Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Method for defending distributed denial of service attack of industrial network system

A distributed denial and industrial network technology, applied in the field of distributed denial of service attacks, can solve problems such as prediction model misjudgment, single point failure, sensitivity, etc., and achieve the effects of mitigating DDoS attacks, improving accuracy, and improving sensitivity

Pending Publication Date: 2022-05-24
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF0 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Second, the centralized SDN controller is a common attack target and can easily cause a single point of failure
However, deep learning models often become sensitive when detecting adversarial DDoS attacks
Adversarial attacks usually refer to the situation where the attacker deliberately adds some kind of imperceptible interference to the input sample, which leads to the misjudgment of the prediction model.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for defending distributed denial of service attack of industrial network system
  • Method for defending distributed denial of service attack of industrial network system
  • Method for defending distributed denial of service attack of industrial network system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0060] like figure 1 Said, specifically, this embodiment describes the process of using the AC-GAN algorithm to detect the DDoS attack in the SDIN scenario, and using the SDN controller to issue the attack mitigation strategy. However, the present invention should not be limited to what is disclosed in this embodiment and the accompanying drawings. All equivalents or modifications accomplished without departing from the disclosed spirit of the present invention fall into the protection scope of the present invention.

[0061] A method for defending against distributed denial of service attacks on industrial network systems, comprising the following steps:

[0062] Step 1: Data preprocessing.

[0063] Specifically, the original dataset used for offline model training includes TCP flood attack flow, UDP flood attack flow, and ICMP flood attack flow, as well as Benign normal traffic. Four types of traffic are marked with labels, 0 for normal traffic, 1 for ICMP, 2 for TCP, and...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for defending distributed denial of service attack of an industrial network system, and belongs to the technical field of network security defense. According to the method, deep learning and software defined network technologies are fused to construct an industrial network for preventing DDoS attacks. The deep learning technology for attack detection has the characteristics of flexibility and accuracy, and the SDN realizes the overall network management and flow control of the industrial network. According to the invention, a deep learning classification algorithm is constructed based on AC-GAN, the generator can generate data for a specific label, and the discriminator improves the quality of the generated data by reconstructing label information. According to the method, the sensitivity of the model is improved by generating the adversarial attack sample, and the accuracy of detecting the adversarial DDoS attack in the software defined industrial network is improved. According to the method, real-time flow information is extracted and monitored through the SDIN controller, when attack flow is detected, the system can automatically trigger an attack relieving function, add firewall rules and issue abandoned flow table entry strategies, and therefore DDoS attacks are relieved in time.

Description

technical field [0001] The invention relates to a method for defending distributed denial of service (Distributed Denial of Service, DDoS) attacks in an industrial network system based on deep learning and a software-defined network, and belongs to the technical field of network security defense. Background technique [0002] With the continuous development of intelligent manufacturing technology, new manufacturing modes such as personalized customization and networked collaboration have been widely developed. These new manufacturing models require frequent data exchange over the network between manufacturing machines and industrial information systems that dynamically adjust to changes in orders, business, and the environment. [0003] However, the existing industrial network architecture cannot meet the requirements of the above-mentioned manufacturing mode. For example, there are many industrial network protocols, forming a complex industrial heterogeneous network, which...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40
CPCH04L63/1458H04L63/1416H04L63/02H04L63/0227Y02A10/40
Inventor 盖珂珂张悦祝烈煌蒋芃徐蕾
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products