CN115021970A - Data self-adaptive safety monitoring method suitable for Internet of things big data center - Google Patents
Data self-adaptive safety monitoring method suitable for Internet of things big data center Download PDFInfo
- Publication number
- CN115021970A CN115021970A CN202210505427.1A CN202210505427A CN115021970A CN 115021970 A CN115021970 A CN 115021970A CN 202210505427 A CN202210505427 A CN 202210505427A CN 115021970 A CN115021970 A CN 115021970A
- Authority
- CN
- China
- Prior art keywords
- terminal
- internet
- things
- model database
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16Y—INFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
- G16Y30/00—IoT infrastructure
- G16Y30/10—Security thereof
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/16—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Abstract
The invention discloses a data self-adaptive safety monitoring method suitable for an Internet of things big data center, belonging to the field of Internet of things big data; the method comprises the following steps: establishing a corresponding state monitoring model for each type of terminal equipment in the Internet of things system to form a terminal model database; the data acquisition module monitors real-time network behavior data of the terminal of the Internet of things; performing terminal model database model matching on the Internet of things terminal acquired by the data acquisition module; if the matching is successful, the safety of the terminal equipment is judged, and safe operation and monitoring are carried out according to the parameters of the model database; and if the matching fails, the control system enters an adaptive safety monitoring mode. The method can bring a high-efficiency and safe operation mode to the Internet of things system.
Description
Technical Field
The invention relates to the field of management of the Internet of things, in particular to a data self-adaptive safety monitoring method suitable for a big data center of the Internet of things.
Background
The internet of things is two network forms for extending and expanding the user end of the internet to any article to perform information exchange and communication on the basis of the internet. The definition is as follows: any article is connected with the Internet according to an agreed protocol through information sensing equipment such as radio frequency identification, an infrared sensor, a global positioning system, a laser scanner and the like to carry out information exchange and communication, so that a network concept of intelligent identification, positioning, tracking, monitoring and management is realized. The internet of things organically combines information flow and logistics through the internet. The Internet of things is widely applied to intelligent applications and/or network services in various industries. The internet of things utilizes public networks (generally referred to as the internet) to realize secure communication, automatic control and wide contact of people and/or things and/or machines. The internet of things is widely applied to all fields which can safely and reliably develop business (application, industry, tourism, building, agriculture, commerce, government affairs and the like) by utilizing the internet. In the application field of the current internet of things, various aspects such as intelligent homes, intelligent campuses, intelligent transportation, intelligent cities and the like exist.
The typical internet of things terminal with limited capability has a Narrow-band internet of things (NB-IoT) terminal, such as a water meter, an electric meter, a gas meter and other equipment with an NB-IoT chip inserted. Because the capability-limited internet of things terminal cannot support performance consumption caused by an authentication scheme with a complex flow (such as DTLS), an application layer protocol is generally adopted in a registration flow by an internet of things platform or an internet of things server to authenticate the terminal, such as a Lightweight M2M protocol (Lightweight M2M, LWM 2M).
In the communication of the internet of things, the current general method is that an interworking gateway receives a registration request from a terminal of the internet of things sent by a core network gateway, wherein the registration request comprises an address and an equipment identifier of the terminal of the internet of things, and the interworking gateway and the core network gateway are in the same IP subnet or private network; and the interworking gateway authenticates the terminal of the Internet of things, and after the authentication is passed, the interworking gateway sends the registration request to the server of the Internet of things. Specifically, the interworking gateway authenticates the internet of things device according to the address and the device identifier of the internet of things terminal in the registration request, and if the address and the device identifier in the registration request are the same as the address and the device identifier locally recorded by the interworking gateway, the authentication is passed. For example, the interworking gateway may query the device identifier corresponding to the address in the local record according to the address in the registration request, and if the device identifier recorded locally by the interworking gateway is the same as the device identifier in the registration request, the authentication is passed; or the interworking gateway can summarize and inquire the corresponding address in the local record according to the equipment identifier in the registration request, and if the address of the interworking gateway local record is the same as the address in the registration request, the authentication is passed.
However, as networks have evolved, network security has also been greatly regulated. Various kinds of cyber attacks are also emerging. The internet of things, as a new type of developed network, is also attacked by various networks. Such as illegal and fake internet of things devices, the border closure and management of all individual devices is a major challenge for the security of the internet of things. The popularity of internet of things devices and the rapid growth in manufacturing volume have raised problems with home networks. Users are not authorized to install illegal and fake internet of things devices in a protected network. These devices either replace the original devices or are integrated into the network to capture sensitive information and data, thereby breaking network boundaries. These devices may be configured to act as rogue access points, cameras, thermostats, and other types of devices to steal communication data without the user's knowledge.
Meanwhile, terminal equipment of the internet of things is generally low-energy-consumption equipment, and energy consumption control of the system plays a key role in normal operation of the internet of things. In the current internet of things control system, energy consumption control of a terminal is a key research direction. The current energy crisis is not in any moment, but the internet of things combines a plurality of intelligent objects together to achieve coordinated control so as to achieve the effect of energy conservation.
When the two major problems of safety and energy consumption are combined together, the current situation of the internet of things has the following problems. When a user is connected with a new terminal device in the Internet of things system, the safety of the device is judged to be of great importance to the whole Internet of things system. Meanwhile, the internet of things system needs to control the operation of a new terminal, especially the control in the aspect of energy consumption. In addition, the matching problem of the new terminal and the whole Internet of things system is also obvious.
Disclosure of Invention
In view of the foregoing analysis, the present invention aims to provide a data adaptive security monitoring method suitable for a big data center of the internet of things, so as to solve the problems of system security and operation mode control due to the access of a new terminal in the internet of things system.
The purpose of the invention is mainly realized by the following technical scheme:
the invention discloses a data self-adaptive safety monitoring method suitable for an Internet of things big data center, which comprises the following steps of:
establishing a corresponding state monitoring model for each type of terminal equipment in the Internet of things system to form a terminal model database;
the data acquisition module monitors real-time network behavior data of the terminal of the Internet of things;
performing terminal model database model matching on the Internet of things terminal acquired by the data acquisition module;
if the matching is successful, the safety of the terminal equipment is judged, and safe operation and monitoring are carried out according to the parameters of the model database;
and if the matching fails, the control system enters an adaptive safety monitoring mode.
Wherein the adaptive security monitoring mode comprises the steps of:
the system continuously monitors whether the operation of the terminal is in a stable state or a safe state;
if the terminal runs stably, the system sends a message to a terminal user to inquire whether the equipment can be trusted;
if the reply of the user is obtained, the system monitors the 24-hour data of the terminal, compares the 24-hour data with the data of the terminal model database, and searches an approximate terminal model database;
selecting data of the confidence interval which meets the requirement, and calculating a temporary terminal model database of the equipment by combining an approximate terminal model database;
continuously optimizing the temporary terminal model database of the equipment, selecting proper long-time running data, and generating a final terminal model database of the equipment;
and (4) operating the equipment according to the terminal model database, and judging whether the terminal equipment is in a normal safe operation mode.
Further, determining whether the terminal is in a secure state includes determining whether the IP address of the terminal is in the terminal model database, and if not, determining that the IP address is a new address, and the system specially tags the terminal. The special marks can give an alarm to an administrator of the Internet of things big data center at certain intervals, and the administrator is prompted to track and confirm the safety of the terminal equipment.
Further, a suitable long time is selected as one year, a suitable operation mode of the terminal equipment is calculated by monitoring temporary operation data of the one year, and a final terminal model database of the equipment is determined. And the administrator sets the confidence interval according to the type of the terminal equipment, and eliminates the non-ideal operation data to form the temporary operation data.
Further, the confidence interval varies according to the needs of a particular user.
Further, the internet of things big data center control module obtains the final terminal model database of the equipment by considering the operating environment, energy consumption and user requirements of the terminal equipment.
Furthermore, the machine learning module compares a temporary terminal model database in the operation data optimization of the terminal through learning, and the control module eliminates unreasonable operation parameters through a system optimal control principle to calculate the optimal control mode of the terminal.
The invention has the following beneficial effects:
the whole operation of the Internet of things system is monitored by establishing a terminal model database, and meanwhile, the control module optimizes the terminal model database irregularly by using machine learning and artificial intelligence technology to ensure that each terminal in the system is in the state of the optimal operation mode at all times.
By judging the safety of the new terminal, the running state of the whole Internet of things system is ensured to be safe, and the data is reasonable.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
Drawings
The drawings are only for purposes of illustrating particular embodiments and are not to be construed as limiting the invention, wherein like reference numerals are used to designate like parts throughout.
Fig. 1 is a flow chart of a data adaptive security monitoring method suitable for an internet of things big data center in the embodiment of the invention.
Fig. 2 is a flow chart in the adaptive security monitoring mode.
Detailed Description
The preferred embodiments of the present invention will now be described in detail with reference to the accompanying drawings, which form a part hereof, and which together with the embodiments of the invention serve to explain the principles of the invention.
The following embodiment describes a specific implementation control method for data adaptive security monitoring suitable for a big data center of the internet of things by using one application of the internet of things, namely smart home. The applicant needs to show that the application of the smart home does not constitute any limitation to the present invention, because the method is applicable to any application scope of the internet of things, and the smart home only plays a role as an explanation case.
The invention discloses a data self-adaptive security monitoring method suitable for a big data center of the Internet of things, which comprises the following steps as shown in figure 1:
And 103, performing terminal model database model matching on the Internet of things terminal acquired by the data acquisition module. And (4) analyzing the operation data collected in the step (102) in real time and matching the operation data with a terminal model database.
And step 1031, if the matching is successful, judging the safety of the terminal equipment, and performing safe operation and monitoring according to the parameters of the model database. And (4) analyzing the operation data collected in the step (102) in real time, successfully matching the operation data with the terminal model database, and judging the type of the operation terminal. And controlling the operation mode and the operation parameters of the terminal according to the parameters of the model database so as to ensure that the terminal operates in a safe and efficient mode.
Wherein the adaptive security monitoring mode comprises the steps of:
And 203, if the reply of the user is obtained, the system monitors the 24-hour data of the terminal, compares the 24-hour data with the data of the terminal model database, and searches an approximate terminal model database. After the end user replies, the system confirms that the terminal is a trusted terminal. The system carries out 24-hour data monitoring on the operation parameters of the terminal, compares the operation parameters with the data of the terminal model database, and searches an approximate terminal model database according to the operation performance and the operation characteristics of the terminal model database.
And step 204, selecting the data of the confidence interval meeting the requirement, and calculating a temporary terminal model database of the equipment by combining the approximate terminal model database. The administrator processes the operating data, selects appropriate confidence differences according to experience, selects operating parameters, and removes untrusted data to assemble a temporary terminal database. The confidence interval varies according to the needs of a particular user.
And step 205, continuously optimizing the temporary terminal model database of the equipment, selecting running data for a proper long time, and generating a final terminal model database of the equipment. Typically, the data center will periodically optimize the temporary terminal model database, for example, in a smart home, typically taking into account different time period factors for the terminal, different users, and different device types. The system also stores a temporary terminal model database for at least one year, which is convenient for the management center to dynamically compare the data so as to determine the optimal control operation mode. And calculating a proper operation mode of the terminal equipment by monitoring temporary operation data of one year, and determining a final terminal model database of the equipment. And the control module eliminates unreasonable operation parameters through a system optimal control principle and calculates the optimal control mode of the terminal.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention.
Claims (8)
1. A data self-adaptive safety monitoring method suitable for an Internet of things big data center comprises the following steps:
1) establishing a corresponding state monitoring model for each type of terminal equipment in the Internet of things system to form a terminal model database;
2) the data acquisition module monitors real-time network behavior data of the terminal of the Internet of things;
3) performing terminal model database model matching on the Internet of things terminal acquired by the data acquisition module;
4) if the matching is successful, the safety of the terminal equipment is judged, and safe operation and monitoring are carried out according to the parameters of the model database;
5) if the matching fails, the control system enters a self-adaptive safety monitoring mode; the method is characterized in that: the adaptive safety monitoring mode comprises the following steps:
a) the system continuously monitors whether the operation of the terminal is in a stable state or a safe state;
b) if the terminal runs stably, the system sends a message to a terminal user to inquire whether the equipment can be trusted;
c) if the reply of the user is obtained, the system monitors the 24-hour data of the terminal, compares the 24-hour data with the data of the terminal model database, and searches for an approximate terminal model database;
d) selecting data of the confidence interval which meets the requirement, and calculating a temporary terminal model database of the equipment by combining an approximate terminal model database;
e) continuously optimizing the temporary terminal model database of the equipment, selecting proper long-time running data, and generating a final terminal model database of the equipment;
f) and (4) operating the equipment according to the terminal model database, and judging whether the terminal equipment is in a normal safe operation mode.
2. The adaptive security monitoring method of claim 1, wherein the step a) of determining whether the terminal is in a secure state comprises determining whether the IP address of the terminal is in the terminal model database, and if not, determining that the IP address is a new address, and the system specially marks the terminal.
3. The adaptive security monitoring method according to claim 2, wherein the special mark gives an alarm to an administrator of the big data center of the internet of things at certain intervals, so as to prompt the administrator to track and confirm the security of the terminal device.
4. The adaptive security monitoring method according to claim 1, wherein the suitable long time is one year, and the terminal model database of the terminal device is determined finally by monitoring temporary operation data of one year, calculating a suitable operation mode of the terminal device.
5. The adaptive safety monitoring method according to claim 4, wherein an administrator sets the confidence interval according to the type of the terminal device, and eliminates non-ideal operation data to form the temporary operation data.
6. The adaptive security monitoring method of claim 5, wherein the confidence interval varies according to the needs of a particular user.
7. The adaptive security monitoring method of claim 1, wherein the internet of things big data center control module obtains the final terminal model database of the device in consideration of the operation environment, energy consumption and user requirements of the terminal device.
8. The adaptive security monitoring method according to claim 1, wherein the machine learning module optimizes the temporary terminal model database in step e) by learning and comparing the operational data of the terminal, and the control module calculates the optimal control mode of the terminal by rejecting unreasonable operational parameters according to the system optimal control principle.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210505427.1A CN115021970B (en) | 2022-05-10 | 2022-05-10 | Data self-adaptive safety monitoring method suitable for big data center of Internet of things |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210505427.1A CN115021970B (en) | 2022-05-10 | 2022-05-10 | Data self-adaptive safety monitoring method suitable for big data center of Internet of things |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115021970A true CN115021970A (en) | 2022-09-06 |
CN115021970B CN115021970B (en) | 2023-08-22 |
Family
ID=83068245
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210505427.1A Active CN115021970B (en) | 2022-05-10 | 2022-05-10 | Data self-adaptive safety monitoring method suitable for big data center of Internet of things |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115021970B (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2005015404A2 (en) * | 2003-08-06 | 2005-02-17 | Moshe Halevy | Method and apparatus for unified performance modeling with monitoring and analysis of complex systems |
CN101533261A (en) * | 2007-09-28 | 2009-09-16 | 费舍-柔斯芒特系统股份有限公司 | Method and apparatus for intelligent control and monitoring in a process control system |
CN111163115A (en) * | 2020-04-03 | 2020-05-15 | 深圳市云盾科技有限公司 | Internet of things safety monitoring method and system based on double engines |
WO2020107905A1 (en) * | 2018-11-29 | 2020-06-04 | 华普特科技(深圳)股份有限公司 | Monitoring and managing methods for device, and terminal device |
US20210287274A1 (en) * | 2020-03-13 | 2021-09-16 | Hai Viet Nguyen | Methods and systems for a all-in-one personal fashion coaching and assistance using artificial intelligence and peer-to-peer network databases |
CN113595890A (en) * | 2021-08-06 | 2021-11-02 | 江苏方天电力技术有限公司 | Internet of things access gateway system under power grid multi-service application scene |
CN113873512A (en) * | 2021-09-28 | 2021-12-31 | 中国电子科技集团公司信息科学研究院 | Internet of things edge gateway security architecture system |
-
2022
- 2022-05-10 CN CN202210505427.1A patent/CN115021970B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2005015404A2 (en) * | 2003-08-06 | 2005-02-17 | Moshe Halevy | Method and apparatus for unified performance modeling with monitoring and analysis of complex systems |
CN101533261A (en) * | 2007-09-28 | 2009-09-16 | 费舍-柔斯芒特系统股份有限公司 | Method and apparatus for intelligent control and monitoring in a process control system |
WO2020107905A1 (en) * | 2018-11-29 | 2020-06-04 | 华普特科技(深圳)股份有限公司 | Monitoring and managing methods for device, and terminal device |
US20210287274A1 (en) * | 2020-03-13 | 2021-09-16 | Hai Viet Nguyen | Methods and systems for a all-in-one personal fashion coaching and assistance using artificial intelligence and peer-to-peer network databases |
CN111163115A (en) * | 2020-04-03 | 2020-05-15 | 深圳市云盾科技有限公司 | Internet of things safety monitoring method and system based on double engines |
CN113595890A (en) * | 2021-08-06 | 2021-11-02 | 江苏方天电力技术有限公司 | Internet of things access gateway system under power grid multi-service application scene |
CN113873512A (en) * | 2021-09-28 | 2021-12-31 | 中国电子科技集团公司信息科学研究院 | Internet of things edge gateway security architecture system |
Also Published As
Publication number | Publication date |
---|---|
CN115021970B (en) | 2023-08-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Hammi et al. | IoT technologies<? show [AQ ID= Q1]?> for smart cities | |
US20210274350A1 (en) | Using a blockchain to determine trustworthiness of messages within a telecommunications network for a smart city | |
US20240121304A1 (en) | Camera network for enhancing industrial monitoring and security | |
CN102202302B (en) | The method of network is added in conjunction with network and Wireless Sensor Network Terminal | |
CN110351385B (en) | Home gateway system and data forwarding method | |
CN109922160A (en) | A kind of terminal security cut-in method, apparatus and system based on electric power Internet of Things | |
CN110830998B (en) | Vehicle networking malicious node identification method based on trust mechanism | |
CN102811416A (en) | Method and system for controlling terminal device of Internet of things | |
Mahapatra et al. | A survey on secure transmission in internet of things: taxonomy, recent techniques, research requirements, and challenges | |
CN102202298A (en) | Combined network and method for wireless sensor network terminal to join network | |
US20200213826A1 (en) | Using a blockchain to determine trustworthiness of messages between vehicles over a telecommunications network | |
CN108881470A (en) | A kind of data remote monitoring system and its implementation | |
CN102202389B (en) | A kind of method and system gateway being realized to management | |
CN112469044A (en) | Edge access control method and controller for heterogeneous terminal | |
CN110708357A (en) | Data management method, storage medium and system based on NB-IOT | |
CN115021970B (en) | Data self-adaptive safety monitoring method suitable for big data center of Internet of things | |
CN117097489B (en) | Lightweight double-factor agriculture Internet of things equipment continuous authentication method and system | |
CN112822216A (en) | Authentication method for binding of Internet of things sub-equipment | |
Sivanandam et al. | Intrusion detection system for bluetooth mesh networks using machine learning | |
CN112469034B (en) | Internet of things gateway device capable of safely authenticating physical sensing equipment and access method thereof | |
CN108270863B (en) | After-sale service authenticity verification method based on Internet of things | |
CN113282007A (en) | Intelligent household control method and system | |
CN105847341B (en) | Relative disposition information creating method and device | |
US11968607B2 (en) | Using a blockchain to determine trustworthiness of messages between vehicles over a telecommunications network | |
Rathore et al. | INTERNET OF THINGS: a review article |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |