DDoS Attack Identification And Protection Based On Federated Learning In Industrial IoT Environmen

The Industrial Internet of Things(IIoT)describes the communication between machines in a machine-to-machine(M2M)context.In IIo T,machines can interact and communicate with other machines,users,environments,and infrastructures.The data generated by IIo T can provide significant and real-time measures for management and control after processing and analysis.The growing trend of IIo T makes industrial production more intelligent and efficient.The industry is entering a new era of the Internet of Things,with billions of embedded devices seamlessly interconnected,managed,and working interactively over the network.However,at the same time,the threatened attack surface is also increasing day by day.Distributed Denial-of Service(DDoS)attacks,in particular,pose a significant and deadly threat to IIo T security and protecting against them presents a significant challenge.Traditional centralized machine learning methods are limited by issues such as data privacy and the cost of transmitting training data,making them unsuitable for direct application in IIo T.This dissertation aims to study the DDoS attack identification and defense methods based on federated learning in the IIo T environment,combining evidence theory and spatiotemporal graph convolutional networks.The evidence theory federated learning and federated spatiotemporal graph convolutional networks are respectively proposed for DDoS attack identification and defense,respectively.The specific research contents are as follows:(1)To address the problem of identifying mixed attack traffic in DDoS attacks,this dissertation combines evidence theory and federated learning to propose evidence theory federated learning.This dissertation calculates the trust quality function based on the distance between the prototype vector features extracted by the convolutional neural network and uses the D-S evidence aggregation principle to classify the DDoS attack modes of mixed attack traffic.The model is aggregated on the server side using the trust quality function as weights.The experimental validation conducted on the CIC-DDoS2019 dataset demonstrates that the proposed evidence theory federated learning approach is capable of classifying the fuzzy set values of difficult-toidentify DDoS mixed attack traffic.Compared to federated convolutional neural networks based on probability calculations,the proposed approach achieves higher accuracy,enabling improved completion of DDoS mixed attack detection tasks while protecting data privacy.(2)For the rapid judgment and response to DDoS attacks in the SDN environment of IIo T,this paper proposes a federated spatiotemporal graph convolutional network model.This dissertation model the spatiotemporal feature information of the network as input,use the link prediction function of graph convolutional networks to identify DDoS attack sources and attack paths as early as possible,and use INT intra-network telemetry technology to establish corresponding defense and mitigation mechanisms,effectively taking measures to mitigate and alleviate DDoS attacks in the early stage and minimizing the impact on normal business network traffic.