-
公开(公告)号:US12069481B2
公开(公告)日:2024-08-20
申请号:US17261872
申请日:2019-06-05
发明人: Min Wei , Yuan Zhuang , Tao Yang , Ping Wang
IPC分类号: H04W12/122 , H04L9/40 , H04L29/06 , H04L29/12 , H04W4/80 , H04W12/69 , H04W24/08 , H04L101/659 , H04W84/18
CPC分类号: H04W12/122 , H04L63/1425 , H04W4/80 , H04W12/69 , H04W24/08 , H04L2101/659 , H04W84/18
摘要: The present invention relates to an improved KNN-based 6LoWPAN network intrusion detection method. The present invention selects quantifiable security features which can reflect a self-security state of network elements of a 6LoWPAN network for training, and establishes a 6LoWPAN network feature space. The present invention assigns the weights to the features and transfers zero points, to alleviate the bias caused by large and small impact factors and simplify calculation; realizes construction and update of a state data table of network elements by extracting the feature data of network elements in real time, thus forming a normal contour updated according to the real-time state of the network in the feature space of the 6LoWPAN network based on the clustering effect of a KNN algorithm; and the present invention improves the KNN algorithm and redefines a basis for judging the invasion, to meet the requirements for 6LoWPAN network intrusion detection.
-
公开(公告)号:US20210266748A1
公开(公告)日:2021-08-26
申请号:US17261872
申请日:2019-06-05
发明人: Min Wei , Yuan Zhuang , Tao Yang , Ping Wang
摘要: The present invention relates to an improved KNN-based 6LoWPAN network intrusion detection method. The present invention selects quantifiable security features which can reflect a self-security state of network elements of a 6LoWPAN network for training, and establishes a 6LoWPAN network feature space. The present invention assigns the weights to the features and transfers zero points, to alleviate the bias caused by large and small impact factors and simplify calculation; realizes construction and update of a state data table of network elements by extracting the feature data of network elements in real time, thus forming a normal contour updated according to the real-time state of the network in the feature space of the 6LoWPAN network based on the clustering effect of a KNN algorithm; and the present invention improves the KNN algorithm and redefines a basis for judging the invasion, to meet the requirements for 6LoWPAN network intrusion detection.
-
公开(公告)号:US11483341B2
公开(公告)日:2022-10-25
申请号:US16629964
申请日:2018-03-06
发明人: Min Wei , Tao Yang , Jiuchao Mao , Qiaoyue Pang , Ping Wang
摘要: The present invention relates to a DDoS attack detection and mitigation method for an industrial SDN network, and belongs to the field of network security. According to the method, by means of the cooperation between an east-west interface of an SDN controller in an industrial backhaul network and a system manager of an industrial access network, in conjunction with the features of the industrial backhaul network and an industrial access network data packet, a flow entry matching field of an OpenFlow switch is extended, and a flow table 0 is set to be a “flow table dedicated to DDoS attack mitigation” for defending against an attacking data flow in a timely manner. By using the SDN controller of an industrial backhaul network and a DDoS attack detection and mitigation system, an attacking data flow is identified and a DDoS attack source is found, and the policy of mitigating a DDoS attack is implemented by means of scheduling a system manager of the industrial access network. According to the present invention, the normal traffic of an industrial backhaul network and an industrial access network is ensured, and a threat posed by a DDoS attack to the security of an industrial network is overcome.
-
-
搜索结果
3 条记录 (耗时 0.017 秒)
