CN116055150A - Internet of vehicles intrusion detection platform, method and related equipment - Google Patents
Internet of vehicles intrusion detection platform, method and related equipment Download PDFInfo
- Publication number
- CN116055150A CN116055150A CN202211734093.1A CN202211734093A CN116055150A CN 116055150 A CN116055150 A CN 116055150A CN 202211734093 A CN202211734093 A CN 202211734093A CN 116055150 A CN116055150 A CN 116055150A
- Authority
- CN
- China
- Prior art keywords
- task
- vehicles
- internet
- intrusion detection
- service provider
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 36
- 238000001514 detection method Methods 0.000 title claims description 119
- 238000012549 training Methods 0.000 claims description 99
- 230000004044 response Effects 0.000 claims description 49
- 230000008901 benefit Effects 0.000 claims description 19
- 230000008569 process Effects 0.000 claims description 19
- 238000004364 calculation method Methods 0.000 claims description 15
- 238000012360 testing method Methods 0.000 claims description 15
- 230000006870 function Effects 0.000 claims description 14
- 238000004891 communication Methods 0.000 claims description 11
- 238000004590 computer program Methods 0.000 claims description 8
- 238000000354 decomposition reaction Methods 0.000 claims description 4
- 230000006855 networking Effects 0.000 description 13
- 238000010586 diagram Methods 0.000 description 4
- 238000011156 evaluation Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000002347 injection Methods 0.000 description 3
- 239000007924 injection Substances 0.000 description 3
- 239000000243 solution Substances 0.000 description 3
- 241000251737 Raja Species 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000010365 information processing Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000013139 quantization Methods 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000013135 deep learning Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 235000019800 disodium phosphate Nutrition 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000005065 mining Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 231100000572 poisoning Toxicity 0.000 description 1
- 230000000607 poisoning effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000005316 response function Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a platform, a method and related equipment for detecting intrusion of Internet of vehicles, wherein the platform comprises the following components: the distributed billing system comprises a alliance chain node, a service provider and a service requester, wherein the alliance chain node comprises a Peer node and an Orderer node, the Orderer node is used for providing consensus service, different Peer nodes are interconnected and intercommunicated through channels to form a distributed billing network, the service requester separates the working flow of different service providers into different channels, each channel comprises an HLF chain code corresponding to the channel, and the chain code initializes and manages the state of a billing book of the distributed billing network through transaction data.
Description
Technical Field
The invention relates to the field of Internet of vehicles safety detection, in particular to an Internet of vehicles intrusion detection platform, an Internet of vehicles intrusion detection method and related equipment.
Background
With the increase of the complexity of the network structure, network resources are generally distributed in a scattered way, and the characteristic is particularly obvious in the Internet of vehicles. In the distributed ad hoc network such as the internet of vehicles, vehicles are divided into regional subnets consisting of individual ad hoc network clusters according to their spatial geographical locations, which results in intrusion activities being increasingly cooperative, so that the limitations of the conventional intrusion detection system (intrusion detection system, abbreviated as "IDS") are exposed. Current research on IDS tends to design and build distributed IDS, where multiple detection entities monitor different network portions, and the entities cooperate with each other to complete a detection task. Shu et al propose a collaborative intrusion detection system (Shu, jiangang, lei Zhou, weizhe Zhang, xiaojiang Du, and Mohsen Guizani. Collarbonate intrusion detection for VANETs: a deep learning-based distributed SDN app.IEEE Transactions on Intelligent Transportation Systems, vol.22, no.7, pp.4519-4530,2020.) based on a distributed software defined network (Software Defined Networking, SDN), enabling a plurality of SDN controllers to jointly train a global intrusion detection algorithm model of the entire VANETs network by placing one distributed SDN controller on each roadside communication Unit (Road Side Unit, RSU) without directly exchanging their subnet information streams. The validity of an IDS collaborative framework based on SDN must be built on the assumption that all RSUs are trusted, and once one or more RSUs are attacked by DOS, the IDS collaborative training process breaks down, and a clear attacker can leave a backdoor in such IDS through poisoning attacks. Zhang et al devised an IDS collaboration framework based on privacy preserving machine learning (Zhang, tao, and quantian zhu. Distributed privacy-preserving collaborative intrusion detection systems for vanets. Ieee Transactions on Signal and Information Processing over Networks, vol.4, no.1, pp.148-161,2018.) employing an alternate direction multiplier method (Alternating Direction Method of Multiplier, ADMM) for one class of experience risk minimization problems and using differential privacy methods to capture the privacy symbols of the IDS to improve the security and privacy of the collaboration framework. Similarly, raja [38] et al designed a traffic model based on transmission delay and vehicle density and proposed a collaborative IDS (Raja, gunasekaran, sudha Anbalagan, geetha Vijayaraghavan, sudhakar Theerthagiri, saran Vaitangarukav Suryanarayan, and Xin-Wen Wu.SP-CIDS: secure and private collaborative IDS for VANETs.IEEE Transactions on Intelligent Transportation Systems, vol.22, no.7, pp.4385-4393,2020.) using statistical techniques for false information attacks in VANETs. It is independent of any infrastructure (including RSUs) and works without expensive hardware (e.g. lidar, sensors, cameras, etc.). However, internet of vehicles based IDS must be lightweight, and it is impractical to introduce significant computational overhead to the vehicle. Furthermore, traffic flow information is typically limited to each vehicle, and existing distributed solutions cannot detect all attack types present in the entire internet of vehicles. Abdel-Basset et al propose a novel edge intelligent blockchain (Edge Intelligence Blockchain, EIB) framework (Abdel-Basset, mohamed, nour Moustafa, hossam Hawash, imran Razzak, karam M.Sallam, and Osama M.Elkomy.fed Intrusion Detection in Blockchain-Based Smart Transportation systems.IEEE Transactions on Intelligent Transportation Systems, 2021.) that combines blockchain and VEC paradigms to handle data exchange in a vehicle network, thereby providing an efficient, secure and decentralized IDS collaboration framework. To accommodate heterogeneous traffic network data, a context-aware converter network is introduced for learning a spatio-temporal representation of vehicle traffic to identify different types of internet of vehicles attacks. To prevent the most common injection attacks and member inference attacks in IDS collaboration frameworks, omkar et al build a blockchain-based peer-to-peer joint training framework (Shende, omkar, R.K. Pateriya, priyanka Verma, and Anupama Jain. CEBM: collaborative Ensemble Blockchain Model for Intrusion Detection in IoT environmental.2021.) for intrusion detection, the blockchain system used can track the contribution of each participant IDS, and the resulting digital currency can be used to purchase corresponding secure resources. Although the above-mentioned public blockchain can provide a transparent data exchange platform for all vehicle-mounted intrusion detection systems, the strict and complex consensus mechanism directly leads to the fact that the speed of processing data by the public chain is beyond a tolerable range, and generally, updating of information on one chain requires 3-4 blocks of uplink to be finally confirmed.
