITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com