• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

采用自适应移动目标防御策略保护工业物联网系统免受分布式拒绝服务攻击。

Securing IIoT systems against DDoS attacks with adaptive moving target defense strategies.

作者信息

Roy Sangita, Singh Jawar, Mathew Jimson

机构信息

Department of Electrical Engineering, Indian Institute of Technology Patna, Patna, 801106, India.

Department of Computer Science and Engineering, Thapar Institute of Engineering & Technology, Patiala, 147004, India.

出版信息

Sci Rep. 2025 Mar 20;15(1):9558. doi: 10.1038/s41598-025-93138-7.

DOI:10.1038/s41598-025-93138-7
PMID:40108217
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC11923148/
Abstract

The escalating distributed denial of service (DDoS) attacks severely threatens the security of the industrial internet of things (IIoT). This paper introduces moving target defense (MTD) as an adaptive solution to fortify IIoT security against DDoS attacks. Dynamically reconfiguring network elements and service placements makes it challenging for attackers to target specific vulnerabilities. We propose an MTD traffic manager (MTDTM) architecture to enable early detection and mitigation of DDoS attacks within resource-constrained edge clouds. A traffic classifier is integrated into our model to intelligently filter incoming traffic, ensuring real-time responsiveness to the demands of IIoT applications. Moreover, dynamic admission rules and relocation of service replicas efficiently distribute the traffic, ensuring the availability of services for legitimate users. Unlike traditional static defense methods, our adaptive approach caters to the evolving DDoS threat landscape of IIoT, safeguarding critical industrial processes. Simulation results validate the efficiency of our algorithm while maintaining an acceptable quality of service. Our research demonstrated a 15% to 20% improvement in service response times compared to existing algorithms. Notably, we achieved significant enhancements in average resource availability during DDoS attacks across various parameter variations.

摘要

不断升级的分布式拒绝服务(DDoS)攻击严重威胁着工业物联网(IIoT)的安全。本文介绍了移动目标防御(MTD),作为一种强化IIoT安全以抵御DDoS攻击的自适应解决方案。动态重新配置网络元素和服务布局使攻击者难以针对特定漏洞。我们提出了一种MTD流量管理器(MTDTM)架构,以在资源受限的边缘云中实现对DDoS攻击的早期检测和缓解。流量分类器集成到我们的模型中,以智能过滤传入流量,确保对IIoT应用需求的实时响应。此外,动态准入规则和服务副本的重新定位有效地分配流量,确保为合法用户提供服务可用性。与传统的静态防御方法不同,我们的自适应方法适应IIoT不断演变的DDoS威胁格局,保障关键工业流程。仿真结果验证了我们算法的效率,同时保持了可接受的服务质量。我们的研究表明,与现有算法相比,服务响应时间提高了15%至20%。值得注意的是,在各种参数变化的DDoS攻击期间,我们在平均资源可用性方面取得了显著提高。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/16c37240f3ab/41598_2025_93138_Fig7_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/058aaff52632/41598_2025_93138_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/06d9610d9c7d/41598_2025_93138_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/22339ac7895e/41598_2025_93138_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/592228339ed3/41598_2025_93138_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/099742504c87/41598_2025_93138_Figa_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/0b502cee6ce0/41598_2025_93138_Figb_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/482d0dfc9f4d/41598_2025_93138_Figc_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/76da13445501/41598_2025_93138_Figd_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/31ede0d9690d/41598_2025_93138_Fige_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/e7a779fe1232/41598_2025_93138_Figf_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/54de434aae19/41598_2025_93138_Figg_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/b893c5b270f6/41598_2025_93138_Figh_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/721f44c084ca/41598_2025_93138_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/11f3bfd31d06/41598_2025_93138_Fig6_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/16c37240f3ab/41598_2025_93138_Fig7_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/058aaff52632/41598_2025_93138_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/06d9610d9c7d/41598_2025_93138_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/22339ac7895e/41598_2025_93138_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/592228339ed3/41598_2025_93138_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/099742504c87/41598_2025_93138_Figa_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/0b502cee6ce0/41598_2025_93138_Figb_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/482d0dfc9f4d/41598_2025_93138_Figc_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/76da13445501/41598_2025_93138_Figd_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/31ede0d9690d/41598_2025_93138_Fige_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/e7a779fe1232/41598_2025_93138_Figf_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/54de434aae19/41598_2025_93138_Figg_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/b893c5b270f6/41598_2025_93138_Figh_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/721f44c084ca/41598_2025_93138_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/11f3bfd31d06/41598_2025_93138_Fig6_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/f0d4/11923148/16c37240f3ab/41598_2025_93138_Fig7_HTML.jpg

相似文献

1
Securing IIoT systems against DDoS attacks with adaptive moving target defense strategies.采用自适应移动目标防御策略保护工业物联网系统免受分布式拒绝服务攻击。
Sci Rep. 2025 Mar 20;15(1):9558. doi: 10.1038/s41598-025-93138-7.
2
Adaptive Machine Learning Based Distributed Denial-of-Services Attacks Detection and Mitigation System for SDN-Enabled IoT.基于自适应机器学习的支持软件定义网络的物联网分布式拒绝服务攻击检测与缓解系统
Sensors (Basel). 2022 Mar 31;22(7):2697. doi: 10.3390/s22072697.
3
Blockchain Based Solutions to Mitigate Distributed Denial of Service (DDoS) Attacks in the Internet of Things (IoT): A Survey.基于区块链的物联网(IoT)中减轻分布式拒绝服务(DDoS)攻击的解决方案:一项综述。
Sensors (Basel). 2022 Jan 31;22(3):1094. doi: 10.3390/s22031094.
4
An Experimental Detection of Distributed Denial of Service Attack in CDX 3 Platform Based on Snort.基于 Snort 的 CDX 3 平台分布式拒绝服务攻击的实验检测。
Sensors (Basel). 2023 Jul 4;23(13):6139. doi: 10.3390/s23136139.
5
Design and analysis of DDoS mitigating network architecture.分布式拒绝服务缓解网络架构的设计与分析
Int J Inf Secur. 2023;22(2):333-345. doi: 10.1007/s10207-022-00635-1. Epub 2022 Nov 30.
6
Detection and Mitigation of IoT-Based Attacks Using SNMP and Moving Target Defense Techniques.基于 SNMP 和移动目标防御技术的物联网攻击检测与缓解。
Sensors (Basel). 2023 Feb 3;23(3):1708. doi: 10.3390/s23031708.
7
Software-Defined-Networking-Based One-versus-Rest Strategy for Detecting and Mitigating Distributed Denial-of-Service Attacks in Smart Home Internet of Things Devices.基于软件定义网络的一对多策略,用于检测和缓解智能家居物联网设备中的分布式拒绝服务攻击
Sensors (Basel). 2024 Aug 3;24(15):5022. doi: 10.3390/s24155022.
8
Memcached: An Experimental Study of DDoS Attacks for the Wellbeing of IoT Applications.Memcached:一种针对物联网应用的健康状况的 DDoS 攻击的实验研究。
Sensors (Basel). 2021 Dec 2;21(23):8071. doi: 10.3390/s21238071.
9
An Efficient Multilevel Probabilistic Model for Abnormal Traffic Detection in Wireless Sensor Networks.一种用于无线传感器网络中异常流量检测的高效多级概率模型。
Sensors (Basel). 2022 Jan 6;22(2):410. doi: 10.3390/s22020410.
10
SSK-DDoS: distributed stream processing framework based classification system for DDoS attacks.SSK-DDoS:基于分布式流处理框架的DDoS攻击分类系统
Cluster Comput. 2022;25(2):1355-1372. doi: 10.1007/s10586-022-03538-x. Epub 2022 Jan 17.

本文引用的文献

1
Strengthening network DDOS attack detection in heterogeneous IoT environment with federated XAI learning approach.使用联邦可解释人工智能学习方法加强异构物联网环境中的网络分布式拒绝服务攻击检测。
Sci Rep. 2024 Oct 17;14(1):24322. doi: 10.1038/s41598-024-76016-6.
2
An entropy and machine learning based approach for DDoS attacks detection in software defined networks.一种基于熵和机器学习的软件定义网络中分布式拒绝服务攻击检测方法。
Sci Rep. 2024 Aug 6;14(1):18159. doi: 10.1038/s41598-024-67984-w.
3
Design and analysis of DDoS mitigating network architecture.
分布式拒绝服务缓解网络架构的设计与分析
Int J Inf Secur. 2023;22(2):333-345. doi: 10.1007/s10207-022-00635-1. Epub 2022 Nov 30.