However, the internet of vehicles data presents significant independent co-distribution characteristics among different regions, and the inventor finds that in the process of realizing the invention, the prior art has at least the following problems: most of the existing federal collaborative intrusion detection technologies are based on the assumption that training test data are independently and uniformly distributed, so that heterogeneous data from all parties of the Internet of vehicles cannot be handled, and injection attack and membership inference attack are two security threats specific to the collaborative intrusion detection technologies. Because of the requirement of collaborative modeling, malicious third parties can participate in the construction process of the global detection model, and borrow the engine to launch injection and membership inference attack, privacy leakage of the collaborative model can be caused, and even data islands among subnets can be formed. Therefore, how to standardize the behaviors of third party modeling participants and construct a high-efficiency and safe Internet of vehicles intrusion detection platform is a technical problem to be solved urgently.
Disclosure of Invention
The embodiment of the invention provides a vehicle networking intrusion detection platform, a method, a device, computer equipment and a storage medium for the vehicle networking intrusion detection method, so as to improve the safety and accuracy of the vehicle networking intrusion detection.
In order to solve the technical problem, the embodiment of the application provides a vehicle networking intrusion detection platform, which is characterized by comprising a alliance chain node, service providers and service requesters, wherein the alliance chain node comprises a Peer node and an Orderer node, the Orderer node is used for providing consensus service, different Peer nodes are interconnected and intercommunicated through channels to form a distributed billing network, the service requesters separate the working flows of different service providers into different channels, each channel comprises HLF chain codes corresponding to the channel, and the chain codes initialize and manage the state of the billing book of the distributed billing network through transaction data.
Optionally, the Peer nodes are configured to submit transaction data to the Orderer nodes, and after receiving the ordered block sequences generated by the Orderer nodes, each Peer node independently adds the ordered block sequences to a billing book of a respective distributed billing network in the same manner.
In order to solve the above technical problems, an embodiment of the present application provides a method for detecting an intrusion of a vehicle networking, where the method for detecting an intrusion of a vehicle networking is applied to an intrusion detection platform of a vehicle networking, and the method includes:
the service requester u decomposes the federal training task trained by the Internet of vehicles intrusion detection model into a first task w 1 Second task w 2 And third task w 3 Wherein the first task w 1 For serving the global training task of generator G in requester u, the second task w 2 A third task w, which is a global training task serving the arbiter D in the requester u 3 A global training task for the classifier C in the service requester u;
for task w i The service requester u puts forward a collaboration request by calling an HLF chain code, and when the HLF chain code is called, the Internet of vehicles intrusion detection platform is adopted to construct a digital asset, wherein the digital asset is used for recording a task w i And generating a maximum effective time of the collaboration request, wherein i=1, 2,3;
Candidate service provider V within the maximum effective time range k Invoking HLF chain code to read collaboration request and based on candidate service provider V k Providing a local alternative model and corresponding price according to different strategies of the digital asset, and recording the key response information into the digital asset by adopting HLF chain codes as key response information;
when the maximum effective time is reached, detecting the number of candidate service providers receiving the response by using HLF chain codes, if the number reaches the requirement, calculating QoS of all candidate service providers participating in the response, and storing QoS calculation results in the digital asset;
the service requester u determines a service provider according to the digital asset and signs a collaboration agreement with the service provider;
performing federal training according to the collaboration protocol to obtain a trained Internet of vehicles intrusion detection model, and issuing benefits to each service provider according to the collaboration protocol;
and when receiving real-time communication data of the Internet of vehicles, adopting the trained Internet of vehicles intrusion detection model to perform intrusion detection.
Optionally, the service requester u determines a service provider from the digital asset and signs a collaboration agreement with the service provider comprising:
The HLF chain code requests the service requester u to give a discrimination result label and a category classification label; the HLF chain code calculates QoS of each service provider according to the test result, the discrimination result label, the category classification label and the service provider response model, wherein the QoS comprises at least one of accuracy, recall rate, false alarm rate and F1-Score;
and selecting service providers from the candidate service providers according to QoS of each candidate service provider, and signing a collaboration agreement with the service providers.
Optionally, the selecting a service provider from the candidate service providers according to QoS of each candidate service provider, and signing a collaboration agreement with the service provider includes:
weighting and normalizing each QoS attribute of the service provider to obtain a single value corresponding to the QoS attribute as a reference value;
based on the reference value and a preset benefit function, the task w is achieved i Calculating the benefits of the federal training cooperation strategy;
and determining a service provider according to the federal training cooperation strategy, generating a cooperation protocol, and signing the cooperation protocol with the service provider.
Optionally, the performing federal training according to the collaboration protocol, and obtaining the trained intrusion detection model of the internet of vehicles includes:
the service requester u generates a sample training set by a local generator for a first task w 1 The HLF chain code forwards the sample training set to a service provider and acquires corresponding discrimination feedback;
for the second task w 2 And third task w 3 The HLF chain code requests the service provider to send the latest classifier and arbiter;
when the information received by the HLF chain code accords with the preset condition, the HLF chain code performs collaborative training on the service requester u, and key information in the collaborative training process is recorded in the digital asset.
Optionally, the internet of vehicles intrusion detection method further includes: during execution of collaboration training by the HLF chain code, if any service provider performance-substandard messages are detected, an update function is invoked, signing collaboration agreements between service requester u and the service provider.
In order to solve the above technical problem, the embodiment of the present application further provides an intrusion detection device for internet of vehicles, including:
the task decomposition module is used for decomposing a federal training task trained by the Internet of vehicles intrusion detection model into a first task w by the service requester u 1 Second task w 2 And third task w 3 Wherein the first task w 1 For serving the global training task of generator G in requester u, the second task w 2 A third task w, which is a global training task serving the arbiter D in the requester u 3 A global training task for the classifier C in the service requester u;
an assistance request module for the task w i The service requester u puts forward a collaboration request by calling an HLF chain code, and when the HLF chain code is called, the Internet of vehicles intrusion detection platform is adopted to construct a digital asset, wherein the digital asset is used for recording a task w i And generating a maximum effective time of the collaboration request, wherein i=1, 2,3;
a collaboration response collection module for candidate service providers V within a maximum effective time range k Invoking HLF chain code to read collaboration request and based on candidate service provider V k Providing a local alternative model and corresponding price according to different strategies of the digital asset, and recording the key response information into the digital asset by adopting HLF chain codes as key response information;
the QoS calculation module is used for detecting the number of the candidate service providers receiving the response by using the HLF chain code when the maximum effective time is reached, if the number reaches the requirement, calculating the QoS of all the candidate service providers participating in the response, and storing the QoS calculation result into the digital asset;
The protocol signing module is used for determining a service provider according to the digital asset by the service requester u and signing a collaboration protocol with the service provider;
the model training module is used for performing federal training according to the collaboration protocol to obtain a trained Internet of vehicles intrusion detection model, and issuing benefits to each service provider according to the collaboration protocol;
and the intrusion detection module is used for performing intrusion detection by adopting the trained Internet of vehicles intrusion detection model when the Internet of vehicles real-time communication data are received.
Optionally, the protocol signing module includes:
the QoS calculation unit is used for requesting the service requester u to give a discrimination result label and a category classification label by the HLF chain code; the HLF chain code calculates QoS of each service provider according to the test result, the discrimination result label, the category classification label and the service provider response model, wherein the QoS comprises at least one of accuracy, recall rate, false alarm rate and F1-Score;
and the collaboration agreement signing unit is used for selecting service providers from the candidate service providers according to QoS of each candidate service provider and signing collaboration agreements with the service providers.
Optionally, the collaboration protocol signing unit includes:
a quantization subunit, configured to weight and normalize each QoS attribute of the service provider to obtain a single value corresponding to the QoS attribute, as a reference value;
a cooperation strategy determination subunit for achieving task w based on the reference value and a preset benefit function i Calculating the benefits of the federal training cooperation strategy;
and the agreement signing subunit is used for determining a service provider according to the federal training collaboration policy and generating a collaboration agreement, and signing the collaboration agreement with the service provider.
Optionally, the model training module includes:
a first receiving unit for generating a sample training set by a local generator for a service requester u, aiming at a first task w 1 The HLF chain code forwards the sample training set to a service provider and acquires corresponding discrimination feedback;
a second receiving unit for aiming at a second task w 2 And third task w 3 ,HLFThe chain code requests the service provider to send the latest classifier and the discriminator;
and the cooperative training unit is used for executing cooperative training on the service requester u by the HLF chain code when the information received by the HLF chain code accords with the preset condition, and recording key information in the cooperative training process into the digital asset.
In order to solve the above technical problem, the embodiments of the present application further provide a computer device, including a memory, a processor, and a computer program stored in the memory and capable of running on the processor, where the steps of the above internet of vehicles intrusion detection method are implemented when the processor executes the computer program.
In order to solve the above technical problem, the embodiments of the present application further provide a computer readable storage medium, where a computer program is stored, where the computer program when executed by a processor implements the steps of the above-mentioned internet of vehicles intrusion detection method.
The Internet of vehicles intrusion detection platform, the Internet of vehicles intrusion detection method, the Internet of vehicles intrusion detection device, the computer equipment and the storage medium provided by the embodiment of the invention decompose the federal training task trained by the Internet of vehicles intrusion detection model into a first task w through a service requester u 1 Second task w 2 And third task w 3 Wherein the first task w 1 For serving the global training task of generator G in requester u, a second task w 2 A third task w, which is a global training task serving the arbiter D in the requester u 3 For a global training task serving classifier C in requestor u, for task w i The service requester u puts forward a collaboration request by calling an HLF chain code, and when the HLF chain code is called, a vehicle networking intrusion detection platform is adopted to construct a digital asset, and the digital asset is used for recording a task w i And generates a maximum effective time of the collaboration request, wherein i=1, 2,3, within which the candidate service provider V is within k Invoking HLF chain code to read collaboration request and based on candidate service provider V k Providing local alternative models and corresponding prices as key response information by adopting different strategies of the key response information, and adopting HLF chain codes to send key response informationRecording information into digital assets, detecting the number of candidate service providers receiving response by using HLF chain codes when the maximum effective time is reached, if the number reaches the requirement, calculating QoS of all candidate service providers participating in the response, storing QoS calculation results into the digital assets, determining the service providers according to the digital assets by a service requester u, signing a collaboration protocol with the service providers, performing federal training according to the collaboration protocol to obtain a trained Internet of vehicles intrusion detection model, issuing benefits to each service provider according to the collaboration protocol, and performing intrusion detection by using the trained Internet of vehicles intrusion detection model when real-time communication data of the Internet of vehicles are received. The distributed cooperation model training process is automatically completed through the HLF chain codes with consensus, so that the integrity of all cooperators is guaranteed to participate in the cooperation process, the authenticity and the safety of data in the internet of vehicles intrusion detection model training process are improved, the accuracy of intrusion detection of the intrusion detection model trained by the method is improved, meanwhile, the QoS evaluation is adopted, the efficient execution of the distributed cooperation is guaranteed, and the efficiency of model training and intrusion detection is improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments of the present invention will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is an exemplary system architecture diagram of an Internet of vehicles intrusion detection platform as may be used in the present application;
FIG. 2 is a flow chart of one embodiment of a method of Internet of vehicles intrusion detection of the present application;
FIG. 3 is a schematic structural view of one embodiment of an in-vehicle networking intrusion detection device according to the present application;
FIG. 4 is a schematic structural diagram of one embodiment of a computer device according to the present application.
Detailed Description
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs; the terminology used in the description of the applications herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application; the terms "comprising" and "having" and any variations thereof in the description and claims of the present application and in the description of the figures above are intended to cover non-exclusive inclusions. The terms first, second and the like in the description and in the claims or in the above-described figures, are used for distinguishing between different objects and not necessarily for describing a sequential or chronological order.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment may be included in at least one embodiment of the present application. The appearances of such phrases in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. Those of skill in the art will explicitly and implicitly appreciate that the embodiments described herein may be combined with other embodiments.
The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1, as shown in fig. 1, an intrusion detection platform for internet of vehicles in this embodiment of fig. 1 is characterized by comprising a federation link node, a service provider and a service requester, wherein the federation link node comprises a Peer node and an Orderer node, the Orderer node is used for providing consensus service, different Peer nodes are interconnected and intercommunicated through channels to form a distributed billing network, the service requester separates the working flows of different service providers into different channels, each channel comprises HLF link codes corresponding to the channel, and the link codes initialize and manage the billing state of the distributed billing network through transaction data.
Further, the Peer nodes are configured to submit transaction data to the Orderer nodes and, upon receiving the ordered sequence of blocks generated by the Orderer nodes, each Peer node independently adds the ordered sequence of blocks to the accounting book of the respective distributed accounting network in the same manner.
In order to solve the above technical problems, the embodiment of the present application further provides an internet of vehicles intrusion detection method, where the internet of vehicles intrusion detection method is applied to the internet of vehicles intrusion detection platform shown in fig. 1, and the details are as follows:
s201: the service requester u decomposes the federal training task trained by the Internet of vehicles intrusion detection model into a first task w 1 Second task w 2 And third task w 3 Wherein the first task w 1 For serving the global training task of generator G in requester u, a second task w 2 A third task w, which is a global training task serving the arbiter D in the requester u 3 Is a global training task to serve classifier C in requester u.
Specifically, in this embodiment, an internet of vehicles intrusion detection model is used to generate an impedance network model, where the internet of vehicles intrusion detection model includes a generator G, a discriminator D and a classifier C, the internet of vehicles is integrally formed by different area subnets including a plurality of ad hoc network clusters, the network traffic monitoring and anomaly detection are performed between the different area subnets by using the independent internet of vehicles intrusion detection model, and a service requester u is a subnet that makes a request. The federal training task of the internet of vehicles intrusion detection model training is to train the internet of vehicles intrusion detection model of the local service requester u through distributed federal training, and the sparse class is compensated by utilizing the generating generalization capability of the generating countermeasure network.
In the internet of vehicles, the problem of unbalanced data classification and sparse attack sample of local data exists, and the problem of cooperative model privacy exists in federal learning.
S202: for task w i The service requester u puts forward a collaboration request by calling an HLF chain code, and when the HLF chain code is called, a vehicle networking intrusion detection platform is adopted to construct a digital asset, and the digital asset is used for recording a task w i And generates a maximum effective time of the collaboration request, where i=1, 2,3.
In this embodiment, the model training task is split into multiple tasks, and then the maximum effective time of the collaboration request corresponding to each task is set according to the actual needs, for each work task, the service requester u invokes the corresponding HLF link code to issue its collaboration request (e.g. QoS, service price, etc.), and then copies of the HLF link code propagate in the same channel and run on the Peer node that the service provider can interact with. The candidate service provider reads the collaboration request and then writes its response to a copy of the corresponding HLF chain code.
In this embodiment, the HLF chain code is selected as the chain code, which has the following advantages: 1) There is no workload of Work (PoW) and encryption mining algorithm in the platform of HLF chain code construction, so transaction throughput is several times that of public blockchains (e.g., bitcoin, ethernet, etc.); 2) The HLF chain code has the characteristics of multithread communication and synchronous operation, the chain code can be called by legal users in parallel, and meanwhile, the account book of the distributed network of the platform constructed by the HLF chain code is inquired and updated; 3) The platform constructed by the HLF chain code only allows the invited authorized user to participate, so that various decision processes of a malicious anonymous third party participating in the platform are avoided.
In the HLF chain code build platform, the service requester creates a dedicated chain code for each work task of the federal training process. Each chain code contains the function: init, publish, response, evaluate, execute and update, but functions of the same name are implemented differently in different chain codes.
1) init: for work task w i The service requester u uses the install command to deploy a carefully designed chain code on the platform that the parties have reached consensus and invokes the init function of the chain code for initialization.
2)publish: the service requester u calls a public function of the chain code to make a collaboration request, and main parameters include: desired QoS q u,i Budget c u,i Test sample { X ] of generator G of service requester u test ,Y label Test sample X of } or discriminator D and classifier C test Initial weights of the model to be collaborative with uOmega and theta. While the chain code is being invoked, a new digital asset is created for recording the work task w i And sets the maximum valid time of the collaboration request. (Note: X) test Combining the true sample and the generated sample, Y label Is X test A corresponding tag. )
3) response-candidate service provider v within effective collaboration time k And calling a response function of the chain code to read the collaboration request, and providing a plurality of local alternative models and corresponding prices according to different strategies. The chain code simultaneously records the key response information in the digital asset.
4) evaluation: when the maximum validity time is reached, the chain code automatically detects whether there is a response received from a sufficient service provider. If so, the evaluation function is automatically invoked, which first requests a label given the test result from the requesting service requester u. The chain code may then calculate QoS for all service providers based on the test results, given the tag, and the model in the service provider response, including: accuracy, recall, F1-Score, and false positive rate. After obtaining the QoS of the service provider, the chain code may perform federal training by signing up as many quality models as possible. Finally, the chain code will save the test results, calculated QoS, to the digital asset.
S203: candidate service provider V within the maximum effective time range k Invoking HLF chain code to read collaboration request and based on candidate service provider V k And providing a local alternative model and a corresponding price according to different strategies, and recording the key response information into the digital asset by using the HLF chain code as the key response information.
In this embodiment, candidate service provider V k For the kth candidate service provider, each candidate service provider locally contains a different candidate model, each candidate model contains its own price, candidate service provider V k And reading the collaboration request by calling the HLF chain code, selecting to respond or not respond according to the actual application requirement of the HLF chain code, generating key response information when responding, and calling the HLF chain code to record the key response information into the digital asset.
S204: and when the maximum effective time is reached, detecting the number of candidate service providers receiving the response by using the HLF chain code, if the number reaches the requirement, calculating QoS of all candidate service providers participating in the response, and storing QoS calculation results in the digital asset.
S205: the service requester u determines the service provider from the digital asset and signs a collaboration agreement with the service provider.
Optionally, the service requester u determines a service provider from the digital asset and performs a signed collaboration agreement with the service provider including:
the HLF chain code requests the service requester u to give a discrimination result label and a category classification label; the HLF chain code calculates QoS of each service provider according to the test result, the discrimination result label, the category classification label and the service provider response model, wherein the QoS comprises at least one of accuracy, recall rate, false alarm rate and F1-Score;
a service provider selected from the candidate service providers according to the QoS of each candidate service provider, and a signed collaboration agreement with the service provider.
Optionally, selecting a service provider from the candidate service providers according to QoS of each candidate service provider, and signing a collaboration agreement with the service provider includes:
weighting and normalizing each QoS attribute of a service provider to obtain a single value corresponding to the QoS attribute as a reference value;
based on the reference value and the preset benefit function, the task w is achieved i Benefit meter of (a)Calculating, and determining a federal training cooperation strategy;
determining a service provider according to the federal training collaboration policy, generating a collaboration agreement, and signing the collaboration agreement with the service provider.
S206: and performing federal training according to the collaboration protocol to obtain a trained Internet of vehicles intrusion detection model, and issuing benefits to each service provider according to the collaboration protocol.
Further, performing federal training according to a collaboration protocol, the obtaining a trained internet of vehicles intrusion detection model comprising:
the service requester u generates a sample training set by a local generator for a first task w 1, The HLF chain code forwards the sample training set to a service provider, and acquires corresponding discrimination feedback;
for the second task w 2 And third task w 3 The HLF chain code requests the service provider to send the latest classifier and arbiter;
when the information received by the HLF chain code accords with the preset condition, the HLF chain code performs collaborative training on the service requester u, and key information in the collaborative training process is recorded in the digital asset.
In a specific optional embodiment, the internet of vehicles intrusion detection method further includes: during execution of collaboration training by the HLF chain code, if any service provider performance-substandard messages are detected, an update function is invoked, signing collaboration agreements between service requester u and the service provider.
S207: and when receiving real-time communication data of the Internet of vehicles, adopting a trained Internet of vehicles intrusion detection model to perform intrusion detection.
In this embodiment, the service requester u decomposes the federal training task trained by the internet of vehicles intrusion detection model into a first task w 1 Second task w 2 And third task w 3 Wherein the first task w 1 For serving the global training task of generator G in requester u, a second task w 2 A third task w, which is a global training task serving the arbiter D in the requester u 3 Global training of classifier C in service requester uFor task w i The service requester u puts forward a collaboration request by calling an HLF chain code, and when the HLF chain code is called, a vehicle networking intrusion detection platform is adopted to construct a digital asset, and the digital asset is used for recording a task w i And generates a maximum effective time of the collaboration request, wherein i=1, 2,3, within which the candidate service provider V is within k Invoking HLF chain code to read collaboration request and based on candidate service provider V k Providing different strategies of the service requester U, providing a local alternative model and corresponding prices, using HLF chain codes as key response information to record the key response information into digital assets, detecting the number of candidate service providers receiving the response by using the HLF chain codes when the maximum effective time is reached, if the number meets the requirement, calculating QoS of all candidate service providers participating in the response, storing QoS calculation results into the digital assets, determining the service providers by the service requester U according to the digital assets, signing a cooperation protocol with the service providers, executing federal training according to the cooperation protocol to obtain a trained Internet of vehicles intrusion detection model, issuing benefits to each service provider according to the cooperation protocol, and performing intrusion detection by using the trained Internet of vehicles intrusion detection model when real-time communication data of the Internet of vehicles are received. The distributed cooperation model training process is automatically completed through the HLF chain codes with consensus, so that the integrity of all cooperators is guaranteed to participate in the cooperation process, the authenticity and the safety of data in the internet of vehicles intrusion detection model training process are improved, the accuracy of intrusion detection of the intrusion detection model trained by the method is improved, meanwhile, the QoS evaluation is adopted, the efficient execution of the distributed cooperation is guaranteed, and the efficiency of model training and intrusion detection is improved.
It should be understood that the sequence number of each step in the foregoing embodiment does not mean that the execution sequence of each process should be determined by the function and the internal logic, and should not limit the implementation process of the embodiment of the present invention.
Fig. 3 shows a schematic block diagram of an intrusion detection device for internet of vehicles, which corresponds to the intrusion detection method for internet of vehicles in one-to-one correspondence to the above embodiment. As shown in fig. 3, the internet of vehicles intrusion detection device includes a task decomposition module 31, an assistance request module 32, a collaboration response collection module 33, a QoS calculation module 34, a protocol signing module 35, a model training module 36, and an intrusion detection module 37. The functional modules are described in detail as follows:
a task decomposition module 31 for decomposing the federal training task trained by the internet of vehicles intrusion detection model into a first task w by the service requester u 1 Second task w 2 And third task w 3 Wherein the first task w 1 For serving the global training task of generator G in requester u, a second task w 2 A third task w, which is a global training task serving the arbiter D in the requester u 3 A global training task for the classifier C in the service requester u;
an assistance request module 32 for, for a task w i The service requester u puts forward a collaboration request by calling an HLF chain code, and when the HLF chain code is called, a vehicle networking intrusion detection platform is adopted to construct a digital asset, and the digital asset is used for recording a task w i And generating a maximum effective time of the collaboration request, wherein i=1, 2,3;
a collaboration response collection module 33 for candidate service providers V within a maximum effective time range k Invoking HLF chain code to read collaboration request and based on candidate service provider V k Providing local alternative models and corresponding prices by different strategies of the digital asset, and recording the key response information into the digital asset by adopting HLF chain codes as key response information;
the QoS calculation module 34 is configured to detect, when the maximum effective time is reached, the number of candidate service providers that receive the response using HLF chain codes, and if the number reaches the requirement, calculate QoS of all candidate service providers that participate in the response, and store the QoS calculation result in the digital asset;
an agreement signing module 35 for the service requester u to determine a service provider from the digital asset and to sign a collaboration agreement with the service provider;
the model training module 36 is configured to perform federal training according to a collaboration protocol, obtain a trained intrusion detection model of the internet of vehicles, and issue benefits to each service provider according to the collaboration protocol;
the intrusion detection module 37 is configured to perform intrusion detection by using a trained intrusion detection model of the internet of vehicles when receiving real-time communication data of the internet of vehicles.
Optionally, the protocol signing module 35 comprises:
the QoS calculation unit is used for requesting the service requester u to give a discrimination result label and a category classification label by the HLF chain code; the HLF chain code calculates QoS of each service provider according to the test result, the discrimination result label, the category classification label and the service provider response model, wherein the QoS comprises at least one of accuracy, recall rate, false alarm rate and F1-Score;
and the collaboration agreement signing unit is used for selecting service providers from the candidate service providers according to QoS of each candidate service provider and signing collaboration agreements with the service providers.
Optionally, the collaboration protocol signing unit comprises:
a quantization subunit, configured to weight and normalize each QoS attribute of the service provider to obtain a single value corresponding to the QoS attribute, as a reference value;
a cooperation strategy determination subunit for achieving task w based on the reference value and the preset benefit function i Calculating the benefits of the federal training cooperation strategy;
and the agreement signing subunit is used for determining the service provider according to the federal training collaboration policy and generating a collaboration agreement, and signing the collaboration agreement with the service provider.
Optionally, model training module 36 includes:
a first receiving unit for generating a sample training set by a local generator for a service requester u, aiming at a first task w 1, The HLF chain code forwards the sample training set to a service provider, and acquires corresponding discrimination feedback;
a second receiving unit for aiming at a second task w 2 And third task w 3 HLF chain code request service providerSending the latest classifier and the latest discriminator;
and the cooperative training unit is used for executing cooperative training on the service requester u by the HLF chain code when the information received by the HLF chain code accords with the preset condition, and recording key information in the cooperative training process into the digital asset.
The specific limitation of the internet of vehicles intrusion detection device can be referred to the limitation of the internet of vehicles intrusion detection method hereinabove, and will not be described herein. All or part of the modules in the internet of vehicles intrusion detection device can be realized by software, hardware and a combination thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In order to solve the technical problems, the embodiment of the application also provides computer equipment. Referring specifically to fig. 4, fig. 4 is a basic structural block diagram of a computer device according to the present embodiment.
The computer device 4 comprises a memory 41, a processor 42, a network interface 43 communicatively connected to each other via a system bus. It is noted that only a computer device 4 having a component connection memory 41, a processor 42, a network interface 43 is shown in the figures, but it is understood that not all of the illustrated components are required to be implemented and that more or fewer components may be implemented instead. It will be appreciated by those skilled in the art that the computer device herein is a device capable of automatically performing numerical calculations and/or information processing in accordance with predetermined or stored instructions, the hardware of which includes, but is not limited to, microprocessors, application specific integrated circuits (Application Specific Integrated Circuit, ASICs), programmable gate arrays (fields-Programmable Gate Array, FPGAs), digital processors (Digital Signal Processor, DSPs), embedded devices, etc.
The computer equipment can be a desktop computer, a notebook computer, a palm computer, a cloud server and other computing equipment. The computer equipment can perform man-machine interaction with a user through a keyboard, a mouse, a remote controller, a touch pad or voice control equipment and the like.
The memory 41 includes at least one type of readable storage medium including flash memory, a hard disk, a multimedia card, a card type memory (e.g., SD or D interface display memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a programmable read-only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, etc. In some embodiments, the storage 41 may be an internal storage unit of the computer device 4, such as a hard disk or a memory of the computer device 4. In other embodiments, the memory 41 may also be an external storage device of the computer device 4, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash Card (Flash Card) or the like, which are provided on the computer device 4. Of course, the memory 41 may also comprise both an internal memory unit of the computer device 4 and an external memory device. In this embodiment, the memory 41 is typically used for storing an operating system and various application software installed on the computer device 4, such as program codes for controlling electronic files, etc. Further, the memory 41 may be used to temporarily store various types of data that have been output or are to be output.
The processor 42 may be a central processing unit (Central Processing Unit, CPU), controller, microcontroller, microprocessor, or other data processing chip in some embodiments. The processor 42 is typically used to control the overall operation of the computer device 4. In this embodiment, the processor 42 is configured to execute a program code stored in the memory 41 or process data, such as a program code for executing control of an electronic file.
The network interface 43 may comprise a wireless network interface or a wired network interface, which network interface 43 is typically used for establishing a communication connection between the computer device 4 and other electronic devices.
The present application also provides another embodiment, namely, a computer readable storage medium, where an interface display program is stored, where the interface display program is executable by at least one processor, so that the at least one processor performs the steps of the internet of vehicles intrusion detection method as described above.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk), comprising several instructions for causing a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the method described in the embodiments of the present application.
It is apparent that the embodiments described above are only some embodiments of the present application, but not all embodiments, the preferred embodiments of the present application are given in the drawings, but not limiting the patent scope of the present application. This application may be embodied in many different forms, but rather, embodiments are provided in order to provide a more thorough understanding of the present disclosure. Although the present application has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments described in the foregoing, or equivalents may be substituted for elements thereof. All equivalent structures made by the specification and the drawings of the application are directly or indirectly applied to other related technical fields, and are also within the protection scope of the application.
Claims (10)
1. The Internet of vehicles intrusion detection platform is characterized by comprising alliance chain nodes, service providers and service requesters, wherein the alliance chain nodes comprise Peer nodes and Orderer nodes, the Orderer nodes are used for providing consensus services, different Peer nodes are interconnected and intercommunicated through channels to form a distributed billing network, the service requesters separate the working flows of different service providers into different channels, each channel comprises HLF chain codes corresponding to the channels, and the chain codes initialize and manage the state of a billing book of the distributed billing network through transaction data.
2. The internet of vehicles intrusion detection platform of claim 1, wherein the Peer nodes are configured to submit transaction data to the Orderer nodes and, upon receiving ordered sequences of blocks generated by the Orderer nodes, each Peer node independently adds the ordered sequences of blocks to a billing book of a respective distributed billing network in the same manner.
3. A method for detecting intrusion of internet of vehicles, which is applied to the platform for detecting intrusion of internet of vehicles according to claim 1 or 2, comprising:
the service requester u decomposes the federal training task trained by the Internet of vehicles intrusion detection model into a first task w 1 Second task w 2 And third task w 3 Wherein the first task w 1 For serving the global training task of generator G in requester u, the second task w 2 A third task w, which is a global training task serving the arbiter D in the requester u 3 A global training task for the classifier C in the service requester u;
for task w i The service requester u puts forward a collaboration request by calling an HLF chain code, and when the HLF chain code is called, the Internet of vehicles intrusion detection platform is adopted to construct a digital asset, wherein the digital asset is used for recording a task w i And generating a maximum effective time of the collaboration request, wherein i=1, 2,3;
candidate service provider V within the maximum effective time range k Invoking HLF chain code to read collaboration request and based on candidate service provider V k Providing a local alternative model and corresponding price according to different strategies of the digital asset, and recording the key response information into the digital asset by adopting HLF chain codes as key response information;
when the maximum effective time is reached, detecting the number of candidate service providers receiving the response by using HLF chain codes, if the number reaches the requirement, calculating QoS of all candidate service providers participating in the response, and storing QoS calculation results in the digital asset;
the service requester u determines a service provider according to the digital asset and signs a collaboration agreement with the service provider;
performing federal training according to the collaboration protocol to obtain a trained Internet of vehicles intrusion detection model, and issuing benefits to each service provider according to the collaboration protocol;
and when receiving real-time communication data of the Internet of vehicles, adopting the trained Internet of vehicles intrusion detection model to perform intrusion detection.
4. The internet of vehicles intrusion detection method according to claim 3, wherein the service requester u determines a service provider from the digital asset and performs a signed collaboration agreement with the service provider comprising:
The HLF chain code requests the service requester u to give a discrimination result label and a category classification label; the HLF chain code calculates QoS of each service provider according to the test result, the discrimination result label, the category classification label and the service provider response model, wherein the QoS comprises at least one of accuracy, recall rate, false alarm rate and F1-Score;
and selecting service providers from the candidate service providers according to QoS of each candidate service provider, and signing a collaboration agreement with the service providers.
5. The internet of vehicles intrusion detection method according to claim 4, wherein the selecting a service provider from among the candidate service providers according to QoS of each of the candidate service providers and performing a signed collaboration agreement with the service provider comprises:
weighting and normalizing each QoS attribute of the service provider to obtain a single value corresponding to the QoS attribute as a reference value;
based on the reference value and a preset benefit function, the task w is achieved i Calculating the benefits of the federal training cooperation strategy;
and determining a service provider according to the federal training cooperation strategy, generating a cooperation protocol, and signing the cooperation protocol with the service provider.
6. The internet of vehicles intrusion detection method of claim 3, wherein performing federal training according to a collaboration protocol to obtain a trained internet of vehicles intrusion detection model comprises:
the service requester u generates a sample training set by a local generator for a first task w 1 The HLF chain code forwards the sample training set to a service provider and acquires corresponding discrimination feedback;
for the second task w 2 And third task w 3 The HLF chain code requests the service provider to send the latest classifier and arbiter;
when the information received by the HLF chain code accords with the preset condition, the HLF chain code performs collaborative training on the service requester u, and key information in the collaborative training process is recorded in the digital asset.
7. The internet of vehicles intrusion detection method of claim 3, wherein the internet of vehicles intrusion detection method further comprises: during execution of collaboration training by the HLF chain code, if any service provider performance-substandard messages are detected, an update function is invoked, signing collaboration agreements between service requester u and the service provider.
8. An internet of vehicles intrusion detection device, comprising:
the task decomposition module is used for decomposing a federal training task trained by the Internet of vehicles intrusion detection model into a first task w by the service requester u 1 Second task w 2 And third task w 3 Wherein the first task w 1 For the full generator G in service requester uOffice training task, the second task w 2 A third task w, which is a global training task serving the arbiter D in the requester u 3 A global training task for the classifier C in the service requester u;
an assistance request module for the task w i The service requester u puts forward a collaboration request by calling an HLF chain code, and when the HLF chain code is called, the Internet of vehicles intrusion detection platform is adopted to construct a digital asset, wherein the digital asset is used for recording a task w i And generating a maximum effective time of the collaboration request, wherein i=1, 2,3;
a collaboration response collection module for candidate service providers V within a maximum effective time range k Invoking HLF chain code to read collaboration request and based on candidate service provider V k Providing a local alternative model and corresponding price according to different strategies of the digital asset, and recording the key response information into the digital asset by adopting HLF chain codes as key response information;
the QoS calculation module is used for detecting the number of the candidate service providers receiving the response by using the HLF chain code when the maximum effective time is reached, if the number reaches the requirement, calculating the QoS of all the candidate service providers participating in the response, and storing the QoS calculation result into the digital asset;
The protocol signing module is used for determining a service provider according to the digital asset by the service requester u and signing a collaboration protocol with the service provider;
the model training module is used for performing federal training according to the collaboration protocol to obtain a trained Internet of vehicles intrusion detection model, and issuing benefits to each service provider according to the collaboration protocol;
and the intrusion detection module is used for performing intrusion detection by adopting the trained Internet of vehicles intrusion detection model when the Internet of vehicles real-time communication data are received.
9. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, wherein the processor, when executing the computer program, implements the internet of vehicles intrusion detection method according to any one of claims 3 to 7.
10. A computer readable storage medium storing a computer program, wherein the computer program when executed by a processor implements the internet of vehicles intrusion detection method according to any one of claims 3 to 7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211734093.1A CN116055150B (en) | 2022-12-22 | 2022-12-22 | Internet of vehicles intrusion detection platform, method and related equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211734093.1A CN116055150B (en) | 2022-12-22 | 2022-12-22 | Internet of vehicles intrusion detection platform, method and related equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN116055150A true CN116055150A (en) | 2023-05-02 |
CN116055150B CN116055150B (en) | 2023-10-27 |
Family
ID=86128899
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211734093.1A Active CN116055150B (en) | 2022-12-22 | 2022-12-22 | Internet of vehicles intrusion detection platform, method and related equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116055150B (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10778705B1 (en) * | 2019-04-05 | 2020-09-15 | Hoseo University Academic Cooperation Foundation | Deep-learning-based intrusion detection method, system and computer program for web applications |
WO2021008017A1 (en) * | 2019-07-17 | 2021-01-21 | 深圳前海微众银行股份有限公司 | Federation learning method, system, terminal device and storage medium |
CN112770291A (en) * | 2021-01-14 | 2021-05-07 | 华东师范大学 | Distributed intrusion detection method and system based on federal learning and trust evaluation |
CN113794675A (en) * | 2021-07-14 | 2021-12-14 | 中国人民解放军战略支援部队信息工程大学 | Distributed Internet of things intrusion detection method and system based on block chain and federal learning |
CN114548222A (en) * | 2022-01-18 | 2022-05-27 | 电子科技大学长三角研究院(湖州) | Distributed Internet of things intrusion detection method and system |
-
2022
- 2022-12-22 CN CN202211734093.1A patent/CN116055150B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10778705B1 (en) * | 2019-04-05 | 2020-09-15 | Hoseo University Academic Cooperation Foundation | Deep-learning-based intrusion detection method, system and computer program for web applications |
WO2021008017A1 (en) * | 2019-07-17 | 2021-01-21 | 深圳前海微众银行股份有限公司 | Federation learning method, system, terminal device and storage medium |
CN112770291A (en) * | 2021-01-14 | 2021-05-07 | 华东师范大学 | Distributed intrusion detection method and system based on federal learning and trust evaluation |
CN113794675A (en) * | 2021-07-14 | 2021-12-14 | 中国人民解放军战略支援部队信息工程大学 | Distributed Internet of things intrusion detection method and system based on block chain and federal learning |
CN114548222A (en) * | 2022-01-18 | 2022-05-27 | 电子科技大学长三角研究院(湖州) | Distributed Internet of things intrusion detection method and system |
Non-Patent Citations (1)
Title |
---|
梁俊威: "入侵检测系统在车联网中的应用研究", 《中国优秀硕士学位论文全文数据库工程科技Ⅱ辑》 * |
Also Published As
Publication number | Publication date |
---|---|
CN116055150B (en) | 2023-10-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Hahn et al. | Security and privacy issues in intelligent transportation systems: Classification and challenges | |
Qi et al. | Privacy-preserving blockchain-based federated learning for traffic flow prediction | |
Kamel et al. | Simulation framework for misbehavior detection in vehicular networks | |
CN110838065B (en) | Transaction data processing method and device | |
Lin et al. | Internet of things intrusion detection model and algorithm based on cloud computing and multi-feature extraction extreme learning machine | |
Sun et al. | RC-chain: Reputation-based crowdsourcing blockchain for vehicular networks | |
Buzachis et al. | A multi-agent autonomous intersection management (MA-AIM) system for smart cities leveraging edge-of-things and Blockchain | |
Limbasiya et al. | A systematic survey of attack detection and prevention in connected and autonomous vehicles | |
Kim et al. | Toward integrated virtual emotion system with AI applicability for secure CPS-enabled smart cities: AI-based research challenges and security issues | |
Wang et al. | TrafficChain: A blockchain-based secure and privacy-preserving traffic map | |
Billah et al. | A systematic literature review on blockchain enabled federated learning framework for internet of vehicles | |
CN112104609B (en) | Method for verifiable privacy-aware truth discovery in mobile crowd-sourcing awareness systems | |
CN113111359A (en) | Big data resource sharing method and resource sharing system based on information security | |
CN114579957A (en) | Credible sandbox-based federated learning model training method and device and electronic equipment | |
Abououf et al. | How artificial intelligence and mobile crowd sourcing are inextricably intertwined | |
Hasan et al. | Towards a threat model and privacy analysis for V2P in 5G networks | |
Sarkar et al. | Cloud enabled Blockchain-based secured communication in mutual intelligent transportation using neural synchronization | |
Yi et al. | CCUBI: A cross‐chain based premium competition scheme with privacy preservation for usage‐based insurance | |
CN112132576B (en) | Payment information processing method based on block chain communication and block chain information platform | |
CN111800546B (en) | Method, device and system for constructing recognition model and recognizing and electronic equipment | |
CN116055150B (en) | Internet of vehicles intrusion detection platform, method and related equipment | |
Agate et al. | Reliable Reputation-Based Event Detection in V2V Networks | |
Cheng et al. | Protecting VNF services with smart online behavior anomaly detection method | |
Do Nascimento et al. | Decentralized Federated Learning for Intrusion Detection in IoT-based Systems: A Review | |
Huang et al. | A comprehensive intrusion detection method for the internet of vehicles based on federated learning architecture |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |