The low-intensity attack flows used by Crossfire attacks are hard to distinguish from legitimate flows.Traditional methods to identify the malicious flows in Crossfire attacks are rerouting,which is based on statistic...The low-intensity attack flows used by Crossfire attacks are hard to distinguish from legitimate flows.Traditional methods to identify the malicious flows in Crossfire attacks are rerouting,which is based on statistics.In these existing mechanisms,the identification of malicious flows depends on the IP address.However,the IP address is easy to be changed by attacks.Comparedwith the IP address,the certificate ismore challenging to be tampered with or forged.Moreover,the traffic trend in the network is towards encryption.The certificates are popularly utilized by IoT devices for authentication in encryption protocols.DTLShps proposed a new way to verify certificates for resource-constrained IoT devices by using the SDN controller.Based on DTLShps,the SDN controller can collect statistics on certificates.In this paper,we proposeCertrust,a framework based on the trust of certificates,tomitigate the Crossfire attack by using SDN for IoT.Our goal is threefold.First,the trust model is built based on the Bayesian trust system with the statistics on the participation of certificates in each Crossfire attack.Moreover,the forgetting curve is utilized instead of the traditional decay method in the Bayesian trust system for achieving a moderate decay rate.Second,for detecting the Crossfire attack accurately,a method based on graph connectivity is proposed.Third,several trust-based routing principles are proposed tomitigate the Crossfire attack.These principles can also encourage users to use certificates in communication.The performance evaluation shows that Certrust is more effective in mitigating the Crossfire attack than the traditional rerouting schemes.Moreover,our trust model has a more appropriate decay rate than the traditional methods.展开更多
“MINI在第二十届国际汽车工业展览会上展示了其宽阔的产品系列,MINI的粉丝们可以期待体验很多精彩。全电动MINI Cooper SE敞篷车在上海举行了全球首秀仪式。凭借MINI Concept Aceman,MINI首次展示了一种全新的汽车概念:采用全新设计的...“MINI在第二十届国际汽车工业展览会上展示了其宽阔的产品系列,MINI的粉丝们可以期待体验很多精彩。全电动MINI Cooper SE敞篷车在上海举行了全球首秀仪式。凭借MINI Concept Aceman,MINI首次展示了一种全新的汽车概念:采用全新设计的全电动驱动。MINI全新打造的萌宠Spike从2022年起迎来了数字化生活。此外,MINI敞篷海滨版还致敬MINI敞篷车30周年纪念日。来自John Cooper Works品牌,在亚洲特别成功的一流运动车型也亮相上海车展。”展开更多
基金supported by Joint Funds of the National Natural Science Foundation of China and Xinjiang under Project U1603261.
文摘The low-intensity attack flows used by Crossfire attacks are hard to distinguish from legitimate flows.Traditional methods to identify the malicious flows in Crossfire attacks are rerouting,which is based on statistics.In these existing mechanisms,the identification of malicious flows depends on the IP address.However,the IP address is easy to be changed by attacks.Comparedwith the IP address,the certificate ismore challenging to be tampered with or forged.Moreover,the traffic trend in the network is towards encryption.The certificates are popularly utilized by IoT devices for authentication in encryption protocols.DTLShps proposed a new way to verify certificates for resource-constrained IoT devices by using the SDN controller.Based on DTLShps,the SDN controller can collect statistics on certificates.In this paper,we proposeCertrust,a framework based on the trust of certificates,tomitigate the Crossfire attack by using SDN for IoT.Our goal is threefold.First,the trust model is built based on the Bayesian trust system with the statistics on the participation of certificates in each Crossfire attack.Moreover,the forgetting curve is utilized instead of the traditional decay method in the Bayesian trust system for achieving a moderate decay rate.Second,for detecting the Crossfire attack accurately,a method based on graph connectivity is proposed.Third,several trust-based routing principles are proposed tomitigate the Crossfire attack.These principles can also encourage users to use certificates in communication.The performance evaluation shows that Certrust is more effective in mitigating the Crossfire attack than the traditional rerouting schemes.Moreover,our trust model has a more appropriate decay rate than the traditional methods.
文摘“MINI在第二十届国际汽车工业展览会上展示了其宽阔的产品系列,MINI的粉丝们可以期待体验很多精彩。全电动MINI Cooper SE敞篷车在上海举行了全球首秀仪式。凭借MINI Concept Aceman,MINI首次展示了一种全新的汽车概念:采用全新设计的全电动驱动。MINI全新打造的萌宠Spike从2022年起迎来了数字化生活。此外,MINI敞篷海滨版还致敬MINI敞篷车30周年纪念日。来自John Cooper Works品牌,在亚洲特别成功的一流运动车型也亮相上海车展。”