Research On Distributed Denial Of Service Attack Defense In Internet Of Things

The Internet of Things(IoT)system is composed of sensing intelligent equipment,internet access and the intelligent application.The sensing intelligent devices in the IoT system can be the target of DDoS attacks,or may be the accomplices of DDoS attacks.The security of IoT is not only related to the safety of the network,but also to the safety of real lives.Therefore,it is of great significance to study how to defend against DDoS attacks and ensure the safety of IoT.At present,the study of IoT security mainly focuses on the improvement of individual safety protection of Io T device.For DDoS attacks in the IoT,there is no better defense method relative to the Io T network structure.Therefore,in this paper,we propose a DDoS defense framework composed of cloud computing defense layer,fog computing defense layer and edge computing defense layer that jointly defend against DDoS attacks in IoT.First,we propose a SDN-based Multi-Level DDoS Mitigation Framework(SMLDMF)for the IoT.SMLDMF contains the edge computing layer,the fog computing layer and the cloud computing layer.SMLDMF uses SDN structure and SDN protocol to integrate layers in SMLDMF to jointly defend against DDoS attacks.Using agile data processing capability of cloud computing layer and the network management ability of fog computing layer and edge computing layer to implement a SDN based IoT defense framework.It can realize fast intelligence analysis,automatically alleviate the DDoS attack near the source of attack according to the analysis results.Finally,we propose to use the SDN based IoT gateway,which can be more flexible to implement the protection of the Io T device and be part of the joint defense DDoS attack.Then,defending against DDoS attacks in traditional network is costly and little effect due to the traditional network structure.We propose a SDN based approach to deploy the edge computing layer and fog computing layer of IoT.We implement the Collection-Detection-Mitigation(CDM)method in the edge computing layer and fog computing layer to verify the effect of SDN based defense against DDoS attacks.Thesimulation results show that the use of SDN mode to defend against DDoS attacks can be flexible and effective.Blocking Ping flood according to the detection results,delay time of normal users significantly decreased.Blocking TCP Syn flood according to the verification results of TCP Syn proxy,normal users' delay time is reduced by 37%.In the face of whether the SDN controller cluster can bear a large number of internet traffic while defending against DDoS attacks,we ensure the separation of the logic function and data forwarding by dividing the work into edge computing layer and fog computing layer,so that SDN controller cluster can withstand a large amount of data transmission and defend against DDoS attacks.In order to achieve joint defense of SDN controller cluster,different SDN controller clusters work together to defend against DDoS attack through SDN east-west interface or data transmission through cloud center.Finally,big data technology is widely used in the detection of DDoS attacks,but the current big data technology can only detect the attack source of DDoS attack.In the traditional network structure,it is difficult to realize intelligent analysis and defend against the DDoS attack according to the results of intelligent analysis.Therefore,we propose to use big data technology to detect DDoS attacks in the cloud,and use SDN technology to block the DDoS attack near the attack source in the edge computing layer and fog computing layer.In simulation,we build a Spark cluster to simulate the cloud computing layer,use Mininet to simulate the IoT that is managed by SDN,and collect traffic was collected to Spark cluster.After testing,we use SDN controller to block DDoS attack source and verify the feasibility of this idea.