摘要
针对配电物联网“云、管、边、端”架构中云平台与边缘设备远程通信中存在的恶意的分组注入、篡改、丢弃与劫持攻击,提出基于软件定义安全的配电物联网分组转发异常检测机制,克服了传统网络通过插入随路径长度以线性尺度增加密码标签的方式实现分组转发检测引入的计算与带宽开销大的缺点。机制结合软件定义架构,通过地址跳变将网络流运行时间分割为随机的时隙,网络节点基于跳变的地址信息转发分组,流边缘入口与出口交换机采样该时隙内的分组并生成流量梗概,控制器基于流量梗概检测分组转发异常;最后,构建仿真网络实现了所提机制,分析与实验表明该开销小于同类机制,引入了不超过11%的转发延迟与低于10%的吞吐率损失,可有效检测物联网云边远程通信分组转发异常。
Malicious packet injection,tampering,dropping and hijacking attacks exist in the remote communication between the cloud platform and the edge devices in the power Internet of Things with the architecture of“Cloud,Network,Edge and Terminal”.An abnormality detection mechanism in power Internet of Things based on software-defined security is proposed,which overcomes the drawbacks of computation and bandwidth overhead incurred by inserting cryptographic tags that increase linear-scally as path lengthen in the traditional network.Based on the software-defined architecture,a flow running time is split into consecutive random epoch by address hopping.Each switch forwards packets according to the hopping address,the ingress and egress switch samples packets and generates traffic sketch in each epoch,and the controller detect abnormality based on the sketch.The proposed scheme is implemented and evaluated.The analyses and experiments demonstrate that the communication overhead of the proposed mechanism is less than the existing mechanisms,with less than 11%of additional forwarding delay and no more than 10%of throughput degradation.Therefore,the proposed scheme could effectively detects abnormality.
作者
吴平
孙浩洋
周莉梅
尚宇炜
高飞
WU Ping;SUN Haoyang;ZHOU Limei;SHANG Yuwei;GAO Fei(Beijing Yungu Kechuang Information Technology Corp,Beijing 100036,China;China Electric Power Research Institute,Beijing 100192,China)
出处
《信息工程大学学报》
2024年第2期227-234,共8页
Journal of Information Engineering University
基金
国家电网科学技术基金资助项目(5400-202255159A-1-1-ZN)。
关键词
软件定义
配电物联网
流量梗概
分组转发
异常检测
software-defined
power Internet of Things
traffic sketch
packet forwarding
abnormality detection
