CN117424755B - Data processing method and system for Internet of things equipment - Google Patents

Data processing method and system for Internet of things equipment Download PDF

Info

Publication number
CN117424755B
CN117424755B CN202311735169.7A CN202311735169A CN117424755B CN 117424755 B CN117424755 B CN 117424755B CN 202311735169 A CN202311735169 A CN 202311735169A CN 117424755 B CN117424755 B CN 117424755B
Authority
CN
China
Prior art keywords
control instruction
target
things equipment
behavior
internet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202311735169.7A
Other languages
Chinese (zh)
Other versions
CN117424755A (en
Inventor
林俊廷
林成杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hongcheng Industry Shenzhen Co ltd
Original Assignee
Hongcheng Industry Shenzhen Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hongcheng Industry Shenzhen Co ltd filed Critical Hongcheng Industry Shenzhen Co ltd
Priority to CN202311735169.7A priority Critical patent/CN117424755B/en
Publication of CN117424755A publication Critical patent/CN117424755A/en
Application granted granted Critical
Publication of CN117424755B publication Critical patent/CN117424755B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/082Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention is applicable to the technical field of data processing of Internet of things equipment, and provides a data processing method and a data processing system of Internet of things equipment, wherein behavior log information of the target Internet of things equipment is called after a target control instruction for controlling the target Internet of things equipment is received, and a behavior rule table is generated according to the behavior log information; judging whether the target control instruction has abnormal possibility or not according to the behavior rule table; if the abnormal possibility exists in the target control instruction, generating abnormal behavior information, and sending the abnormal behavior information to the terminal of the holder of the target Internet of things equipment. Whether the real-time control instruction for controlling the target internet of things equipment possibly has abnormality can be intelligently analyzed according to the historical behaviors of the target internet of things equipment, and after the abnormality is determined, the validity of the real-time control instruction can be ensured through re-verification with the holder of the target internet of things equipment, so that the safety degree of the data processing method of the internet of things equipment on data is improved.

Description

Data processing method and system for Internet of things equipment
Technical Field
The invention belongs to the technical field of data processing of Internet of things equipment, and particularly relates to a data processing method and system of Internet of things equipment.
Background
With the continuous development of technology, the technology of the internet of things plays an increasingly important role in our life.
The application of the internet of things technology involves a large amount of data transmission and storage, so that the problem of data security is also an important consideration. In the practical application process of the internet of things technology, we find that when the internet of things equipment receives the illegal control instruction, the occurrence time of the illegal control instruction is often different from the practical running time of the internet of things equipment, but in the prior art, the illegal control instruction cannot be screened out according to the unusual occurrence time of the control instruction for controlling the internet of things equipment, so that the safety protection degree of data transmission is not high.
Disclosure of Invention
The invention aims to provide a data processing method and system for Internet of things equipment, and aims to solve the problems in the background technology.
The invention is realized in such a way that the data processing method of the equipment of the Internet of things comprises the following steps:
After receiving a target control instruction for controlling target internet of things equipment, calling behavior log information of the target internet of things equipment, and generating a behavior rule table according to the behavior log information;
judging whether the target control instruction has abnormal possibility or not according to the behavior rule table;
If the abnormal possibility exists in the target control instruction, generating abnormal behavior information, and sending the abnormal behavior information to a terminal of a holder of the target Internet of things equipment;
And acquiring feedback information from the terminal of the holder of the target Internet of things equipment, and judging whether to continuously send the target control instruction to the target Internet of things equipment.
As a further limitation of the technical solution of the embodiment of the present invention, after receiving a target control instruction for controlling a target internet of things device, the step of retrieving behavior log information of the target internet of things device and generating a behavior rule table according to the behavior log information includes:
after receiving a target control instruction for controlling target internet of things equipment, calling behavior log information of the target internet of things equipment;
Interpreting behavior log information of the target Internet of things equipment, obtaining all historical behaviors which are the same as or highly similar to the target control instruction, and simultaneously recording the historical occurrence moments of the historical behaviors;
And generating a behavior rule table according to all the historical behaviors and the historical occurrence time corresponding to each historical behavior.
By further limiting the technical scheme of the embodiment of the invention, if the historical behavior identical or highly similar to the target control instruction cannot be found in the behavior log information of the target internet of things equipment, the target control instruction is directly judged to have the possibility of abnormality.
As a further limitation of the technical solution of the embodiment of the present invention, the step of determining whether the target control instruction has an abnormality according to the behavior rule table includes:
When a target control instruction for controlling target internet of things equipment is received, recording the real-time occurrence time of the target control instruction;
analyzing whether a historical occurrence moment which is the same as or similar to the real-time occurrence moment exists in the behavior rule table;
if the historical occurrence time which is the same as or similar to the real-time occurrence time exists in the behavior rule table, judging that the target control instruction is not abnormal;
If the historical occurrence time which is the same as or similar to the real-time occurrence time does not exist in the behavior rule table, judging that the target control instruction is abnormal.
As a further limitation of the technical solution of the embodiment of the present invention, the step of generating abnormal behavior information and sending the abnormal behavior information to the terminal of the holder of the target internet of things device if it is determined that the target control command is possible to be abnormal includes:
if the target control instruction is judged to have abnormal possibility, password verification information and abnormal behavior information are generated;
firstly, the password verification information is sent to a terminal of a holder of target internet of things equipment;
judging whether the password verification information passes or not;
And when the password verification information is judged to pass, the abnormal behavior information is sent to the terminal of the holder of the target Internet of things equipment.
And when the password verification information is judged not to pass, refusing to send the abnormal behavior information to the terminal of the holder of the target internet of things equipment.
As a further limitation of the technical solution of the embodiment of the present invention, the step of obtaining feedback information from the holder terminal of the target internet of things device and determining whether to continue sending the target control instruction to the target internet of things device includes:
acquiring feedback information from a terminal of a holder of the target Internet of things equipment;
Analyzing the feedback information and judging whether the target control instruction is authorized;
When the target control instruction is authorized, the target control instruction is sent to target Internet of things equipment;
and when the target control instruction is not authorized, refusing to send the target control instruction to the target internet of things equipment.
An internet of things device data processing system, the system comprising: the system comprises a behavior rule table generating unit, a target control instruction judging unit, an abnormal behavior information generating unit and a feedback information analyzing unit, wherein:
the behavior rule table generation unit is used for calling the behavior log information of the target internet of things equipment after receiving the target control instruction for controlling the target internet of things equipment, and generating a behavior rule table according to the behavior log information;
the target control instruction judging unit is used for judging whether the target control instruction has abnormal possibility or not according to the behavior rule table;
The abnormal behavior information generation unit is used for generating abnormal behavior information and sending the abnormal behavior information to the terminal of the holder of the target internet of things equipment if the abnormal possibility exists in the target control instruction;
And the feedback information analysis unit is used for acquiring feedback information from the terminal of the holder of the target Internet of things equipment and judging whether to continuously send the target control instruction to the target Internet of things equipment.
As a further limitation of the technical solution of the embodiment of the present invention, the behavior rule table generating unit specifically includes:
The behavior log information retrieving module is used for retrieving behavior log information of the target internet of things equipment after receiving a target control instruction for controlling the target internet of things equipment;
the behavior log information interpretation module is used for interpreting the behavior log information of the target internet of things equipment, obtaining all the historical behaviors which are the same as or highly similar to the target control instruction, and recording the historical occurrence moments of the historical behaviors at the same time;
The behavior rule table generation module is used for generating a behavior rule table according to all the historical behaviors and the historical occurrence time corresponding to each historical behavior.
As a further limitation of the technical solution of the embodiment of the present invention, the target control instruction determining unit specifically includes:
the real-time occurrence time recording module is used for recording the real-time occurrence time of the target control instruction when the target control instruction for controlling the target internet of things equipment is received;
The behavior rule table analysis module is used for analyzing whether the historical occurrence time which is the same as or similar to the real-time occurrence time exists in the behavior rule table;
The first target control instruction judging module is used for judging that the target control instruction is not abnormal if the historical occurrence time which is the same as or similar to the real-time occurrence time exists in the behavior rule table;
and the second target control instruction judging module is used for judging that the target control instruction is abnormal if the historical occurrence time which is the same as or similar to the real-time occurrence time does not exist in the behavior rule table.
As a further limitation of the technical solution of the embodiment of the present invention, the abnormal behavior information generating unit specifically includes:
the information generation module is used for generating password verification information and abnormal behavior information if the target control instruction is judged to have abnormal possibility;
The password verification information sending module is used for sending the password verification information to the terminal of the holder of the target internet of things equipment;
the password verification information judging module is used for judging whether the password verification information passes or not;
And the abnormal behavior information sending module is used for sending the abnormal behavior information to the terminal of the holder of the target internet of things equipment when the password verification information is judged to pass.
And the target control instruction refusal sending module is used for refusing to send the abnormal behavior information to the terminal of the holder of the target internet of things equipment when the password verification information is judged not to pass.
Compared with the prior art, the method and the device have the advantages that after the target control instruction for controlling the target internet of things equipment is received, the behavior log information of the target internet of things equipment is called, and the behavior rule table is generated according to the behavior log information; judging whether the target control instruction has abnormal possibility or not according to the behavior rule table; if the abnormal possibility exists in the target control instruction, generating abnormal behavior information, and sending the abnormal behavior information to a terminal of a holder of the target Internet of things equipment; and acquiring feedback information from the terminal of the holder of the target Internet of things equipment, and judging whether to continuously send the target control instruction to the target Internet of things equipment. Whether the real-time control instruction for controlling the target internet of things equipment possibly has abnormality can be intelligently analyzed according to the historical behaviors of the target internet of things equipment, and after the abnormality is determined, the validity of the real-time control instruction can be ensured through re-verification with the holder of the target internet of things equipment, so that the safety degree of the data processing method of the internet of things equipment on data is improved.
Drawings
FIG. 1 is a flow chart of a method provided by an embodiment of the present invention;
FIG. 2 is a flowchart of generating a behavior rule table in the method according to the embodiment of the present invention;
FIG. 3 is a flowchart of a method for determining whether an abnormality exists in a target control command according to an embodiment of the present invention;
FIG. 4 is a flowchart of a method for generating anomalous behavior information according to an embodiment of the invention;
Fig. 5 is a flowchart of determining whether to continue sending a target control instruction to a target internet of things device in the method provided by the embodiment of the present invention;
FIG. 6 is an application architecture diagram of a system provided by an embodiment of the present invention;
fig. 7 is a block diagram of a behavior rule table generating unit in the system according to the embodiment of the present invention;
FIG. 8 is a block diagram of a target control instruction judging unit in the system according to the embodiment of the present invention;
fig. 9 is a block diagram of a system abnormal behavior information generating unit according to an embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
Fig. 1 shows a flowchart of a method provided by an embodiment of the present invention.
Specifically, a data processing method for an internet of things device, the method specifically includes the following steps:
Step S100, after receiving a target control instruction for controlling a target Internet of things device, calling behavior log information of the target Internet of things device, and generating a behavior rule table according to the behavior log information.
In the embodiment of the invention, the target internet of things equipment can be furniture internet of things equipment such as an intelligent door lock and an intelligent camera, and also can be industrial internet of things equipment such as an industrial robot and an intelligent sensor, the internet of things equipment and a background processing cloud are interconnected through a wireless network, when the background processing cloud receives a target control instruction which is sent to the target internet of things equipment and controls the target internet of things equipment from any intelligent equipment, abnormal auditing operation is carried out on the target control instruction, and the auditing operation aims to find out illegal control instructions which are used for controlling the target internet of things equipment and are not issued by an internet of things equipment holder and prevent the illegal control instructions from being sent to the internet of things equipment, so that privacy and benefit loss of the holder of the internet of things equipment are avoided.
Specifically, fig. 2 shows a flowchart of generating a behavior rule table.
After receiving a target control instruction for controlling a target internet of things device, retrieving behavior log information of the target internet of things device, and generating a behavior rule table according to the behavior log information, wherein the behavior rule table specifically comprises the following steps:
Step S101, after receiving a target control instruction for controlling target Internet of things equipment, calling behavior log information of the target Internet of things equipment;
Step S102, interpreting behavior log information of the target Internet of things equipment, obtaining all historical behaviors which are the same as or highly similar to the target control instruction, and simultaneously recording the historical occurrence moments of the historical behaviors;
Step S103, generating a behavior rule table according to all the historical behaviors and the historical occurrence time corresponding to each historical behavior.
In the embodiment of the invention, a background processing cloud establishes a data model, the data model stores behavior log information of target internet of things equipment, the behavior log information refers to all instructions received by the target internet of things equipment and all corresponding behavior actions made by the target internet of things equipment, after the background processing cloud receives a target control instruction for controlling the target internet of things equipment, the behavior log information of the target internet of things equipment stored in the data model is called, then the background processing cloud reads the behavior log information of the target internet of things equipment, all the historical behaviors which are the same as or highly similar to the target control instruction are picked out, and meanwhile, the historical occurrence moments of the historical behaviors are recorded, then a behavior rule table is generated according to all the historical behaviors and the historical occurrence moments corresponding to the historical behaviors, when the historical behaviors which are the same as or highly similar to the target control instruction are judged, whether the target control instruction and the historical behaviors belong to similar categories or not is mainly judged, for example, the target internet of things equipment is an intelligent camera, the target control instruction is a 'master bedroom', and all the behaviors of the 'master viewing chamber' are the same as the target control instruction, for example, the historical control instruction is highly similar to the historical behavior of the target control instruction;
It can be understood that in the behavior rule table, the time unit of the history occurrence time corresponding to the history behavior only includes hours, minutes and seconds, for example, the target internet of things device is an intelligent camera, the behavior log information of the intelligent camera includes a history behavior of 'checking a master bedroom', the history occurrence time of the history behavior is 2023, 1 month, 1 day, 14 hours and 01 minutes, and when the history behavior and the history occurrence time are compiled into the behavior rule table, it should be recorded that: "view master bedroom", history occurrence time: 14 hours 01 minutes.
Further, the data processing method of the internet of things device further comprises the following steps:
step S200, judging whether the target control instruction has abnormal possibility according to the behavior rule table.
Specifically, fig. 3 shows a flowchart for determining whether there is an abnormality in the target control instruction.
The method for judging whether the target control instruction has abnormality or not according to the behavior rule table comprises the following steps:
Step S201, when a target control instruction for controlling target Internet of things equipment is received, recording the real-time occurrence time of the target control instruction;
step S202, analyzing whether a history occurrence time identical or similar to the real-time occurrence time exists in the behavior rule table;
step S203, if the history occurrence time which is the same as or similar to the real-time occurrence time exists in the behavior rule table, judging that the target control instruction is not abnormal;
In step S204, if the historical occurrence time identical to or similar to the real-time occurrence time does not exist in the behavior rule table, it is determined that the target control instruction is likely to be abnormal, and if the historical behavior identical to or highly similar to the target control instruction is not found in the behavior log information of the target internet of things device, it is directly determined that the target control instruction is likely to be abnormal.
In the embodiment of the invention, after all the historical behaviors which are the same as or highly similar to the target control instruction and the historical occurrence moments corresponding to all the historical behaviors are all compiled into a behavior rule table, whether the real-time occurrence moments of the target control instruction are reasonable or not can be analyzed through the behavior rule table, for example, the target internet of things equipment is an intelligent door lock, after receiving a target control instruction for controlling unlocking of the intelligent door lock, a background processing cloud records the real-time occurrence moments of the target control instruction, generates a behavior rule table according to the target control instruction of unlocking, then a background processing cloud analyzes whether the historical occurrence moments which are the same as or similar to the real-time occurrence moments exist in the behavior rule table, if the real-time occurrence moments of unlocking are 10 minutes in the early morning, the background processing cloud searches whether the historical occurrence moments which are the same as or similar to the real-time occurrence moments 2 hours 10, if the historical occurrence moments are not, a terminal of a holder of the target internet of things equipment or other intelligent terminals authorized by the target internet of things equipment never make the target control instruction in the time period, and the background processing cloud processing the real-time control instruction is not reasonable, and the abnormal object control instruction can exist after the real-time control instruction is judged;
It can be understood that in the step of analyzing whether the history occurrence time is the same as or similar to the real-time occurrence time in the behavior rule table, the time difference between the "similar history occurrence time" and the real-time occurrence time can be manually adjusted, for example, the holder of the target internet of things device can set the time difference to 10 minutes, and then the time difference is within 10 minutes before and after the real-time occurrence time, which belongs to the history occurrence time similar to the real-time occurrence time.
Further, the data processing method of the internet of things device further comprises the following steps:
and step S300, if the target control instruction is judged to have abnormal possibility, generating abnormal behavior information and sending the abnormal behavior information to the terminal of the holder of the target Internet of things equipment.
In particular, FIG. 4 shows a flow chart for generating anomalous behavior information.
If it is determined that the target control instruction is abnormal, generating abnormal behavior information, and sending the abnormal behavior information to the target internet of things equipment holder terminal specifically includes the following steps:
Step S301, if it is determined that the target control command is abnormal, generating password verification information and abnormal behavior information;
step S302, firstly, password verification information is sent to a terminal of a holder of target Internet of things equipment;
Step S303, judging whether the password verification information is passed or not;
Step S304, when the password verification information is judged to pass, abnormal behavior information is sent to a terminal of a holder of the target Internet of things equipment;
step S305, when it is determined that the password authentication information does not pass, refusing to transmit the abnormal behavior information to the target internet of things device holder terminal.
In the embodiment of the invention, after the background processing cloud determines that the target control instruction is abnormal, password verification information and abnormal behavior information are generated at the same time, but it is noted that the background processing cloud should firstly send the password verification information to a target internet of things equipment holder terminal or other intelligent terminals authorized by the target internet of things equipment, then judge whether users of the target internet of things equipment holder terminal or other intelligent terminals authorized by the target internet of things equipment input a correct verification password, if the correct verification password is not received, or if verification feedback is not received within a preset time, then judge that the password verification information is not passed, then the background processing cloud directly refuses to send the target control instruction to the target internet of things equipment continuously, and generate alarm information to be sent to the target internet of things equipment holder terminal or other intelligent terminals authorized by the target internet of things equipment;
The method comprises the steps that when an illegal person uses a terminal of a holder of the target internet of things equipment or other intelligent terminals authorized by the target internet of things equipment to conduct illegal operation, the conducting of the situation can be stopped in a password verification mode, and therefore the operation safety of the internet of things equipment can be ensured to a greater extent.
Further, the data processing method of the internet of things device further comprises the following steps:
Step S400, obtaining feedback information from the terminal of the holder of the target Internet of things equipment, and judging whether to continue to send the target control instruction to the target Internet of things equipment.
Specifically, fig. 5 shows a flowchart for determining whether to continue to send the target control instruction to the target internet of things device.
The method for acquiring the feedback information from the terminal of the holder of the target Internet of things equipment and judging whether to continuously send the target control instruction to the target Internet of things equipment specifically comprises the following steps:
Step S401, obtaining feedback information from a terminal of a holder of the target Internet of things equipment;
Step S402, analyzing feedback information, judging whether a target control instruction is authorized;
Step S403, when the target control instruction is authorized, the target control instruction is sent to the target Internet of things equipment;
Step S404, when the target control instruction is not authorized, the target control instruction is refused to be sent to the target Internet of things equipment.
In the embodiment of the invention, after password verification information is passed, the background processing cloud continues to send abnormal behavior information to a target internet of things equipment holder terminal or other intelligent terminals authorized by the target internet of things equipment, then a legal holder of the target internet of things equipment holder terminal or other intelligent terminals authorized by the target internet of things equipment feeds back the abnormal behavior information and generates feedback information, the target internet of things equipment holder terminal or other intelligent terminals authorized by the target internet of things equipment send the feedback information to the background processing cloud, after the background processing cloud receives the feedback information, the feedback information is analyzed to judge whether a target control instruction is authorized, when the target control instruction is authorized, the target control instruction is sent to the target internet of things equipment, and when the target control instruction is not authorized, the target control instruction is refused to be sent to the target internet of things equipment.
Through the technical scheme, whether the real-time control instruction for controlling the target Internet of things equipment possibly has abnormality can be intelligently analyzed according to the historical behaviors of the target Internet of things equipment, and after the abnormality is determined, the validity of the real-time control instruction can be ensured through re-verification with the holder of the target Internet of things equipment, so that the safety of the data processing method of the Internet of things equipment on data is improved.
Further, fig. 6 shows an application architecture diagram of the system provided by the embodiment of the present invention.
In another preferred embodiment of the present invention, an internet of things device data processing system includes:
The behavior rule table generating unit 100 is configured to, after receiving a target control instruction for controlling a target internet of things device, invoke behavior log information of the target internet of things device, and generate a behavior rule table according to the behavior log information.
Specifically, fig. 7 shows a block diagram of the behavior rule table generating unit 100 in the system according to the embodiment of the present invention.
In a preferred embodiment of the present invention, the behavior rule table generating unit 100 specifically includes:
The behavior log information retrieving module 101 is configured to retrieve behavior log information of a target internet of things device after receiving a target control instruction for controlling the target internet of things device;
the behavior log information interpretation module 102 is configured to interpret behavior log information of a target internet of things device, obtain all historical behaviors that are the same as or highly similar to a target control instruction, and record the historical occurrence moments of the historical behaviors at the same time;
The behavior rule table generating module 103 is configured to generate a behavior rule table according to all the historical behaviors and the historical occurrence time corresponding to each historical behavior.
In the embodiment of the invention, the target internet of things equipment can be furniture internet of things equipment such as an intelligent door lock and an intelligent camera, and also can be industrial internet of things equipment such as an industrial robot and an intelligent sensor, the internet of things equipment and a background processing cloud are interconnected through a wireless network, when the background processing cloud receives a target control instruction which is sent to the target internet of things equipment and controls the target internet of things equipment from any intelligent equipment, abnormal auditing operation is carried out on the target control instruction, and the auditing operation aims to find out illegal control instructions which are used for controlling the target internet of things equipment and are not issued by an internet of things equipment holder and prevent the illegal control instructions from being sent to the internet of things equipment, so that privacy and benefit loss of the holder of the internet of things equipment are avoided;
The background processing cloud establishes a data model, the data model stores behavior log information of target internet of things equipment, the behavior log information refers to all instructions received by the target internet of things equipment and all behavior actions made correspondingly, after the background processing cloud receives a target control instruction for controlling the target internet of things equipment, the behavior log information retrieving module 101 retrieves the behavior log information of the target internet of things equipment stored in the data model, then the behavior log information reading module 102 reads the behavior log information of the target internet of things equipment, all the historical behaviors which are the same as or highly similar to the target control instruction are picked out, and simultaneously records the historical occurrence moments of the historical behaviors, then the behavior rule table generating module 103 generates a behavior rule table according to all the historical behaviors and the historical occurrence moments corresponding to the historical behaviors, and when the historical behaviors which are the same as or highly similar to the target control instruction are judged, whether the target control instruction and the historical behaviors belong to similar categories, for example, the target internet of things equipment is an intelligent head, and the target control instruction is a 'viewing main room', and all the 'main room' is the same as the historical camera shooting command, and the historical camera shooting command is similar to the historical camera shooting command;
It can be understood that in the behavior rule table, the time unit of the history occurrence time corresponding to the history behavior only includes hours, minutes and seconds, for example, the target internet of things device is an intelligent camera, the behavior log information of the intelligent camera includes a history behavior of 'checking a master bedroom', the history occurrence time of the history behavior is 2023, 1 month, 1 day, 14 hours and 01 minutes, and when the history behavior and the history occurrence time are compiled into the behavior rule table, it should be recorded that: "view master bedroom", history occurrence time: 14 hours 01 minutes.
Further, the data processing system of the internet of things device further comprises:
The target control instruction judging unit 200 is configured to judge whether the target control instruction is abnormal according to the behavior rule table.
Specifically, fig. 8 shows a block diagram of the structure of the target control instruction determining unit 200 in the system according to the embodiment of the present invention.
In a preferred embodiment of the present invention, the target control instruction determining unit 200 specifically includes:
The real-time occurrence time recording module 201 is configured to record a real-time occurrence time of a target control instruction when the target control instruction for controlling the target internet of things device is received;
The behavior rule table analysis module 202 is configured to analyze whether a history occurrence time identical to or similar to the real-time occurrence time exists in the behavior rule table;
the first target control instruction determining module 203 is configured to determine that the target control instruction is unlikely to be abnormal if there is a history occurrence time that is the same as or similar to the real-time occurrence time in the behavior rule table;
The second target control instruction determining module 204 is configured to determine that the target control instruction is likely to be abnormal if there is no historical occurrence time that is the same as or similar to the real-time occurrence time in the behavior rule table, and directly determine that the target control instruction is likely to be abnormal if no historical behavior that is the same as or highly similar to the target control instruction is found in the behavior log information of the target internet of things device.
In the embodiment of the invention, after all the historical behaviors which are the same as or highly similar to the target control instruction and the historical occurrence moments corresponding to all the historical behaviors are all compiled into a behavior rule table, whether the real-time occurrence moments of the target control instruction are reasonable or not can be analyzed through the behavior rule table, for example, the target internet of things equipment is an intelligent door lock, after receiving a target control instruction for controlling unlocking of the intelligent door lock, a real-time occurrence moment recording module 201 records the real-time occurrence moments of the target control instruction and generates a behavior rule table according to the target control instruction of unlocking, then a behavior rule table analysis module 202 analyzes whether the historical occurrence moments which are the same as or similar to the real-time occurrence moments exist in the behavior rule table, if the real-time occurrence moments of unlocking are 10 minutes in the morning, the behavior rule table analysis module 202 searches whether the historical occurrence moments which are the same as or similar to the real-time occurrence moments of 10 hours in the real-time occurrence moments 2, if no target internet of things equipment holder terminal or other intelligent terminal authorized by the target internet of things equipment has been never performed in the time period, and if the real-time occurrence moment of the target control instruction is not performed by the cloud end, and the corresponding real-time occurrence moment of the target control instruction cannot be reasonably judged;
It can be understood that in the step of analyzing whether the history occurrence time is the same as or similar to the real-time occurrence time in the behavior rule table, the time difference between the "similar history occurrence time" and the real-time occurrence time can be manually adjusted, for example, the holder of the target internet of things device can set the time difference to 10 minutes, and then the time difference is within 10 minutes before and after the real-time occurrence time, which belongs to the history occurrence time similar to the real-time occurrence time.
Further, the data processing system of the internet of things device further comprises:
An abnormal behavior information generating unit 300, configured to generate abnormal behavior information and send the abnormal behavior information to the target internet of things device holder terminal if it is determined that the target control instruction is likely to be abnormal;
the feedback information analysis unit 400 is configured to obtain feedback information from the terminal of the holder of the target internet of things device, and determine whether to continue sending the target control instruction to the target internet of things device.
Specifically, fig. 9 shows a block diagram of the structure of the abnormal behavior information generating unit 300 in the system according to the embodiment of the present invention.
In a preferred embodiment of the present invention, the abnormal behavior information generating unit 300 specifically includes:
the information generating module 301 is configured to generate password authentication information and abnormal behavior information if it is determined that the target control instruction is likely to be abnormal;
the password verification information sending module 302 is configured to send the password verification information to a terminal of a holder of the target internet of things device;
a password authentication information judging module 303, configured to judge whether the password authentication information is passed;
and the abnormal behavior information sending module 304 is configured to send the abnormal behavior information to the target internet of things device holder terminal when it is determined that the password authentication information passes.
The target control instruction refusal sending module 305 is configured to refuse to send the abnormal behavior information to the target internet of things device holder terminal when it is determined that the password authentication information is not passed.
In the embodiment of the present invention, after the target control instruction judging unit 200 determines that there is a possibility of abnormality in the target control instruction, the information generating module 301 generates password verification information and abnormal behavior information at the same time, but it should be noted that the password verification information transmitting module 302 should transmit the password verification information to the target internet of things device holder terminal or other intelligent terminals authorized by the target internet of things device first, then the password verification information judging module 303 judges whether the user of the target internet of things device holder terminal or other intelligent terminals authorized by the target internet of things device inputs a correct verification password, if the password verification information judging module 303 does not receive the correct verification password or does not receive verification feedback within a preset time, it is determined that the password verification information is not passed, at this time, the target control instruction rejecting transmitting module 305 directly rejects the target control instruction to be transmitted to the target internet of things device, and generates alarm information to be transmitted to the target internet of things device holder terminal or other intelligent terminals authorized by the target internet of things device;
the method comprises the steps that when an illegal person uses a terminal of a holder of the target internet of things equipment or other intelligent terminals authorized by the target internet of things equipment to perform illegal operation, the performance of the situation can be stopped in a password verification mode, and the operation safety of the internet of things equipment can be further ensured to a greater extent;
After the password verification information is passed, the abnormal behavior information sending module 304 continues to send the abnormal behavior information to the target internet of things device holder terminal or other intelligent terminals authorized by the target internet of things device, then the legal holder of the target internet of things device holder terminal or other intelligent terminals authorized by the target internet of things device feeds back the abnormal behavior information and generates feedback information, the target internet of things device holder terminal or other intelligent terminals authorized by the target internet of things device sends the feedback information to the background processing cloud, after the background processing cloud receives the feedback information, the feedback information is analyzed, whether the target control instruction is authorized or not is judged, when the target control instruction is authorized, the target control instruction is sent to the target internet of things device, and when the target control instruction is not authorized, the target control instruction refusing sending module 305 refuses to send the target control instruction to the target internet of things device.
It should be understood that, although the steps in the flowcharts of the embodiments of the present invention are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in various embodiments may include multiple sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, nor do the order in which the sub-steps or stages are performed necessarily performed in sequence, but may be performed alternately or alternately with at least a portion of the sub-steps or stages of other steps or other steps.
Those skilled in the art will appreciate that all or part of the processes in the methods of the above embodiments may be implemented by a computer program for instructing relevant hardware, where the program may be stored in a non-volatile computer readable storage medium, and where the program, when executed, may include processes in the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in embodiments provided herein may include non-volatile and/or volatile memory. The nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data Rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous link (SYNCHLINK) DRAM (SLDRAM), memory bus (rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), among others.
The technical features of the above-described embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above-described embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The foregoing examples illustrate only a few embodiments of the invention and are described in detail herein without thereby limiting the scope of the invention. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the invention, which are all within the scope of the invention. Accordingly, the scope of protection of the present invention is to be determined by the appended claims.
The foregoing description of the preferred embodiments of the invention is not intended to be limiting, but rather is intended to cover all modifications, equivalents, and alternatives falling within the spirit and principles of the invention.

Claims (3)

1. The data processing method for the Internet of things equipment is characterized by comprising the following steps of:
After receiving a target control instruction for controlling target internet of things equipment, calling behavior log information of the target internet of things equipment, and generating a behavior rule table according to the behavior log information;
judging whether the target control instruction has abnormal possibility or not according to the behavior rule table;
If the abnormal possibility exists in the target control instruction, generating abnormal behavior information, and sending the abnormal behavior information to a terminal of a holder of the target Internet of things equipment;
acquiring feedback information from a terminal of a holder of the target Internet of things equipment, and judging whether to continuously send a target control instruction to the target Internet of things equipment;
after receiving a target control instruction for controlling a target internet of things device, the steps of calling the behavior log information of the target internet of things device and generating a behavior rule table according to the behavior log information include:
after receiving a target control instruction for controlling target internet of things equipment, calling behavior log information of the target internet of things equipment;
Interpreting behavior log information of the target Internet of things equipment, obtaining all historical behaviors which are the same as or highly similar to the target control instruction, and simultaneously recording the historical occurrence moments of the historical behaviors;
Generating a behavior rule table according to all the historical behaviors and the historical occurrence time corresponding to each historical behavior;
if the historical behavior identical or highly similar to the target control instruction cannot be found in the behavior log information of the target Internet of things equipment, directly judging that the target control instruction is abnormal;
The step of judging whether the target control instruction has abnormality possibility according to the behavior rule table comprises the following steps:
When a target control instruction for controlling target internet of things equipment is received, recording the real-time occurrence time of the target control instruction;
analyzing whether a historical occurrence moment which is the same as or similar to the real-time occurrence moment exists in the behavior rule table;
if the historical occurrence time which is the same as or similar to the real-time occurrence time exists in the behavior rule table, judging that the target control instruction is not abnormal;
If the historical occurrence time which is the same as or similar to the real-time occurrence time does not exist in the behavior rule table, judging that the target control instruction is abnormal;
In the step of analyzing whether the history occurrence time which is the same as or similar to the real-time occurrence time exists in the behavior rule table, the time difference between the 'similar history occurrence time' and the real-time occurrence time can be adjusted, and the target internet of things equipment holder can set the time difference to 10 minutes, so that the history occurrence time which is similar to the real-time occurrence time is included within 10 minutes before and after the real-time occurrence time;
The step of generating abnormal behavior information and transmitting the abnormal behavior information to the terminal of the holder of the target internet of things equipment if the target control instruction is judged to have abnormal possibility comprises the following steps:
if the target control instruction is judged to have abnormal possibility, password verification information and abnormal behavior information are generated;
firstly, the password verification information is sent to a terminal of a holder of target internet of things equipment;
judging whether the password verification information passes or not;
When the password verification information is judged to pass, the abnormal behavior information is sent to a terminal of a holder of the target Internet of things device;
When the password verification information is judged to be failed, the abnormal behavior information is refused to be sent to the terminal of the holder of the target internet of things equipment, alarm information is generated and sent to the terminal of the holder of the target internet of things equipment or other intelligent terminals authorized by the target internet of things equipment;
When an illegal person uses a terminal of a holder of the target internet of things device or other intelligent terminals authorized by the target internet of things device to perform illegal operation, the illegal operation can be stopped in a password verification mode.
2. The method for processing data of an internet of things device according to claim 1, wherein the step of acquiring feedback information from a holder terminal of the target internet of things device and determining whether to continue to send the target control instruction to the target internet of things device comprises:
acquiring feedback information from a terminal of a holder of the target Internet of things equipment;
Analyzing the feedback information and judging whether the target control instruction is authorized;
When the target control instruction is authorized, the target control instruction is sent to target Internet of things equipment;
and when the target control instruction is not authorized, refusing to send the target control instruction to the target internet of things equipment.
3. An internet of things device data processing system, the system comprising: the system comprises a behavior rule table generating unit, a target control instruction judging unit, an abnormal behavior information generating unit and a feedback information analyzing unit, wherein:
the behavior rule table generation unit is used for calling the behavior log information of the target internet of things equipment after receiving the target control instruction for controlling the target internet of things equipment, and generating a behavior rule table according to the behavior log information;
the target control instruction judging unit is used for judging whether the target control instruction has abnormal possibility or not according to the behavior rule table;
The abnormal behavior information generation unit is used for generating abnormal behavior information and sending the abnormal behavior information to the terminal of the holder of the target internet of things equipment if the abnormal possibility exists in the target control instruction;
The feedback information analysis unit is used for acquiring feedback information from the terminal of the holder of the target Internet of things equipment and judging whether to continuously send the target control instruction to the target Internet of things equipment;
The behavior rule table generation unit specifically includes:
The behavior log information retrieving module is used for retrieving behavior log information of the target internet of things equipment after receiving a target control instruction for controlling the target internet of things equipment;
the behavior log information interpretation module is used for interpreting the behavior log information of the target internet of things equipment, obtaining all the historical behaviors which are the same as or highly similar to the target control instruction, and recording the historical occurrence moments of the historical behaviors at the same time;
The behavior rule table generation module is used for generating a behavior rule table according to all the historical behaviors and the historical occurrence time corresponding to each historical behavior;
the target control instruction judging unit specifically includes:
the real-time occurrence time recording module is used for recording the real-time occurrence time of the target control instruction when the target control instruction for controlling the target internet of things equipment is received;
The behavior rule table analysis module is used for analyzing whether the historical occurrence time which is the same as or similar to the real-time occurrence time exists in the behavior rule table;
The first target control instruction judging module is used for judging that the target control instruction is not abnormal if the historical occurrence time which is the same as or similar to the real-time occurrence time exists in the behavior rule table;
the second target control instruction judging module is used for judging that the target control instruction is abnormal if the historical occurrence time which is the same as or similar to the real-time occurrence time does not exist in the behavior rule table;
In the step of analyzing whether the history occurrence time which is the same as or similar to the real-time occurrence time exists in the behavior rule table, the time difference between the 'similar history occurrence time' and the real-time occurrence time can be adjusted, and the target internet of things equipment holder can set the time difference to 10 minutes, so that the history occurrence time which is similar to the real-time occurrence time is included within 10 minutes before and after the real-time occurrence time;
The abnormal behavior information generation unit specifically includes:
the information generation module is used for generating password verification information and abnormal behavior information if the target control instruction is judged to have abnormal possibility;
The password verification information sending module is used for sending the password verification information to the terminal of the holder of the target internet of things equipment;
the password verification information judging module is used for judging whether the password verification information passes or not;
The abnormal behavior information sending module is used for sending the abnormal behavior information to the terminal of the holder of the target internet of things equipment when the password verification information is judged to pass;
The target control instruction refusing sending module is used for refusing to send the abnormal behavior information to the terminal of the holder of the target internet of things equipment when the password verification information is judged not to pass;
When the password verification information is judged to be failed, the abnormal behavior information is refused to be sent to the terminal of the holder of the target internet of things equipment, alarm information is generated and sent to the terminal of the holder of the target internet of things equipment or other intelligent terminals authorized by the target internet of things equipment;
When an illegal person uses a terminal of a holder of the target internet of things device or other intelligent terminals authorized by the target internet of things device to perform illegal operation, the illegal operation can be stopped in a password verification mode.
CN202311735169.7A 2023-12-18 2023-12-18 Data processing method and system for Internet of things equipment Active CN117424755B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311735169.7A CN117424755B (en) 2023-12-18 2023-12-18 Data processing method and system for Internet of things equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311735169.7A CN117424755B (en) 2023-12-18 2023-12-18 Data processing method and system for Internet of things equipment

Publications (2)

Publication Number Publication Date
CN117424755A CN117424755A (en) 2024-01-19
CN117424755B true CN117424755B (en) 2024-04-19

Family

ID=89528723

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311735169.7A Active CN117424755B (en) 2023-12-18 2023-12-18 Data processing method and system for Internet of things equipment

Country Status (1)

Country Link
CN (1) CN117424755B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114978870A (en) * 2022-07-29 2022-08-30 深圳市天翊瑞霖智能科技有限公司 Hardware equipment running state monitoring system based on intelligent gateway
CN115793481A (en) * 2022-11-02 2023-03-14 深圳绿米联创科技有限公司 Device control method, device, electronic device and storage medium
CN116383753A (en) * 2023-05-26 2023-07-04 深圳市博昌智控科技有限公司 Abnormal behavior prompting method, device, equipment and medium based on Internet of things
CN116980186A (en) * 2023-07-03 2023-10-31 中国联合网络通信集团有限公司 Abnormality determination method and device, electronic equipment and storage medium
CN117009832A (en) * 2022-09-23 2023-11-07 腾讯科技(深圳)有限公司 Abnormal command detection method and device, electronic equipment and storage medium
CN117201568A (en) * 2023-11-07 2023-12-08 长沙市橙电科技有限公司 Vehicle remote control method, device, system, computer equipment and storage medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10298604B2 (en) * 2016-09-05 2019-05-21 Cisco Technology, Inc. Smart home security system
CN111899381A (en) * 2020-07-13 2020-11-06 珠海格力电器股份有限公司 Unlocking verification method and device, door lock, door lock system and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114978870A (en) * 2022-07-29 2022-08-30 深圳市天翊瑞霖智能科技有限公司 Hardware equipment running state monitoring system based on intelligent gateway
CN117009832A (en) * 2022-09-23 2023-11-07 腾讯科技(深圳)有限公司 Abnormal command detection method and device, electronic equipment and storage medium
CN115793481A (en) * 2022-11-02 2023-03-14 深圳绿米联创科技有限公司 Device control method, device, electronic device and storage medium
CN116383753A (en) * 2023-05-26 2023-07-04 深圳市博昌智控科技有限公司 Abnormal behavior prompting method, device, equipment and medium based on Internet of things
CN116980186A (en) * 2023-07-03 2023-10-31 中国联合网络通信集团有限公司 Abnormality determination method and device, electronic equipment and storage medium
CN117201568A (en) * 2023-11-07 2023-12-08 长沙市橙电科技有限公司 Vehicle remote control method, device, system, computer equipment and storage medium

Also Published As

Publication number Publication date
CN117424755A (en) 2024-01-19

Similar Documents

Publication Publication Date Title
CN109767534B (en) Access control access method, system, management terminal and access control terminal based on block chain
CN1811635A (en) Centrally managed proxy-based security for legacy automation systems
CN111327601B (en) Abnormal data response method, system, device, computer equipment and storage medium
CN110490594A (en) Business data processing method, device, computer equipment and storage medium
CN110491008A (en) A kind of community-based managing caller side and system, storage medium
CN109829640A (en) Recognition methods, device, computer equipment and the storage medium of enterprise's default risk
CN114584382B (en) Security management method and system for wireless data transmission
CN108366132B (en) Method and device for managing service between servers, computer equipment and storage medium
CN117424755B (en) Data processing method and system for Internet of things equipment
CN112104671B (en) Interface authorization monitoring method and device, computer equipment and storage medium
CN115208616B (en) Internet of things safety monitoring method and system based on double engines
CN115694844B (en) Internet of things terminal communication method and system based on cloud platform
CN114978744B (en) Block chain-based security information transmission method and system
CN115102731A (en) Safety interaction method based on identity authentication of industrial Internet of things equipment
CN112734993B (en) Communication system and method for anti-theft lock
CN113301300A (en) Building intelligent monitoring system and method based on Internet
CN114238041A (en) Alarm method, alarm device, electronic equipment and storage medium
CN114244566A (en) Illegal external connection detection method and device based on IP address and computer equipment
CN110866210A (en) Log control method, device and equipment for browser user
CN113076531A (en) Identity authentication method and device, computer equipment and storage medium
CN116881882B (en) Intelligent risk control system based on big data
WO2016147177A1 (en) System and method for managing identity information stored in a cloud server
CN115664865B (en) Verification data transmission method, system, computer equipment and storage medium
CN114615030B (en) Identity authentication method and system based on industrial Internet platform
CN115001856B (en) Network security portrait and attack prediction method based on data processing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant