OTI-IoT:基于区块链的多载体 DDoS 攻击行动威胁情报框架

IF 3.9 3区 计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS
Aswani Aguru, Suresh Erukala
{"title":"OTI-IoT:基于区块链的多载体 DDoS 攻击行动威胁情报框架","authors":"Aswani Aguru, Suresh Erukala","doi":"10.1145/3664287","DOIUrl":null,"url":null,"abstract":"<p>The <b>Internet of Things (IoT)</b> refers to a complex network comprising interconnected devices that transmit their data via the Internet. Due to their open environment, limited computation power, and absence of built-in security, IoT environments are susceptible to various cyberattacks. Denial of service (DDoS) attacks are among the most destructive types of threats. The <b>Multi-vector DDoS attack</b> is a contemporary and formidable form of DDoS wherein the attacker employs a collection of compromised IoT devices as zombies to initiate numerous DDoS attacks against a target server. A Blockchain-based Operational Threat Intelligence framework, OTI-IoT, is proposed in this paper to counter multi-vector DDoS attacks in IoT networks. A <b>”Prevent-then-Detect”</b> methodology was utilized to deploy the OTI-IoT framework in two distinct stages. During Phase 1, the <b>consortium Blockchain network</b> validators employ the IPS module, composed of a smart contract for attack prevention &amp; access control, and Proof of Voting consensus, to thwart attacks. Validators are outfitted with deep learning-based IDS instances to detect multi-vector DDoS attacks during Phase 2. Alert messages are generated by the IDS module’s alert generation &amp; propagation smart contract in response to identifying malicious IoT sources. The feedback loop from the IDS module to the IPS module prevents incoming traffic from malicious sources. The proposed OTI framework capabilities are realized as an outcome of combining and storing the outcomes of the IDS and IPS modules on the consortium Blockchain. Each validator maintains a shared ledger containing information regarding threat sources to ensure robust security, transparency, and integrity. The operational execution of OTI-IoT occurs on an individual Ethereum Blockchain. The empirical findings indicate that our proposed framework is most suitable for real-time applications due to its ability to lower attack detection time, decreased block validation time, and higher attack prevention rate.</p>","PeriodicalId":50911,"journal":{"name":"ACM Transactions on Internet Technology","volume":"138 1","pages":""},"PeriodicalIF":3.9000,"publicationDate":"2024-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"OTI-IoT: A Blockchain-based Operational Threat Intelligence Framework for Multi-vector DDoS Attacks\",\"authors\":\"Aswani Aguru, Suresh Erukala\",\"doi\":\"10.1145/3664287\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>The <b>Internet of Things (IoT)</b> refers to a complex network comprising interconnected devices that transmit their data via the Internet. Due to their open environment, limited computation power, and absence of built-in security, IoT environments are susceptible to various cyberattacks. Denial of service (DDoS) attacks are among the most destructive types of threats. The <b>Multi-vector DDoS attack</b> is a contemporary and formidable form of DDoS wherein the attacker employs a collection of compromised IoT devices as zombies to initiate numerous DDoS attacks against a target server. A Blockchain-based Operational Threat Intelligence framework, OTI-IoT, is proposed in this paper to counter multi-vector DDoS attacks in IoT networks. A <b>”Prevent-then-Detect”</b> methodology was utilized to deploy the OTI-IoT framework in two distinct stages. During Phase 1, the <b>consortium Blockchain network</b> validators employ the IPS module, composed of a smart contract for attack prevention &amp; access control, and Proof of Voting consensus, to thwart attacks. Validators are outfitted with deep learning-based IDS instances to detect multi-vector DDoS attacks during Phase 2. Alert messages are generated by the IDS module’s alert generation &amp; propagation smart contract in response to identifying malicious IoT sources. The feedback loop from the IDS module to the IPS module prevents incoming traffic from malicious sources. The proposed OTI framework capabilities are realized as an outcome of combining and storing the outcomes of the IDS and IPS modules on the consortium Blockchain. Each validator maintains a shared ledger containing information regarding threat sources to ensure robust security, transparency, and integrity. The operational execution of OTI-IoT occurs on an individual Ethereum Blockchain. The empirical findings indicate that our proposed framework is most suitable for real-time applications due to its ability to lower attack detection time, decreased block validation time, and higher attack prevention rate.</p>\",\"PeriodicalId\":50911,\"journal\":{\"name\":\"ACM Transactions on Internet Technology\",\"volume\":\"138 1\",\"pages\":\"\"},\"PeriodicalIF\":3.9000,\"publicationDate\":\"2024-05-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Transactions on Internet Technology\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1145/3664287\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Transactions on Internet Technology","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/3664287","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

物联网(IoT)是指由相互连接的设备组成的复杂网络,这些设备通过互联网传输数据。由于其开放的环境、有限的计算能力和缺乏内置的安全性,物联网环境很容易受到各种网络攻击。拒绝服务(DDoS)攻击是最具破坏性的威胁类型之一。多载体 DDoS 攻击是一种当代可怕的 DDoS 攻击形式,攻击者利用一系列受损的物联网设备作为僵尸,对目标服务器发起大量 DDoS 攻击。本文提出了一种基于区块链的运营威胁情报框架--OTI-IoT,以应对物联网网络中的多载体 DDoS 攻击。本文采用 "先预防、后检测 "的方法,分两个不同阶段部署 OTI-IoT 框架。在第一阶段,联盟区块链网络验证器采用 IPS 模块,该模块由用于攻击预防的智能合约、访问控制和投票证明共识组成,以挫败攻击。在第二阶段,验证器配备了基于深度学习的 IDS 实例,以检测多载体 DDoS 攻击。警报信息由 IDS 模块的警报生成与传播智能合约生成,以识别恶意物联网源。从 IDS 模块到 IPS 模块的反馈回路可防止来自恶意源的流量进入。将 IDS 模块和 IPS 模块的结果结合并存储在联盟区块链上,就能实现所提出的 OTI 框架功能。每个验证器都维护一个共享分类账,其中包含有关威胁源的信息,以确保强大的安全性、透明度和完整性。OTI-IoT 的操作执行发生在单个以太坊区块链上。实证研究结果表明,我们提出的框架最适合实时应用,因为它能够缩短攻击检测时间、减少区块验证时间并提高攻击防范率。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
OTI-IoT: A Blockchain-based Operational Threat Intelligence Framework for Multi-vector DDoS Attacks

The Internet of Things (IoT) refers to a complex network comprising interconnected devices that transmit their data via the Internet. Due to their open environment, limited computation power, and absence of built-in security, IoT environments are susceptible to various cyberattacks. Denial of service (DDoS) attacks are among the most destructive types of threats. The Multi-vector DDoS attack is a contemporary and formidable form of DDoS wherein the attacker employs a collection of compromised IoT devices as zombies to initiate numerous DDoS attacks against a target server. A Blockchain-based Operational Threat Intelligence framework, OTI-IoT, is proposed in this paper to counter multi-vector DDoS attacks in IoT networks. A ”Prevent-then-Detect” methodology was utilized to deploy the OTI-IoT framework in two distinct stages. During Phase 1, the consortium Blockchain network validators employ the IPS module, composed of a smart contract for attack prevention & access control, and Proof of Voting consensus, to thwart attacks. Validators are outfitted with deep learning-based IDS instances to detect multi-vector DDoS attacks during Phase 2. Alert messages are generated by the IDS module’s alert generation & propagation smart contract in response to identifying malicious IoT sources. The feedback loop from the IDS module to the IPS module prevents incoming traffic from malicious sources. The proposed OTI framework capabilities are realized as an outcome of combining and storing the outcomes of the IDS and IPS modules on the consortium Blockchain. Each validator maintains a shared ledger containing information regarding threat sources to ensure robust security, transparency, and integrity. The operational execution of OTI-IoT occurs on an individual Ethereum Blockchain. The empirical findings indicate that our proposed framework is most suitable for real-time applications due to its ability to lower attack detection time, decreased block validation time, and higher attack prevention rate.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
ACM Transactions on Internet Technology
ACM Transactions on Internet Technology 工程技术-计算机:软件工程
CiteScore
10.30
自引率
1.90%
发文量
137
审稿时长
>12 weeks
期刊介绍: ACM Transactions on Internet Technology (TOIT) brings together many computing disciplines including computer software engineering, computer programming languages, middleware, database management, security, knowledge discovery and data mining, networking and distributed systems, communications, performance and scalability etc. TOIT will cover the results and roles of the individual disciplines and the relationshipsamong them.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信