CN114697123A - Active immune security defense method suitable for sensing node of Internet of things - Google Patents
Active immune security defense method suitable for sensing node of Internet of things Download PDFInfo
- Publication number
- CN114697123A CN114697123A CN202210372051.1A CN202210372051A CN114697123A CN 114697123 A CN114697123 A CN 114697123A CN 202210372051 A CN202210372051 A CN 202210372051A CN 114697123 A CN114697123 A CN 114697123A
- Authority
- CN
- China
- Prior art keywords
- node
- security
- sensing
- security threat
- threat
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 230000007123 defense Effects 0.000 title claims abstract description 11
- 230000003044 adaptive effect Effects 0.000 claims abstract description 6
- 230000008447 perception Effects 0.000 claims description 19
- 230000007246 mechanism Effects 0.000 claims description 15
- 230000006399 behavior Effects 0.000 claims description 14
- 230000006870 function Effects 0.000 claims description 12
- 230000008569 process Effects 0.000 claims description 11
- 238000011217 control strategy Methods 0.000 claims description 9
- 238000004364 calculation method Methods 0.000 claims description 8
- 230000010485 coping Effects 0.000 claims description 5
- 238000005259 measurement Methods 0.000 claims description 4
- 230000004048 modification Effects 0.000 claims description 4
- 238000012986 modification Methods 0.000 claims description 4
- 238000010367 cloning Methods 0.000 claims description 3
- 238000012360 testing method Methods 0.000 claims description 3
- 230000000737 periodic effect Effects 0.000 abstract description 3
- 230000006855 networking Effects 0.000 description 6
- 230000007124 immune defense Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000036039 immunity Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y30/00—IoT infrastructure
- G16Y30/10—Security thereof
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides an active immune security defense method suitable for a sensing node of the Internet of things, which comprises an adaptive active immune security policy for the sensing node, wherein the security policy is used for dealing with security threats faced by the sensing node, a security threat description vector is provided aiming at the types of the security threats faced by the sensing node in a sensing computing network, and the existing security policy in the node is represented by a security policy quadruple, wherein the description of the security policy comprises faced security threat indexes, countermeasures taken, a control policy and an expected output result, and the security policy of the node is described by the four aspects. Meanwhile, a credible self-checking strategy of the node is provided, self-checking frequency is set according to the security threat index, and the node carries out periodic self-checking to guarantee the security and credibility of the node.
Description
Technical Field
The invention mainly relates to the technical field of Internet of things correlation, in particular to an active immune security defense method suitable for a sensing node of the Internet of things.
Background
The perception computing domain is the largest difference between the internet of things and the traditional internet and is also an essential important component of the environment of the internet of things, and due to the isomerism of the perception network, the data exchange characteristic of data fusion transmission between networks and the problem of capacity limitation of a perception node, the security problem of the perception network is more complex than the problem of the traditional network. The security problem faced by the aware network is mainly divided into the following aspects: 1. physical security refers to the self-security of the equipment, and as the sensing nodes are dispersedly deployed in an open environment without monitoring by people, the sensing nodes can face the problems of physical clamping, artificial damage, signal interference and the like. 2. The trusted operation mainly means that nodes in the sensing network can accord with expected behaviors of the nodes when executing tasks of the nodes, and data can be sensed and transmitted normally. 3. The information security is realized, the main tasks of the sensing nodes are sensing data and transmitting data, and the guarantee of the data security is the most important task in the operation process of the sensing network. Due to the characteristics of the sensing network, the data transmission process is easily threatened by malicious hijacking, tampering, replaying, deleting and the like. 4. In the credible control, because interference of malicious nodes exists in the sensing network, realizing credible control of sensing node operation in a non-exclusive channel is very important. The current sensing node spontaneously forms a sensing network through a self communication protocol according to the tasks of calculation and transmission of the current sensing node, the credible access of the node and the consideration of the node behavior are less in the process, and the sensing network with a strict structure and clear layers cannot be formed. The method is lack of contact when facing security threats, cannot form early warning for adjacent nodes, often cannot meet the threat in a combined manner, and is lack of a security strategy suitable for self-adaptive active immunity of different types of nodes in a perception computing domain. The security strategies of the current sensing nodes cannot be effectively compatible with a wide variety of security threats in the sensing domain, most of the security strategies belong to passive defense strategies, mainly deal with known security threats, are difficult to deal with unknown threats, and cannot timely deal with the security threats in time according to changes of the security threats.
Disclosure of Invention
In order to overcome the defects of the prior art, the invention provides an active immune security defense method suitable for the sensing node of the Internet of things from practical application by combining the prior art, so that the node can more timely and effectively deal with the possible threats.
In order to achieve the purpose, the technical scheme of the invention is as follows:
an active immune security defense method suitable for a sensing node of the Internet of things comprises an adaptive active immune security strategy for the sensing node, and is used for dealing with security threats faced by the sensing nodeThe full strategy comprises the following steps: in a perception computing network, the vector (st) is passed through for the faced physical capture, brute force crack, node cloning, identity forgery, route attack, denial of service attack and node privacy leakage1,st2,...,st7) Representing that the security policy is described by a quadruple (S, TR, U, Y);
where S denotes a security threat index of a node, and S ═ fr (Pr (st)1),Pr(st2),...,Pr(st7),z),z={z1,z2,z3,z4Denotes the node's computing power, energy level, channel status and node trustworthiness status, Pr (st)i) Representing the probability of a node facing each security threat, function fr is an exponential calculation function of the node facing the security threat,
TR represents a coping mechanism adopted according to a security threat index, and comprises a period credibility self-checking rate pt (SI) of a node, a measuring time window delta t (SI) of credibility of node behavior, and credibility information t of a platform of the nodepNode trusted self-test function ftp,TR=(pt,Δt,tp,ftp) The values of the credible self-checking frequency pt (SI) and the credible measurement time window delta t (SI) are related to the calculation result of the security threat index;
u represents a control strategy input by the node;
y represents the description of the expected output of the node, whether the node is credible or not is judged according to the output result, and if the output of the node is in accordance with the expectation, the node is considered to be credible.
Further, the security policy also includes controlling input and output of the sensing node, and the control adopts the following formula:
A(z-1)y(t)=B(z-1)u(t-1)+D(z-1)v(t-1)+C(z-1)ω(t)/Δ
wherein A, B, C, D is the backward shift operator z in generalized theory of control-1The polynomial of (a) is determined,
y (t), u (t), v (t) and ω (t) respectively represent the output, input, pre-feedback measurable interference and white noise interference of the controlled object at the time t, y (t) and u (t) of the sensing node are the occurrences of the output control strategy and the input control strategy in the security strategy, pre-feedback measurable interference and white noise interference are malicious attack behaviors around the sensing node, and Δ ═ 1-z-1And represents a difference operator.
Further, the safety strategy also comprises the steps of establishing controlled parameters of users in the running process of the system, and estimating A (z) on line by using a parameter estimation method-1),B(z-1),C(z-1),D(z-1) When the parameters of the controlled virtual machine are unknown, the input and output controlled process of the sensing node is expressed as follows:
Further, the method also comprises a security policy automatic updating mechanism which is evolved synchronously with the security threat, wherein the updating mechanism is as follows:
assuming a formalized description of new security threat behaviorsIs Sa, and describes a quadruplet (S, TR, U, Y) for the security policy of the sensing node, and the security threat probability Pr (st)i) The security threat probability modification function is set to mf (Pr (st) to be adjustedi) Sa), while recalculating the new security threat index SI from the new security threat probability and modifying TR, U, Y as follows:
1) signature encryption is carried out on the information of the new security threat Sa by using a threshold ring signature scheme;
2) the perception node sends the encrypted Sa to a nearest perception network or a perception node adjacent to the Sa;
3) sensing nodes according to Pr (st)i) And Sa calculates mf (Pr (st)i),Sa);
4) Sensing nodes according to mf (Pr (st)i) Sa) recalculating SI;
and the sensing node updates TR, U and Y according to the new security threat index SI, and finally realizes the updating of the security policy.
The invention has the beneficial effects that:
1. the active immune defense method applicable to the sensing nodes of the Internet of things, which is provided by the invention, provides a security threat description vector aiming at the types of security threats possibly faced in a sensing and computing network, and represents the existing security policy in the nodes by a security policy quadruple, wherein the description of the security policy includes the index of security threats faced, the countermeasures taken, the control policy and the outcome of the desired outcome, the security strategy of the node is described through the four aspects, the security requirement of the sensing and computing environment of the Internet of things can be met, the security and the credibility of the node can be guaranteed, unknown security threats can be immunized, the security mechanism for dealing with various security problems can be solved, meanwhile, the credible self-checking strategy of the node is provided, and setting self-checking frequency according to the security threat index, and enabling the node to perform periodic self-checking to ensure the security and credibility of the node.
2. The active immune defense method suitable for the sensing nodes of the Internet of things, which is provided by the invention, designs a safety strategy automatic updating mechanism which is evolved synchronously with the safety threats aiming at infinite attack modes in each safety threat type, when a new safety threat is found, safety threat early warning is carried out between the nodes and the sensing network, so that the nodes in the whole sensing network can update the own safety strategy to deal with the newly generated threat, in the safety threat early warning process, a necessary key information protection mechanism is adopted, the truth and the reliability of early warning information can be effectively ensured, meanwhile, key node information of a message sender is not exposed, the safety of the sensing nodes can be effectively protected, the nodes receiving the early warning adjust the threat probability according to the newly generated safety threat type, and thus, a new safety threat index is calculated, and then, the security strategy is dynamically adjusted according to the index of the new security threat, so that the real-time updating of the security strategy is ensured, and the coping capability of the whole sensing network in the face of the newly generated security threat is further improved.
Drawings
Fig. 1 is a schematic diagram of early warning between sensing network nodes in the present invention.
Detailed Description
The invention is further described with reference to the accompanying drawings and specific embodiments. It should be understood that these examples are for illustrative purposes only and are not intended to limit the scope of the present invention. Further, it should be understood that various changes or modifications of the present invention may be made by those skilled in the art after reading the teaching of the present invention, and these equivalents also fall within the scope of the present application.
The embodiment of the invention provides an active immune defense method suitable for a sensing node of the Internet of things. The embodiment provides a general security policy of active immunity, and realizes a security policy automatic updating mechanism so that the security policy automatic updating mechanism can evolve synchronously with security threats, and realizes security policy updating of different types of sensing nodes, thereby resisting unknown security threats.
The active immune defense method mainly comprises two parts, namely a self-adaptive active immune security policy suitable for a sensing node and a security policy automatic updating mechanism synchronously evolving with a security threat.
Specifically, for an adaptive active immune security policy for a sensing node:
on-aware computing networkIn the network, the main security threats faced can be classified into the following categories: 1. physical capture, 2 violent cracking, 3 cloning nodes, 4 identity counterfeiting, 5 routing attack, 6 denial of service attack, 7 privacy leakage of nodes, and vector (st) is used for the security threats1,st2,...,st7) And (4) showing.
The security policy of the sensing node is used to deal with the security threat it faces. The security policy may be described in terms of a quadruple (S, TR, U, Y). Where S denotes a security threat index of a node, and S ═ fr (Pr (st)1),Pr(st2),...,Pr(st7) Z), wherein z ═ z1,z2,z3,z4Denotes the node's computing power, energy level, channel status and node trust status, Pr (st)i) Representing the probability of a node facing each security threat, and function fr is an exponential calculation function of the node facing the security threat.
TR is a coping mechanism adopted according to the security threat index, and comprises a period credibility self-checking rate pt (SI) of the node, a measuring time window delta t (SI) of the credibility of the node behavior, and credible information t of a platform of the nodepNode trusted self-test function ftpTherefore, TR is (pt, Δ t, t)p,ftp) The values of the credible self-checking frequency pt (SI) and the credible measurement time window delta t (SI) are related to the calculation result of the security threat index, under the condition of higher security threat degree, the corresponding self-checking frequency is required to be improved, the credible measurement time window is required to be smaller, and under the condition of lower security threat degree, the self-checking frequency can be properly reduced.
U represents the control strategy of the node input.
Y represents the description of the expected output of the node, whether the node is credible or not is judged according to the output result, the sensing of the safety credibility of the node is essentially that the calculation result accords with the expectation of a user, and if the output of the node accords with the expectation, the node is considered to be credible.
In a sensing network, the network environment is complex and changeable, the input of sensing nodes changes multiple ends, and the operation of the sensing nodes has great uncertainty. It is difficult to quantify and determine whether the sensing node output meets expectations at a certain time. To solve this problem, the present embodiment refers to the predictive control theory to control the input and output of the sensing node, and the process can be described as follows:
A(z-1)y(t)=B(z-1)u(t-1)+D(z-1)v(t-1)+C(z-1)ω(t)/Δ
wherein A, B, C, D is the backward shift operator z in generalized theory of control-1The polynomial of (a) is determined,
y (t), u (t), v (t) and ω (t) respectively represent the output, the input, the pre-feedback measurable interference and the white noise interference of the controlled object at the time t, y (t) and u (t) of the sensing node are the occurrences of the output control strategy and the input control strategy in the security strategy, and the pre-feedback measurable interference and the white noise interference can be regarded as malicious attack behaviors around the sensing node. 1-z-1And represents a difference operator.
The sensing node is a non-deterministic system, so that the predictive control algorithm has difficulty in acquiring A (z) in the controlled equation when inputting and outputting the sensing node-1),B(z-1),C(z-1),D(z-1) Meanwhile, due to the uncertainty of the user behavior parameters and behavior output, the controlled parameters of the user need to be established in the system operation process, and the A (z) needs to be estimated online by using a parameter estimation method-1),B(z-1),C(z-1),D(z-1). Therefore, when the parameters of the controlled virtual machine are unknown, the input and output controlled process of the sensing node can be expressed by the following formula:
Specifically, for a security policy automatic update mechanism that evolves in synchronization with a security threat:
the security threats faced by the sensing nodes are divided into seven types, but for each type, the specific threats generated are infinite, which requires that the security policy must also be able to cope with the new security threats that appear. Meanwhile, when discovering a new threat, the sensing node is required to update the security policy of the sensing node and give early warning in time, so that the nodes in the whole sensing network can update the security policy to deal with the new threat. The early warning schematic diagram among the perception network nodes is shown as the attached figure 1.
In the centralized networking mode, a new safety behavior is discovered by the management node and early warning information is sent to the nearest sensing network, and if the nearest sensing network is also in the centralized networking mode, the early warning information is sent to the management node. And if the nearest sensing network is distributed networking, the early warning information is sent to the nearest trusted node. In the distributed networking, a new security behavior is discovered by a trusted node, and early warning information is sent to a nearest sensing network. And if the nearest network is in a centralized networking mode, sending early warning information to the management node. And if the nearest sensing network is distributed networking, the early warning information is sent to the nearest trusted node. Finally, the security threat early warning of the whole sensing domain is realized.
Meanwhile, when the sensing node carries out threat early warning, the key information of the sensing node cannot be exposed, at the moment, the sensing node sending the early warning information needs to utilize the ring signature scheme provided in the foregoing, so that a trusted group receiving the early warning information can know which trusted group the information comes from, but the key information of the sending node cannot be exposed, the safety of the early warning sending node is ensured, and meanwhile, the correctness and the credibility of the early warning information can be ensured. The update mechanism of the specific security policy is described as follows:
assuming that the formal description of the new security threat behavior is Sa, for the sensing node security policy description quadruple (S, TR, U, Y), its security threat probability Pr (st)i) The security threat probability modification function is set to mf (Pr (st) to be adjustedi) Sa), and simultaneously recalculating a new security threat index SI according to the new security threat probability, and modifying TR, U and Y, wherein the security threat early warning and strategy updating process is as follows:
1) and carrying out signature encryption on the information of the new security threat Sa by using a threshold ring signature scheme.
2) And the perception node sends the encrypted Sa to a nearest perception network or a perception node adjacent to the Sa.
3) Sensing nodes according to Pr (st)i) And Sa calculates mf (Pr (st)i),Sa)。
4) Sensing nodes according to mf (Pr (st)i) Sa) recalculates the SI.
And the sensing node updates TR, U and Y according to the SI, and finally realizes the updating of the security policy.
In this embodiment, for an adaptive active immune policy applicable to a sensing node, a security threat description vector is provided for types of security threats possibly faced in a sensing computing network, and an existing security policy in the node is represented by a security policy quadruplet, where the description of the security policy includes an faced security threat index, a response measure taken, a control policy, and a result expected to be output, and the security policy of the node is described through the four aspects, and meanwhile, a trusted self-checking policy of the node is provided, and a self-checking frequency is set according to the security threat index, so that the node performs periodic self-checking to ensure the security and the reliability of the node.
For the security policy automatic updating mechanism evolved synchronously with the security threat, the embodiment designs the security policy automatic updating mechanism evolved synchronously with the security threat aiming at infinite attack modes in each security threat type, and when a new security threat is found, security threat early warning is performed between a node and a sensing network, so that the node in the whole sensing network can update the own security policy to deal with the newly generated threat. In the process of security threat early warning, a necessary key information protection mechanism is adopted, the truth and the reliability of early warning information can be effectively guaranteed, meanwhile, key node information of a message sender is not exposed, the security of a sensing node can be effectively protected, the node receiving early warning adjusts threat probability according to the type of a newly generated security threat, a new security threat index is calculated, then, a security strategy is dynamically adjusted according to the index of the new security threat, the real-time updating of the security strategy is ensured, and the coping capability of the whole sensing network in the face of the newly generated security threat is further improved.
Claims (4)
1. An active immune security defense method applicable to a sensing node of the Internet of things is characterized by comprising an adaptive active immune security policy for the sensing node, wherein the adaptive active immune security policy is used for dealing with security threats faced by the sensing node, and the security policy comprises the following steps: in a perception computing network, the vector (st) is passed through for the faced physical capture, brute force crack, node cloning, identity forgery, route attack, denial of service attack and node privacy leakage1,st2,...,st7) Representing that the security policy is described by a quadruplet (S, TR, U, Y);
where S denotes a security threat index of a node, and S ═ fr (Pr (st)1),Pr(st2),...,Pr(st7),z),z={z1,z2,z3,z4Represents the computing power, energy level, channel state of the node andand node trusted status, Pr (st)i) Representing the probability of a node facing each security threat, function fr is an exponential calculation function of the node facing the security threat,
TR represents a coping mechanism adopted according to a security threat index, and comprises a period credibility self-checking rate pt (SI) of a node, a measuring time window delta t (SI) of credibility of node behavior, and credibility information t of a platform of the nodepNode trusted self-test function ftp,TR=(pt,Δt,tp,ftp) The values of the credible self-checking frequency pt (SI) and the credible measurement time window delta t (SI) are related to the calculation result of the security threat index;
u represents a control strategy input by the node;
y represents the description of the expected output of the node, whether the node is credible or not is judged according to the output result, and if the output of the node is in accordance with the expectation, the node is considered to be credible.
2. The active immune security defense method applicable to the sensing node of the internet of things according to claim 1, wherein the security policy further comprises controlling input and output of the sensing node by using the following formula:
A(z-1)y(t)=B(z-1)u(t-1)+D(z-1)v(t-1)+C(z-1)ω(t)/Δ
wherein A, B, C, D is the backward shift operator z in generalized theory of control-1The polynomial of (a) is determined,
y (t), u (t), v (t) and ω (t) respectively represent the output, input, pre-feedback measurable interference and white noise interference of the controlled object at the time t, y (t) and u (t) of the sensing node are the occurrences of the output control strategy and the input control strategy in the security strategy, pre-feedback measurable interference and white noise interference are malicious attack behaviors around the sensing node, and Δ ═ 1-z-1And represents a difference operator.
3. The active immune security defense method applicable to the perception node of the internet of things as claimed in claim 2, wherein the security policy further comprises establishing controlled parameters of a user during the operation of the system, and estimating A (z) online by using a parameter estimation method-1),B(z-1),C(z-1),D(z-1) When the parameters of the controlled virtual machine are unknown, the input and output controlled process of the sensing node is expressed as follows:
4. The active immune security defense method applicable to the internet of things perception node in any one of claims 1 to 3, characterized in that the method further comprises a security policy automatic updating mechanism which evolves synchronously with the security threat, and the updating mechanism is as follows:
assuming that the new formal description of security threat behavior is Sa, for the sense node security policyA quad (S, TR, U, Y) is described with a security threat probability Pr (st)i) The security threat probability modification function is set to mf (Pr (st) to be adjustedi) Sa), while recalculating the new security threat index SI from the new security threat probability and modifying TR, U, Y as follows:
1) signature encryption is carried out on the information of the new security threat Sa by using a threshold ring signature scheme;
2) the perception node sends the encrypted Sa to a nearest perception network or a perception node adjacent to the Sa;
3) sensing nodes according to Pr (st)i) And Sa calculates mf (Pr (st)i),Sa);
4) Sensing nodes according to mf (Pr (st)i) Sa) recalculating SI;
and the sensing node updates TR, U and Y according to the new security threat index SI, and finally realizes the updating of the security policy.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210372051.1A CN114697123A (en) | 2022-04-11 | 2022-04-11 | Active immune security defense method suitable for sensing node of Internet of things |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210372051.1A CN114697123A (en) | 2022-04-11 | 2022-04-11 | Active immune security defense method suitable for sensing node of Internet of things |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114697123A true CN114697123A (en) | 2022-07-01 |
Family
ID=82142088
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210372051.1A Pending CN114697123A (en) | 2022-04-11 | 2022-04-11 | Active immune security defense method suitable for sensing node of Internet of things |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114697123A (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10771506B1 (en) * | 2017-07-31 | 2020-09-08 | Juniper Networks, Inc. | Deployment of a security policy based on network topology and device capability |
US11075934B1 (en) * | 2021-02-17 | 2021-07-27 | King Abdulaziz University | Hybrid network intrusion detection system for IoT attacks |
CN113271318A (en) * | 2021-07-19 | 2021-08-17 | 中国科学院信息工程研究所 | Network threat perception system and method |
CN113726726A (en) * | 2021-05-30 | 2021-11-30 | 国网河北省电力有限公司信息通信分公司 | Power internet of things credibility measurement method based on edge calculation |
-
2022
- 2022-04-11 CN CN202210372051.1A patent/CN114697123A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10771506B1 (en) * | 2017-07-31 | 2020-09-08 | Juniper Networks, Inc. | Deployment of a security policy based on network topology and device capability |
US11075934B1 (en) * | 2021-02-17 | 2021-07-27 | King Abdulaziz University | Hybrid network intrusion detection system for IoT attacks |
CN113726726A (en) * | 2021-05-30 | 2021-11-30 | 国网河北省电力有限公司信息通信分公司 | Power internet of things credibility measurement method based on edge calculation |
CN113271318A (en) * | 2021-07-19 | 2021-08-17 | 中国科学院信息工程研究所 | Network threat perception system and method |
Non-Patent Citations (2)
Title |
---|
CHENG ZHONG等: "Adaptive Active Immune Policy for Sensor Nodes in Internet of Things", ADVANCES IN ARTIFICIAL INTELLIGENCE AND SECURITY, 23 July 2021 (2021-07-23), pages 514 - 524 * |
袁硕等: "随机自适应动态博弈", 中国科学:数学, vol. 46, no. 10, 20 October 2016 (2016-10-20), pages 2 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Fung et al. | FACID: A trust-based collaborative decision framework for intrusion detection networks | |
KR100813007B1 (en) | Wireless sensor network and adaptive method for monitoring the security thereof | |
Lakshmi Narayanan et al. | Machine learning based detection and a novel EC-BRTT algorithm based prevention of DoS attacks in wireless sensor networks | |
Abusitta et al. | A trust-based game theoretical model for cooperative intrusion detection in multi-cloud environments | |
Appiah-Kubi et al. | Decentralized intrusion prevention (DIP) against co-ordinated cyberattacks on distribution automation systems | |
Moe et al. | TSR: Trust-based secure MANET routing using HMMs | |
Yu et al. | Reinforcement learning solution for cyber-physical systems security against replay attacks | |
Ge et al. | Gazeta: Game-theoretic zero-trust authentication for defense against lateral movement in 5g iot networks | |
CN113453220A (en) | Security method for resisting trust attack of wireless sensor network | |
CN110086779B (en) | Communication safety discrimination method for multi-domain optical network crosstalk attack | |
Zhu et al. | Design Guidelines on Trust Management for Underwater Wireless Sensor Networks | |
Baldoni et al. | On the Use of Fibonacci Sequences for Detecting Injection Attacks in Cyber Physical Systems | |
Anusha et al. | A new trust-based mechanism for detecting intrusions in MANET. | |
Zhu et al. | A distributed sequential algorithm for collaborative intrusion detection networks | |
CN114697123A (en) | Active immune security defense method suitable for sensing node of Internet of things | |
CN109495889B (en) | Heterogeneous mobile network access control method based on mutual trust mechanism | |
Chandan | Consensus routing and environmental discrete trust based secure AODV in MANETs | |
Yang et al. | DS evidence theory based trust detection scheme in wireless sensor networks | |
CN115694956A (en) | Method for evaluating confidence of Internet of things node based on fuzzy evidence theory | |
Olakanmi et al. | Throttle: An efficient approach to mitigate distributed denial of service attacks on software‐defined networks | |
KR20220169584A (en) | METHOD FOR SELECTING IoT OPTIMIZATION NODES AND REMOVING MALICIOUS NODES | |
CN114900294A (en) | Credibility measurement and remote certification method and system for sensing layer of Internet of things | |
Savola et al. | On-Line and Off-Line Security Measurement Framework for Mobile Ad Hoc Networks. | |
Dang et al. | Research on network intrusion response method based on Bayesian attack graph | |
Li et al. | Collaborative intrusion detection in the era of IoT: Recent advances and challenges |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |