CN111641593A - Internet of things security architecture and information security interaction method thereof - Google Patents
Internet of things security architecture and information security interaction method thereof Download PDFInfo
- Publication number
- CN111641593A CN111641593A CN202010386785.6A CN202010386785A CN111641593A CN 111641593 A CN111641593 A CN 111641593A CN 202010386785 A CN202010386785 A CN 202010386785A CN 111641593 A CN111641593 A CN 111641593A
- Authority
- CN
- China
- Prior art keywords
- node
- sensor
- information
- nodes
- main node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 230000003993 interaction Effects 0.000 title claims abstract description 13
- 230000002776 aggregation Effects 0.000 claims abstract description 5
- 238000004220 aggregation Methods 0.000 claims abstract description 5
- 230000004931 aggregating effect Effects 0.000 claims abstract description 4
- 238000001514 detection method Methods 0.000 claims description 20
- 238000012545 processing Methods 0.000 claims description 16
- 230000009545 invasion Effects 0.000 claims description 12
- 238000012795 verification Methods 0.000 claims description 9
- 230000005540 biological transmission Effects 0.000 claims description 5
- 230000008569 process Effects 0.000 claims description 5
- 230000002159 abnormal effect Effects 0.000 claims description 4
- 230000015556 catabolic process Effects 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 238000012544 monitoring process Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000002790 cross-validation Methods 0.000 description 1
- 238000013524 data verification Methods 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000003062 neural network model Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000306 recurrent effect Effects 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y30/00—IoT infrastructure
- G16Y30/10—Security thereof
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0813—Configuration setting characterised by the conditions triggering a change of settings
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention relates to an Internet of things security architecture and an information security interaction method thereof, wherein the architecture comprises the following components: the sensor node group comprises a sensor main node and a plurality of sensor member nodes, and the sensor main node and the sensor member nodes are communicated in an identity authentication mode; a cluster of master nodes comprising: the system comprises a cluster main node and a plurality of sensor main nodes, wherein the cluster main node and the sensor main nodes are communicated in an identity authentication mode; the aggregation node is used for aggregating the information of all the clustered main nodes; and the sensor node group and the main node cluster group are divided according to the operation residual capacity of the sensor main node or the cluster main node and the distance between the nodes. The capability of the master node is fully exerted to implement various network security supervision, and the security of the Internet of things is enhanced.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a security architecture of an internet of things and an information security interaction method thereof.
Background
The Internet of Things (The Internet of Things, IOT for short) is to collect any object or process needing monitoring, connection and interaction in real time and collect various required information such as sound, light, heat, electricity, mechanics, chemistry, biology and location through various devices and technologies such as various information sensors, radio frequency identification technologies, global positioning systems, infrared sensors and laser scanners, and to realize ubiquitous connection of objects and people through various possible network accesses, so as to realize intelligent sensing, identification and management of objects and processes. The internet of things is an information bearer based on the internet, a traditional telecommunication network and the like, and all common physical objects which can be independently addressed form an interconnected network.
In the process of implementing the invention, the inventor finds the following technical problems: because the internet of things is usually deployed at first and signed at later stages, various sensor nodes mutually exchange various information, a uniform security architecture cannot be built for the internet of things, and the security of the internet of things can only be restrained by various loose security protocols. Most sensor nodes are limited by hardware, so that all safety protocols are difficult to completely realize, and the safety of the Internet of things is seriously influenced.
Disclosure of Invention
The technical problem to be solved by the invention is to provide an internet of things security architecture and an information security interaction method thereof, which can effectively improve security.
To solve the foregoing technical problem, in a first aspect, an embodiment of the present invention provides an internet of things security architecture, including:
the sensor node group comprises a sensor main node and a plurality of sensor member nodes, and the sensor main node and the sensor member nodes are communicated in an identity authentication mode;
a cluster of master nodes comprising: the system comprises a cluster main node and a plurality of sensor main nodes, wherein the cluster main node and the sensor main nodes are communicated in an identity authentication mode;
the aggregation node is used for aggregating the information of all the clustered main nodes;
and the sensor node group and the main node cluster group are divided according to the operation residual capacity of the sensor main node or the cluster main node and the distance between the nodes.
