期刊論文
學年 | 108 |
---|---|
學期 | 2 |
出版(發表)日期 | 2020-03-01 |
作品名稱 | Enhanced Attack Blocking in IoT Environments: Engaging Honeypots and Machine Learning in SDN OpenFlow Switches |
作品名稱(其他語言) | |
著者 | Po-Jen Chuang; Tzu-Chao Hung |
單位 | |
出版者 | |
著錄名稱、卷期、頁數 | Journal of Applied Science and Engineering 23(1), p.163-173 |
摘要 | This paper introduces a new attack blocking mechanism to defend against malicious unknown attacks in the Internet of Things (IoT) environments. The new mechanism starts by installing a honeypot in each Software Defined Network OpenFlow switch to attract and collect suspicious traffic. Upon detecting suspicious traffic, it will first store the traffic in the honeypot first, instead of performing instant anomaly detection, to preserve the overall network speed and packets. The mechanism then sends the collected attack traffic to the controller, to extract more appropriate features by the machine learning practice and to ensure more accurate anomaly identification. After identifying the attack type, it will add a proper defense rule in the flow table – a new entry – to block similar future attacks. Experimental evaluation proves that the new mechanism is more advantageous than the existing flow-based IDS mechanism. Major advantages include being able to detect and prevent unknown attacks without blocking regular network traffic, achieve better capture rates than the Intrusion Detection System (IDS) upon traffic-high or short packet attacks, and avoid potential packet loss. |
關鍵字 | Internet of Things (IoT);Software Defined Network (SDN);Intrusion Detection System (IDS);Flow Table;Honeypot;Machine Learning;Anomaly Detection;Distributed Denial of Services (DDoS) |
語言 | en |
ISSN | |
期刊性質 | 國內 |
收錄於 | ESCI |
產學合作 | |
通訊作者 | |
審稿制度 | 是 |
國別 | TWN |
公開徵稿 | |
出版型式 | ,電子版,紙本 |
相關連結 |
機構典藏連結 ( http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/118257 ) |