Research And Implementation Of DDoS Attack Detection Method For IoT Devices Based On Blockchain

With the popularity of intelligent devices and the general improvement of the level of informatization,the Internet of Things(IoT),as a resource-constrained low-power network,is widely used in our daily life,as small as some wearable equipment,smart homes,etc.,but its stability and security are the focus of people’s attention.IoT devices with small capacity,high universality,and high vulnerability are the targets of attackers.When attackers launch attacks by controlling a large number of IoT botnets,it will cause a large-scale distributed denial of service attacks(DDoS).At present,DDoS attack detection mainly bases on traditional networks and attack identification is rarely about the network flow characteristics of IoT devices.Besides,DDoS attack detection in the IoT field mostly uses statistical methods,which often results in low utilization of original information and relying heavily on experience observation,so that the extracted features can not describe the characteristics of the terminal equipment network flow.For this,this paper systematically studies the performance of machine learning in this field,as follows:(1)To address the shortcomings of current DDoS attack detection methods in the IoT environment,this paper summarized the causes of the IoT botnet,analyzed the attack characteristics of Mirai virus and attack scenarios under the IoT architecture.(2)Based on the network flow characteristics of terminal devices in the IoT,we extracted and standardized the network traffic characteristics and defined the five-element feature set to represent the network flow characteristics of the IoT.Lastly,this paper established the detection model based on the five-element feature set to detected network stream data.(3)According to the different deployment locations of the detection algorithm,we adopted the cooperative detection strategy at different detection points.Convolutional Neural Networks(CNN)detection algorithm is adopted in the distribution server with large network traffic,and the CNN detection method based on a five-element feature group can isolate the destructive attack flow from the central server cluster,which plays a certain role in protecting the server.The Support Vector Machine(SVM)method is used to detect the network flow of the device terminal.By introducing the linear kernel function,the problems of linear inseparability and over-fitting are solved,and a better detection effect can be achieved even in a small sample environment.The cooperative attack detection method based on different endpoints takes into account both the detection accuracy and the detection efficiency to avoid the increased service delay due to the attack detection.(4)A collaborative DDoS attack detection system based on blockchain architecture is designed and implemented.This system integrates IoT devices with blockchain to solve the problem of DDoS attack detection in IoT environment,firstly,the requirements of the detection system are explained,and four main functional modules are designed based on blockchain architecture,and finally,the system is tested to prove the feasibility and practicability of the proposed method.