Further, the sensor master node includes:
and the intrusion detection unit is used for judging whether the information interacted with the sensor member nodes has intrusion information.
Further, the clustering master node includes:
and the intrusion detection module is used for receiving whether the intrusion detection information sent by the sensor main node is intrusion detection information.
Further, the sink node includes:
and the arbitration module is used for finally judging the pending intrusion detection information sent by the intrusion detection module in the cluster main node and sending the judgment result to the cluster main node so that the cluster main node sends the judgment result to the sensor main node, and the sensor member node processes the intrusion detection information.
Further, the internet of things security architecture further comprises:
and the master station is used for verifying the access of the user and establishing the safe connection between the user and the sensor member node to be accessed after the successful verification.
In a second aspect, an embodiment of the present invention further provides an information security interaction method applicable to any one of the internet of things security architectures provided in the foregoing embodiments, including:
determining the hierarchy of the Internet of things and determining sink nodes according to the number of the sensor nodes and the network topological distance;
dividing the sensor nodes according to the hierarchy to form at least two sensor node groups and at least one master node cluster group;
and determining a sensor main node in the sensor node group according to the node data processing capacity, and determining a cluster main node in the main node cluster group according to the node data processing capacity.
Further, the method further comprises:
the sensor main node is used for detecting whether intrusion information exists in information sent by the sensor member nodes, processing the intrusion information according to a set safety rule when the intrusion information is determined, and sending the intrusion suspicion information to the clustering main node when the intrusion suspicion information is determined;
the cluster main node is used for judging the invasion suspicion information, processing the invasion suspicion information according to a set safety rule when the invasion suspicion information is determined, and handing the invasion suspicion information to the arbitration node for processing when the invasion suspicion information cannot be determined.
Further, the method further comprises:
and the nodes in the same group of the sensor node group and the main node cluster group mutually transmit authentication information, wherein the authentication information comprises a timestamp and an information transmission quantity identifier.
Further, the method further comprises:
the sensor main node randomly monitors data packets sent by the sensor member nodes to determine whether the sensor member nodes are abnormal or not.
Still further, the method further comprises:
and the master station verifies the user in a C/S mode, and establishes the safe connection between the user and the sensor member node to be accessed after the verification is successful.
The method has the advantages that the Internet of things levels are determined according to the number of the sensor nodes and the network topological distance, the main node is selected according to the energy of the sensor nodes under each level, and various safety strategies are implemented by utilizing the operational capability of the main node; on the premise that the operational capacity of the sensor node is limited, the capability of the main node is fully exerted to implement various network safety supervision, the safety of the Internet of things is enhanced, meanwhile, the network safety supervision can be flexibly adjusted according to the actual deployment condition, network breakdown caused by overhigh load of the main node is avoided, the network safety supervision can be flexibly adjusted after the node is newly added, the sensor node with better performance is replaced as the main node at any time, and the safety performance of the Internet of things is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic structural diagram of an internet of things security architecture according to an embodiment of the present invention.
Fig. 2 is a schematic flow chart of an information security interaction method for an internet of things security architecture according to a second embodiment of the present invention.
Detailed Description
The following description of the embodiments refers to the accompanying drawings, which are included to illustrate specific embodiments in which the invention may be practiced.
Referring to fig. 1, an embodiment of the present invention provides an internet of things security architecture, including:
the sensor node group comprises a sensor main node (each sensor node group comprises a main node and a plurality of sensor node groups) and a plurality of sensor member nodes, and the sensor main node and the sensor member nodes are communicated in an identity authentication mode; a cluster of master nodes comprising: the system comprises a clustering main node B and a plurality of sensor main nodes A, wherein the clustering main node B and the sensor main nodes A are communicated in an identity authentication mode; the aggregation node A is used for aggregating the information of all the clustering main nodes B; and the sensor node group and the main node cluster group are divided according to the operation residual capacity of the sensor main node or the cluster main node and the distance between the nodes.
The division rule is as follows:
when the distance between the sensor node group and the main node cluster group is more than 250M and less than 300M, the computing capacity is 45% of the total computing capacity;
when the distance between the sensor node group and the main node cluster group is more than 200M and less than 250M, the computing capacity is 30% of the total computing capacity;
when the distance between the sensor node group and the main node cluster group is less than 200M, the computing capacity is 25% of the total computing capacity;
otherwise, in principle, the distance between the sensor node cluster and the master node cluster should not be greater than 300M.
In this embodiment, the internet of things security architecture includes a plurality of sensor nodes, and the sensor nodes can be set in different places and different positions according to actual needs to realize the function of perceiving various data. The sensor nodes can be connected through various existing communication modes to realize the function of information interaction. In remote places, remote communication can be realized by means of the Internet.
Correspondingly, when the corresponding functions of the internet of things are realized, the communication between the sensor nodes is unordered according to different application services, and various definitions cannot be performed in advance, so that great difficulty is caused for the safety of the sensor nodes.
In order to solve the above problem, in this embodiment, the security architecture of the internet of things may be hierarchically configured according to a certain rule.
Specifically, the internet of things can be divided into a sensor node group and a master node cluster group, wherein the number of master node cluster group layers can be flexibly set according to actual conditions, and the number of the master node cluster group layers can be in multiple stages, for example: level 2, level 3, etc. Accordingly, the number of clusters in each level can be flexibly set according to actual conditions.
Such as: the sensor node group is provided with a node group consisting of 10 sensor nodes, the number of the middle main node cluster group layers is currently 5, and the number of each group is 12; the 10 sensor node groups can be constructed into a 6 th main node cluster group, and incorporated into the main node cluster group layer for management.
The sensor node group comprises a sensor main node and a plurality of sensor member nodes, and the sensor main node and the sensor member nodes are communicated in an identity authentication mode. The sensor main node has strong computing capability, so that the sensor main node can utilize the residual computing capability of the sensor main node to apply various set safety rules to safely control and manage the member nodes of the sensors in the group besides the normal sensing data and basic data processing capability. Correspondingly, in order to ensure the safety of data transmission between the sensor member nodes in the group and the sensor main node, the sensor main node and the sensor member nodes are communicated in an identity verification mode. Illustratively, the authentication communication can be realized by adopting an asymmetric key mode, so that malicious three parties are prevented from being involved, relevant information is stolen, and false information and instructions are transmitted.
Because the setting of the internet of things is flexible, the sensor nodes can be increased and decreased at any time, and after the sensor nodes are changed, the levels of the sensor nodes can be adjusted according to set rules. When the added nodes have stronger computing performance, the hierarchy architecture of the Internet of things can be adjusted according to rules. So that the internet of things architecture can operate more stably. And when the sensor master node disappears, a new master node is selected again according to the computing capability.
Because the computing power of the sensor master node is relatively limited, the internet of things security architecture further comprises: a cluster of master nodes comprising: the system comprises a cluster main node and a plurality of sensor main nodes, wherein the cluster main node and the sensor main nodes are communicated in an identity authentication mode. The number of the main node cluster groups can be flexibly set according to actual conditions. Through the multilayer hierarchical structure, different security strategies can be distributed and clustered with the main nodes of the sensor and the main nodes of the internet of things respectively, so that the security of the whole internet of things security architecture is guaranteed.
And the sink node is used for converging the information of all the clustering main nodes, executing the security policy of the highest level, and finally judging the security policy which can not be executed by the clustering main nodes and the sensor main nodes or the problem in execution.
Optionally, the sensor master nodes and the master node cluster group may be determined according to the number of the sensor nodes and the network topology distance, and the number of the sensor nodes is usually not too large, so as to avoid a large load generated by the master nodes, and meanwhile, the sensor nodes and the master node cluster group need to be determined according to the actual distribution distance. Too far away often leads to more network transitions, resulting in network transmission congestion.
According to the Internet of things security architecture provided by the embodiment of the invention, the Internet of things levels are determined according to the number of the sensor nodes and the network topology distance, the master node is selected according to the energy of the sensor nodes under each level, and various security strategies are implemented by utilizing the operational capability of the master node. On the premise that the operational capacity of the sensor node is limited, the capability of the main node is fully exerted to implement various network safety supervision, the safety of the Internet of things is enhanced, meanwhile, the network safety supervision method can be flexibly adjusted according to the actual deployment situation, network breakdown caused by high load of the main node is avoided, the network safety supervision method can be flexibly adjusted after the main node is newly added into the node, and the sensor node with better performance is replaced as the main node at any time. The safety performance of the Internet of things is improved.
Optionally, the sensor master node includes: and the intrusion detection unit is used for judging whether the information interacted with the sensor member nodes has intrusion information. The sensor main node can be used for monitoring the information of interaction between the sensor member node and other nodes at random, judging whether the information is invasion information according to a preset safety rule, and receiving suspected invasion information reported by the sensor member node.
Correspondingly, the clustering master node includes: and the intrusion detection module is used for judging whether the received intrusion detection information sent by the sensor main node is intrusion detection information. If the intrusion information is contained, the intrusion information often moves among a plurality of nodes, and the nodes may be located in different sensor node groups, so that cross validation is performed by using the information in each sensor node group, and whether intrusion detection is performed or not can be effectively distinguished. The specific verification rule is that each node stores hash data verification, and includes a security snapshot without intrusion information at first, and cross verification is performed through a Byzantine mechanism to verify that illegal intrusion information exists.
Since intrusion detection is passive, corresponding rules are supplemented in real time according to attack conditions, and certain hysteresis is provided, in this embodiment, a suspected intrusion behavior that cannot be judged can be reported to a sink node, the sink node can arbitrate according to a neural network model in a remote server, determine whether the intrusion behavior is the intrusion behavior, and adopt a corresponding security policy for the intrusion behavior to ensure the security of the whole internet of things architecture.
Optionally, in the application of the internet of things, the entity user often needs to invoke the sensing information of the sensor node. Therefore, the internet of things architecture further comprises: and the master station is used for verifying the access of the user and establishing the safe connection between the user and the member node of the sensor to be accessed after the successful verification. To ensure the security of the user orientation sensor node.
Fig. 2 is a schematic flow chart of an information security interaction method of an internet of things security architecture according to a second embodiment of the present invention. The embodiment is implemented by the internet of things security architecture provided by the first embodiment.
Correspondingly, the information security interaction method of the internet of things security architecture provided by the embodiment specifically includes:
and S110, determining the Internet of things level and determining sink nodes according to the number of the sensor nodes and the network topology distance.
Determining the Internet of things level and sink nodes according to the number of the sensor nodes and the network topological distance, wherein the farther the cluster is from the sink nodes, the larger the cluster is, the more the number of the sensor nodes is according to a non-uniform clustering routing protocol (EEUC), and the Internet level is calculated through a certain algorithm.
And S120, dividing the sensor nodes according to the hierarchy to form at least two sensor node groups and at least one main node cluster group.
And dividing the network nodes into different cluster groups according to the hierarchy by a certain algorithm according to a hierarchical routing protocol, wherein each cluster group comprises a cluster main node, a sensor main node and a sensor node group.
And dividing the sensor nodes under the framework of the Internet of things according to the number of the sensor node groups corresponding to each level and the number of the main node cluster groups corresponding to the levels and the corresponding sensor nodes with certain computing capacity.
And S130, determining a sensor main node in the sensor node group according to the node data processing capacity, and determining a cluster main node in the main node cluster group according to the node data processing capacity.
And selecting the node with the strongest computing capability from the sensor node group as the sensor main node, and correspondingly selecting the node with the strongest computing capability from the main node cluster group as the cluster main node.
According to the embodiment of the invention, the hierarchy of the Internet of things is determined according to the number of the sensor nodes and the network topological distance, the main node is selected according to the energy of the sensor nodes under each hierarchy, and various safety strategies are implemented by utilizing the operational capability of the main node. On the premise that the operational capacity of the sensor node is limited, the capability of the main node is fully exerted to implement various network safety supervision, the safety of the Internet of things is enhanced, meanwhile, the network safety supervision method can be flexibly adjusted according to the actual deployment situation, network breakdown caused by high load of the main node is avoided, the network safety supervision method can be flexibly adjusted after the main node is newly added into the node, and the sensor node with better performance is replaced as the main node at any time. The safety performance of the Internet of things is improved.
Optionally, the method further includes: the sensor main node is used for detecting whether intrusion information exists in information sent by the sensor member nodes, processing the information according to set safety rules (such as access refusal, signal shielding and the like) when the information is determined to be the intrusion information, and sending the intrusion suspicion information to the clustering main node when the information is determined to be the intrusion suspicion information;
the cluster main node is used for judging the intrusion information, processing the intrusion information according to a set safety rule when the intrusion information is determined, and handing the intrusion information to an arbitration node for processing when the intrusion information cannot be determined.
Optionally, the internet of things security architecture may be attacked repeatedly, so that network congestion occurs in some nodes, and then internet of things breakdown occurs. Therefore, in this embodiment, the nodes in the same group of the sensor node group and the master node cluster group mutually transmit authentication information, where the authentication information includes a timestamp and an information transmission number identifier. Through the timestamp and the sending number identification, the information received by the receiver can be ensured to be real and effective, and the recurrent attack can be identified and discarded.
Optionally, the sensor master node randomly monitors a data packet sent by the sensor member node to determine whether the sensor member node is abnormal. After the sensor node is infected by virus, a large number of data packets may be sent, and the data volume is obviously higher than that in a normal working state, so that whether the data packets are abnormal or not can be determined by monitoring the data packet volume.
Further, the method may further include: and the master station verifies the user in a C/S mode, and establishes the safe connection between the user and the sensor member node to be accessed after the verification is successful. So as to realize the safe access of the user to the sensor node.
Through the above description of the embodiments, those skilled in the art will clearly understand that the present invention may be implemented by software plus necessary general hardware, and certainly may also be implemented by hardware, but in many cases, the former is a better embodiment. Based on such understanding, the technical solutions of the present invention may be substantially implemented or a part of the technical solutions contributing to the prior art may be embodied in the form of a software product, which is stored in a readable storage medium, such as a floppy disk, a hard disk, or an optical disk of a computer, and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device) to execute the methods according to the embodiments of the present invention.
As can be seen from the above description, the embodiment of the invention has the beneficial effects that the hierarchy of the internet of things is determined according to the number of the sensor nodes and the network topology distance, the master node is selected according to the energy of the sensor nodes under each hierarchy, and various security strategies are implemented by utilizing the operational capability of the master node; on the premise that the operational capacity of the sensor node is limited, the capability of the main node is fully exerted to implement various network safety supervision, the safety of the Internet of things is enhanced, meanwhile, the network safety supervision can be flexibly adjusted according to the actual deployment condition, network breakdown caused by overhigh load of the main node is avoided, the network safety supervision can be flexibly adjusted after the node is newly added, the sensor node with better performance is replaced as the main node at any time, and the safety performance of the Internet of things is improved.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present invention, and it is therefore to be understood that the invention is not limited by the scope of the appended claims.
Claims (10)
1. An internet of things security architecture, comprising:
the sensor node group comprises a sensor main node and a plurality of sensor member nodes, and the sensor main node and the sensor member nodes are communicated in an identity authentication mode;
a cluster of master nodes comprising: the system comprises a cluster main node and a plurality of sensor main nodes, wherein the cluster main node and the sensor main nodes are communicated in an identity authentication mode;
the aggregation node is used for aggregating the information of all the clustered main nodes;
and the sensor node group and the main node cluster group are divided according to the operation residual capacity of the sensor main node or the cluster main node and the distance between the nodes.
2. The internet of things security architecture of claim 1, wherein the sensor master node comprises:
and the intrusion detection unit is used for judging whether the information interacted with the sensor member nodes has intrusion information.
3. The internet of things security architecture of claim 2, wherein the clustering master node comprises:
and the intrusion detection module is used for receiving whether the intrusion detection information sent by the sensor main node is intrusion detection information.
4. The internet of things security architecture of claim 3, wherein the aggregation node comprises:
and the arbitration module is used for finally judging the pending intrusion detection information sent by the intrusion detection module in the cluster main node and sending the judgment result to the cluster main node so that the cluster main node sends the judgment result to the sensor main node, and the sensor member node processes the intrusion detection information.
5. The internet of things security architecture of claim 1, further comprising:
and the master station is used for verifying the access of the user and establishing the safe connection between the user and the sensor member node to be accessed after the successful verification.
6. An information security interaction method applied to the internet of things security architecture of any one of claims 1 to 5, comprising:
determining the hierarchy of the Internet of things and determining sink nodes according to the number of the sensor nodes and the network topological distance;
dividing the sensor nodes according to the hierarchy to form at least two sensor node groups and at least one master node cluster group;
and determining a sensor main node in the sensor node group according to the node data processing capacity, and determining a cluster main node in the main node cluster group according to the node data processing capacity.
7. The method of claim 6, further comprising:
the sensor main node is used for detecting whether intrusion information exists in information sent by the sensor member nodes, processing the intrusion information according to a set safety rule when the intrusion information is determined, and sending the intrusion suspicion information to the clustering main node when the intrusion suspicion information is determined;
the cluster main node is used for judging the invasion suspicion information, processing the invasion suspicion information according to a set safety rule when the invasion suspicion information is determined, and handing the invasion suspicion information to the arbitration node for processing when the invasion suspicion information cannot be determined.
8. The method of claim 6, further comprising:
and the nodes in the same group of the sensor node group and the main node cluster group mutually transmit authentication information, wherein the authentication information comprises a timestamp and an information transmission quantity identifier.
9. The method of claim 6, further comprising:
the sensor main node randomly monitors data packets sent by the sensor member nodes to determine whether the sensor member nodes are abnormal or not.
10. The method of claim 6, further comprising:
and the master station verifies the user in a C/S mode, and establishes the safe connection between the user and the sensor member node to be accessed after the verification is successful.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010386785.6A CN111641593A (en) | 2020-05-09 | 2020-05-09 | Internet of things security architecture and information security interaction method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010386785.6A CN111641593A (en) | 2020-05-09 | 2020-05-09 | Internet of things security architecture and information security interaction method thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111641593A true CN111641593A (en) | 2020-09-08 |
Family
ID=72333165
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010386785.6A Pending CN111641593A (en) | 2020-05-09 | 2020-05-09 | Internet of things security architecture and information security interaction method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111641593A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114339653A (en) * | 2022-03-04 | 2022-04-12 | 杭州格物智安科技有限公司 | Block chain system based on wireless sensor network and data recording method |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160183093A1 (en) * | 2014-12-19 | 2016-06-23 | Intel Corporation | Cooperative security in wireless sensor networks |
| CN106961697A (en) * | 2017-05-12 | 2017-07-18 | 河海大学常州校区 | A kind of wireless sensor network interference region mapping method of distributed structure/architecture |
| CN107404718A (en) * | 2017-08-16 | 2017-11-28 | 中国民航大学 | A kind of wireless sensor network malicious node detection method |
| CN108092826A (en) * | 2018-01-17 | 2018-05-29 | 重庆邮电大学 | Based on the hierarchical wireless sense network security model of backbone node security role |
| CN110913357A (en) * | 2019-11-13 | 2020-03-24 | 绍兴文理学院 | Sensing cloud double-layer network defense system and method based on security situation awareness |
-
2020
- 2020-05-09 CN CN202010386785.6A patent/CN111641593A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160183093A1 (en) * | 2014-12-19 | 2016-06-23 | Intel Corporation | Cooperative security in wireless sensor networks |
| CN106961697A (en) * | 2017-05-12 | 2017-07-18 | 河海大学常州校区 | A kind of wireless sensor network interference region mapping method of distributed structure/architecture |
| CN107404718A (en) * | 2017-08-16 | 2017-11-28 | 中国民航大学 | A kind of wireless sensor network malicious node detection method |
| CN108092826A (en) * | 2018-01-17 | 2018-05-29 | 重庆邮电大学 | Based on the hierarchical wireless sense network security model of backbone node security role |
| CN110913357A (en) * | 2019-11-13 | 2020-03-24 | 绍兴文理学院 | Sensing cloud double-layer network defense system and method based on security situation awareness |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114339653A (en) * | 2022-03-04 | 2022-04-12 | 杭州格物智安科技有限公司 | Block chain system based on wireless sensor network and data recording method |
| CN114339653B (en) * | 2022-03-04 | 2022-05-24 | 杭州格物智安科技有限公司 | Block chain system based on wireless sensor network and data recording method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Tan et al. | A new framework for DDoS attack detection and defense in SDN environment | |
| Eliyan et al. | DoS and DDoS attacks in Software Defined Networks: A survey of existing solutions and research challenges | |
| Dao et al. | Securing heterogeneous IoT with intelligent DDoS attack behavior learning | |
| Lohachab et al. | Critical analysis of DDoS—An emerging security threat over IoT networks | |
| Mamdouh et al. | Securing the internet of things and wireless sensor networks via machine learning: A survey | |
| Imran et al. | Toward an optimal solution against denial of service attacks in software defined networks | |
| Wang et al. | SECO: SDN sEcure COntroller algorithm for detecting and defending denial of service attacks | |
| Xu et al. | An enhanced saturation attack and its mitigation mechanism in software-defined networking | |
| van der Heijden et al. | Misbehavior detection in vehicular ad-hoc networks | |
| Demirpolat et al. | ProtÉdge: a few‐shot ensemble learning approach to software‐defined networking‐assisted edge security | |
| Zhou et al. | A dynamic and lightweight framework to secure source addresses in the SDN-based networks | |
| Xu et al. | Toward software defined dynamic defense as a service for 5G-enabled vehicular networks | |
| Gao et al. | Defense against software-defined network topology poisoning attacks | |
| Kumar et al. | Handling Security Issues in Software-defined Networks (SDNs) Using Machine Learning | |
| CN111641593A (en) | Internet of things security architecture and information security interaction method thereof | |
| Kumar et al. | Deep learning model to defend against covert channel attacks in the SDN networks | |
| Cao et al. | A security‐driven network architecture for routing in industrial Internet of Things | |
| Ganesh et al. | Intrusion detection and prevention systems: A review | |
| Qiu et al. | A software-defined security framework for power IoT cloud-edge environment | |
| Li et al. | A distributed intrusion detection model based on cloud theory | |
| KR20130033161A (en) | Intrusion detection system for cloud computing service | |
| Mabrouk et al. | Signaling Game-based Approach to Improve Security in Vehicular Networks. | |
| Srivastava et al. | A survey on mobile agent based intrusion detection system | |
| Houmer et al. | A hybrid intrusion detection system against egoistic and malicious nodes in VANET | |
| SafaeiSisakht et al. | An Intelligent Two-Phase Automated Architecture for Securing SDN-Based IoT Infrastructure |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200908 |
|
| RJ01 | Rejection of invention patent application after publication |