当前位置: X-MOL 学术IEEE Trans. Eng. Manag. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
SOChain: A Privacy-Preserving DDoS Data Exchange Service Over SOC Consortium Blockchain
IEEE Transactions on Engineering Management ( IF 4.6 ) Pub Date : 2020-11-01 , DOI: 10.1109/tem.2020.2976113
Lo-Yao Yeh , Peggy Joy Lu , Szu-Hao Huang , Jiun-Long Huang

IoT devices provide a significant medium for distributed denial-of-service (DDoS) attacks. In 2016, a large-scale DDoS attack, named Dyn, caused massive damage to several well-known companies. One effective countermeasure is observing previous network traffic information or abnormal behavior determined by the host machines and determining the latest DDoS-attack IP addresses. Because of the lack of a fair exchange mechanism, most security operation centers (SOCs) are unwilling to share their real-time DDoS data. In this article, we propose a decentralized DDoS data exchange platform, namely SOChain, using blockchain technology to overcome the trust and fairness issues. The platform incentivizes SOCs through the DDoS_coin token. The more DDoS information an SOC contributes, the more coins it earns. To confirm the validity of uploaded information, we enlist a content verifier to examine uploaded abnormal IP addresses. Moreover, the verifier is incentivized by the DDoS_coin. To decrease the management effort, the entire flow is automatically executed in smart contract deployed onto the blockchain system. To address the issue of privacy in smart contracts, we devise a novel dual-level Bloom filter to enable efficient searches with privacy protection. Herein, a verifiable method is designed without revealing the information to public.

中文翻译:

SOChain:基于 SOC 联盟区块链的隐私保护 DDoS 数据交换服务

物联网设备为分布式拒绝服务 (DDoS) 攻击提供了重要媒介。2016 年,一场名为 Dyn 的大规模 DDoS 攻击对多家知名公司造成了巨大损失。一种有效的对策是观察主机确定的先前网络流量信息或异常行为,并确定最新的 DDoS 攻击 IP 地址。由于缺乏公平的交换机制,大多数安全运营中心(SOC)都不愿意共享其实时 DDoS 数据。在本文中,我们提出了一个去中心化的 DDoS 数据交换平台,即 SOChain,使用区块链技术来克服信任和公平问题。该平台通过 DDoS_coin 代币激励 SOC。SOC 贡献的 DDoS 信息越多,它赚取的硬币就越多。为确认上传信息的有效性,我们招募了一个内容验证器来检查上传的异常 IP 地址。此外,验证者受到 DDoS_coin 的激励。为了减少管理工作,整个流程在部署到区块链系统的智能合约中自动执行。为了解决智能合约中的隐私问题,我们设计了一种新颖的双层布隆过滤器,以实现具有隐私保护的高效搜索。在这里,设计了一种可验证的方法,而不向公众透露信息。我们设计了一种新颖的双级布隆过滤器,以实现具有隐私保护的高效搜索。在这里,设计了一种可验证的方法,而不向公众透露信息。我们设计了一种新颖的双级布隆过滤器,以实现具有隐私保护的高效搜索。在这里,设计了一种可验证的方法,而不向公众透露信息。
更新日期:2020-11-01
down
wechat
bug