CN111144522B - Power grid NFC equipment fingerprint authentication method based on hardware intrinsic difference - Google Patents
Power grid NFC equipment fingerprint authentication method based on hardware intrinsic difference Download PDFInfo
- Publication number
- CN111144522B CN111144522B CN201911295532.1A CN201911295532A CN111144522B CN 111144522 B CN111144522 B CN 111144522B CN 201911295532 A CN201911295532 A CN 201911295532A CN 111144522 B CN111144522 B CN 111144522B
- Authority
- CN
- China
- Prior art keywords
- hardware
- nfc
- equipment
- nfc equipment
- intrinsic information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 32
- 238000012549 training Methods 0.000 claims abstract description 29
- 230000002159 abnormal effect Effects 0.000 claims abstract description 8
- 230000005284 excitation Effects 0.000 claims description 18
- 239000013598 vector Substances 0.000 claims description 12
- 238000010606 normalization Methods 0.000 claims description 7
- 238000012216 screening Methods 0.000 claims description 7
- 238000004364 calculation method Methods 0.000 claims description 6
- 238000005457 optimization Methods 0.000 claims description 5
- 230000008569 process Effects 0.000 claims description 5
- 238000012163 sequencing technique Methods 0.000 claims description 5
- 238000001914 filtration Methods 0.000 claims description 4
- 238000009826 distribution Methods 0.000 claims description 3
- 238000012545 processing Methods 0.000 claims description 3
- 239000000126 substance Substances 0.000 claims description 2
- 230000007246 mechanism Effects 0.000 abstract description 9
- 238000007781 pre-processing Methods 0.000 abstract description 7
- 238000000605 extraction Methods 0.000 abstract description 6
- 238000001514 detection method Methods 0.000 abstract description 5
- 238000004088 simulation Methods 0.000 abstract description 5
- 238000013507 mapping Methods 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 6
- 238000010801 machine learning Methods 0.000 description 6
- 238000004891 communication Methods 0.000 description 5
- 238000004458 analytical method Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000004519 manufacturing process Methods 0.000 description 4
- 238000004422 calculation algorithm Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 238000001228 spectrum Methods 0.000 description 2
- 238000012360 testing method Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 238000013210 evaluation model Methods 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000001939 inductive effect Effects 0.000 description 1
- 238000013450 outlier detection Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K17/00—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
- G06K17/0022—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisious for transferring data to distant stations, e.g. from a sensing device
- G06K17/0029—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations arrangements or provisious for transferring data to distant stations, e.g. from a sensing device the arrangement being specially adapted for wireless interrogation of grouped or bundled articles tagged with wireless record carriers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/21—Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
- G06F18/214—Generating training patterns; Bootstrap methods, e.g. bagging or boosting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/73—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Software Systems (AREA)
- Artificial Intelligence (AREA)
- Computer Hardware Design (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Mathematical Physics (AREA)
- Evolutionary Computation (AREA)
- Bioinformatics & Computational Biology (AREA)
- Evolutionary Biology (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Computer Security & Cryptography (AREA)
- Life Sciences & Earth Sciences (AREA)
- Medical Informatics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a power grid NFC equipment fingerprint authentication method based on hardware intrinsic difference, which comprises the steps of analog signal acquisition, data preprocessing, feature extraction, safe NFC model establishment and attacker equipment detection during NFC information exchange. Analog signals generated when the power grid NFC equipment exchanges information are classified, hardware intrinsic differences are selected as judgment basis for equipment access, an NFC equipment database is obtained through model training, and one-to-one authentication is carried out on the NFC equipment, so that whether the access equipment is abnormal or not is judged. The invention is an application of a simulation state safety mechanism in the field of identification of the Internet of things, hardware intrinsic information is difficult to imitate due to a complex mechanism in a simulation state, the safety is higher, and the problem of equipment identity identification of NFC equipment of the Internet of things is effectively solved.
