IoT ddos ​​detection, defense method, detection device and storage medium based on distributed machine learning and blockchain

A machine learning and detection device technology, applied in the field of data processing, can solve the problems of insufficient DDoS traffic identification and filtering efficiency, insufficient early warning of similar attacks, etc., to achieve improved identification accuracy, low hardware performance requirements, and iterative optimization Effect

Active Publication Date: 2021-10-01
NORTHEAST FORESTRY UNIVERSITY
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Although the above method can intercept some DDoS targeting the Internet of Things environment, and introduces the block chain to realize the sharing of malicious attack information, there are still some problems, such as the identification and filtering efficiency of DDoS traffic is not high enough, and the shared information is not enough to enable Other edge nodes give early warning to similar attacks, etc.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IoT ddos ​​detection, defense method, detection device and storage medium based on distributed machine learning and blockchain
  • IoT ddos ​​detection, defense method, detection device and storage medium based on distributed machine learning and blockchain
  • IoT ddos ​​detection, defense method, detection device and storage medium based on distributed machine learning and blockchain

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0048] Embodiment one, refer to figure 1 , Figure 3-Figure 4 , illustrating this embodiment, a method for detecting DDoS in the Internet of Things based on distributed machine learning and blockchain, comprising the following steps:

[0049] Step 1, the traffic monitoring and filtering module obtains the traffic input by the edge node, and judges whether the traffic is an abnormal connection, if so, execute step 3, if not, execute step 2;

[0050] Among them, the traffic monitoring and filtering module can capture and analyze traffic, capture data packets flowing through the network card, and filter abnormal traffic by establishing rules.

[0051] Among them, the establishment rules specifically include:

[0052] Step 11, within a unit time, if a source ip sends access times v exceeding the set upper limit, it is determined to be abnormal.

[0053] Step 1 and 2: After receiving the SYN message, the traffic monitoring and filtering module responds with a specific cookie. If...

Embodiment 2

[0089] Embodiment two, refer to figure 2 , to illustrate this embodiment, the present invention proposes a DDoS detection device for the Internet of Things based on distributed machine learning and blockchain, including a traffic monitoring and filtering module, a machine learning module and a blockchain module; the traffic monitoring and filtering module It is used to receive traffic sent by edge nodes, and to filter and feature extract abnormal traffic; the machine learning module is used to learn and detect abnormal traffic; the block chain module is used to store abnormal traffic; the traffic monitoring and filtering module The extracted features are transmitted to the blockchain module; edge nodes obtain abnormal traffic data from the blockchain module and transmit them to the machine learning module.

[0090] The traffic monitoring and filtering module described in this embodiment has a traffic forwarding function, a traffic interception function and a feature extraction ...

Embodiment 3

[0093] Embodiment three, refer to Figure 5 Illustrate this embodiment, a kind of Internet of things DDoS defense method based on distributed machine learning and block chain, comprises the following steps:

[0094] S110. Run the detection device described in Embodiment 2 at the entrance of the Internet of Things network, and start the Spark MLlib distributed machine learning framework;

[0095] S120. When the user uses the IoT device, the traffic monitoring and filtering module captures and extracts its characteristic value and records it locally as a machine learning data set;

[0096] S130. After encountering abnormal traffic, the edge node records the abnormal connection information and uploads it to the blockchain;

[0097] S140. All edge nodes use the machine learning model to detect the abnormal connection information, and if it is a DDoS attack, verify the block information and record it locally;

[0098] S150. The blockchain module synchronizes all edge nodes in the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an Internet of Things DDoS detection and defense method, a detection device and a storage medium based on distributed machine learning and blockchain, and belongs to the technical field of data science. Specifically, the traffic monitoring and filtering module judges whether the input traffic is an abnormal connection, and when it is judged to be an abnormal connection, records the characteristics of the abnormal traffic, and then signs and uploads the information to the blockchain. When all edge nodes receive this broadcast, they will obtain the feature from the blockchain and detect abnormal traffic. If it is determined to be DDoS traffic, they will broadcast it to all edge nodes synchronously to intercept the DDoS traffic and solve the problem. In the prior art, there are technical problems that the identification and filtering efficiency for DDoS traffic is not high enough, and the shared information is not enough to enable other edge nodes to give early warning to similar attacks. Realized, real-time sharing of DDoS attack information facilitates early warning and improves the efficiency of DDoS detection.

Description

technical field [0001] The present application relates to a detection and defense method, in particular to an Internet of Things DDoS detection and defense method, detection device and storage medium based on distributed machine learning and blockchain, and belongs to the field of data processing technology. Background technique [0002] Since 2019, the 5G network has been officially commercialized, and its speed has a qualitative leap compared with 4G, providing a development foundation for the era of the Internet of Everything. The development of 5G has driven the explosive growth of industrial applications related to IoT devices. According to statistics, by 2020, there will be more than 20 billion IoT devices worldwide. The ubiquitous smart wearable devices, smart homes, and driverless cars have brought great convenience to people's daily life. [0003] While bringing various life conveniences to users, it also brings many hidden related security issues. DDoS (Distribute...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56G06N20/00G16Y40/10G06F16/27
CPCG06F21/56G06F16/27G06N20/00G16Y40/10
Inventor 李清锋张培风韩家鹏周雨昂吴本龙
Owner NORTHEAST FORESTRY UNIVERSITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap