CN113962591A - Industrial Internet of things data space access risk assessment method based on deep learning - Google Patents

Industrial Internet of things data space access risk assessment method based on deep learning Download PDF

Info

Publication number
CN113962591A
CN113962591A CN202111295417.1A CN202111295417A CN113962591A CN 113962591 A CN113962591 A CN 113962591A CN 202111295417 A CN202111295417 A CN 202111295417A CN 113962591 A CN113962591 A CN 113962591A
Authority
CN
China
Prior art keywords
access
data
data space
terminal
deep learning
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111295417.1A
Other languages
Chinese (zh)
Inventor
赵坤
陈宇
梁坤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou University of Aeronautics
Original Assignee
Zhengzhou University of Aeronautics
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou University of Aeronautics filed Critical Zhengzhou University of Aeronautics
Priority to CN202111295417.1A priority Critical patent/CN113962591A/en
Publication of CN113962591A publication Critical patent/CN113962591A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0635Risk analysis of enterprise or organisation activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0639Performance analysis of employees; Performance analysis of enterprise or organisation operations
    • G06Q10/06393Score-carding, benchmarking or key performance indicator [KPI] analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Human Resources & Organizations (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Economics (AREA)
  • Educational Administration (AREA)
  • Development Economics (AREA)
  • Software Systems (AREA)
  • Artificial Intelligence (AREA)
  • General Engineering & Computer Science (AREA)
  • Molecular Biology (AREA)
  • Mathematical Physics (AREA)
  • General Health & Medical Sciences (AREA)
  • Evolutionary Computation (AREA)
  • Data Mining & Analysis (AREA)
  • Computational Linguistics (AREA)
  • Biophysics (AREA)
  • Biomedical Technology (AREA)
  • Computing Systems (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Game Theory and Decision Science (AREA)
  • Health & Medical Sciences (AREA)
  • Marketing (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • General Business, Economics & Management (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses an industrial Internet of things data space access risk assessment method based on deep learning, and relates to the technical field of Internet of things access risk assessment. The method includes the steps that access behavior data of a data space are recorded, a single terminal data access behavior vector is constructed, and then an association topology matrix is constructed based on the correlation among a plurality of terminal access vectors; then, based on a deep learning mechanism, a single-terminal access risk assessment and data space access risk assessment deep learning model is trained respectively, so that risk rating of single-terminal access behaviors and risk rating of data space data safety of the Internet of things are achieved. According to the method, the terminal access and the joint evaluation of the data space risk are realized aiming at the data access of the data space of the industrial Internet of things, the comprehensiveness of the evaluation is expanded, the accuracy of the risk evaluation is improved by utilizing a deep learning mechanism, and the operation risk of the industrial Internet of things is reduced.

Description

Industrial Internet of things data space access risk assessment method based on deep learning
Technical Field
The invention relates to the technical field of risk assessment of the Internet of things, in particular to an industrial Internet of things data space access risk assessment method based on deep learning.
Background
Data information is a long-term, important business asset that plays an important role in the business's survival in an increasingly competitive market, requiring protection like any other form of valuable asset. The manufacturing enterprise data space in the industrial Internet of things has the characteristics of dynamic evolution and data sharing, and meanwhile, the contradiction between enterprise data sharing and privacy exists. Therefore, risk assessment becomes an important method for solving the security problem of enterprise data space data, and the aim of the risk assessment is to verify and evaluate the risks faced by the data assets, to prevent and solve the security risks, and to control the risks to an acceptable level, so as to guarantee the data security to the maximum extent.
At present, how to realize multi-angle data space risk assessment is still a difficult problem. The prior art is lack of research on data space risk assessment, and effective risk assessment on data space access behaviors and data space data safety cannot be performed. In addition, in various algorithms of machine learning, problems of precision, parameter quantity, implementation complexity and the like are involved, so that the problems that the accuracy is not high, the adaptability is low and the complex relation among the access behaviors of the terminals is difficult to effectively reflect and analyze are caused during risk assessment.
Therefore, it is necessary to provide an industrial internet of things data space access risk assessment method based on deep learning to solve the above problems.
Disclosure of Invention
Technical problem to be solved
The invention aims to provide an industrial Internet of things data space access risk assessment method based on deep learning, and aims to solve the problems that in the prior art, the industrial Internet of things data space access risk assessment method is low in accuracy and adaptability and complex relationships among terminal access behaviors are difficult to effectively reflect and analyze.
(II) technical scheme
In order to realize multi-angle risk assessment of data space data access safety of the industrial Internet of things and improve assessment accuracy, the invention uses a complex network theory and a deep learning method to construct a deep learning model, and respectively completes access behaviors to a terminal and risk rating of data safety of a data space so as to assess risk of data space access.
In order to achieve the purpose, the invention is realized by the following technical scheme: a deep learning-based industrial Internet of things data space access risk assessment method specifically comprises the following steps: recording and structurally storing access behavior data of a user terminal access data space, and constructing a terminal access behavior vector according to the access behavior data; establishing a multi-terminal access behavior data association network according to the plurality of terminal access behavior vectors to obtain a data space access association matrix; constructing a single-terminal deep learning model and a data space deep learning model, and performing parameter estimation on parameters to be optimized of a deep neural network, wherein the parameters to be optimized comprise weight parameters and bias parameters; training a single-terminal deep learning model by using a training data set constructed by the terminal access behavior vector, and training a data space deep learning model by using a training data set constructed by the data space access incidence matrix; acquiring real-time access data of a data space, and realizing risk assessment of terminal access behaviors and risk assessment of data space safety by using a single-terminal deep learning model and a data space deep learning model.
Preferably, the access behavior data includes, but is not limited to, access trace, data download request, copy, address sharing, operation interval time, and illegal operation.
Preferably, the method for constructing the terminal access behavior vector includes: respectively representing a series of access behavior data of each unit time of the terminal as
Figure 164281DEST_PATH_IMAGE001
Wherein
Figure 377088DEST_PATH_IMAGE003
Then the terminal access behavior vector is represented as
Figure 958242DEST_PATH_IMAGE005
Preferably, the data space access correlation matrix is obtained by the following method:by utilizing a complex network theory, based on the relevance among different terminal access behavior vector data, with the terminal as a node and the relevance among the terminal access behavior vector data as an edge, a multi-terminal access behavior data correlation network is constructed to obtain a data space access correlation matrix
Figure DEST_PATH_IMAGE007
Figure 699933DEST_PATH_IMAGE008
In the formula (I), the compound is shown in the specification,
Figure 632117DEST_PATH_IMAGE007
representing the data space access correlation matrix,
Figure 914193DEST_PATH_IMAGE009
presentation terminalnAnd terminalmThe correlation between the behavior vectors, the stronger the correlation between two nodes,
Figure 615433DEST_PATH_IMAGE009
the closer to 1 the value of (a) is,
Figure 50395DEST_PATH_IMAGE011
indicating that the access behavior vectors of the two terminals are unrelated.
Preferably, the parameter estimation of the parameter to be optimized of the deep neural network includes the following steps: calculating to obtain the distribution of the weight parameter and the bias parameter; sampling and combining the distribution for multiple times to obtain a combined set; and carrying out multiple tests based on the same characteristic, and optimizing the weight parameter and the bias parameter.
Preferably, the parameters to be optimized of the deep neural network further include the number of layers of the deep neural network, the learning rate and the number of iterations.
(III) advantageous effects
Compared with the prior art, the invention provides an industrial Internet of things data space access risk assessment method based on deep learning, which has the following beneficial effects: compared with the prior art, the risk assessment method based on deep learning is characterized in that a deep learning technology is used, a terminal access behavior vector and a data space data access correlation matrix are constructed based on quantification of access behaviors such as access traces, data downloading requests, copying, address sharing, operation interval time, illegal operation and the like, and a deep learning model is utilized to realize multi-angle assessment of data space access risks, improve assessment accuracy and effectively reduce enterprise data risks.
Drawings
FIG. 1 is a block flow diagram of the architecture of the present invention.
Detailed Description
In order to realize multi-angle risk assessment of data space data access safety of the industrial Internet of things and improve assessment accuracy, the invention uses a complex network theory and a deep learning method to construct a deep learning model, and respectively completes access behaviors to a terminal and risk rating of data safety of a data space so as to assess risk of data space access.
The industrial internet of things data space access risk assessment method based on deep learning, provided by the invention, has a flow diagram as shown in fig. 1, and mainly comprises the following steps:
1. and recording access behavior data of the user terminal accessing the data space, wherein the access behavior data comprises but is not limited to access traces, data downloading requests, copying, address sharing, operation interval time, illegal operation and the like.
2. Formatting the access behavior data information into storable structured data; record unit timetIn the method, the terminal accesses various behavior operations of the data space, and different weight coefficients are set according to different behaviors
Figure 469875DEST_PATH_IMAGE013
Wherein
Figure 555643DEST_PATH_IMAGE015
And define
Figure 111389DEST_PATH_IMAGE017
(ii) a Unit timetIn the method, the access behavior value of the terminal is expressed as
Figure 257199DEST_PATH_IMAGE018
(ii) a And finally, according to the time sequence, constructing the behavior quantization numerical value of the terminal in each unit time into a terminal data access behavior vector, wherein the terminal access behavior vector is expressed as
Figure 632817DEST_PATH_IMAGE019
3. And constructing a multi-terminal access behavior data association network by using a complex network theory and based on the association between different terminal access behavior vector data, taking the terminal as a node and the association between the terminal access behavior vector data as an edge.
Assuming co-recording of access data spaceMThe access behavior vector of the individual terminal is,
Figure 256696DEST_PATH_IMAGE021
wherein
Figure 932528DEST_PATH_IMAGE023
For corresponding time sampling points, terminals
Figure 983661DEST_PATH_IMAGE024
Using time delay
Figure 112154DEST_PATH_IMAGE026
Embed it intodIn the dimensional space:
Figure 271215DEST_PATH_IMAGE027
for terminalmAny two embedded vectors of access behavior vectors
Figure 801554DEST_PATH_IMAGE029
And
Figure 554746DEST_PATH_IMAGE031
is less than the distance parameter
Figure 904956DEST_PATH_IMAGE033
The probability of (d) is noted as:
Figure 870638DEST_PATH_IMAGE034
in the formula (I), the compound is shown in the specification,
Figure 255483DEST_PATH_IMAGE036
parameters to avoid the influence of autocorrelation on the calculation;
Figure 913998DEST_PATH_IMAGE038
a parameter to measure temporal resolution for sharpening synchronization;
Figure 17083DEST_PATH_IMAGE036
and
Figure 786456DEST_PATH_IMAGE038
the value of (A) is required to satisfy
Figure 25807DEST_PATH_IMAGE040
,
Figure 858153DEST_PATH_IMAGE042
Is a unit step function. For terminalmAccess behavior vector of
Figure 182955DEST_PATH_IMAGE044
Critical distance parameter of
Figure 756018DEST_PATH_IMAGE046
By
Figure 115456DEST_PATH_IMAGE048
Determining:
Figure DEST_PATH_IMAGE050
in the formula, parameter
Figure DEST_PATH_IMAGE052
Describing reconstructed embedded vector proximity
Figure DEST_PATH_IMAGE054
The ratio of (a) to (b).
Calculating the correlation between different terminal access vectors by adopting a synchronous likelihood method, and aiming at the terminalmSynchronous likelihood coefficient values in time windows
Figure DEST_PATH_IMAGE056
Comprises the following steps:
Figure 663243DEST_PATH_IMAGE057
in the formula (I), the compound is shown in the specification,Hthe number of inline vectors that are very close or synchronized in the time window is represented by:
Figure 475341DEST_PATH_IMAGE058
then is attTime of day, terminalmThe synchronization values for other terminals are:
Figure DEST_PATH_IMAGE059
in the formula (I), the compound is shown in the specification,
Figure DEST_PATH_IMAGE061
has a value of
Figure DEST_PATH_IMAGE063
And (2) the number of the first and second groups is between 1,
Figure DEST_PATH_IMAGE065
it is shown that there is no correlation between terminal access behaviors,
Figure DEST_PATH_IMAGE067
the complete correlation between the terminals is illustrated.
Based on the method, the access incidence matrix among the access behaviors of each terminal is calculated, and the data space access incidence matrix is obtained
Figure 272002DEST_PATH_IMAGE007
Figure 485946DEST_PATH_IMAGE068
In the formula (I), the compound is shown in the specification,
Figure 391585DEST_PATH_IMAGE069
presentation terminalnAnd terminalmThe correlation between the behavior vectors, the stronger the correlation between two nodes,
Figure 690979DEST_PATH_IMAGE009
the closer to 1.
4. The method comprises the following steps of training a single-terminal deep learning model by using a training data set constructed by a terminal access behavior vector, training a data space deep learning model by using a training data set constructed by a data space access incidence matrix, and performing parameter estimation on parameters to be optimized of a deep neural network, and comprises the following steps: calculating to obtain the distribution of the weight parameter and the bias parameter; sampling and combining the distribution for multiple times to obtain a combined set; and carrying out multiple tests based on the same characteristic, and optimizing the weight parameter and the bias parameter.
It should be noted that, for the selection of the parameter to be optimized, adaptive selection may be performed according to a specific scene and a service requirement, which is described above only as a preferred example and cannot be understood as a limitation to the present invention, in other examples, the parameter to be optimized further includes the number of layers, the number of iterations, and the learning rate of the deep neural network, the data space real-time access data is obtained, and two deep learning models are respectively used to implement risk assessment of the terminal access behavior and risk assessment of data space security.
The block flow diagrams shown in fig. 1 are only functional entities and do not necessarily correspond to physically separate entities, i.e. the functional entities may be implemented in software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (6)

1. The invention discloses an industrial Internet of things data space access risk assessment method based on deep learning, which is characterized by comprising the following steps:
(1) recording and structurally storing access behavior data of a user terminal access data space, and constructing a terminal access behavior vector according to the access behavior data;
(2) establishing a multi-terminal access behavior data association network according to the plurality of terminal access behavior vectors to obtain a data space access association matrix;
(3) constructing a single-terminal deep learning model and a data space deep learning model, and performing parameter estimation on parameters to be optimized of a deep neural network, wherein the parameters to be optimized comprise weight parameters and bias parameters;
(4) training a single-terminal deep learning model by using a training data set constructed by the terminal access behavior vector, and training a data space deep learning model by using a training data set constructed by the data space access incidence matrix;
(5) acquiring real-time access data of a data space, and realizing risk assessment of terminal access behaviors and risk assessment of data space safety by using a single-terminal deep learning model and a data space deep learning model.
2. The industrial internet of things data space access risk assessment method based on deep learning of claim 1, wherein: the access behavior data in the step (1) includes but is not limited to access traces, data download requests, copying, address sharing, operation interval time and illegal operations.
3. The industrial internet of things data space access risk assessment method based on deep learning of claim 1, wherein: the method for constructing the terminal access behavior vector in the step (1) comprises the following steps: respectively representing a series of access behavior data of each unit time of the terminal as
Figure DEST_PATH_IMAGE002
Wherein
Figure DEST_PATH_IMAGE004
Then the terminal access behavior vector is represented as
Figure DEST_PATH_IMAGE006
4. The industrial internet of things data space access risk assessment method based on deep learning of claim 1, wherein: the data space access incidence matrix in the step (2) is obtained by the following method: by utilizing a complex network theory, based on the relevance among different terminal access behavior vector data, with the terminal as a node and the relevance among the terminal access behavior vector data as an edge, a multi-terminal access behavior data correlation network is constructed to obtain a data space access correlation matrix
Figure DEST_PATH_IMAGE008
Figure DEST_PATH_IMAGE010
In the formula (I), the compound is shown in the specification,
Figure 808010DEST_PATH_IMAGE008
representing the data space access correlation matrix,
Figure DEST_PATH_IMAGE012
presentation terminalnAnd terminalmThe correlation between the behavior vectors, the stronger the correlation between two nodes,
Figure DEST_PATH_IMAGE013
the closer to 1 the value of (a) is,
Figure DEST_PATH_IMAGE015
indicating that the access behavior vectors of the two terminals are unrelated.
5. The industrial internet of things data space access risk assessment method based on deep learning of claim 1, wherein: the parameter estimation for the parameters to be optimized of the deep neural network in the step (3) comprises the following steps: calculating to obtain the distribution of the weight parameter and the bias parameter; sampling and combining the distribution for multiple times to obtain a combined set; and carrying out multiple tests based on the same characteristic, and optimizing the weight parameter and the bias parameter.
6. The industrial internet of things data space access risk assessment method based on deep learning of claim 1, wherein: the parameters to be optimized of the deep neural network in the step (3) further comprise the number of layers of the deep neural network, the learning rate and the iteration times.
CN202111295417.1A 2021-11-03 2021-11-03 Industrial Internet of things data space access risk assessment method based on deep learning Pending CN113962591A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111295417.1A CN113962591A (en) 2021-11-03 2021-11-03 Industrial Internet of things data space access risk assessment method based on deep learning

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111295417.1A CN113962591A (en) 2021-11-03 2021-11-03 Industrial Internet of things data space access risk assessment method based on deep learning

Publications (1)

Publication Number Publication Date
CN113962591A true CN113962591A (en) 2022-01-21

Family

ID=79469035

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111295417.1A Pending CN113962591A (en) 2021-11-03 2021-11-03 Industrial Internet of things data space access risk assessment method based on deep learning

Country Status (1)

Country Link
CN (1) CN113962591A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117037349A (en) * 2023-08-28 2023-11-10 珠海市辰宇智能技术有限公司 Face recognition technology and data interaction service management and control method and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117037349A (en) * 2023-08-28 2023-11-10 珠海市辰宇智能技术有限公司 Face recognition technology and data interaction service management and control method and system
CN117037349B (en) * 2023-08-28 2024-02-20 珠海市辰宇智能技术有限公司 Face recognition technology and data interaction service management and control method and system

Similar Documents

Publication Publication Date Title
TWI764640B (en) Training method and device for anomaly detection model based on differential privacy
CN111669366B (en) Localized differential private data exchange method and storage medium
WO2019114344A1 (en) Graphical structure model-based method for prevention and control of abnormal accounts, and device and equipment
Chang et al. A sieve bootstrap for the test of a unit root
US8924402B2 (en) Generating a test workload for a database
Xiao et al. Anomaly-tolerant network traffic estimation via noise-immune temporal matrix completion model
CN111475838B (en) Deep neural network-based graph data anonymizing method, device and storage medium
JP2016531513A (en) Method and apparatus for utility-aware privacy protection mapping using additive noise
Bao et al. Estimating positive surveys from negative surveys
CN113240505B (en) Method, apparatus, device, storage medium and program product for processing graph data
Wang et al. Correlated tuple data release via differential privacy
JP2016535898A (en) Method and apparatus for utility privacy protection mapping considering collusion and composition
CN115378988A (en) Data access abnormity detection and control method and device based on knowledge graph
CN113962591A (en) Industrial Internet of things data space access risk assessment method based on deep learning
Bourguignon et al. Parametric modal regression with varying precision
CN110502919B (en) Track data de-anonymization method based on deep learning
CN116484192A (en) Abnormal node detection method of unsupervised heteroleptic heterograph
Sela et al. Computationally efficient methods for two multivariate fractionally integrated models
Lian et al. Partially linear structure selection in Cox models with varying coefficients
Pindza et al. Robust spectral method for numerical valuation of european options under Merton's jump‐diffusion model
Su Multivariate local polynomial regression with application to Shenzhen component index
Chandra et al. Small area estimation of proportions with different levels of auxiliary data
US11068481B2 (en) Optimized full-spectrum order statistics-based cardinality estimation
CN116383502A (en) Information pushing method and system based on electronic commerce
WO2023050649A1 (en) Esg index determination method based on data complementing, and related product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination