A Hybrid Entropy and Blockchain Approach for Network Security Defense in SDN-Based IIoT

In the industrial Internet of things (IIoT), various applications generate a large number of interactions and are vulnerable to various attacks, which are difficult to be monitored in a sophisticated way by traditional network architectures. Therefore, deploying software-defined network (SDN) in IIoT is essential to defend against various attacks. However, SDN has a drawback: there is a security problem of distributed denial-of-service (DDoS) attacks at the control layer. This paper proposes an effective solution: DDoS detection within the domain using tri-entropy in information theory. The detected attacks are then uploaded to a smart contract in the blockchain, so that the attacks can be quickly cut off even if the same attack occurs in different domains. Experimental validation was conducted under different attack strengths and multiple identical attacks, and the results show that the method has better detection ability under different attack strengths and can quickly block the same attacks.