Pan Xiangnan, Yamaguchi Shingo
Graduate School of Sciences and Technology for Innovation, Yamaguchi University, Ube 755-8611, Japan.
Sensors (Basel). 2022 Jun 21;22(13):4666. doi: 10.3390/s22134666.
Malicious botnets such as Mirai are a major threat to IoT networks regarding cyber security. The Botnet Defense System (BDS) is a network security system based on the concept of "fight fire with fire", and it uses white-hat botnets to fight against malicious botnets. However, the existing white-hat Worm Launcher of the BDS decides the number of white-hat worms, but it does not consider the white-hat worms' placement. This paper proposes a novel machine learning (ML)-based white-hat Worm Launcher for tactical response by zoning in the BDS. The concept of zoning is introduced to grasp the malicious botnet spread with bias over the IoT network. This enables the Launcher to divide the network into zones and make tactical responses for each zone. Three tactics for tactical responses for each zone are also proposed. Then, the BDS with the Launcher is modeled by using agent-oriented Petri nets, and the effect of the proposed Launcher is evaluated. The result shows that the proposed Launcher can reduce the number of infected IoT devices by about 30%.
像Mirai这样的恶意僵尸网络对物联网网络的网络安全构成了重大威胁。僵尸网络防御系统(BDS)是一种基于“以火攻火”概念的网络安全系统,它使用白帽僵尸网络来对抗恶意僵尸网络。然而,现有的BDS白帽蠕虫发射器决定了白帽蠕虫的数量,但没有考虑白帽蠕虫的放置位置。本文提出了一种新颖的基于机器学习(ML)的白帽蠕虫发射器,用于在BDS中通过分区进行战术响应。引入分区概念以掌握恶意僵尸网络在物联网网络上的偏向性传播。这使得发射器能够将网络划分为不同区域,并对每个区域做出战术响应。还针对每个区域提出了三种战术响应策略。然后,使用面向代理的Petri网对带有发射器的BDS进行建模,并评估所提出发射器的效果。结果表明,所提出的发射器可以将受感染的物联网设备数量减少约30%。
