Abstract: Provided is a data security sharing method for multiple edge nodes to operate in a collaboration mode under an industrial cloud environment. The method includes: firstly, edge nodes that need collaborative computing separately applying for a shared key to an authority center; secondly, the authority center generating a shared key and issuing the key to each of the edge nodes applying for participation in the collaborative computing; again, the edge nodes combining industrial characteristics to generate an interference factor set, and adding different interference factors for different types of data; then, the data of the edge nodes is implemented with improved homomorphic encryption and is uploaded to an industrial cloud platform; and finally, the industrial cloud platform performing homomorphic analysis and computing on the data uploaded by each of the edge nodes, and issuing the data back to each of the edge nodes.

Abstract: The present invention relates to a DDoS attack detection and mitigation method for an industrial SDN network, and belongs to the field of network security. According to the method, by means of the cooperation between an east-west interface of an SDN controller in an industrial backhaul network and a system manager of an industrial access network, in conjunction with the features of the industrial backhaul network and an industrial access network data packet, a flow entry matching field of an OpenFlow switch is extended, and a flow table 0 is set to be a “flow table dedicated to DDoS attack mitigation” for defending against an attacking data flow in a timely manner. By using the SDN controller of an industrial backhaul network and a DDoS attack detection and mitigation system, an attacking data flow is identified and a DDoS attack source is found, and the policy of mitigating a DDoS attack is implemented by means of scheduling a system manager of the industrial access network.

Abstract: Provided is a data security sharing method for multiple edge nodes to operate in a collaboration mode under an industrial cloud environment. The method includes: firstly, edge nodes that need collaborative computing separately applying for a shared key to an authority center; secondly, the authority center generating a shared key and issuing the key to each of the edge nodes applying for participation in the collaborative computing; again, the edge nodes combining industrial characteristics to generate an interference factor set, and adding different interference factors for different types of data; then, the data of the edge nodes is implemented with improved homomorphic encryption and is uploaded to an industrial cloud platform; and finally, the industrial cloud platform performing homomorphic analysis and computing on the data uploaded by each of the edge nodes, and issuing the data back to each of the edge nodes.

Abstract: The present invention relates to a DDoS attack detection and mitigation method for an industrial SDN network, and belongs to the field of network security. According to the method, by means of the cooperation between an east-west interface of an SDN controller in an industrial backhaul network and a system manager of an industrial access network, in conjunction with the features of the industrial backhaul network and an industrial access network data packet, a flow entry matching field of an OpenFlow switch is extended, and a flow table 0 is set to be a “flow table dedicated to DDoS attack mitigation” for defending against an attacking data flow in a timely manner. By using the SDN controller of an industrial backhaul network and a DDoS attack detection and mitigation system, an attacking data flow is identified and a DDoS attack source is found, and the policy of mitigating a DDoS attack is implemented by means of scheduling a system manager of the industrial access network.