UTAR Institutional Repository

Detection and prevention schemes for ddos, arp spoofing, and ip fragmentation attacks in smart factory

Chai, Tze Uei (2023) Detection and prevention schemes for ddos, arp spoofing, and ip fragmentation attacks in smart factory. Master dissertation/thesis, UTAR.

[img]
Preview
PDF
Download (5Mb) | Preview

    Abstract

    Industry Revolution 4.0 allows Internet of Things (IoT) resource constrained devices to be integrated into the technologies and systems to develop intelligent solutions that leverage the value of data and deliver insight. The network configuration can be complex due to the dynamic IoT environments, such as numerous diverse devices that interact to deliver an autonomous function. In this situation, the environments can produce a significant amount of data and expose vulnerabilities in the communication protocols. Once an attacker breaks into the network, the whole network infrastructure can be broken down. Therefore, this research selects three potential attacks with an evaluation of the protections, namely 1) Distributed Denial of Service (DDoS), 2) Address Resolution Protocol (ARP) spoofing, and 3) Internet Protocol (IP) Fragmentation attacks. In the DDoS protection, the F1-score (a.k.a. F-score), accuracy, precision, and recall of the four-feature Random Forest with Principal Component Analysis (RFPCA) model are 95.65%, 97%, 97.06%, and 94.29% respectively. In the ARP spoofing, a batch processing method adopts the entropy calculated in the 20s of time window with sensitivity to network abnormalities iii detection of various ARP spoofing scenarios involving victims’ traffic. The detected attacker’s Media Access Control (MAC) address is inserted in the block list to filter malicious traffic. The proposed protection in the Internet Protocol (IP) fragmentation attack is to implement one-time code (OTC) and timestamp fields in the packet header. The simulation shows that the method can detect 160 fake fragments from attackers in 2040 fragments.

    Item Type: Final Year Project / Dissertation / Thesis (Master dissertation/thesis)
    Subjects: T Technology > T Technology (General)
    T Technology > TD Environmental technology. Sanitary engineering
    Divisions: Institute of Postgraduate Studies & Research > Faculty of Information and Communication Technology (FICT) - Kampar Campus > Master of Computer Science
    Depositing User: ML Main Library
    Date Deposited: 27 Mar 2024 00:04
    Last Modified: 27 Mar 2024 00:04
    URI: http://eprints.utar.edu.my/id/eprint/6251

    Actions (login required)

    View Item