CN114050976B - Privacy protection-oriented IOT equipment communication method and system - Google Patents

Privacy protection-oriented IOT equipment communication method and system Download PDF

Info

Publication number
CN114050976B
CN114050976B CN202111208433.2A CN202111208433A CN114050976B CN 114050976 B CN114050976 B CN 114050976B CN 202111208433 A CN202111208433 A CN 202111208433A CN 114050976 B CN114050976 B CN 114050976B
Authority
CN
China
Prior art keywords
training
equipment
model
iot
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111208433.2A
Other languages
Chinese (zh)
Other versions
CN114050976A (en
Inventor
刘亚萍
陈兵
张硕
陈杰
韩志宇
杨智凯
沈方宇
吕兴昱
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou University
Original Assignee
Guangzhou University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou University filed Critical Guangzhou University
Priority to CN202111208433.2A priority Critical patent/CN114050976B/en
Publication of CN114050976A publication Critical patent/CN114050976A/en
Application granted granted Critical
Publication of CN114050976B publication Critical patent/CN114050976B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Abstract

The invention discloses a privacy protection-oriented IOT equipment communication method and a privacy protection-oriented IOT equipment communication system, wherein the method comprises the following steps: step S1, a gateway receives a DHCP request of an IOT device; s2, analyzing the DHCP request, and carrying out edge computing service notification or normally forwarding information of the IOT equipment; step S3, the cloud server initiates a FL training calculation request to the gateway or the type two IOT equipment; step S4, the gateway or the type two IOT equipment processes the FL training calculation request, FL training is carried out, and the trained model is sent to the cloud server; step S5, the cloud server receives models sent by a plurality of gateways or a plurality of type two IOT devices, aggregates the models of the same type, and issues the aggregated new models; step S6, the gateway or the type two IOT equipment performs FL reasoning processing according to the updated model; step S7, the cloud server sends FL training calculation ending requests or performs automatic ending processing.

Description

Privacy protection-oriented IOT equipment communication method and system
Technical Field
The invention relates to the technical field of privacy protection of IOT (Internet of Things ) equipment, in particular to an IOT equipment communication method and system facing privacy protection.
Background
With the advent of the internet of things era, the number of internet of things devices has increased from 134 billions in 2015 to 385 billions in 2020. The latest reports of global internet growth and trends by cisco indicate that the number of smart home devices will grow from 1800 tens of thousands in 2017 to 2850 tens of thousands in 2022, just as part of IOT devices. At the same time, the user privacy information involved behind the device and data growth will cause the privacy leakage problem of IOT devices to enter the whitish phase. In europe, since month 5 of 2018, the official enforcement of general data protection regulations (General Data Protection Regulation, GDPR for short) requires service providers to pay a huge fine when personal data abuse or user privacy infringement occurs, which legal measures to some extent require equipment manufacturers to pay attention to privacy infringement issues, but the issue of privacy leakage of IOT devices is still increasingly prominent. Therefore, how to effectively protect the private data of IOT devices has become an important issue to be solved by current IOT devices.
The prior published material does not see the communication method of the IOT device under the premise of privacy protection, so in order to solve the problem of possible disclosure of the user original data privacy between the IOT device and the corresponding cloud service, it is necessary to provide an IOT device communication technology for protecting the user data privacy.
Disclosure of Invention
In order to overcome the defects of the prior art, the invention aims to provide the IOT equipment communication method and the IOT equipment communication system for privacy protection, so as to protect the original data information collected by the IOT equipment, protect the original data information of the IOT equipment belonging to the user from being used by cloud services of the IOT equipment manufacturer without permission of the user, and protect the original data information of the IOT equipment belonging to the user from uploading the cloud services of the IOT equipment manufacturer as much as possible when the user obtains the cloud services of the IOT equipment manufacturer, thereby achieving the purpose of protecting the data right and the privacy right of the user.
In order to achieve the above purpose, the present invention provides a privacy protection-oriented IOT device communication method, which includes the following steps:
step S1, gateway equipment of the Internet of things receives a DHCP request of accessed IOT equipment;
s2, analyzing the received DHCP request, and carrying out edge computing service notification or normally forwarding information of the IOT equipment according to an analysis result;
step S3, a cloud server of a device manufacturer initiates an intelligent service FL training calculation request to the gateway device of the Internet of things or the IOT device which needs intelligent service but has model training capability;
step S4, the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has model training capability processes the FL training calculation request, FL training is carried out according to the request, and the trained model is sent to the cloud server of the equipment manufacturer after being processed by the privacy protection technology means;
Step S5, the cloud server of the equipment manufacturer receives models sent by a plurality of gateway equipment of the Internet of things or a plurality of IOT equipment which needs intelligent service but has model training capability, aggregates the similar models, and sends the aggregated new models to the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has model training capability;
s6, performing FL reasoning processing by the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has model training capability according to the received updated model;
and S7, the cloud server of the equipment manufacturer sends a FL training calculation ending request or carries out automatic ending processing.
Preferably, the DHCP request adopts an extension field of DHCP protocol to specify an address of a cloud service, for IOT devices that need intelligent services but do not have model training capabilities, the extension field of DHCP protocol in the DHCP request sent by the IOT devices specifies an address of a cloud server, and for IOT devices that need intelligent services but have model training capabilities or IOT devices that do not need intelligent services conventionally, the extension field of DHCP protocol in the DHCP request sent by the IOT devices is null.
Preferably, in step S2, when the content of the extension field of the DHCP protocol is resolved, if the content is not null, the address of the cloud service of the IOT device is obtained, the cloud server addresses of the IOT devices of different types are recorded according to the host name of the IOT device, and an edge computing service notification including at least the host name of the device and notifying that the device manufacturer can perform the FL training computing service is issued to the cloud server of the device manufacturer according to the cloud server address; if the information is empty, the internet of things gateway equipment distributes an IP address for the IOT equipment and normally forwards the information of the equipment.
Preferably, in step S3, after the cloud server of the device manufacturer receives the edge computing service notification of the gateway device of the internet of things, the connection of the newly added gateway and the hostname of the device are recorded, and an intelligent service FL training computing request is initiated to the gateway device of the internet of things according to the need; after the cloud server of the equipment manufacturer receives the message which is forwarded by the IOT equipment which needs intelligent service and has the model training capability through the intelligent gateway, the connection of the IOT equipment which needs intelligent service and has the model training capability and the id of the corresponding identifier are recorded, and an intelligent service FL training calculation request is initiated to the IOT equipment which needs intelligent service and has the model training capability according to the requirement.
Preferably, the FL training calculation request is packaged based on WebSocket protocol, and the parameter content indicates how much CPU and how much memory resource is required to be occupied.
Preferably, step S4 further comprises:
step S400, the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has model training capability judges whether local CPU and memory resources are larger than the resources of the training calculation request according to the FL training calculation request, if yes, a confirmation message is returned to the cloud server, and the step S401 is entered, otherwise, a message indicating insufficient resources is returned to the cloud server, and the step S3 is entered;
Step S401, sending a GET request to a cloud server of a device manufacturer to request downloading of configuration files required by FL training, wherein the configuration files comprise a network structure, an initial model, super parameters, training times and the like;
step S402, FL training is carried out by using the obtained configuration file, and after training is finished, the trained model is processed by the privacy protection technology means and then is sent to a cloud server of a device manufacturer without sending original data.
Preferably, step S5 further comprises:
step S500, receiving the trained models sent by a plurality of gateway devices of the Internet of things or a plurality of IOT devices which need intelligent services but have model training capability.
Step S501, if the number of the received similar models reaches a preset threshold, expanding and polymerizing the similar models in a network structure and parameter mode to form a new model, and if the accuracy of the new model is higher than that of the original model, replacing the original model with the new model;
step S502, the updated model is issued to the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has model training capability.
Preferably, in step S501, if the number of the received similar models reaches a preset threshold, the models to be aggregated are expanded and summed in the form of adding parameters to the network structure by using the pyrerch, the parameters are averaged, and finally, the new parameters are saved as new models by using the original network structure, and the accuracy of the new models is judged, if the accuracy of the new models is higher than that of the original models, the models are updated, the new models replace the original models, step S502 is entered, otherwise, the models are not updated, the parameters are adjusted to perform the next training, and step S3 is returned.
Preferably, step S6 further comprises:
step S600, after the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has model training capability receives an updated model of the cloud server of the equipment manufacturer, replacing an old model, and utilizing the new model to carry out reasoning service;
in step S601, during the running process of the reasoning service, the identified data and categories are stored in the gateway device of the internet of things or the IOT device that needs intelligent service but has model training capability, and the user performs screening and adjusts the pre-labeled position, and then adds the pre-labeled data into the FL training data set.
In order to achieve the above object, the present invention further provides a privacy protection-oriented IOT device communication system, which includes:
the IOT equipment comprises IOT equipment which needs intelligent service and has no model training capability, IOT equipment which needs intelligent service and has model training capability and conventional IOT equipment which does not need intelligent service, and is used for sending a DHCP request to the gateway equipment of the Internet of things according to the type of the IOT equipment; when intelligent service is needed and the IOT equipment with model training capability receives an FL training calculation request of a cloud server of an equipment manufacturer, FL training is carried out, and the trained model is sent to the cloud server of the equipment manufacturer after being processed by a privacy protection technical means; when the IOT equipment which needs intelligent service and has model training capability receives an update model transmitted by equipment manufacturer cloud service, performing FL reasoning according to the received update model; when receiving a FL training calculation ending request of a cloud server of a device manufacturer, closing a currently calculated service and waiting for a new request;
The gateway equipment of the Internet of things is used for receiving and analyzing the DHCP request of the accessed IOT equipment, and carrying out edge computing service notification or normally forwarding the information of the IOT equipment according to the analysis result; performing FL training when receiving the FL training calculation request of the cloud server of the equipment manufacturer, and transmitting the trained model to the cloud server of the equipment manufacturer after being processed by a privacy protection technical means; when receiving an update model transmitted by a cloud server of a device manufacturer, performing FL reasoning according to the received update model; when receiving a FL training calculation ending request of a cloud server of a device manufacturer, closing a currently calculated service and waiting for a new request;
the cloud server of the equipment manufacturer is used for receiving the edge computing service notification sent by the gateway equipment of the Internet of things and the message of the normally forwarded IOT equipment, and initiating an intelligent service FL training computing request to the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has no model training capability per se according to the requirement; when a GET request of a configuration file required by FL training is received, the configuration file is transmitted to the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has no model training capability per se; when similar models sent by a plurality of gateway devices of the Internet of things or a plurality of IOT devices which need intelligent service but have no model training capability per se are received, performing aggregation model processing; and sending a FL training calculation ending request to the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but does not have model training capability per se, or carrying out automatic ending processing.
Compared with the prior art, the IOT equipment communication method and system for privacy protection can protect the original data information collected by the IOT equipment, protect the IOT equipment original data information belonging to the user from being used by the IOT equipment manufacturer cloud service without the permission of the user, and protect the IOT equipment original data information belonging to the user from uploading the IOT equipment manufacturer cloud service as much as possible when the user obtains the IOT equipment manufacturer cloud service, so that the purposes of protecting the data right and privacy right of the user are achieved.
Drawings
FIG. 1 is a system architecture diagram of a privacy preserving IOT device communication system of the present invention;
FIG. 2 is a flow chart of steps of a communication method of an IOT device facing privacy protection of the present invention;
fig. 3 is a schematic diagram of an extension field of a DHCP protocol according to an embodiment of the present invention;
fig. 4 is a flow chart of an embodiment of the present invention.
Detailed Description
Other advantages and effects of the present invention will become readily apparent to those skilled in the art from the following disclosure, when considered in light of the accompanying drawings, by describing embodiments of the present invention with specific embodiments thereof. The invention may be practiced or carried out in other embodiments and details within the scope and range of equivalents of the various features and advantages of the invention.
Fig. 1 is a system architecture diagram of an IOT device communication system for privacy protection in accordance with the present invention. As shown in fig. 1, the IOT device communication system for privacy protection of the present invention includes:
IOT device 10, which includes three types of IOT devices, is configured to send a DHCP request to an internet of things gateway device according to its own type; when the IOT equipment with the model training capability receives the FL training calculation request of the equipment manufacturer cloud server 30, FL training is carried out, and the trained model is processed by a privacy protection technical means and then is sent to the equipment manufacturer cloud server; when the IOT device that needs intelligent service but has model training capability itself receives the update model transmitted by the device manufacturer cloud server 30, performing FL inference processing according to the received update model; when receiving the FL training calculation end request of the cloud server 30 of the equipment manufacturer, the service of the current calculation is closed, and a new request is waited for.
In the present invention, IOT devices are classified into three types:
for the type one device which needs intelligent service but has no model training capability, because the type one device has no model training capability, the calculated service needs to be calculated by a gateway at an edge, when the type one device is connected with the intelligent gateway device through wires and wireless, the address of a cloud server is specified by using an extension field of a DHCP protocol, namely the intelligent gateway needs to register with a cloud manufacturer of the type one device, namely, the address of a cloud server of the device manufacturer is specified in the extension field of the DHCP protocol in a DHCP request sent by the type one device.
Type two, the device that needs intelligent service but has model training capability, and the device with the different part of type one is that the calculated service can run on the device, the IOT device connects the intelligent gateway through wire or wireless, the DHCP protocol extension field of the address used for designating cloud service in the DHCP request sent by the IOT device is null, and the gateway is not required to register with the cloud manufacturer of the IOT device.
When the IOT device of the second type receives the FL training calculation request from the cloud server 30 of the device manufacturer, performs FL training, and sends the trained model to the cloud server of the device manufacturer after being processed by the privacy protection technology, the process is as follows:
judging whether the local CPU and memory resources are larger than the resources of the training calculation request according to the FL training calculation request, if yes, returning a confirmation message to the cloud server, otherwise, returning a message indicating insufficient resources to the cloud server.
Specifically, after receiving a training request message from a cloud server of a device manufacturer, the IOT device in the second class processes an intelligent service FL training calculation request of the IOT device manufacturer, determines whether a local CPU and memory resource are larger than the resource of the training calculation request, if so, returns a message based on WebSocket protocol to the cloud server, the message content indicates that training can be performed, and if not, returns a message based on WebSocket protocol to the cloud server, and the message content indicates that the resource is insufficient at the moment.
A GET request is sent to the device vendor cloud server to request that the configuration files needed for FL training be downloaded for FL training, including but not limited to network structure, initial model, super parameters, how many times to train, etc.
Specifically, the IOT device of the second class sends a GET request to the cloud service of the IOT device manufacturer through the HTTP protocol to request to download a configuration file required for FL training, where the configuration file includes a network structure, an initial model, super parameters, how many training rounds, and the like, and after the downloading is completed, the IOT device of the second class starts to perform FL training.
After training, the trained model is processed by the privacy protection technology means and then is sent to a cloud server of a device manufacturer without sending original data.
Specifically, after training is completed, the trained model is processed by a known privacy protection technology means (for example, certain noise is added to differential privacy), and the trained model processed by the privacy protection technology means is uploaded through a POST request of the HTTP protocol, so that data of a user is not uploaded, and the process prevents privacy leakage to a certain extent.
When the IOT device of the second type receives the update model transmitted by the device vendor cloud server 30, FL inference processing is performed according to the received update model. Specifically, after receiving an updated model of a cloud server of a device manufacturer, the IOT device of the second type replaces the old model, performs inference service with the new model, stores the identified data and categories in the device during the operation of the inference service, screens and adjusts the pre-labeled positions by a user, and then adds the data and categories into the data set of FL training.
When the IOT device of type two receives the FL training calculation end request of the cloud server 30 of the device vendor, the service of the current calculation is closed, and a new request is waited for.
Here, it should be noted that, the message passing between the IOT device of the second type and the cloud server 30 of the device manufacturer is forwarded by the internet of things gateway device 20.
The third type is traditional IOT devices which do not need intelligent services, after the IOT devices access the intelligent gateway through wires or wirelessly, DHCP protocol extension fields for designating addresses of cloud services in DHCP requests sent by the IOT devices are also empty, the gateway is not required to register with cloud manufacturers of the IOT devices, and other messages are normally forwarded through the gateway device 20 of the internet of things.
The gateway device 20 of the internet of things is configured to receive and parse a DHCP request of an accessed IOT device, and perform edge computing service notification or forward a message of the IOT device normally according to a parsing result; when receiving the FL training calculation request of the cloud server 30 of the equipment manufacturer, performing FL training, and transmitting the trained model to the cloud server of the equipment manufacturer after being processed by the privacy protection technology means; when receiving the update model transmitted by the equipment manufacturer cloud server 30, performing FL reasoning processing according to the received update model; when receiving the FL training calculation end request of the cloud server 30 of the equipment manufacturer, the service of the current calculation is closed, and a new request is waited for.
Specifically, the internet of things gateway apparatus 20 further includes:
the DHCP request parsing module 201 is configured to parse the received DHCP request, and perform edge computing service notification or forward the message of the IOT device normally according to the parsing result.
Specifically, after receiving a DHCP request of an IOT device, the DHCP request parsing module 201 parses out an extension field content of a DHCP protocol, if the DHCP request is not empty, which indicates that the current IOT device is an IOT device of type one, then obtains an address of a cloud service of the IOT device, records cloud service addresses of different IOT devices of type one according to a hostname of the IOT device, for example, maintains a list after the device is accessed to save cloud service addresses of different IOT devices of type one and device manufacturers, and issues an edge computing service announcement to the cloud service address, in the embodiment of the present invention, the edge computing service announcement is encapsulated based on WebSocket protocol, and the message content includes at least a hostname of the device and informs the device manufacturers to perform FL (Federated Learning, federal learning) training computing service; if the analyzed extension field content of the DHCP protocol is empty, the current IOT equipment is the IOT equipment of the second type or the third type, the IP address is distributed to the IOT equipment by the gateway equipment of the Internet of things, and the message of the equipment is forwarded normally.
The FL training calculation request processing module 202 is configured to process the FL training calculation request sent by the cloud server 30 of the equipment manufacturer, determine whether training can be performed, acquire a configuration file required for training from the cloud server of the equipment manufacturer and perform FL training when determining that training can be performed, and send the trained model to the cloud server 30 of the equipment manufacturer after processing the model by the privacy protection technology without sending the original data.
Specifically, the FL training calculation request processing module 202 further includes:
and the FL training calculation request feedback unit is used for judging whether the local CPU and memory resources are larger than the resources of the training calculation request according to the FL training calculation request, if so, returning a confirmation message to the cloud server 30 of the equipment manufacturer, entering the configuration file request unit to request the configuration file of FL training from the cloud server 30, and if not, returning a message indicating insufficient resources to the cloud server 30 of the equipment manufacturer.
Specifically, after the FL training calculation request processing module 202 receives the message that the server requests training, it processes the FL training calculation request of the IOT device manufacturer cloud server 30, determines whether the local CPU and memory resources are larger than the resources of the training calculation request, if yes, returns a message based on WebSocket protocol to the cloud server, the message content indicates that training can be performed, enters the configuration file requesting unit to request the configuration file of FL training to the cloud server 30, if not, returns a message based on WebSocket protocol to the server, and the message content indicates that the resources are insufficient at this time.
A profile request unit, configured to send a GET request to the device vendor cloud server 30 to request to download a profile required for FL training, where the profile includes, but is not limited to, a network structure, an initial model, super parameters, how many training rounds, and the like.
Specifically, when it is determined that training can be performed, the internet of things gateway device sends a GET request to the cloud server 30 of the IOT device manufacturer through the HTTP protocol by using the configuration file request unit, so as to request downloading of the configuration file required for FL training, including the network structure, the initial model, the super parameters, how many training rounds, and the like.
And the FL training processing unit is used for performing FL training according to the configuration file, processing the trained model by the privacy protection technology means after the training is finished, and transmitting the processed model to a cloud server of a device manufacturer without transmitting original data.
Specifically, after the downloading of the configuration file is completed, the FL training processing unit starts FL training, and after the training is completed, the trained model is processed by a known privacy protection technology means (for example, a certain noise is added to differential privacy), and then the trained model processed by the privacy protection technology means is uploaded through a POST request of the HTTP protocol, so that the user data is not uploaded, and the process prevents privacy leakage to a certain extent.
The FL inference processing module 203 is configured to perform FL inference processing according to the received update model when the update model is received.
Specifically, the FL inference processing module 203 further includes:
a model replacement unit for replacing the old model to utilize the new model for reasoning service after receiving the updated model of the cloud server 30 of the equipment manufacturer
And the FL inference unit is used for carrying out inference service by utilizing the new model, storing the identified data and categories in the gateway equipment of the Internet of things in the running process of the inference service, screening and adjusting the pre-marked positions by the user, and then adding the data into the FL training data set.
The FL training calculation end request receiving processing module 204 is configured to, when receiving the FL training calculation end request of the cloud server 30 of the equipment manufacturer, close the service of the current calculation and wait for a new request.
The cloud server 30 of the device manufacturer is configured to receive the edge computing service notification sent by the gateway device 20 of the internet of things and the message of the IOT device forwarded normally, and initiate an intelligent service FL training computing request to the gateway device 20 of the internet of things or the IOT device 10 of the second class as required; when a GET request of a configuration file required by FL training is received and requested to be downloaded by the gateway equipment 20 of the Internet of things or the IOT equipment 10 of the class II, the configuration file is transmitted to the gateway equipment 20 of the Internet of things or the IOT equipment 10 of the class II; after receiving the similar models sent by the plurality of internet of things gateway devices 20 or the plurality of IOT devices 10 of the type two, performing aggregation model processing; and sending a FL training calculation ending request or performing automatic ending processing to the gateway equipment 20 of the Internet of things or the IOT equipment 10 of the type II.
Specifically, the device vendor cloud server 30 further includes:
the message processing module 301 is configured to record, after receiving an edge computing service notification of an internet of things gateway device, webSocket connection of a newly added gateway and a hostname of the device, and initiate an intelligent service FL training computing request to the internet of things gateway device according to needs to request the internet of things gateway device to perform computing service, without uploading user data to the internet of things gateway device, only send a computed model to a cloud server of a device manufacturer, wherein the requested message is packaged based on WebSocket protocol, and parameter content indicates how much CPU and how much memory resources are required to be occupied; after receiving a message forwarded by the type two IOT device through the intelligent gateway, recording WebSocket connection of the type two IOT device and id of a corresponding identifier, and initiating an intelligent service FL training calculation request to the type two IOT device according to the requirement, wherein the message of the request is also packaged based on WebSocket protocol, and the parameter content indicates how much CPU and how much memory resource are required to be occupied.
The FL training calculation request sending module 302 is configured to send the FL training calculation request to the gateway device 20 of the internet of things or the IOT device 10 of the class two.
The FL training calculation request feedback receiving module 303 is configured to receive feedback of the FL training calculation request from the gateway device 20 of the internet of things or the IOT device 10 of the second class, wait to receive the GET request for obtaining the configuration file if receiving the acknowledgement message, and return to the FL training calculation request sending module 302 if receiving the message of insufficient resources.
Specifically, after the gateway device 20 of the internet of things or the IOT device 10 of the second class receives the FL training calculation request, it is determined whether the local CPU and the memory resource are greater than the resource of the training calculation request, if yes, a message based on the WebSocket protocol is returned to the cloud server 30, the message content indicates that training is possible, if not, a message based on the WebSocket protocol is returned to the cloud server 30, the message content indicates that the resource is insufficient at this time, and the cloud server 30 performs corresponding processing according to the received feedback message.
The GET request processing module 304 is configured to receive a GET request of the internet of things gateway device 20 or the IOT device 10 of the second class, and transmit a configuration file to the internet of things gateway device 20 or the IOT device 10 of the second class according to the request, where the GET request passes through the HTTP protocol to request downloading of the configuration file required for FL training, including a network structure, an initial model, super parameters, how many training rounds, and the like.
The aggregation model processing module 305 is configured to receive models sent by multiple internet of things gateway devices or multiple IOT devices of type two, perform aggregation model processing on the models of the same type, and send the new aggregated models to the internet of things gateway device 20 or the IOT device 10 of type two.
Specifically, the aggregate model processing module 305 further includes:
the model receiving unit is used for receiving the trained models sent by the plurality of internet of things gateway devices or the plurality of type two IOT devices.
And the aggregation unit is used for expanding and aggregating the similar models in a network structure and parameter mode to form a new model if the number of the received similar models reaches a preset threshold value, and replacing the new model with the original model when the accuracy rate of the new model is higher than that of the original model.
Specifically, after the cloud service of the IOT device manufacturer receives similar models sent by multiple IOT device gateways or multiple IOT devices of the second class, if the number of the sent models reaches a preset threshold (the preset threshold can be defined by the device manufacturer), the models to be aggregated are expanded and summed in a network structure and parameters by using the PyTorch, the parameters are averaged, and finally, the new parameters are saved as new models by using the original network structure, the accuracy of the new models is judged, if the accuracy of the new models is higher than that of the original models, the models are updated, the new models replace the original models, the models enter a model issuing unit, otherwise, the models are not updated, the parameters are adjusted for the next training, and the FL training calculation request sending module 302 is returned.
And the model issuing unit issues the updated model to the gateway equipment of the Internet of things or the IOT equipment of the type II by the cloud server of the equipment manufacturer.
The FL training calculation end processing module 306 is configured to send an FL training calculation end request or perform an automatic end process.
Specifically, the FL training calculation end processing module 306 further includes:
the FL training calculation ending request sending processing unit is used for sending an FL training calculation ending request to the gateway equipment of the Internet of things or the IOT equipment of the type II, wherein the FL training calculation ending request is based on a WebSocket message, and the message content is that the FL training calculation is stopped.
If the FL training calculation ending request is sent to the gateway equipment of the Internet of things, when the gateway of the gateway equipment of the Internet of things receives the FL training calculation ending request of the cloud server of the equipment manufacturer, the service of the current calculation is closed, and a new request is waited; if a FL training calculation ending request is sent to the IOT equipment of the second type, when the IOT equipment of the second type receives the FL training calculation ending request of the cloud server of the equipment manufacturer, the service of the current calculation is closed, and a new request is waited.
And the automatic end processing unit is configured to return to the FL training calculation request sending module 302 when the FL training calculation of the cloud server of the equipment manufacturer is automatically ended, which indicates that the FL training service of one round has ended.
Fig. 1 is a flow chart of steps of a communication method of IOT devices for privacy protection in the present invention. As shown in fig. 1, the communication method of the IOT device for privacy protection of the present invention includes the following steps:
step S1, gateway equipment of the Internet of things receives a DHCP request of the accessed IOT equipment to identify the type of the requested IOT equipment.
The present invention classifies IOT devices into three types: for the IOT equipment, a gateway is required to perform computing service at an edge, and when the IOT equipment is connected with the intelligent gateway equipment through wires and wireless, an extension field of a DHCP protocol is used for designating the address of cloud service, namely the intelligent gateway is required to register with cloud manufacturers of the IOT equipment; the second type is equipment which needs intelligent service and has model training capability, and the first type is different in that the calculated service runs on the equipment, the IOT equipment is connected with an intelligent gateway through a wire or a wireless, at the moment, a DHCP protocol extension field corresponding to an address of the appointed cloud service in the first type is empty, and the gateway is not required to register with a cloud manufacturer of the IOT equipment; the third type is traditional IOT equipment which does not need intelligent service, after the IOT equipment is accessed to an intelligent gateway through a wire or a wireless, a DHCP protocol extension field of a corresponding address of a designated cloud service is also empty, the gateway is not required to register with a cloud manufacturer of the IOT equipment, and other messages are normally forwarded through the gateway.