Description
Technical Field
The invention belongs to the field of smart grid security, and relates to a grid NFC equipment fingerprint authentication method based on hardware intrinsic difference.
Background
The power system is closely related to our lives, and as a platform for electric energy production and transmission, the power system needs to meet the requirements of reliability, flexibility and economy. With the rapid improvement of the informatization degree of the power system, the power grid is continuously developed towards a more intelligent direction. However, the power internet of things faces serious network security problems in the aspects of system security, software credibility, secure access, data acquisition, intelligent management and control and the like of massive heterogeneous internet of things terminals. At present, in a smart power grid, name plates, labels and the like of electrical primary and secondary equipment gradually develop towards electronization, electronic labels are applied to field equipment, name plates, parameters, actual running conditions and the like of the electrical equipment are recorded, and meanwhile, corresponding database indexing information is provided for users. In spare part management in the intelligent power grid, the electronic tags using the NFC technology are required to be attached to all spare parts in a warehouse, the conditions of entering and leaving the warehouse can be automatically recorded by means of a non-contact terminal in the specific process of leaving the warehouse of the spare parts, and meanwhile, corresponding inventory data can be constructed. And NFC devices are vulnerable to attackers, such as: modify the initial number located in sector 0 to confuse correct and incorrect devices, collect signals when correct pass authentication for replay attack to pass authentication, etc. In this case, merely recognizing by data carried by NFC itself is not sufficient to secure the grid. Therefore, it is an urgent problem to determine and confirm the security of the NFC device by hardware fingerprint authentication.
At present, security research on equipment in a smart power grid scene mainly focuses on access control and security evaluation models, and few researches on fingerprint authentication problems of NFC equipment are conducted. The method based on the hardware intrinsic difference provided by the invention is to use the hardware intrinsic difference of the NFC equipment as an identification basis and use machine learning to classify and identify the hardware intrinsic difference. The intrinsic difference of the hardware, namely the intrinsic difference of the hardware, is a slight difference remained in the hardware due to the imperfection of the equipment production process, and carries the intrinsic information of the equipment hardware. When the NFC equipment exchanges data, data containing hardware intrinsic difference can be extracted, after the data are processed, the data are analyzed and identified by using a machine learning model, and even if an attacker copies the data in the sector, the power grid system can perform one-to-one authentication on correct NFC equipment, so that the system safety is ensured.
Disclosure of Invention
The power grid NFC equipment fingerprint authentication method based on the hardware intrinsic difference provided by the invention collects the excitation signal required by the hardware intrinsic information, constructs the hardware intrinsic mapping by data preprocessing and feature extraction and referring to a method of analog state safety mechanism analysis and modeling, and can approximately construct the hardware intrinsic mapping in a machine learning mode, thereby being used for equipment identity identification. The invention discloses a power grid NFC equipment fingerprint authentication method based on hardware intrinsic difference, which adopts the following technical scheme:
1. accessing an NFC device which is not attacked into a system, and acquiring the number in the sector of the NFC device;
2. designing an excitation signal of hardware intrinsic information, and acquiring an analog signal of the NFC equipment which is not attacked to obtain the hardware intrinsic information of the NFC equipment which is not attacked;
3. removing abnormal values from the hardware intrinsic information obtained in the step (2), then carrying out smooth filtering and normalization processing, extracting initial characteristics of the hardware intrinsic information after normalization, and carrying out characteristic screening to obtain a characteristic set;
4. training the N classifiers by adopting the feature set obtained in the step 3, sequencing the classifiers by using F scores of the classifiers, and selecting the classifier with the highest F score as a training classifier to obtain an output result of the training classifier;
5. repeating the steps 1-4, and storing the serial numbers in the sectors of the non-attacked NFC equipment obtained in the step 1, the training classifiers corresponding to the non-attacked NFC equipment obtained in the step 4 and the output results thereof into a database;
6. collecting the number in the sector of the NFC equipment to be detected, judging whether the number in the sector is taken in by the database, if so, executing the step 7, otherwise, determining that the NFC equipment to be detected is equipment which is not recorded by the database, repeating the steps 1-5 under the condition that the NFC equipment to be detected is not attacked, and updating the database;
7. acquiring hardware intrinsic information of the NFC equipment to be detected, obtaining a training classifier and an output result thereof through the steps 3-4, comparing the training classifier and the output result with a database, and if the training classifier and the output result of the NFC equipment to be detected are matched with the sector number, successfully authenticating the NFC equipment to be detected and allowing access; and if not, the authentication of the NFC equipment to be detected fails, the access is refused, and a warning is sent out.
