DDoS Attack Detection Method Based On Software Defined Internet Of Things In 5G Environment

The Internet of Things(IoT)has been regarded as another important invention besides computers,operating systems,and the Internet.Through the Internet of Things,we can interact with a large number of intelligent applications running independently on different platforms around the world to control our environment.The Internet of Things has entered our lives in an all-round way,but there are also potential risks of malicious attacks.Some criminals use IoT vulnerabilities to access legitimate devices.These vulnerabilities are caused by various existing limitations of the Internet of Things,such as limited resources and weak security.With the advent of the fifth-generation mobile communication era(5th-Generation,5G),the security issues of the Internet of Things become more and more important.Among them,the most troublesome is the Distributed Denial of Service(DDo S).With the characteristics of low latency and interconnection of everything,how to detect distributed denial of service attacks more quickly and accurately has become a hot topic now.The landing of the Internet of Things requires the support of 5G technology,and the Internet of Things is also the most important application scenario for 5G.Then the biggest change in 5G is the widespread use of software definitions.It can be said that 5G,the Internet of Things and software definitions are closely related,and they are also an important development direction for the communications industry in the next 10 years.As the core technology of 5G,Software-Defined Networking(SDN)technology has changed the situation of integration in traditional networks and simplified network management.Unlike traditional network architectures,SDN has obvious advantages in the face of distributed denial of service attacks.Due to the success of SDN in security,some scholars proposed the SD-IoT(Software-Defined Internet of Things,SD-IoT)architecture,introduced the concept of SDN into the environment of the Internet of Things,and discussed DDo S in the SD-IoT environment The dynamic threshold of the attack.By using the characteristics of the SDN network,this research proposes a DDo S detection mechanism that combines trigger detection and deep detection.This mechanism first calculates the entropy of the network environment based on the collected traffic status,and derives a dynamic threshold according to the network conditions to perform coarse-grained abnormal warnings.In-depth inspection is started after the early warning information,and the classification algorithm based on machine learning is used to determine whether the environment has suffered DDo S attacks.The main content of the article research is:1.Research on SD-IoT environment architecture.At present,SD-IoT is still in its infancy,and the research on SD-IoT environment architecture is relatively less.In this paper,by studying SD-IoT security architecture,SD-IoT protocol architecture,SD-IoT operating system and SD-IoT controller,the SD-IoT simulation experiment platform is built.2.The selection of feature vector.The attack characteristics of DDo S in the traditional Internet of things may not be the same as those in SD-IoT.Therefore,we need to define the environment of Internet of things in software,simulate the real DDo S attacks,detect and analyze them,and select the most obvious and representative eigenvalues in SD-IoT environment.3.Dynamic threshold setting.In the related research similar to this work,the thresholds of traffic and entropy used to determine whether the network environment is attacked by DDo S are mostly fixed values.The disadvantage of using fixed threshold is that it can't cope with the changing network environment.It has the characteristics of low traffic and high lifetime.If we use a single fixed threshold to judge whether we are suffering from DDo S,there will be misjudgment.Therefore,based on the statistics and observation of network environment,we propose a mechanism to define dynamic threshold to adapt to the changing network environment.This paper proposes a mechanism to deal with distributed denial of service attacks in SD-IoT environment.The detection mechanism of DDo S is to continuously analyze and evaluate the communication of the whole SD-IoT environment by using entropy and adaptive threshold of traffic.The simulation results show that the proposed detection system has a good attack detection rate.