https://orcid.org/0000-0002-4777-3364
![Sample our Engineering & Technology journals, sign in here to start your access, latest two full volumes FREE to you for 14 days]({"type":"image" , "src" : "/sda/5933/TOC-Subject-Sample-2021-Engineering-Tech.jpg"})
ABSTRACT
The article deals with the creation of an intelligent architecture of the Internet of Things transport environment based on software-defined network (SDN) and blockchain for detecting threats and attacks. The transport environment is created for the monitoring system of critical events in the road transport infrastructure. Blockchain technology is used to authenticate network nodes, store sensor data in a distributed ledger. The network packet clustering method based on a fuzzy neural network is used to detect packets with possible malicious content. The intelligent SDN architecture is a hierarchy of four layers with six levels and includes: a) edge computing layer (sensor nodes and routers level, SDN switches data level), b) fog computing layer (zone server level, control level in SDN controllers), c) a cloud computing layer with data center servers, d) a layer for presenting monitoring results on user devices and applications. Detection of threats and attacks is implemented by validating network nodes and analyzing header fields of IP packets and TCP segments. The intrusion detection system includes a parser and analyzer of data packets, a module for filtering traffic by type, port numbers and other characteristics of packets, a module for synthesizing digital signatures of trusted nodes and their validation, a module for analyzing and clustering packets based on fuzzy logic and a neural network, modules for logging procedures. The probability function of packets belonging to clusters is tuned through deep learning of a five-layer neural network. The conclusion about belonging and degree of similarity with malicious packages is formed using the fuzzy logic apparatus. To train the neural network, the previously synthesized rules of the flow tables and the identified signs of atypical data packets are used. The functionality and effectiveness of the SDN architecture with an intrusion detection system is validated by simulating procedures in the NS3 Simulator system, evaluating authenticity, latency, throughput, response time, and accuracy in detecting atypical data packets.
Acknowledgment
The study was supported by the grant from the Russian Science Foundation, RSF 20-71-10087. The research results presented in sections 3.2 and 3.3 were obtained within the grant of the Russian Science Foundation (RSF) and the Volgograd Region (project № 22-11-20024). The research results presented in Section 4 were obtained within the grant of the Russian Science Foundation (RSF) and the Penza Region (project № 22-21-20100).
Disclosure statement
No potential conflict of interest was reported by the author(s).