Further, the step 2 specifically comprises:
the NFC equipment is accessed into the system and then exchanges data with the system, the radio periphery of the general software or the NFC card and the reader-writer are used for collecting analog signals of the NFC equipment during data exchange,
Si=fi(d)
wherein SiAnalog signal representing ith hardware, i ∈ {1,2, …, n }, n representing the number of hardware devices, d being an excitation signal of hardware intrinsic information, fi(d) For the calculation from the input excitation signal to the hardware output analog signal, it is related to the intrinsic information of the hardware;
and further obtaining hardware intrinsic information of the NFC equipment which is not attacked according to the acquired analog signals of the NFC equipment.
Further, the removing of the abnormal value in step 3 is specifically to remove the analog signal of the unstable hardware, and the calculation formula is as follows:
1≤i<j≤n,1≤h<k<T
wherein the content of the first and second substances,the stability index of the intrinsic information of the hardware is represented,indicating hardware creditsThe difference index of the information is shown,the h-th feature vector representing the i-th hardware at time t,a k-th feature vector representing the ith hardware,h-th feature vector representing ith hardware, USB is the intrinsic differential availability of hardware (F ∈ [0,1]]) TH is a threshold value for distinguishing different hardware equipment, when the USB value is larger than the TH value, an analog signal of the hardware is reserved, otherwise, the analog signal is removed; num (·) represents the number of elements of the collection, and T represents time.
The initial features in step 3 include time domain features, frequency domain features, wavelet domain features and probability density distribution features.
Further, the step 4 specifically includes:
step 4.1: setting a linear classifier: f ═ WTSi+ b, where f is the sector number of the NFC device, W is the coefficient corresponding to each dimension feature in the classifier, and b is a bias constant;
step 4.2: selecting a loss function:where M represents the number of feature vectors in the feature set, yiRepresenting the output of the model;
step 4.3: in the feature screening process, the redundant feature coefficients which are not selected are zero, and the optimization target formula is expressed as follows:wherein | | W | | ceiling0Denotes SiThe weight of (c);
step 4.4: solving an optimization target formula by using a least square method;
step 4.5: and repeating the steps 4.1-4.4, finishing the training of the N classifiers, sequencing the classifiers according to the F scores of the classifiers, selecting the classifier with the highest F score as the training classifier, and obtaining the output result of the training classifier.
The invention has the beneficial effects that:
(1) the process of the fingerprint authentication of the NFC equipment comprises the steps of analog signal acquisition, data preprocessing, feature extraction, safe NFC model establishment and attacker equipment detection during NFC information exchange. Analog signals when power grid NFC equipment exchanges information are classified, hardware intrinsic differences are selected as judgment basis for equipment access, an NFC equipment database is acquired through model training, one-to-one authentication is performed with the NFC equipment, whether the access equipment is abnormal or not is judged, high safety is achieved, and the problem of equipment identity identification of the Internet of things NFC equipment is effectively solved.
(2) The invention relates to application of a simulation state safety mechanism in the field of identification of the Internet of things, and hardware intrinsic information is difficult to imitate due to a complex mechanism in a simulation state.
Drawings
FIG. 1 is a general block diagram of the method of the present invention;
FIG. 2 is a block diagram of modules;
fig. 3 is a method flow diagram.
Detailed Description
The power grid NFC equipment fingerprint authentication method based on the hardware intrinsic difference, provided by the invention, is characterized in that an excitation signal required by hardware intrinsic information is collected, hardware intrinsic mapping is constructed by data preprocessing and feature extraction and referring to a method of analog state safety mechanism analysis and modeling, and the hardware intrinsic mapping can be approximately constructed in a machine learning mode, so that the hardware intrinsic mapping is used for equipment identity identification. The invention provides a power grid NFC equipment fingerprint authentication method based on hardware intrinsic difference, which is shown in a structural block diagram of fig. 1.A device identification technology based on hardware intrinsic difference is researched, firstly, the usability of the hardware intrinsic difference is researched, the resolution of the hardware intrinsic difference is analyzed by combining the physical characteristics and the production process of hardware, and the hardware intrinsic difference is verified to meet the device identification requirement; and then, the design and application of an equipment identification system based on hardware intrinsic difference are researched, hardware intrinsic information characteristics are described, machine learning method classification identification is utilized, and an equipment access authentication mechanism and an online identification method of the equipment of the Internet of things are designed. . The main modules involved in the method of the invention are as shown in fig. 2, and are divided into an equipment hardware intrinsic difference signal acquisition module, a signal preprocessing module, a signal feature extraction module and an equipment fingerprint authentication module.
Researching equipment identification technology based on hardware intrinsic difference needs to analyze and evaluate the usability of the hardware intrinsic difference. Firstly, analyzing the composition and structure of NFC equipment, testing the information such as sampling frequency, resolution ratio and the like, combining the calculation performance of the equipment, the hardware physical characteristics and the production process of the existing interface and equipment, and constructing hardware intrinsic mapping S according to a method of analog state safety mechanism analysis and modelingi=fi(d) I ∈ {1,2, …, n }; wherein S isiAnalog signal representing ith hardware, i ∈ {1,2, …, n }, n representing the number of hardware devices, d being an excitation signal of hardware intrinsic information, fi(d) For the calculation from the input excitation signal to the hardware output analog signal, it is related to the intrinsic information of the hardware;
hardware eigenmap can be approximately constructed by means of machine learningThereby being used for equipment identity recognition.
In order to quantitatively analyze the usability of the hardware intrinsic difference for the identification of the NFC equipment, the stability of the hardware intrinsic information needs to be considered at the same time, and the stability index of the hardware intrinsic information needs to be constructedAnd the difference index of the intrinsic information of the hardwareWhereinThe stability index of the intrinsic information of the hardware is represented,the index of the difference of the intrinsic information of the hardware is represented,the h-th feature vector representing the i-th hardware at time t,a k-th feature vector representing the ith hardware,representing the h-th feature vector of the i-th hardware. Then the hardware intrinsic differential availability USB can be represented by:
1≤i<j≤n,1≤h<k<T
wherein USB is the intrinsic difference availability of hardware (F is equal to 0, 1), TH is the threshold value for distinguishing different hardware devices, when the USB value is greater than TH value, the analog signal of the hardware is reserved, otherwise, the analog signal is removed; num (·) represents the number of elements of the collection, and T represents time. The formula shows that the availability USB of the intrinsic difference of the hardware depends on the self stability of the intrinsic information of the hardware and the difference of the intrinsic information of the hardware. And (3) building a hardware intrinsic difference availability analysis experiment platform, acquiring an analog signal S of the equipment under the condition of given excitation d, and calculating the hardware intrinsic difference availability of the equipment to verify the feasibility of the equipment identification technology based on the hardware intrinsic difference.
In the device hardware intrinsic difference signal acquisition module, an excitation signal d of hardware intrinsic information is designed. The forms of the excitation signal d are mainly classified into an active excitation method and a passive detection method. The passive detection method comprises the steps that the active excitation method utilizes an existing interface of an internet of things device program to command the internet of things device to execute a specified operation, data of a built-in sensor of the device is collected or an analog signal is collected through an external sensor to serve as hardware intrinsic information, and the built-in sensor information of the internet of things device in a running state or the analog signal collected through the external sensor is used as the hardware intrinsic information in the passive detection method. The invention mainly utilizes an active excitation method, and uses universal software radio peripheral equipment (USRP) to collect signals when NFC equipment exchanges data. USRP is a device capable of receiving wireless signals and outputting signals in a complex format.
Near Field communication (nfc) near Field communication (also called near Field communication), is a short-range high-frequency wireless communication technology that allows contactless point-to-point data transmission (within ten centimeters) between electronic devices to exchange data. This technology evolved from contactless Radio Frequency Identification (RFID) and is downward compatible with RFID. Like RFID, NFC information is also transferred by way of electromagnetic inductive coupling in the radio frequency part of the spectrum. NFC exchanges data by contactless point-to-point data transfer (within ten centimeters) between devices. The mode is almost the same as infrared, can be used for data exchange, and is only short in transmission distance, high in transmission establishing speed, high in transmission speed and low in power consumption. The NFC operating frequency is 13.56MHz, ASK modulation, the transmission rate can be divided into three types of 106kbps/212kbps/424kbps, and the communication mode can be divided into an active mode and a passive mode. The invention adopts a passive mode, and uses the NFC card and the reader-writer to acquire signals during data exchange and acquire the hardware intrinsic information of the equipment.
In a signal preprocessing module, preprocessing acquired hardware intrinsic information, firstly removing an abnormal value through an outlier detection algorithm, then selecting a proper filter for smooth filtering, and finally mapping data onto a data set with a mean value of 0 and a variance of 1 through zero mean normalization.
In the signal feature extraction module, the initial features of the hardware intrinsic information, including time domain, frequency domain and wavelet domain features such as maximum, minimum, average, spectrum mean and the like, and probability density distribution features capable of better expressing signal features are extracted, and the features are sorted and reduced to a proper dimension. In order to reduce the computational complexity, the extracted initial features need to be screened. The algorithm for screening the optimal characteristics adopted in the invention comprises the following specific implementation steps:
step 1: setting a linear classifier: f ═ WTx + b, where f is the sector number of the NFC device, x is an N-dimensional feature vector, W is the coefficient corresponding to each dimensional feature in the classifier, and b is a bias constant.
And step 3: since the redundant feature coefficients that are not selected should be zero in the process of screening the features, the optimization objective is expressed as:
and 4, step 4: the above equation is solved using a least squares method. Finally, 12 optimal features are selected by solving the above equation.
And the test sample is used for evaluating and verifying the performance of the model, and the model parameters are adjusted according to the evaluation result, so that the stability and the accuracy of equipment identification are improved.
In the equipment fingerprint authentication module, an equipment access authentication mechanism and an online identification method are designed. When the device requests to access the network, the Application software calls a system API (Application Programming Interface) to acquire information in the NFC sector and uploads the information to the device authentication center, device simulation information is collected and input into a trained classifier, and the identity of the device is identified.
Fig. 3 is a flow chart of the present invention, which includes the following details:
1. accessing an NFC device which is not attacked into a system, and acquiring the number in the sector of the NFC device;
2. designing an excitation signal of hardware intrinsic information, and acquiring an analog signal of the NFC equipment which is not attacked to obtain the hardware intrinsic information of the NFC equipment which is not attacked;
3. removing abnormal values from the hardware intrinsic information obtained in the step (2), then carrying out smooth filtering and normalization processing, extracting initial characteristics of the hardware intrinsic information after normalization, and carrying out characteristic screening to obtain a characteristic set;
4. training the N classifiers by adopting the feature set obtained in the step 3, sequencing the classifiers by using F scores of the classifiers, and selecting the classifier with the highest F score as a training classifier to obtain an output result of the training classifier;
5. repeating the steps 1-4, and storing the serial numbers in the sectors of the non-attacked NFC equipment obtained in the step 1, the training classifiers corresponding to the non-attacked NFC equipment obtained in the step 4 and the output results thereof into a database;
6. collecting the number in the sector of the NFC equipment to be detected, judging whether the number in the sector is taken in by the database, if so, executing the step 7, otherwise, determining that the NFC equipment to be detected is equipment which is not recorded by the database, repeating the steps 1-5 under the condition that the NFC equipment to be detected is not attacked, and updating the database;
7. acquiring hardware intrinsic information of the NFC equipment to be detected, obtaining a training classifier and an output result thereof through the steps 3-4, comparing the training classifier and the output result with a database, and if the training classifier and the output result of the NFC equipment to be detected are matched with the sector number, successfully authenticating the NFC equipment to be detected and allowing access; and if not, the authentication of the NFC equipment to be detected fails, the access is refused, and a warning is sent out.
Claims (4)
1. A power grid NFC equipment fingerprint authentication method based on hardware intrinsic difference is characterized by comprising the following steps:
(1) accessing an NFC device which is not attacked into a system, and acquiring the number in the sector of the NFC device;
(2) designing an excitation signal of hardware intrinsic information, and acquiring an analog signal of the NFC equipment which is not attacked to obtain the hardware intrinsic information of the NFC equipment which is not attacked;
(3) removing abnormal values from the hardware intrinsic information obtained in the step (2), then carrying out smooth filtering and normalization processing, extracting initial characteristics of the hardware intrinsic information after normalization, and carrying out characteristic screening to obtain a characteristic set;
the removing of the abnormal value is specifically to remove the analog signal of the unstable hardware, and the calculation formula is as follows:
1≤i<j≤n,1≤h<k<T
wherein the content of the first and second substances,the stability index of the intrinsic information of the hardware is represented,the index of the difference of the intrinsic information of the hardware is represented,the h-th feature vector representing the i-th hardware at time t,a k-th feature vector representing the ith hardware,h-th feature vector representing ith hardware, USB being hardware intrinsic differential availability, USB being E [0,1 ∈](ii) a TH is a threshold value for distinguishing different hardware equipment, when the USB value is larger than the TH value, an analog signal of the hardware is reserved, otherwise, the analog signal is removed; num (·) represents the number of elements of the set, T represents time, and n represents the number of hardware devices;
(4) training the N classifiers by adopting the feature set obtained in the step (3), sequencing the classifiers by using F scores of the classifiers, and selecting the classifier with the highest F score as a training classifier to obtain an output result of the training classifier;
(5) repeating the steps (1) to (4), and storing the sector number of the non-attacked NFC device obtained in the step (1), the training classifier corresponding to the non-attacked NFC device obtained in the step (4) and the output result thereof into a database;
(6) collecting the number in the sector of the NFC equipment to be detected, judging whether the number in the sector is taken in by the database, if so, executing the step (7), otherwise, determining that the NFC equipment to be detected is equipment which is not recorded by the database, repeating the steps (1) - (5) under the condition that the NFC equipment is not attacked, and updating the database;
(7) acquiring hardware intrinsic information of the NFC equipment to be detected, obtaining a training classifier and an output result thereof through the steps (3) to (4), comparing the training classifier and the output result with a database, and if the training classifier and the output result of the NFC equipment to be detected are matched with the serial number in the sector, successfully authenticating the NFC equipment to be detected and allowing access; and if not, the authentication of the NFC equipment to be detected fails, the access is refused, and a warning is sent out.
2. The power grid NFC device fingerprint authentication method based on hardware intrinsic difference as claimed in claim 1, wherein the step (2) is specifically:
the NFC equipment is accessed into the system and then exchanges data with the system, the radio periphery of the general software or the NFC card and the reader-writer are used for collecting analog signals of the NFC equipment during data exchange,
Si=fi(d)
wherein SiAn analog signal representing the ith hardware, i ∈ {1, 2., n }, n represents the hardware number of the device, d is an excitation signal of hardware intrinsic information, f is an excitation signal of the hardware intrinsic informationi(d) For the calculation from the input excitation signal to the hardware output analog signal, it is related to the intrinsic information of the hardware;
and further obtaining hardware intrinsic information of the NFC equipment which is not attacked according to the acquired analog signals of the NFC equipment.
3. The power grid NFC device fingerprint authentication method based on hardware intrinsic difference as claimed in claim 1, wherein the initial features in step (3) include time domain features, frequency domain features, wavelet domain features and probability density distribution features.
4. The power grid NFC device fingerprint authentication method based on the hardware intrinsic difference as claimed in claim 1, wherein the step (4) is specifically as follows:
step 4.1: setting a linear classifier: f ═ WTx + b, wherein f is the sector number of the NFC device, W is the coefficient corresponding to each dimension of feature in the classifier, and b is a bias constant;
step 4.2: selecting a loss function:where M represents the number of feature vectors in the feature set, yiRepresenting the output of the model;
step 4.3: in the feature screening process, the redundant feature coefficients which are not selected are zero, and the optimization target formula is expressed as follows:wherein | | W | | ceiling0Denotes xiThe weight of (c);
step 4.4: solving an optimization target formula by using a least square method;
step 4.5: and repeating the steps 4.1-4.4, finishing the training of the N classifiers, sequencing the classifiers according to the F scores of the classifiers, selecting the classifier with the highest F score as the training classifier, and obtaining the output result of the training classifier.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911295532.1A CN111144522B (en) | 2019-12-16 | 2019-12-16 | Power grid NFC equipment fingerprint authentication method based on hardware intrinsic difference |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911295532.1A CN111144522B (en) | 2019-12-16 | 2019-12-16 | Power grid NFC equipment fingerprint authentication method based on hardware intrinsic difference |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111144522A CN111144522A (en) | 2020-05-12 |
CN111144522B true CN111144522B (en) | 2021-01-08 |
Family
ID=70518489
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911295532.1A Active CN111144522B (en) | 2019-12-16 | 2019-12-16 | Power grid NFC equipment fingerprint authentication method based on hardware intrinsic difference |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111144522B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112712046B (en) * | 2021-01-06 | 2023-06-16 | 浙江大学 | Wireless charging equipment authentication method based on equipment hardware fingerprint |
CN113360874B (en) * | 2021-06-04 | 2022-10-25 | 湖南大学 | User biological characteristic information authentication method and system |
CN113626785B (en) * | 2021-07-27 | 2023-10-27 | 武汉大学 | Fingerprint authentication security enhancement method and system based on user fingerprint pressing behavior |
CN116757534B (en) * | 2023-06-15 | 2024-03-15 | 中国标准化研究院 | Intelligent refrigerator reliability analysis method based on neural training network |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101986597A (en) * | 2010-10-20 | 2011-03-16 | 杭州晟元芯片技术有限公司 | Identity authentication system with biological characteristic recognition function and authentication method thereof |
CN102073838A (en) * | 2010-12-24 | 2011-05-25 | 兆日科技(深圳)有限公司 | Method and system for preventing counterfeit by using differentiation of electromagnetic signals of RFID |
CN105635125A (en) * | 2015-12-25 | 2016-06-01 | 电子科技大学 | Physical layer combined authentication method based on RF fingerprint and channel information |
CN106096649A (en) * | 2016-06-08 | 2016-11-09 | 北京科技大学 | Sense of taste induced signal otherness feature extracting method based on core linear discriminant analysis |
CN109086841A (en) * | 2018-07-17 | 2018-12-25 | 成都普什信息自动化有限公司 | Based on RFID characteristic parameter anti-counterfeiting technology |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100306531A1 (en) * | 2009-05-29 | 2010-12-02 | Ebay Inc. | Hardware-Based Zero-Knowledge Strong Authentication (H0KSA) |
CN103499607B (en) * | 2013-07-30 | 2016-03-09 | 中国标准化研究院 | Exceptional sample point elimination method in a kind of detection by electronic nose honey |
CN105323069B (en) * | 2014-07-31 | 2018-09-28 | 中国科学院数据与通信保护研究教育中心 | A kind of authentication method and equipment based on PUF |
US10148653B2 (en) * | 2016-12-14 | 2018-12-04 | The Boeing Company | Authenticating an aircraft data exchange using detected differences of onboard electronics |
CN108229566B (en) * | 2018-01-05 | 2020-06-05 | 厦门华联电子股份有限公司 | Hierarchical classification method and device |
-
2019
- 2019-12-16 CN CN201911295532.1A patent/CN111144522B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101986597A (en) * | 2010-10-20 | 2011-03-16 | 杭州晟元芯片技术有限公司 | Identity authentication system with biological characteristic recognition function and authentication method thereof |
CN102073838A (en) * | 2010-12-24 | 2011-05-25 | 兆日科技(深圳)有限公司 | Method and system for preventing counterfeit by using differentiation of electromagnetic signals of RFID |
CN105635125A (en) * | 2015-12-25 | 2016-06-01 | 电子科技大学 | Physical layer combined authentication method based on RF fingerprint and channel information |
CN106096649A (en) * | 2016-06-08 | 2016-11-09 | 北京科技大学 | Sense of taste induced signal otherness feature extracting method based on core linear discriminant analysis |
CN109086841A (en) * | 2018-07-17 | 2018-12-25 | 成都普什信息自动化有限公司 | Based on RFID characteristic parameter anti-counterfeiting technology |
Also Published As
Publication number | Publication date |
---|---|
CN111144522A (en) | 2020-05-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111144522B (en) | Power grid NFC equipment fingerprint authentication method based on hardware intrinsic difference | |
CN111160424B (en) | NFC equipment fingerprint authentication method and system based on CNN image identification | |
CN107770263B (en) | safe access method and system for Internet of things terminal based on edge calculation | |
CN102890776B (en) | The method that expression figure explanation is transferred by facial expression | |
CN111027378A (en) | Pedestrian re-identification method, device, terminal and storage medium | |
CN102156887A (en) | Human face recognition method based on local feature learning | |
CN111914919A (en) | Open set radiation source individual identification method based on deep learning | |
CN109903053B (en) | Anti-fraud method for behavior recognition based on sensor data | |
CN110647951A (en) | Wireless radio frequency equipment identity recognition method and system based on machine learning algorithm | |
CN109190698B (en) | Classification and identification system and method for network digital virtual assets | |
CN112188532A (en) | Training method of network anomaly detection model, network detection method and device | |
CN112052731A (en) | Intelligent portrait recognition card punching attendance system and method | |
KR100701201B1 (en) | Mathod and apparatus for classification of fingerprint image quality and fingerprint image recognition system using the same | |
CN101178767A (en) | Recognizing layer amalgamation for human face and iris mixed recognition | |
CN103136546A (en) | Multi-dimension authentication method and authentication device of on-line signature | |
CN105099700A (en) | Authentication method, authentication server, and system | |
Bansal et al. | Multimodal biometrics by fusion for security using genetic algorithm | |
Fernandes et al. | Directed adversarial attacks on fingerprints using attributions | |
Promsuk et al. | Numerical Reader System for Digital Measurement Instruments Embedded Industrial Internet of Things. | |
CN115188031A (en) | Fingerprint identification method, computer program product, storage medium and electronic device | |
CN114580482A (en) | Radio signal characteristic acquisition method based on edge computing node and data center | |
CN115424383B (en) | Intelligent access control management system and method | |
CN117150265B (en) | Robust radio frequency signal open set identification method under low signal-to-noise ratio condition | |
CN118262388A (en) | Fingerprint identification method and device, electronic equipment and storage medium | |
Xiao et al. | Iris image analysis based on affinity propagation algorithm |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |