CN112600694B - Internet of things safety monitoring and management method, system and medium - Google Patents

Internet of things safety monitoring and management method, system and medium Download PDF

Info

Publication number
CN112600694B
CN112600694B CN202011401515.4A CN202011401515A CN112600694B CN 112600694 B CN112600694 B CN 112600694B CN 202011401515 A CN202011401515 A CN 202011401515A CN 112600694 B CN112600694 B CN 112600694B
Authority
CN
China
Prior art keywords
network management
cluster head
management agent
management station
polling
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011401515.4A
Other languages
Chinese (zh)
Other versions
CN112600694A (en
Inventor
张小飞
伍军
李佳纳
徐传华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Jiaotong University
State Grid Electric Power Research Institute
Original Assignee
Shanghai Jiaotong University
State Grid Electric Power Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Jiaotong University, State Grid Electric Power Research Institute filed Critical Shanghai Jiaotong University
Priority to CN202011401515.4A priority Critical patent/CN112600694B/en
Publication of CN112600694A publication Critical patent/CN112600694A/en
Application granted granted Critical
Publication of CN112600694B publication Critical patent/CN112600694B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0213Standardised network management protocols, e.g. simple network management protocol [SNMP]
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/10Detection; Monitoring
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/30Control
    • G16Y40/35Management of things, i.e. controlling in accordance with a policy or in order to achieve specified objectives
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/50Safety; Security of things, users, data or systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0246Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/04Network management architectures or arrangements
    • H04L41/046Network management architectures or arrangements comprising network management agents or mobile agents therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • H04L45/04Interdomain routing, e.g. hierarchical routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/46Cluster building

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a method, a system and a medium for monitoring and managing the safety of the Internet of things, which are characterized in that on the basis of an SNMP protocol, an observer mechanism, an inter-cluster route, a confirmation mechanism and a retransmission mechanism are fused; the method of the invention simultaneously improves the ability of the network management agent to actively inform the management station of the specific event by matching with the observer mechanism through the polling priority algorithm based on the statistical characteristics while reducing the data acquisition redundancy. In order to improve the application of the method in the environment of the Internet of things, a hierarchical routing optimization observer mechanism is utilized, so that the redundancy of proxy data is reduced, and the reliability of communication is improved.

Description

Internet of things safety monitoring and management method, system and medium
Technical Field
The invention relates to the field of network security, in particular to a method, a system and a medium for monitoring and managing the security of an Internet of things.
Background
The internet of things combines various information sensing devices with the internet to form a huge network, and interconnection and intercommunication of people, machines and objects at any time and any place are realized. The internet of things covers objects such as intelligent washing machines, intelligent refrigerators, intelligent microwave ovens, smart phones, smart meters and smart vehicles. The connection of the intelligent objects and the Internet can realize a plurality of valuable excellent applications, such as intelligent home, intelligent buildings, intelligent transportation, digital health, intelligent power grids and intelligent cities, and the intelligent development of the aspects is effectively promoted, so that the limited resources are more reasonably used and distributed, and the industrial efficiency and the benefit are improved. With the development of communication technology and wearable equipment, the internet of things is developed vigorously.
When billions of devices are connected to the Internet, it is clear that a large amount of data is generated. Compared with the traditional Internet, the Internet of things has the characteristics of large network scale and high dynamic property, so that the following characteristics need to be met by a safety monitoring and network management protocol applicable to the Internet of things: (1) universality: the new protocol better supports most of the existing Internet of things equipment without additional hardware; (2) lightweight: due to the limited computing power and energy consumption of the internet of things equipment, the new protocol should be light-weight; (3) aging property: due to the dynamics of the internet of things devices, the new protocol should ensure that the delivered data is valid; (4) reliability: the new protocol should ensure that data can be successfully delivered and executed under most circumstances; (5) safety: the new protocol should ensure that state information of the internet of things devices is not leaked.
At present, the simple network management protocol SNMP has become a default factual standard in the field of network management due to its advantages of simplicity, high efficiency, high compatibility and the like. SNMP enables a network administrator to manage network performance, discover and solve network problems, and plan network growth. The network management system receives the random message (and the event report) through the SNMP to know that the network has problems. In the SNMP protocol, there are two main ways for a management station to obtain device parameter data, active and passive. The network management station sends request information to the network management agent according to a certain frequency to acquire the information of the MIB, which is the active acquisition of the management station to the state of the network equipment. In addition, the network management agent can actively report to the management station through Trap information when a certain error occurs, which is a passive data acquisition mode of the network management station and can enable the management station to know and process the error condition in time. Therefore, the SNMP is a standard protocol which meets the requirements of the safety monitoring and network management functions of the Internet of things. However, the dynamic and complex characteristics of the internet of things provide challenges for the SNMP protocol to perform security monitoring and network management in the internet of things, and the challenges are mainly reflected in three aspects:
the SNMP protocol concentrates data collection and processing tasks on a management station for operation, so that the SNMP protocol is difficult to work efficiently in the environment of the Internet of things with a complex topological structure.
2. The limited energy consumption and computing resources of the equipment of the internet of things are not well considered in the existing SNMP protocol, and the timeliness of data in the environment of the internet of things cannot be guaranteed.
And 3, the reliability and safety of data transmission cannot be guaranteed by a UDP-based transmission mode of the SNMP. In the environment of the internet of things, reliability needs to be improved, and meanwhile, low computing resource consumption needs to be ensured.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a method, a system and a medium for monitoring and managing the safety of the Internet of things.
According to the method for monitoring and managing the safety of the internet of things, in the process of actively acquiring the state of network equipment by a management station in the internet of things, the polling priority algorithm based on statistical characteristics adaptively adjusts the access frequency of dynamic information according to the statistical characteristics of a managed object, and the method comprises the following steps:
step 11: after a plurality of polling, the value V of the ith managed object is calculated i Degree of deviation from average D (i):
Figure RE-RE-GDA0002929409410000021
Figure RE-RE-GDA0002929409410000022
wherein, V j The resulting value is polled for managed object jth,
Figure RE-RE-GDA0002929409410000023
averaging historical values of the managed objects;
step 12: determining the polling period T (i) and the priority P of each managed object:
T(i)=F(D(i))
Figure RE-RE-GDA0002929409410000024
wherein, P n Setting F () to make T (i) and D (i) negatively correlated, C being a settable parameter, for the current priority of the nth managed object, ensuring that objects with the same polling period have different priorities;
step 13: the management station follows the current priority P of the managed object n Inserting the data into a polling queue, if the situation of the same priority occurs, comparing polling periods, and inserting the data with a small period first;
step 14: and updating the polling queue after each completion to generate new priorities and polling periods of the managed objects, if the queue is completed, ending the polling process, and otherwise, skipping to the step 13.
Preferably, in order to reduce redundancy caused by invalid data obtained by polling, the data acquisition method further includes a data acquisition method based on an observer mechanism, the managed object can actively notify the management station without responding to a GetRequest request from the management station once and again, and the data acquisition method based on the observer mechanism includes:
step 20: the management station sends a message requesting subscription to the network management agent, wherein the message comprises information of the management station, a data rule expected to be observed and an identifier OID of an observed object;
step 21: after receiving the message, the network management agent stores the information of the observer into a subscriber list and stores the corresponding data rule and the observation object OID into a subscription requirement;
step 22: the network management agent observes the value of an object of a Management Information Base (MIB) according to subscription requirements, and actively informs an observer when the change of the value meets a preset rule.
Preferably, a data forwarding method using hierarchical routing is matched with the data obtaining method based on the observer mechanism, and the data forwarding method includes:
step 30: attaching a random number of 0-1, the current CPU idle rate U and time of the management station when the management station requests a subscription to the network management agent each time;
step 31: the network management agent calculates the communication time delay d between the management station and the network management agent and generates a threshold value T (n) by comparing the time when the request is received:
Figure RE-RE-GDA0002929409410000031
Figure RE-RE-GDA0002929409410000032
wherein p is the proportion of the cluster head node number to the total node number, r is the number of current working rounds, G is the set of nodes which do not become cluster head nodes in the network, W b In the function, A and B are control factors, U (i) is the current CPU idle rate of node i, U (i) max For the maximum idle rate in all management stations, d (i) is the communication delay from node i to the network management agent, d avg The average time delay from all the current nodes to the network management agent is obtained;
step 32: comparing the random number generated by the management station with the corresponding T (n), if the random number is smaller than the T (n), selecting the node as a cluster head candidate node of the current round, and if a plurality of nodes are selected as the cluster head candidate nodes, selecting the management station with the minimum communication delay with the network management agent as the cluster head node of the current round;
step 33: when the set subscription requirement is met, the network management agent sends the notification information and the corresponding subscription table to the management station serving as the cluster head node, and the management station receives the information and forwards the notification information to other observers in the subscription table to complete the data forwarding work of the current round.
Preferably, a retransmission confirmation method is adopted for communication between the network management agent and the cluster head management station and communication between the cluster head management station and other nodes in the cluster, and the retransmission confirmation method includes:
step 40: after the network management agent sends subscription information and a subscription table to the cluster head management station, the cluster head management station sends a confirmation message to the network management agent;
step 41: if the network management agent receives the confirmation message, the communication is ended, otherwise, the step 42 is skipped;
step 42: searching retransmission times in the network management agent, if the retransmission times reach a preset threshold value, jumping to a step 43, otherwise, the network management agent retransmits the information;
step 43: and the network management agent selects any other node from the cluster head candidate nodes as a new cluster head and forwards information to the new cluster head.
According to the internet of things safety monitoring and management system provided by the invention, in the active acquisition process of a management station for the state of network equipment in the internet of things, a polling priority algorithm based on statistical characteristics adaptively adjusts the access frequency for dynamic information according to the statistical characteristics of a managed object, and the system comprises the following steps:
a module M11: after a plurality of polling, the value V of the ith managed object is calculated i Degree of deviation from average D (i):
Figure RE-RE-GDA0002929409410000041
Figure RE-RE-GDA0002929409410000042
wherein, V j The resulting value is polled for managed objects jth,
Figure RE-RE-GDA0002929409410000043
as managed objectsAverage value of historical values;
a module M12: determining the polling period T (i) and the priority P of each managed object:
T(i)=F(D(i))
Figure RE-RE-GDA0002929409410000044
wherein, P n Setting F () to make T (i) and D (i) negatively correlated, C being a settable parameter, for the current priority of the nth managed object, ensuring that objects with the same polling period have different priorities;
a module M13: the management station follows the current priority P of the managed object n Inserting the data into a polling queue, comparing polling periods if the data have the same priority, and inserting the data with a smaller period first;
a module M14: and updating the polling queue after each completion to generate new priority and polling period of each managed object, if the queue is completed, ending the polling process, otherwise, executing work by the module M13.
Preferably, in order to reduce redundancy caused by invalid data obtained by polling, the data acquisition method further includes a data acquisition method based on an observer mechanism, the managed object can actively notify the management station without responding to a GetRequest request from the management station once and again, and the data acquisition method based on the observer mechanism includes:
a module M20: the management station sends a message requesting subscription to the network management agent, wherein the message comprises information of the management station, a data rule expected to be observed and an identifier OID of an observed object;
a module M21: after receiving the message, the network management agent stores the information of the observer into a subscriber list and stores the corresponding data rule and the observation object OID into a subscription requirement;
a module M22: the network management agent observes the value of an object of a Management Information Base (MIB) according to subscription requirements, and actively informs an observer when the change of the value meets a preset rule.
Preferably, a data forwarding method using hierarchical routing is matched with the data obtaining method based on the observer mechanism, and the data forwarding method includes:
module M30: attaching a random number of 0-1, the current CPU idle rate U and time of the management station when the management station requests a subscription to the network management agent each time;
a module M31: the network management agent calculates the communication time delay d between the management station and the network management agent and generates a threshold value T (n) by comparing the time of receiving the request:
Figure RE-RE-GDA0002929409410000051
Figure RE-RE-GDA0002929409410000052
wherein p is the proportion of the cluster head node number to the total node number, r is the number of current working rounds, G is the set of nodes which do not become cluster head nodes in the network, W b In the function, A and B are control factors, U (i) is the current CPU idle rate of node i, U (i) max For the maximum idle rate in all management stations, d (i) is the communication delay from node i to the network management agent, d avg Average time delay from all current nodes to the network management agent;
the module M32: comparing the random number generated by the management station with the corresponding T (n), if the random number is smaller than the T (n), selecting the node as a cluster head candidate node of the current round, and if a plurality of nodes are selected as the cluster head candidate nodes, selecting the management station with the minimum communication delay with the network management agent as the cluster head node of the current round;
module M33: when the set subscription requirement is met, the network management agent sends the notification information and the corresponding subscription table to the management station serving as the cluster head node, and the management station receives the information and forwards the notification information to other observers in the subscription table to complete the data forwarding work of the current round.
Preferably, a retransmission confirmation method is adopted for the communication between the network management agent and the cluster head management station and the communication between the cluster head management station and the other nodes in the cluster, and the retransmission confirmation method includes:
and a module M40: after the network management agent sends subscription information and a subscription table to the cluster head management station, the cluster head management station sends a confirmation message to the network management agent;
a module M41: if the network management agent receives the confirmation message, the communication is ended, otherwise the module M42 executes the work;
a module M42: searching retransmission times in the network management agent, if the retransmission times reach a preset threshold value, executing work by the module M43, and if not, retransmitting the information by the network management agent again;
the module M43: and the network management agent selects any other node from the cluster head candidate nodes as a new cluster head and forwards information to the new cluster head.
According to the invention, a computer readable storage medium is provided, in which a computer program is stored, and the computer program, when executed by a processor, implements the steps of the method for monitoring and managing security of internet of things.
Compared with the prior art, the invention has the following beneficial effects:
according to the invention, a polling priority algorithm based on statistical characteristics and an observer mechanism are fused for the first time to solve the problems of safety monitoring and management in the scene of complex topology and limited resources of the Internet of things, and the polling algorithm based on statistical characteristics is firstly utilized to access dynamic information, adaptively adjust the access frequency and effectively reduce polling on non-dynamic objects. On the basis, the method puts observation tasks for data change from the management station to the management agent through an observer mechanism, and reduces redundancy caused by invalid data obtained by polling. In addition, the addition of the hierarchical routing and the cooperation of the observer mechanism utilize an inter-cluster routing protocol, and further reduce the consumption of communication resources and computing resources generated by simultaneously subscribing the same network management agent by a plurality of management stations. Finally, the invention focuses on the balance problem of data transmission reliability and computing resource limitation in the Internet of things, and adopts a confirmation mechanism and a retransmission mechanism to ensure that information can be reliably transmitted to the target node, thereby perfecting the application of an observer mechanism in the Internet of things environment.
Drawings
Other features, objects and advantages of the invention will become more apparent upon reading of the detailed description of non-limiting embodiments with reference to the following drawings:
fig. 1 is an improved protocol model for internet of things security monitoring and management, which is addressed by the present invention;
FIG. 2 is a polling procedure based on statistical features according to the present invention;
FIG. 3 is a SNMP protocol model under observer mechanism proposed by the present invention;
FIG. 4 is a modified direction of the observer mechanism of the present invention using hierarchical routing;
FIG. 5 is a flow chart of cluster tissue formation;
fig. 6 is a flow of communication between a network management agent and a cluster head management station according to the present invention;
FIG. 7 is a flow chart of inter-cluster-node communication according to the present invention;
FIG. 8 is an Internet of things scene under the Opnet modeling;
FIG. 9 is a comparison of the average latency of the present method versus the conventional SNMP protocol;
FIG. 10 is a comparison of the instantaneous network load of the present method versus the conventional SNMP protocol;
fig. 11 is a comparison of the average network load of the present method and the conventional SNMP protocol.
Detailed Description
The present invention will be described in detail with reference to specific examples. The following examples will aid those skilled in the art in further understanding the present invention, but are not intended to limit the invention in any manner. It should be noted that it would be obvious to those skilled in the art that various changes and modifications can be made without departing from the spirit of the invention. All falling within the scope of the present invention.
As shown in fig. 1, the invention provides a method for monitoring and managing security of internet of things, which, considering the characteristics of limited computing capability and high dynamic property in the environment of internet of things, firstly integrates an observer mechanism, an inter-cluster route, a confirmation mechanism and a retransmission mechanism on the basis of an SNMP protocol; the system and the method have the advantages that the communication is effectively realized under the condition that the resources of the Internet of things equipment are limited, and the safety monitoring and the network management in the Internet of things are realized.
The embodiment of the invention assumes that the security monitoring and management of the internet of things are performed in the site of 100m × 100m and is improved based on the SNMPv1 protocol, as shown in fig. 8. The model comprises three main parts, namely an NMS (Network management System) which is a Network management System and is responsible for managing agents and acquiring data; the Router is routing equipment, connects NMS and Agent, and is responsible for communication between management stations and network management agents; the Agent is a network management Agent and is responsible for locally controlling the Internet of things equipment. Because only the communication between the network management agent and the management station is analyzed in the simulation, the database running on the network management agent is regarded as MIB during modeling. In addition, app _ Config is an application definition module, and Prof _ Config is a service specification definition module, and is used for configuring related services used in the simulation model. And the Task _ Config is a Task definition module, and configures related execution operations for each node.
As shown in fig. 2 and fig. 3, when the SNMP protocol is executed, the NMS may send request information to the Agent at a certain frequency to obtain MIB information. Because the number of devices is large and the generated data is large in the scene of the internet of things, a polling algorithm using fixed frequency in the traditional SNMP protocol inevitably generates a large amount of unnecessary data redundancy, even the wrong NMS (network management system) can not be accessed in time, and the working efficiency of the SNMP protocol in the internet of things is reduced. Meanwhile, in consideration of limited energy consumption and computing resources of equipment of the Internet of things such as NMS (network management system), agent and the like, a polling priority algorithm based on statistical characteristics is added into the NMS, so that the equipment only accesses static data and reduces equipment information with little access change when the equipment is initialized, and the specific flow is as follows:
step 0: initializing the polling period T of all objects to a fixed value T 0
Step 1: after two polling, the value V of the managed object is calculated i Degree of deviation from average D (i):
step 2: determining the polling period T and the priority P of each managed object:
T(i)=F(D(i))
Figure RE-RE-GDA0002929409410000081
wherein F () is set to 0.01 × d (i), and C is set to 1.01 n
And step 3: p n For the current priority of the nth managed object, NMS follows the current priority P of each managed object n Insert into polling list if P n If the values are the same, T is compared, and the smaller cycle is inserted first.
And 4, step 4: and updating the polling queue after each time of completion to generate new priority and polling period of each object. If the queue is finished, finishing the polling process, otherwise, skipping to the step 3.
As shown in fig. 4, the method further sets an observer mechanism in the protocol to reduce redundancy caused by invalid data obtained by polling, that is, the NMS can be actively notified when the data of the internet of things device changes, and the specific flow is as follows:
step 0: and the NMS sends a message for requesting subscription to the Agent, wherein the message comprises the information of the NMS, the data rule to be observed and the identifier OID of the observed object.
Step 1: and after receiving the request information, the Agent stores the observer information into a subscriber list and stores the corresponding data rule and the observation object OID into a subscription requirement.
And 2, step: and the Agent observes the value of the MIB object according to the subscription requirement, and actively informs all observers in the subscription table when the change of the value meets the rule.
As shown in fig. 5, 6, and 7, in this example, there is a case where a plurality of management stations manage the same network management agent, so that after adding the watcher mechanism to the protocol, a case where one network management agent is subscribed by a plurality of management stations is changed. When the set subscription requirement is met and a notification mechanism is triggered, the network management agent has to send a notification to all subscribers, which causes burden to the communication resources of the agent and also increases the energy consumption of the agent. The application of the SNMP protocol in the Internet of things is improved by adding a hierarchical routing technology to match with an observer mechanism. The improved protocol notifies only one NMS of all subscribers each time the notification mechanism is triggered, which in turn is responsible for forwarding the notification information to the other subscribers. Considering the power consumption problem of the internet of things equipment, an LEACH protocol is selected as an improved basis, and a cluster head node is dynamically selected for forwarding according to the geographic position of each equipment, the residual energy and the number of nodes of members in a cluster, wherein the specific flow is as follows:
step 0: when NMS requests subscription to Agent, except subscription request information, random number of 0-1 and current CPU idle rate U and time of NMS are attached.
Step 1: the Agent calculates the communication delay d between NMS and the Agent by comparing the time when the request is received, and generates a threshold value T (n) based on the communication delay d
Step 2: and comparing the random number generated by the NMS with the corresponding T (n), if the random number is smaller than the T (n), selecting the node as the cluster head candidate node of the current round, and if a plurality of nodes are selected as the cluster head candidate node, selecting the management station with the minimum communication delay with the Agent from the cluster head candidate node as the cluster head node of the current round.
And 3, step 3: when the notification mechanism is triggered, the Agent sends the notification information and the corresponding subscription table to the NMS serving as the cluster head node, and the NMS forwards the notification information to other NMSs in the subscription table after receiving the notification information.
The traditional SNMP protocol uses a UDP protocol to transmit SNMP messages for the convenience and the real-time performance of information transmission, so that the problems of reliability and safety of the SNMP protocol in the transmission process are caused. In the communication in this example, it is necessary to ensure low consumption of computing resources while improving reliability. For the communication between Agent and cluster NMS and between cluster NMS and other NMS, confirmation mechanism and retransmission mechanism are added in SNMP protocol to ensure information can be transmitted to target node reliably. After the Agent sends the subscription information and the subscription table to the cluster head NMS, the cluster head NMS should send a confirmation message to the Agent to indicate that the receiving is successful. Otherwise, the Agent resends the information to the cluster head NMS, and if the retransmission times reach a threshold value N, the Agent selects any other NMS from the cluster head candidate nodes as a new cluster head. The specific flow of communication between NMSs is as follows:
step 0: and after the cluster head NMS receives the information from the Agent, the cluster head NMS forwards the subscription information through a UDP protocol according to the subscription table.
Step 1: and after receiving the subscription information, the rest NMSs in the cluster return confirmation information to the cluster head NMS.
Step 2: if the cluster head NMS receives the confirmation message, the communication is ended, otherwise, the step 3 is skipped.
And step 3: and searching retransmission times in the cluster head NMS, skipping to the step 4 if the retransmission times reach a threshold value, and otherwise, retransmitting the information by the cluster head NMS again.
And 4, step 4: and the cluster NMS considers the node to be invalid, removes the node from the subscription table and sends the updated subscription table to the Agent.
The improved protocol provided by the invention enables the network performance to show good stability. Fig. 9 shows the result of a simulation of the security monitoring and management situation of the same agent management by selecting 10 management stations for 0.5 hour. Considering that the stability of the network performance can be represented by the time delay fluctuation degree, the simulation compares the communication time delay of the traditional SNMP protocol and the communication time delay of the improved protocol, and the simulation results respectively correspond to the simulation results of the traditional SNMP protocol and the improved protocol. From fig. 9, it can be found that after the communication delays of both of them finally tend to be stable, the average delays before and after the improvement both tend to be 0.4 microseconds, while the improved protocol average delay tends to be more rapid and smooth, and the overall fluctuation is smaller. The result shows that the Internet of things scene has higher reliability by using the Internet of things safety monitoring and management method designed by the method of the invention through inter-cluster routing.
In addition, considering that the available resources of the internet of things equipment are limited, the data redundancy and the communication cost overhead are one of the key indexes for measuring the practicability of the internet of things equipment, and in the simulation, the network load is adopted to describe the indexes. Compared with the application of the traditional SNMP protocol in the Internet of things, the Internet of things safety monitoring and management method provided by the invention has lower network instantaneous load, as shown in FIG. 10. In the simulation, an improved SNMPv1 protocol modeled by an Opnet Modeler is used, and as shown in FIG. 11, resource consumption of the whole communication process is illustrated by comparing network average load of the protocol before and after improvement when the Internet of things is applied. The average load of the network before the improvement is about 1600b/s, and the average load of the network after the improvement is about 800b/s, which is reduced by about 50 percent. Because the method is based on the mutual cooperation of the polling priority algorithm of the statistical characteristics, the observer mechanism and the inter-cluster route, the data redundancy and the communication burden between the network management agent and the management station are effectively reduced.
It is well within the knowledge of a person skilled in the art to implement the system and its various devices, modules, units provided by the present invention in a purely computer readable program code means that the same functionality can be implemented by logically programming method steps in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Therefore, the system and various devices, modules and units thereof provided by the invention can be regarded as a hardware component, and the devices, modules and units included in the system for realizing various functions can also be regarded as structures in the hardware component; means, modules, units for realizing various functions can also be regarded as structures in both software modules and hardware components for realizing the methods.
The foregoing description of specific embodiments of the present invention has been presented. It is to be understood that the present invention is not limited to the specific embodiments described above, and that various changes or modifications may be made by one skilled in the art within the scope of the appended claims without departing from the spirit of the invention. The embodiments and features of the embodiments of the present application may be combined with each other arbitrarily without conflict.

Claims (5)

1. A method for monitoring and managing the safety of the Internet of things is characterized in that in the process of actively acquiring the state of network equipment by a management station in the Internet of things, a polling priority algorithm based on statistical characteristics adaptively adjusts the access frequency of dynamic information according to the statistical characteristics of a managed object, and comprises the following steps:
step 11: passing through multiple wheelsAfter inquiry, the value V of the ith managed object is calculated i Degree of deviation from average D (i):
Figure FDA0003798654640000011
Figure FDA0003798654640000012
wherein, V j The resulting value is polled for managed objects jth,
Figure FDA0003798654640000013
averaging historical values of the managed objects;
step 12: determining the polling period T (i) and the priority P of each managed object:
T(i)=F(D(i))
Figure FDA0003798654640000014
wherein, P n Setting F () to make T (i) and D (i) negatively correlated, C being a settable parameter, ensuring that objects with the same polling period have different priorities;
step 13: the management station follows the current priority P of the managed object n Inserting the managed object into a polling queue, comparing polling periods if the managed object has the same priority, and inserting the managed object into the polling queue first when the period is short;
step 14: updating the polling queue after each completion to generate new priorities and polling periods of the managed objects, if the queue is completed, ending the polling process, otherwise, skipping to the step 13;
in order to reduce redundancy caused by invalid data obtained by polling, the data acquisition method based on the observer mechanism is further included, the managed object can actively inform the management station without responding to a GetRequest request from the management station once and again, and the data acquisition method based on the observer mechanism comprises the following steps:
step 20: the management station sends a message requesting subscription to the network management agent, wherein the message comprises information of the management station, a data rule expected to be observed and an identifier OID of an observed object;
step 21: after receiving the message, the network management agent stores the information of the observer into a subscriber list and stores the corresponding data rule and the observed object OID into a subscription requirement;
step 22: the network management agent observes the value of an object in a management information base MIB according to subscription requirements, and actively informs an observer when the change of the value meets a preset rule;
the data forwarding method adopting hierarchical routing is matched with the data acquisition method based on the observer mechanism, and the data forwarding method comprises the following steps:
and step 30: attaching a random number of 0-1, the current CPU idle rate U and time of the management station when the management station requests a subscription to the network management agent each time;
step 31: the network management agent calculates the communication time delay d between the management station and the network management agent and generates a threshold value T (n) by comparing the time of receiving the request:
Figure FDA0003798654640000021
Figure FDA0003798654640000022
wherein p is the proportion of the cluster head node number to the total node number, r is the number of current working rounds, G is the set of nodes which do not become cluster head nodes in the network, W b In the function, A and B are control factors, U (i) is the current CPU idle rate of node i, U (i) max For the maximum idle rate in all management stations, d (i) is the communication delay from node i to the network management agent, d avg The average time delay from all the current nodes to the network management agent is obtained;
step 32: comparing the random number generated by the management station with the corresponding T (n), if the random number is smaller than the T (n), selecting the node as a cluster head candidate node of the current round, and if a plurality of nodes are selected as the cluster head candidate nodes, selecting the management station with the minimum communication time delay with the network management agent as the cluster head node of the current round;
step 33: when the set subscription requirement is met, the network management agent sends the notification information and the corresponding subscriber list to the management station serving as the cluster head node, and the management station forwards the notification information to other observers in the subscriber list after receiving the notification information, so that the data forwarding work of the round is completed.
2. The internet of things safety monitoring and management method according to claim 1, wherein a confirmation retransmission method is adopted for communication between the network management agent and the cluster head management station and communication between the cluster head management station and other nodes in the cluster, and the confirmation retransmission method comprises the following steps:
step 40: after the network management agent sends subscription information and a subscriber list to the cluster head management station, the cluster head management station sends a confirmation message to the network management agent;
step 41: if the network management agent receives the confirmation message, the communication is ended, otherwise, the step 42 is skipped;
step 42: searching retransmission times in the network management agent, if the retransmission times reach a preset threshold value, jumping to step 43, otherwise, the network management agent retransmits the information again;
step 43: and the network management agent selects any other node from the cluster head candidate nodes as a new cluster head and forwards information to the new cluster head.
3. The utility model provides a thing networking safety monitoring and management system which characterized in that, in the initiative acquisition process of management station to the network equipment state in the thing networking, for dynamic information, the polling priority algorithm based on statistical character adjusts the access frequency according to the statistical character self-adaptation of managed object, includes:
a module M11: after a plurality of polling, the value V of the ith managed object is calculated i Degree of deviation from average D (i):
Figure FDA0003798654640000031
Figure FDA0003798654640000032
wherein, V j The resulting value is polled for managed objects jth,
Figure FDA0003798654640000033
averaging historical values of the managed objects;
a module M12: determining the polling period T and the priority P of each managed object:
T(i)=F(D(i))
Figure FDA0003798654640000034
wherein, P n Setting F () to make T (i) and D (i) negatively correlated, C being a settable parameter, for the current priority of the nth managed object, ensuring that objects with the same polling period have different priorities;
a module M13: the management station follows the current priority P of the managed object n Inserting the managed object into a polling queue, comparing polling periods if the managed object has the same priority, and inserting the managed object into the polling queue first when the period is short;
a module M14: updating the polling queue after each completion to generate new priorities and polling periods of each managed object, ending the polling process if the queue is completed, otherwise jumping to a module M13 to execute work;
in order to reduce redundancy caused by invalid data obtained by polling, the data acquisition method based on the observer mechanism is further included, the managed object can actively inform the management station without responding to a GetRequest request from the management station for a time, and the data acquisition method based on the observer mechanism comprises the following steps:
a module M20: the management station sends a message requesting subscription to the network management agent, wherein the message comprises information of the management station, a data rule expected to be observed and an identifier OID of an observed object;
a module M21: after receiving the message, the network management agent stores the information of the observer into a subscriber list and stores the corresponding data rule and the observation object OID into a subscription requirement;
a module M22: the network management agent observes the value of an object of a management information base MIB according to subscription requirements, and actively informs an observer when the change of the value meets a preset rule;
the data forwarding method adopting hierarchical routing is matched with the data acquisition method based on the observer mechanism, and the data forwarding method comprises the following steps:
module M30: attaching a random number of 0-1, the current CPU idle rate U of the management station and time when the management station requests a subscription from a network management agent each time;
module M31: the network management agent calculates the communication time delay d between the management station and the network management agent and generates a threshold value T (n) by comparing the time when the request is received:
Figure FDA0003798654640000041
Figure FDA0003798654640000042
wherein p is the proportion of the cluster head node number to the total node number, r is the number of current working rounds, G is the set of nodes which do not become the cluster head in the network, and W b In the function, A and B are control factors, U (i) is the current CPU idle rate of node i, U (i) max For the maximum idle rate in all management stations, d (i) is the communication delay from node i to the network management agent, d avg Average time delay from all current nodes to the network management agent;
the module M32: comparing the random number generated by the management station with the corresponding T (n), if the random number is smaller than the T (n), selecting the node as a cluster head candidate node of the current round, and if a plurality of nodes are selected as the cluster head candidate nodes, selecting the management station with the minimum communication time delay with the network management agent as the cluster head node of the current round;
a module M33: when the set subscription requirement is met, the network management agent sends the notification information and the corresponding subscriber list to the management station serving as the cluster head node, and the management station receives the information and forwards the notification information to other observers in the subscriber list to complete the data forwarding work of the current round.
4. The internet of things safety monitoring and management system according to claim 3, wherein a confirmation retransmission method is adopted for communication between the network management agent and the cluster head management station and communication between the cluster head management station and other nodes in the cluster, and the confirmation retransmission method comprises the following steps:
a module M40: after the network management agent sends subscription information and a subscriber list to the cluster head management station, the cluster head management station sends a confirmation message to the network management agent;
a module M41: if the network management agent receives the confirmation message, the communication is ended, otherwise, the network management agent jumps to the module M42 to execute the work;
module M42: searching retransmission times in the network management agent, if the retransmission times reach a preset threshold value, skipping to a module M43 to execute work, otherwise, the network management agent retransmits the information again;
module M43: and the network management agent selects any other node from the cluster head candidate nodes as a new cluster head and forwards information to the new cluster head.
5. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, implements the steps of the method for monitoring and managing security of internet of things of any one of claims 1 to 2.
CN202011401515.4A 2020-12-04 2020-12-04 Internet of things safety monitoring and management method, system and medium Active CN112600694B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011401515.4A CN112600694B (en) 2020-12-04 2020-12-04 Internet of things safety monitoring and management method, system and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011401515.4A CN112600694B (en) 2020-12-04 2020-12-04 Internet of things safety monitoring and management method, system and medium

Publications (2)

Publication Number Publication Date
CN112600694A CN112600694A (en) 2021-04-02
CN112600694B true CN112600694B (en) 2022-11-15

Family

ID=75188035

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011401515.4A Active CN112600694B (en) 2020-12-04 2020-12-04 Internet of things safety monitoring and management method, system and medium

Country Status (1)

Country Link
CN (1) CN112600694B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104980314A (en) * 2015-06-10 2015-10-14 上海市地震应急救援保障中心 Earthquake industry cluster equipment active monitoring system and polling mechanism
CN111538570A (en) * 2020-05-12 2020-08-14 广东电网有限责任公司电力调度控制中心 VNF deployment method and device for energy conservation and QoS guarantee

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7991865B2 (en) * 2006-05-23 2011-08-02 Cisco Technology, Inc. Method and system for detecting changes in a network using simple network management protocol polling

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104980314A (en) * 2015-06-10 2015-10-14 上海市地震应急救援保障中心 Earthquake industry cluster equipment active monitoring system and polling mechanism
CN111538570A (en) * 2020-05-12 2020-08-14 广东电网有限责任公司电力调度控制中心 VNF deployment method and device for energy conservation and QoS guarantee

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"SNMP网络管理中高效轮询方法研究";朱创录;《计算机技术与发展》;20121231;第135-138页 *
"基于观察者模式的CoAP课程教学与实验设计";张笑非等;《软件导刊》;20191231;第18卷(第12期);第199-203页 *
"改进的无线传感器网络簇首选择策略及其路由算法";姚光顺;《计算机应用》;20130401;第908-911页 *

Also Published As

Publication number Publication date
CN112600694A (en) 2021-04-02

Similar Documents

Publication Publication Date Title
Xiong et al. An SDN-MQTT based communication system for battlefield UAV swarms
Chadha et al. Policy-based mobile ad hoc network management
Dab et al. Q-learning algorithm for joint computation offloading and resource allocation in edge cloud
Wang et al. Cross-layer optimization in TCP/IP networks
US20180013606A1 (en) Tr069 protocol management method oriented to wia-pa network
EP2645765A1 (en) Method and system for implementing network management based on thin wireless access point architecture
Li et al. Energy-efficient machine-to-machine (M2M) communications in virtualized cellular networks with mobile edge computing (MEC)
CN110167054A (en) A kind of QoS CR- LDP method towards the optimization of edge calculations node energy
Chen et al. Modeling access control for cyber-physical systems using reputation
Lee et al. Utility-optimal medium access control: reverse and forward engineering
Staglianò et al. D-MQTT: design and implementation of a pub/sub broker for distributed environments
Mohsenian-Rad et al. Optimal SINR-based random access
CN112600694B (en) Internet of things safety monitoring and management method, system and medium
Nguyen et al. A software-defined model for IoT clusters: Enabling applications on demand
Lee et al. Optimal MAC design based on utility maximization: Reverse and forward engineering
CN116828534B (en) Intensive network large-scale terminal access and resource allocation method based on reinforcement learning
CN101989918A (en) Peer-to-peer network management system and method
Koutsopoulos Learning the optimal controller placement in mobile software-defined networks
del Angel et al. Optimal power and retransmission control policies for random access systems
Chuan et al. Optimizing content placement and delivery in wireless distributed cache systems through belief propagation
Chen et al. Socially aware task selection game for users in mobile crowdsensing
Cheung et al. Congestion-aware distributed network selection for integrated cellular and wi-fi networks
Pournaras et al. Adaptive agent-based self-organization for robust hierarchical topologies
US20230171630A1 (en) Federated learning device interworking with mobile core system and method thereof
CN111629037B (en) Dynamic cloud content distribution network content placement method based on collaborative reinforcement learning

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant