English  |  正體中文  |  简体中文  |  Items with full text/Total items : 60932/93628 (65%)
Visitors : 1251321      Online Users : 5
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/118257


    Title: Enhanced Attack Blocking in IoT Environments: Engaging Honeypots and Machine Learning in SDN OpenFlow Switches
    Authors: Po-Jen Chuang;Tzu-Chao Hung
    Keywords: Internet of Things (IoT);Software Defined Network (SDN);Intrusion Detection System (IDS);Flow Table;Honeypot;Machine Learning;Anomaly Detection;Distributed Denial of Services (DDoS)
    Date: 2020-03
    Issue Date: 2020-03-12 12:10:50 (UTC+8)
    Abstract: This paper introduces a new attack blocking mechanism to defend against malicious unknown
    attacks in the Internet of Things (IoT) environments. The new mechanism starts by installing a
    honeypot in each Software Defined Network OpenFlow switch to attract and collect suspicious traffic.
    Upon detecting suspicious traffic, it will first store the traffic in the honeypot first, instead of
    performing instant anomaly detection, to preserve the overall network speed and packets. The
    mechanism then sends the collected attack traffic to the controller, to extract more appropriate features
    by the machine learning practice and to ensure more accurate anomaly identification. After identifying
    the attack type, it will add a proper defense rule in the flow table – a new entry – to block similar future
    attacks. Experimental evaluation proves that the new mechanism is more advantageous than the
    existing flow-based IDS mechanism. Major advantages include being able to detect and prevent
    unknown attacks without blocking regular network traffic, achieve better capture rates than the
    Intrusion Detection System (IDS) upon traffic-high or short packet attacks, and avoid potential packet
    loss.
    Relation: Journal of Applied Science and Engineering 23(1), p.163-173
    DOI: 10.6180/jase.202003_23(1).0017
    Appears in Collections:[Graduate Institute & Department of Electrical Engineering] Journal Article

    Files in This Item:

    File SizeFormat
    index.html0KbHTML71View/Open

    All items in 機構典藏 are protected by copyright, with all rights reserved.


    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback