Abstract
Software-defined networking (SDN) has become an attractive solution to carry out centralized and efficient control in Industrial Internet of Things (IIoT). However, its security has received little attention when applied to IIoT, and no comprehensive consideration has been given to attacks against forwarding nodes (FNs), the basic elements of the data plane. Therefore, in this article, we aim to investigate attacks against FNs from multiple perspectives in software-defined IIoT. To the best of our knowledge, we are the first to systematically consider this kind of attacks. Since it is difficult to predeploy all defense methods against various attacks, we propose a deep reinforcement learning (DRL)-based general attack tolerance scheme to guide the benign traffic flow bypass the attacked FNs. Furthermore, in view of the situation that the real data set is rare and the standard model-based data set is likely to be impractical, we use generative adversarial network (GAN), a representative deep generative model (DGM), to flexibly generate real-like network traffic for more sufficient and effective experimental verification on the attack tolerance scheme. Experimental results show that our proposed scheme can significantly improve the successful arrival rate of IIoT traffic and achieve near-optimal results.
| Original language | English |
|---|---|
| Pages (from-to) | 11179-11189 |
| Number of pages | 11 |
| Journal | IEEE Internet of Things Journal |
| Volume | 9 |
| Issue number | 13 |
| DOIs | |
| State | Published - 1 Jul 2022 |
Keywords
- Deep reinforcement learning (DRL)
- generative adversarial network (GAN)
- Industrial Internet of Things (IIoT)
- network security
- software-defined networking (SDN)