Specifically, the IOT device accesses the intelligent gateway through a wire or a wireless, the extension field of the DHCP protocol is used to specify the address of the cloud service in the DHCP request sent by the IOT device in the class one, and since 224-254 in the DHCP Options field is used for private use, the present invention selects the 224 option to transmit the cloud service address, as shown in fig. 3, when the IOT device in the class one sends the DHCP request to the gateway, the field value is used to transmit the cloud service address, and the field value is null in the DHCP requests sent by the IOT devices in the class two and three; when the intelligent gateway receives the DHCP request of the IOT device, the type of the requested IOT device can be determined according to whether the extension field of the DHCP protocol in the DHCP request is empty.
And S2, the gateway equipment of the Internet of things analyzes the received DHCP request, and performs edge computing service notification or normally forwards the information of the IOT equipment according to the analysis result.
Specifically, after receiving a DHCP request of an IOT device, an internet of things gateway device analyzes the content of an extension field of a DHCP protocol, if the internet of things gateway device is not empty, it indicates that the current IOT device is an IOT device of type one, then obtains an address of a cloud service of the IOT device, records cloud service addresses of IOT devices of different types according to a hostname of the IOT device, for example, maintains a list after the device is accessed to store cloud service addresses of different IOT devices of type one and device manufacturers, and issues an edge computing service announcement to the cloud service addresses.
Step S3, the cloud server of the equipment manufacturer initiates an intelligent service FL training calculation request to the gateway equipment of the Internet of things or the two IOT equipment of the category, if the intelligent service FL training calculation request is initiated to the IOT gateway, the step S4 is entered, otherwise, the step S5 is entered, the requested message is packaged based on the WebSocket protocol, and the parameter content indicates how much CPU and how much memory resources are needed to be occupied.
Specifically, after the cloud server of the equipment manufacturer receives the edge computing service notification of the gateway equipment of the internet of things, the WebSocket connection of the newly added gateway and the hostname of the equipment are recorded, and an intelligent service FL training computing request is initiated to the gateway equipment of the internet of things according to the need, so that the gateway equipment of the internet of things is requested to carry out computing service, user data are not required to be uploaded to the cloud server of the equipment manufacturer, a computed model is only required to be sent to the cloud server of the equipment manufacturer, the request message is packaged based on the WebSocket protocol, and the parameter content indicates how much CPU and how much memory resources are required to be occupied; after the cloud server of the equipment manufacturer receives the message forwarded by the type II IOT equipment through the intelligent gateway, the WebSocket connection of the type II IOT equipment and the id of the corresponding identifier (defined by the manufacturer of the type II equipment) are recorded, and an intelligent service FL training calculation request is initiated to the type II IOT equipment according to the requirement, and the message of the request is also packaged based on the WebSocket protocol, and the parameter content indicates how much CPU and how much memory resources are required to be occupied.
Of course, although the embodiment of the present invention implements message transmission based on WebSocket protocol, the present invention is not limited to WebSocket protocol, and other implementation modes based on other protocols are within the scope of the present invention.
And S4, the gateway equipment of the Internet of things processes the FL training calculation request of the cloud server of the IOT equipment manufacturer, and the step S6 is carried out after the trained model is obtained.
Specifically, step S4 further includes:
step S400, judging whether the local CPU and memory resources are larger than the resources of the training calculation request according to the FL training calculation request, if yes, returning a confirmation message to the cloud server, and entering step S401, otherwise, returning a message indicating insufficient resources to the cloud server, and returning to step S3.
Specifically, after receiving the training request message from the server, the IOT gateway processes the FL training calculation request of the cloud server of the IOT device manufacturer, determines whether the local CPU and the memory resource are greater than the resource of the training calculation request, if yes, returns a message based on the WebSocket protocol to the cloud server, the message content indicates that training is possible, and proceeds to step S401, if not, returns a message based on the WebSocket protocol to the server, the message content indicates that the resource is insufficient at this time, and returns to step S3.
Step S401, a GET request is sent to the cloud server of the device manufacturer to request to download the configuration files required for FL training, including but not limited to network structure, initial model, super parameters, how many training rounds, etc.
Specifically, the gateway device of the internet of things sends a GET request to a cloud server of a manufacturer of the IOT device through an HTTP protocol to request downloading of configuration files required for FL training, including a network structure, an initial model, super parameters, how many times the training is performed, and the like, and after the downloading is completed, the gateway device of the internet of things starts to perform FL training.
Step S402, after training, the trained model is processed by the privacy protection technology means and then is sent to a cloud server of a device manufacturer without sending original data.
Specifically, after training is completed, the trained model is processed by a known privacy protection technology means (for example, certain noise is added to differential privacy), and the trained model processed by the privacy protection technology means is uploaded through a POST request of the HTTP protocol, so that user data is not uploaded, and the process prevents privacy leakage to a certain extent, and then the step S6 is entered.
Step S5, the type II IOT equipment processes the FL training calculation request of the cloud server of the equipment manufacturer, and the step S6 is carried out after the trained model is obtained.
Specifically, step S5 further includes:
step S500, judging whether the local CPU and memory resources are larger than the resources of the training calculation request according to the FL training calculation request, if yes, returning a confirmation message to the cloud server, and entering step S501, otherwise, returning a message indicating insufficient resources to the cloud server, and returning to step S3.
Specifically, after receiving the training request message of the cloud server of the equipment manufacturer, the IOT equipment of the class two processes the intelligent service FL training calculation request of the IOT equipment manufacturer, judges whether the local CPU and memory resources are larger than the resources of the training calculation request, if yes, returns a message based on WebSocket protocol to the cloud server, the message content indicates that training can be performed, and enters step S501, if not, returns a message based on WebSocket protocol to the server, the message content indicates that the resources are insufficient at the moment, and returns to step S3.
Step S501 sends a GET request to the device vendor cloud server to request to download the configuration files needed for FL training, including but not limited to network structure, initial model, super parameters, how many training rounds, etc.
Specifically, the IOT device in the second class sends a GET request to the cloud server of the IOT device manufacturer to download configuration files required for FL training, including a network structure, an initial model, super parameters, how many times the training is performed, and after the downloading is completed, the IOT device in the second class starts FL training.
Step S502, after training, the trained model is processed by privacy protection technology means and then sent to a cloud server of a device manufacturer by using HTTP protocol without sending original data.
Specifically, after training is completed, the trained model is processed by a known privacy protection technology means (for example, certain noise is added to differential privacy), and the trained model processed by the privacy protection technology means is uploaded through a POST request of the HTTP protocol, so that user data is not uploaded, and the process prevents privacy leakage to a certain extent, and then the step S6 is entered.
And S6, after the cloud server of the equipment manufacturer receives the similar models sent by the plurality of gateway equipment of the Internet of things or the plurality of IOT equipment of the type II, the cloud server of the equipment manufacturer carries out aggregation models and sends the aggregation models to the gateway equipment of the Internet of things or the IOT equipment of the type II.
Specifically, step S6 further includes:
Step S600, receiving trained models sent by a plurality of internet of things gateway devices or a plurality of IOT devices of type two.
And step S601, if the number of the received similar models reaches a preset threshold, expanding and polymerizing the similar models in a network structure and parameter mode to form a new model, and when the accuracy of the new model is higher than that of the original model, replacing the original model with the new model.
Specifically, after the cloud service of the IOT device manufacturer receives similar models sent by multiple IOT device gateways or multiple IOT devices of the second class, if the number of the sent models reaches a preset threshold (the preset threshold can be defined by the device manufacturer), the models to be aggregated are expanded and summed in a network structure and parameters are averaged by using the PyTorch, finally, new parameters are saved as new models by the original network structure, the accuracy of the new models is judged, if the accuracy of the new models is higher than that of the original models, the models are updated, the new models replace the original models (the original models refer to the models after the last aggregation or the initial models), step S602 is entered, otherwise, the configuration files of FL training (such as adjusting the value of the super parameters, or adjusting the defined aggregation threshold of the number of models) are not updated, the next training is performed, and step S3 is returned.
Step S602, the cloud server of the equipment manufacturer issues the updated model to the gateway equipment of the Internet of things or the IOT equipment of the type II.
Specifically, if the cloud server of the IOT device manufacturer issues the updated model to the gateway device of the internet of things, step S7 is performed, and if the cloud server of the IOT device manufacturer issues the updated model to the IOT device of the second type, step S8 is performed.
And S7, performing FL reasoning processing by the gateway equipment of the Internet of things according to the received updated model.
Specifically, step S7 further includes:
step S700, after the gateway equipment of the Internet of things receives an updated model of cloud service of equipment manufacturer, replacing an old model, and utilizing the new model to carry out reasoning service
In step S701, in the process of the inference service running, the identified data and the identified categories are stored in the gateway device of the internet of things, and the user performs screening and adjusts the pre-labeled position, and then adds the data and the category into the data set of the FL training.
And S8, performing FL reasoning processing by the IOT equipment of the type II according to the received updated model.
Specifically, step S8 further includes:
step S800, after receiving the updated model of the cloud server of the equipment manufacturer, the IOT equipment of the second type replaces the old model, and uses the new model to perform reasoning service
In step S801, during the operation of the inference service, the identified data and categories are stored in the device, and the user performs screening and adjusts the position of the pre-label, and then adds the data and categories to the FL training data set.
Step S9, the cloud server of the equipment manufacturer sends FL training calculation ending request or performs automatic ending processing.
Specifically, step S9 further includes:
in step S900, the cloud server of the device manufacturer sends an FL training calculation end request to the gateway device of the internet of things or the IOT device of the type two, where the FL training calculation end request is based on WebSocket message, and the message content is to stop FL training calculation.
If the FL training calculation ending request is sent to the gateway equipment of the Internet of things, when the gateway of the gateway equipment of the Internet of things receives the FL training calculation ending request of the cloud server of the equipment manufacturer, the service of the current calculation is closed, and a new request is waited; if a FL training calculation ending request is sent to the IOT equipment of the second type, when the IOT equipment of the second type receives the FL training calculation ending request of the cloud server of the equipment manufacturer, the service of the current calculation is closed, and a new request is waited;
and when the internet of things gateway equipment or the IOT equipment of the second type is restarted to disconnect, returning to the step S1.
In step S901, when the FL training calculation of the cloud server of the equipment manufacturer is automatically finished, it indicates that the FL training service of one round has been finished, and the process returns to step S3.
It should be noted that, the present invention is compatible with the communication mode of the traditional IOT device, and for the communication mode of the traditional IOT device, the original data privacy protection service of the IOT device can be provided only by the IOT device and the corresponding gateway in the communication mode provided by the present invention.
Examples
In this embodiment, as shown in fig. 4, a privacy protection-oriented IOT device communication process is as follows:
first, gateway equipment of the internet of things receives a DHCP request of the IOT equipment.
1.1 the internet of things device specifies the address of the cloud service by using the extension field of DHCP protocol through the wired or wireless access gateway, 224-254 in DHCP Options field for private use, we choose to use 224 option to transmit the cloud service address, and the field value is used to transmit the cloud service address when the IOT device of class one sends DHCP request to the gateway. The field values for class two and class three devices are null.
And a second step of: the IOT gateway records the cloud service address of the device manufacturer and performs edge computing service notification or normally forwards the message of the IOT device.
2.1 after receiving the DHCP request of the equipment, the gateway analyzes the address of the cloud service of the equipment, records the cloud service addresses of the different types of IOT equipment according to the hostname of the IOT equipment, maintains a list after the equipment is accessed, stores the cloud service addresses of the different types of IOT equipment, if the cloud service addresses are not empty, the gateway issues an edge computing service notice to the cloud service addresses, the edge computing service notice is packaged based on a WebSocket protocol, and the message content is provided with the hostname of the equipment and the notification that the equipment manufacturer can be helped to perform FL training computing service; if the traffic is empty, the gateway allocates an IP address to the equipment and forwards the traffic of the equipment normally.
2.2 after the cloud server of the equipment manufacturer receives the gateway message, the WebSocket connection of the newly added gateway and the hostname of the equipment are recorded.
2.3 after the cloud server of the equipment manufacturer receives the information of the IOT equipment of the second class, the WebSocket connection of the IOT equipment of the second class and the id of the corresponding identifier are recorded
And a third step of: cloud service of the IOT equipment manufacturer initiates an intelligent service FL training calculation request to the IOT gateway or the type two IOT equipment according to the need, if the intelligent service FL training calculation request is initiated to the IOT gateway, the request is converted to the fourth step, otherwise, the message is packaged based on the WebSocket protocol, and the parameter content represents how much CPU and how much memory resources are needed to be occupied.
Fourth step: IOT gateway processes cloud service FL training calculation request of IOT equipment manufacturer
4.1 after receiving the training request message from the server, the IOT gateway processes the cloud service FL training calculation request of the IOT device manufacturer, determines whether the local CPU and memory resources are larger than the resources of the training calculation request, if yes, returns a message based on WebSocket protocol to the server, the message content indicates that training can be performed, and if not, returns a message based on WebSocket protocol to the server, the message content indicates that the resources are insufficient at the moment, and goes to the third step.
4.2, requesting cloud service of the IOT equipment manufacturer to download configuration files required by FL training through HTTP protocol GET, including network structure, initial model and the like, and starting a container by the gateway to perform FL training after the downloading is completed.
4.3 after training, the trained model is processed by a known privacy protection technology means (for example, differential privacy adds certain noise), and the processed result is uploaded through a POST request of the HTTP protocol, so that the user data is not uploaded, and meanwhile, the privacy leakage is prevented to a certain extent, and the sixth step is performed.
Fifth step: IOT device handles FL training calculation requests of a cloud server of the IOT device vendor
And 5.1, after receiving the training request message of the server, the IOT equipment of the class II processes the training calculation request of the cloud service FL of the IOT equipment manufacturer, judges whether the local CPU and the internal memory resource are larger than the resource of the training calculation request, if so, returns a message based on the WebSocket protocol to the server, the message content indicates that training can be performed, and returns a message based on the WebSocket protocol to the cloud server, if not, the message content indicates that the resource is insufficient, and the third step is changed.
5.2, sending a GET request to cloud service of the IOT equipment manufacturer through an HTTP protocol to download configuration files, including a network structure, an initial model and the like, required by FL training, wherein after the downloading is completed, the IOT equipment starts FL training.
5.3 after training, the trained model is processed by a known privacy protection technology means (for example, differential privacy adds certain noise), and the processed result is uploaded through a POST request of the HTTP protocol, so that the user data is not uploaded, the privacy leakage can be prevented to a certain extent, and the sixth step is changed.
Sixth step: cloud service FL processing by IOT equipment vendors
6.1 After the cloud service of the IOT equipment manufacturer receives similar models sent by a plurality of IOT equipment gateways or a plurality of IOT equipment of a second class, if the quantity of the sent models reaches a threshold value (customized by the equipment manufacturer), the models to be aggregated are unfolded and summed in a network structure and parameter mode by using PyTorch, then parameters are averaged, finally, new parameters are stored as new models by using the original network structure, the accuracy of the new models is judged, if the accuracy is higher than that of the original models, the models are updated to replace the original old models, and the model is changed to 6.2; otherwise, the parameters are adjusted to carry out the next training without updating, and the third step is changed.
6.2 And the cloud service of the IOT equipment manufacturer transmits the updated model to the IOT equipment gateway, and the seventh step is changed to the eighth step if the model is transmitted to the IOT equipment.
Seventh step: FL inference processing for IOT device gateway
7.1 After receiving the updated model of the cloud service of the equipment manufacturer, the IOT equipment gateway replaces the old model and uses the new model to carry out reasoning service
7.2 during the operation of the inference service, the identified data and categories are saved in the gateway, screened and pre-labeled positions are adjusted by the user, and then added to the FL trained data set.
Eighth step: FL inference processing for IOT devices of type two
8.1 type two IOT equipment receives the updated model of the cloud service of the equipment manufacturer, replaces the old model and uses the new model to carry out reasoning service
8.2 during the operation of the inference service, the identified data and categories are saved in the device, screened and pre-labeled locations are adjusted by the user, and then added to the FL trained dataset.
Ninth step: cloud service FL training calculation end request and automatic end processing of IOT equipment manufacturer
9.1 when the cloud service of the IOT equipment manufacturer initiates the FL training calculation request to end, sending a WebSocket message to the IOT equipment gateway, wherein the message content is that the FL training calculation is stopped, turning to the tenth step, and if the FL training calculation is sent to the IOT equipment, turning to the eleventh step.
9.2 when cloud service FL training calculation of the IOT equipment manufacturer is automatically ended, indicating that FL training service of one round is ended, and turning to the third step.
Tenth step: the IOT equipment gateway processes the cloud service FL training calculation ending request of the IOT equipment manufacturer and automatically ends the processing:
10.1 when the IOT device gateway receives the cloud service FL training calculation end request of the IOT device vendor, the current calculation service is closed, and a new request is waited.
10.2 when the device restarts to disconnect, go to the first step.
Eleventh step: the IOT device processes the cloud service FL training calculation end request of the IOT device vendor and automatically ends the process:
11.1 when IOT device receives the cloud service FL training calculation end request of IOT device manufacturer, it will close the service of current calculation and wait for new request.
11.2 when the device restarts to disconnect, go to the first step.
The above embodiments are merely illustrative of the principles of the present invention and its effectiveness, and are not intended to limit the invention. Modifications and variations may be made to the above-described embodiments by those skilled in the art without departing from the spirit and scope of the invention. Accordingly, the scope of the invention is to be indicated by the appended claims.

Claims (7)

1. A communication method of IOT equipment facing privacy protection comprises the following steps:
Step S1, gateway equipment of the Internet of things receives a DHCP request of accessed IOT equipment;
s2, analyzing the received DHCP request, and carrying out edge computing service notification or normally forwarding information of the IOT equipment according to an analysis result;
step S3, a cloud server of a device manufacturer initiates an intelligent service FL training calculation request to the gateway device of the Internet of things or the IOT device which needs intelligent service but has model training capability;
step S4, the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has model training capability processes the FL training calculation request, FL training is carried out according to the request, and the trained model is sent to the cloud server of the equipment manufacturer after being processed by the privacy protection technology means;
step S5, the cloud server of the equipment manufacturer receives models sent by a plurality of gateway equipment of the Internet of things or a plurality of IOT equipment which needs intelligent service but has model training capability, aggregates the similar models, and sends the aggregated new models to the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has model training capability;
s6, the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has model training capability performs reasoning processing according to the received updated horizontal model;
Step S7, the cloud server of the equipment manufacturer sends FL training calculation ending request or carries out automatic ending processing;
step S4 further comprises:
step S400, the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has model training capability judges whether local CPU and memory resources are larger than the resources of the training calculation request according to the FL training calculation request, if yes, a confirmation message is returned to the cloud server, and the step S401 is entered, otherwise, a message indicating insufficient resources is returned to the cloud server, and the step S3 is entered;
step S401, sending a GET request to a cloud server of a device manufacturer to request downloading of a configuration file required by FL training, wherein the configuration file comprises a network structure, an initial model, super parameters and how many times of training;
step S402, performing FL training by using the obtained configuration file, and after the training is finished, processing the trained model by a privacy protection technology means and then sending the processed model to a cloud server of a device manufacturer without sending original data;
step S5 further comprises:
step S500, receiving a trained model sent by a plurality of gateway devices of the Internet of things or a plurality of IOT devices which need intelligent service but have model training capability per se;
Step S501, if the number of the received similar models reaches a preset running value, expanding and polymerizing the similar models in a network structure and parameter mode to form a new model, and when the accuracy of the new model is higher than that of the original model, replacing the original model with the new model;
step S502, the updated model is issued to the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has model training capability;
in step S501, if the number of the received similar models reaches a preset threshold, the models to be aggregated are expanded and summed in the form of adding parameters to the network structure by using the PyTorch, the parameters are averaged, and finally, the new parameters are saved as new models by using the original network structure, and the accuracy of the new models is judged, if the accuracy of the new models is higher than that of the original models, the models are updated, the new models are substituted for the original models, and step S502 is entered, otherwise, the models are not updated, and the parameters are adjusted to perform the next training, and step S3 is returned.
2. The IOT device communication method in claim 1, wherein the DHCP request adopts an extension field of DHCP protocol to specify an address of a cloud service, the extension field of DHCP protocol in the DHCP request sent by the IOT device that needs intelligent service but has no model training capability specifies an address of a cloud server, and the extension field of DHCP protocol in the DHCP request sent by the IOT device that needs intelligent service but has model training capability is null.
3. The IOT device communication method for privacy protection of claim 2, wherein in step S2, when the content of the extension field of the DHCP protocol is resolved, if not null, the address of the cloud service of the IOT device is obtained, the cloud server addresses of the IOT devices of different types are recorded according to the hostname of the IOT device, and an edge computing service notification including at least the hostname of the device and notifying the device manufacturer of performing the FL training computing service is issued to the cloud server of the device manufacturer according to the cloud server address, if null, the IP address is assigned to the IOT device by the internet of things gateway device, and the message of the device is forwarded normally.
4. The IOT equipment communication method for privacy protection according to claim 3, wherein in step S3, after the equipment manufacturer cloud server receives the edge computing service notification of the gateway equipment of the Internet of things, the connection of the newly added gateway and the host name of the equipment are recorded, and an intelligent service FL training computing request is initiated to the gateway equipment of the Internet of things according to the requirement, and after the equipment manufacturer cloud server receives the message that the IOT equipment which needs intelligent service but has the model training capability forwards through the intelligent gateway, the connection of the IOT equipment which needs intelligent service but has the model training capability and the id of the corresponding identifier are recorded, and the intelligent service FL training computing request is initiated to the IOT equipment which needs intelligent service but has the model training capability according to the requirement.
5. The method for privacy-preserving IOT equipment communication of claim 4, wherein the FL training calculation request is packaged based on a WebSocket protocol, and the parameter content indicates how much CPU and how much memory resources are needed to be occupied.
6. The privacy-oriented IOT device communication method in claim 1, wherein step S6 further comprises:
step S600, after the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has model training capability receives an updated model of the cloud server of the equipment manufacturer, replacing an old model, and utilizing the new model to carry out reasoning service;
in step S601, during the running process of the reasoning service, the identified data and categories are stored in the gateway device of the internet of things or the IOT device that needs intelligent service but has model training capability, and the user performs screening and adjusts the pre-labeled position, and then adds the pre-labeled data into the FL training data set.
7. A privacy-oriented IOT device communication system, comprising:
the IOT equipment comprises IOT equipment which needs intelligent service and has no model training capability, IOT equipment which needs intelligent service and has model training capability and conventional IOT equipment which does not need intelligent service, and is used for sending a DHCP request to the gateway equipment of the Internet of things according to the type of the IOT equipment; when intelligent service is needed and the IOT equipment with model training capability receives an FL training calculation request of a cloud server of an equipment manufacturer, FL training is carried out, and the trained model is sent to the cloud server of the equipment manufacturer after being processed by a privacy protection technical means; when the IOT equipment which needs intelligent service and has model training capability receives an update model transmitted by equipment manufacturer cloud service, performing FL reasoning according to the received update model; when receiving a FL training calculation ending request of a cloud server of a device manufacturer, closing a currently calculated service and waiting for a new request;
The method is also used for judging whether the local CPU and memory resources are larger than the resources of the training calculation request according to the FL training calculation request by the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has model training capability, if so, returning a confirmation message to the cloud server, entering the step S401, otherwise, returning a message indicating insufficient resources to the cloud server, and returning the step S3; sending a GET request to a cloud server of a device manufacturer to request downloading of a configuration file required by FL training, wherein the configuration file comprises a network structure, an initial model, super parameters and how many times of training; performing FL training by using the obtained configuration file, and after training, processing the trained model by a privacy protection technical means and then sending the processed model to a cloud server of a device manufacturer without sending original data;
the method is also used for step S500, which is to receive the trained models sent by a plurality of gateway devices of the Internet of things or a plurality of IOT devices which need intelligent services but have model training capability per se;
step S501, if the number of the received similar models reaches a preset running value, expanding and polymerizing the similar models in a network structure and parameter mode to form a new model, and when the accuracy of the new model is higher than that of the original model, replacing the original model with the new model;
Step S502, the updated model is issued to the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has model training capability;
in step S501, if the number of the received similar models reaches a preset threshold, expanding and summing the models to be aggregated in a form of adding parameters to a network structure by using the PyTorch, averaging the parameters, storing new parameters as new models by using the original network structure, judging the accuracy of the new models, updating the models if the accuracy of the new models is higher than that of the original models, replacing the original models with the new models, entering step S502, otherwise, not updating the models, adjusting the parameters to perform the next training, and returning to step S3;
the gateway equipment of the Internet of things is used for receiving and analyzing the DHCP request of the accessed IOT equipment, and carrying out edge computing service notification or normally forwarding the information of the IOT equipment according to the analysis result; when receiving the FL training calculation request of the cloud server of the equipment manufacturer, processing the trained model by a privacy protection technology means and then sending the processed model to the cloud server of the equipment manufacturer; when receiving an update model transmitted by a cloud server of a device manufacturer, performing FL reasoning according to the received update model; when receiving a FL training calculation ending request of a cloud server of a device manufacturer, closing a currently calculated service and waiting for a new request; the cloud server of the equipment manufacturer is used for receiving the edge computing service notification sent by the gateway equipment of the Internet of things and the message of the normally forwarded IOT equipment, and initiating an intelligent service FL training computing request to the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has no model training capability per se according to the requirement; when a GET request of a configuration file required by FL training is received, the configuration file is transmitted to the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but has no model training capability per se; when similar models sent by a plurality of gateway devices of the Internet of things or a plurality of IOT devices which need intelligent service but have no model training capability per se are received, performing aggregation model processing; and sending a FL training calculation ending request to the gateway equipment of the Internet of things or the IOT equipment which needs intelligent service but does not have model training capability per se, or carrying out automatic ending processing.
CN202111208433.2A 2021-10-18 2021-10-18 Privacy protection-oriented IOT equipment communication method and system Active CN114050976B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111208433.2A CN114050976B (en) 2021-10-18 2021-10-18 Privacy protection-oriented IOT equipment communication method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111208433.2A CN114050976B (en) 2021-10-18 2021-10-18 Privacy protection-oriented IOT equipment communication method and system

Publications (2)

Publication Number Publication Date
CN114050976A CN114050976A (en) 2022-02-15
CN114050976B true CN114050976B (en) 2023-07-07

Family

ID=80205302

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111208433.2A Active CN114050976B (en) 2021-10-18 2021-10-18 Privacy protection-oriented IOT equipment communication method and system

Country Status (1)

Country Link
CN (1) CN114050976B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107423281A (en) * 2017-04-23 2017-12-01 四川用联信息技术有限公司 The algorithm of improved Small World Model extraction text feature
CN111477290A (en) * 2020-03-05 2020-07-31 上海交通大学 Federal learning and image classification method, system and terminal for protecting user privacy
CN111866869A (en) * 2020-07-07 2020-10-30 兰州交通大学 Federal learning indoor positioning privacy protection method facing edge calculation
CN113469376A (en) * 2021-05-20 2021-10-01 杭州趣链科技有限公司 Block chain-based defense method and device for federal learning backdoor attack

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107423281A (en) * 2017-04-23 2017-12-01 四川用联信息技术有限公司 The algorithm of improved Small World Model extraction text feature
CN111477290A (en) * 2020-03-05 2020-07-31 上海交通大学 Federal learning and image classification method, system and terminal for protecting user privacy
CN111866869A (en) * 2020-07-07 2020-10-30 兰州交通大学 Federal learning indoor positioning privacy protection method facing edge calculation
CN113469376A (en) * 2021-05-20 2021-10-01 杭州趣链科技有限公司 Block chain-based defense method and device for federal learning backdoor attack

Also Published As

Publication number Publication date
CN114050976A (en) 2022-02-15

Similar Documents

Publication Publication Date Title
US11716669B2 (en) Internet of things service routing method
EP2981107B1 (en) Group communication method and apparatus for group communication
EP1351434B1 (en) Billing method for an information communication network
US9197714B2 (en) User interest and identity control on internet
CN105934960B (en) Mobile device traffic management
US20120184258A1 (en) Hierarchical Device type Recognition, Caching Control & Enhanced CDN communication in a Wireless Mobile Network
EP2781057B1 (en) Data distribution platform
FR2992820A1 (en) Device for supporting hybrid automatic retransmission request for non-contiguous carrier aggregation for e.g. smart phones, has window module for generating virtual window comprising sub-frames that are not added to another virtual window
CN108353022B (en) Data message processing method, device and system
KR101753413B1 (en) Adaptive ambient sevices
CN110716974A (en) Dynamic interaction method, system and storage medium for Internet of things equipment and platform
CN101809973A (en) controlling receipt of electronic advertising
US10050823B2 (en) System and method for providing device management service to electronic device having no broadband communication module
CA3022251C (en) Content caching with remote charging services in a radio access network
CN102387172A (en) Method and device for providing or obtaining contents of network resources for mobile equipment
US20160191649A1 (en) Content caching with remote charging services in a radio access network
CN116760822A (en) Method, system and device for transmitting files of Internet of things equipment
EP4097924A1 (en) Classifying traffic data
CN114050976B (en) Privacy protection-oriented IOT equipment communication method and system
CN112752231A (en) Roaming service access control method, intelligent card, terminal and gateway equipment
CN115835162A (en) Vehicle-end data acquisition device and method, computer program product and vehicle
CN106375385A (en) Advertisement information push method and system
EP3688967A1 (en) Service registration based on service capabilities requirements and preferences
KR100627916B1 (en) Method And Apparatus For Integrating And Managing Information of Mobile Terminal
CN114466447A (en) Cloud management end management system based on WiFi6 router

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant