CN117439810A - Honey network node deployment method, system and storable medium for electric power Internet of things - Google Patents

Honey network node deployment method, system and storable medium for electric power Internet of things Download PDF

Info

Publication number
CN117439810A
CN117439810A CN202311587708.7A CN202311587708A CN117439810A CN 117439810 A CN117439810 A CN 117439810A CN 202311587708 A CN202311587708 A CN 202311587708A CN 117439810 A CN117439810 A CN 117439810A
Authority
CN
China
Prior art keywords
deployed
node
trap
deployment
nodes
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311587708.7A
Other languages
Chinese (zh)
Inventor
谢善益
占聪聪
周刚
李兴旺
范颖
杨强
徐思尧
李妍
陈扬
张凯
张子瑛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Power Grid Co Ltd
Electric Power Research Institute of Guangdong Power Grid Co Ltd
Original Assignee
Guangdong Power Grid Co Ltd
Electric Power Research Institute of Guangdong Power Grid Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Power Grid Co Ltd, Electric Power Research Institute of Guangdong Power Grid Co Ltd filed Critical Guangdong Power Grid Co Ltd
Priority to CN202311587708.7A priority Critical patent/CN117439810A/en
Publication of CN117439810A publication Critical patent/CN117439810A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1491Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a honey network node deployment method, a honey network node deployment system and a storage medium for the electric power internet of things, which comprise the following steps: acquiring a plurality of isolated scenes in a honey network and a plurality of first trapping nodes in each scene, sequentially acquiring initial first communication cost of the first trapping nodes in each scene, and acquiring initial first matching degree of the first trapping nodes deployed to first physical equipment; performing iterative computation on all scenes, traversing each scene in turn, calculating deployment probability of the first trap node deployed to the first physical equipment according to the expected degree and the first matching degree, and deploying the first trap node according to the deployment probability until a plurality of trap nodes in each scene are deployed and all scenes are traversed; when the iteration round number is larger than the iteration threshold, taking the minimum communication cost as a first deployment optimal solution, and deploying the trapping nodes of the electric power Internet of things according to the first deployment optimal solution; the communication cost of the honey network node of the electric power internet of things can be reduced.

Description

Honey network node deployment method, system and storable medium for electric power Internet of things
Technical Field
The invention relates to the technical field of power grid safety, in particular to a honey network node deployment method, a honey network node deployment system and a storable medium for the electric power internet of things.
Background
At present, a key infrastructure has become an important target of network attack, and the electric power internet of things is used as the key infrastructure for supporting the digital development of the electric power industry, so that the safe and stable operation of the electric power internet of things is very important. The intelligent terminal in the electric power Internet of things realizes accurate data acquisition and is a key foundation of the electric power Internet of things. The accuracy of the data acquisition of the terminal equipment is a key for guaranteeing the stable operation of the power system. But the electric power internet of things terminal has large number and variety of terminal equipment, and most of the terminals are deployed in an unmanned supervision area, so that the terminals are limited in computing, storage and communication capabilities, weak in safety protection capability and easy to attack. In order to twist the passive defense condition, honey pot nodes are deployed at the electric power internet of things terminal to trap an attacker, so that the attacker can timely find out the attack and block the attack.
Due to personalized scene resource requirements in honeypot trapping, the realization is currently based on a virtualization technology. To construct a realistic trapping environment, trapping is performed in units of scenes in a honeynet, and the scenes are isolated from each other and are not communicated. Because the data of the terminal equipment of the electric power Internet of things is huge, the trapping node equipment deployed at the terminal is small-sized resource-limited equipment. To deploy all types of trapping honeypots on such devices, resource limitations of the devices need to be considered.
In the prior art, the honey network is generally deployed in a server based on a virtualization technology, and is difficult to be applied in a multi-terminal environment such as an electric power internet of things distributed in various places. Meanwhile, under the condition that the trapping nodes are numerous, all trapping terminal equipment needs to be miniaturized, resources are limited, the trapping terminal equipment is not suitable for deploying large-scale honeypots, attack traffic needs to be led to a central control node, and at the moment, due to the limitation of communication bandwidth of the Internet of things, the deployment mode needs to be optimized to reduce communication cost as much as possible. Therefore, how to deploy various trap nodes under limited resource constraint in the electric power internet of things, and simultaneously reducing the communication cost of the trap nodes and the control nodes of the honey network is a difficult problem.
Disclosure of Invention
The invention provides a honey network node deployment method, a honey network node deployment system and a honey network node deployment storage medium for an electric power Internet of things, which can reduce the communication cost of the honey network node of the electric power Internet of things.
In a first aspect, the present invention provides a method for deploying nodes of a honey network facing to an electric power internet of things, including:
acquiring a plurality of isolated scenes in a honey network and a plurality of first trapping nodes in each scene, sequentially acquiring first communication cost of the first trapping nodes in each scene, and acquiring first matching degree of the first trapping nodes deployed to the initial of idle first physical equipment;
Performing iterative computation on all scenes, traversing each scene in turn, calculating the deployment probability of the first trap node deployed to the first physical equipment according to the first matching degree, and deploying the first trap node according to the deployment probability until a plurality of trap nodes in each scene are deployed and all scenes are traversed;
after traversing all scenes, updating the first matching degree according to the deployed second communication cost, and carrying out next round of iterative computation according to the obtained second matching degree until the number of iterative rounds is larger than an iterative threshold;
when the iteration round number is larger than the iteration threshold, the optimal solution is deployed by taking the minimum communication cost as a first deployment optimal solution, and the trap nodes of the electric power Internet of things are deployed according to the first deployment optimal solution.
According to the method, each scene is traversed in sequence, iteration is carried out after all scenes are traversed, the global optimal solution of the trap nodes deployed on the physical equipment in the honey network after each iteration can be obtained, and the deployment scheme of multiple scenes can be suitable for a multi-terminal environment distributed by the electric power Internet of things, so that the method has higher applicability; and after iteration, the optimal solution is deployed at the minimum communication cost, so that the communication cost of the honey network node of the electric power internet of things can be reduced, the optimal global optimal solution is further obtained, the deployment decision of the trapping nodes in the honey network is further optimized, the trapping nodes are deployed according to the deployment optimal solution, and an attacker can be trapped quickly, and the attacker can be found out and blocked in time.
Further, after the initial first communication cost of the first trap node in each scene is acquired in turn, the method further includes:
and acquiring the initial expected degree of the first trap node expected to be deployed to the first physical equipment according to the number of second trap nodes in the scene corresponding deployed set and the first communication cost, so that the deployment probability is calculated according to the expected degree and the first matching degree.
Further, according to the number of second trap nodes in the deployed set corresponding to the scenario and the first communication cost, the initial expected degree of the first trap node expected to be deployed to the first physical device is obtained, specifically:
and acquiring the number of second trap nodes in the deployed set in the scene, acquiring the sum of first communication costs of the first trap nodes and a plurality of second trap nodes when the first trap nodes are deployed to the first physical equipment, and taking the ratio of the number of the second trap nodes to the sum as the expected degree of deployment of the trap nodes to the physical equipment.
Further, the calculating, according to the first matching degree, a deployment probability of the first trap node to be deployed to a first physical device includes:
Acquiring a demand response indicated value of a first trapping node according to a first total amount of resources of a first physical device in an idle physical device set, a second total amount of resources of a second physical device in an occupied physical device set and a request amount of the first trapping node for the resources;
and acquiring the probability of the first trap node deployed to the first physical device according to the initial expected degree of the first trap node expected to be deployed to the first physical device, the first matching degree and the first resource total amount, and taking the product of the probability and the demand response indicated value as deployment probability.
According to the method, the first resource total amount of the first physical equipment in the idle physical equipment set and the second resource total amount of the second physical equipment in the occupied physical equipment set are adopted, and the trap nodes can be deployed according to the deployment probability under the limited resource constraint, so that the optimal solution can be conveniently deployed with the minimum communication cost after iteration, and the communication cost of the honey network nodes of the electric power Internet of things is reduced.
Further, the obtaining the demand response indication value of the first trap node includes:
acquiring a third total resource amount after responding to the request amount, and when the third total resource amount is not smaller than a first resource threshold value, responding to the demand as a first preset value; otherwise, the demand response is a second preset value.
Further, the sequentially obtaining the initial first communication cost of the first trapping node in each scene includes:
sequentially acquiring a first communication matrix of communication between first trapping nodes in each scene, acquiring a first communication time matrix among a plurality of first physical devices, and acquiring a first communication cost of each scene according to the first communication matrix and the first communication time matrix.
Further, the updating the first matching degree according to the deployed second communication cost includes:
when the first trap node is deployed on the first physical device, the initial first matching degree is updated by taking the ratio of the preset first constant and the minimum third communication cost in the scene as a matching degree increment, and the next round of iterative computation is performed according to the obtained second matching degree.
Still further, after the deploying the first trap node with the deployment probability, further comprising:
updating the deployed set according to the first trapping node, and updating the idle physical device set according to the first physical device;
so that the next third trap node in the scenario uses the updated deployed set and the updated set of free physical devices.
In a second aspect, the present invention provides a honey network node deployment system facing to an electric power internet of things, including:
the initial module is used for acquiring a plurality of isolated scenes in the honey network and a plurality of first trapping nodes in each scene, sequentially acquiring first communication cost of the first trapping nodes in each scene, and acquiring first matching degree of the first trapping nodes deployed to idle first physical equipment;
the traversing module is used for carrying out iterative computation on all scenes, traversing each scene in sequence, calculating the deployment probability of the first trapping node deployed to the first physical equipment according to the first matching degree, and deploying the first trapping node according to the deployment probability until a plurality of trapping nodes in each scene are deployed and all scenes are traversed;
the iteration module is used for updating the first matching degree according to the deployed second communication cost after traversing all scenes, and carrying out next round of iteration calculation according to the obtained second matching degree until the number of iteration rounds is larger than an iteration threshold value;
and the deployment module is used for deploying the trapping nodes of the electric power Internet of things by taking the minimum communication cost as a first deployment optimal solution when the iteration round number is larger than the iteration threshold value and according to the first deployment optimal solution.
In a third aspect, the present invention provides a computer-readable storage medium comprising: the computer readable storage medium includes a stored computer program; and when the computer program runs, controlling the equipment where the computer readable storage medium is located to execute the honey network node deployment method facing the electric power internet of things according to the first aspect.
Drawings
Fig. 1 is a flow diagram of a honey network node deployment method facing to an electric power internet of things, which is provided by the embodiment of the invention;
fig. 2 is a schematic diagram of a specific implementation flow of a honey network node deployment method facing to the electric power internet of things, which is provided by the embodiment of the invention;
fig. 3 is a flow chart of a honey network node deployment method facing to the electric power internet of things, which is provided by the embodiment of the invention;
fig. 4 is a schematic structural diagram of a honey network node deployment system facing the electric power internet of things provided by the embodiment of the invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
It is worth noting that the honeynet includes multiple scenes, and the scenes are isolated from each other and do not communicate, i.e. the trap nodes in the scenes do not communicate. The communication inside the honey network is communicated in a designed scene structure, namely in a certain scene, two nodes are designed to be communicated, so that the communication exists, and the design is not communicated, so that the communication does not exist. In the whole honey network, a central control node exists, each trapping node in each scene needs to communicate with the central control node, the acquired attack information is transmitted to the central control node, and the scheduling information sent by the central control node is received.
Then, the above multi-scenario honeynet deployment problem can be expressed as that a deployment scheme with the minimum communication cost meeting the requirement is screened out from all possible schemes of all honeynets deployed to the terminal equipment of the electric power internet of things. In order to select a globally optimal solution, the invention defines the degree of matching between the trap node to be deployed and the physical device. The higher the degree of matching, the greater the probability that the trap node will be deployed onto the physical device on behalf of the control node. When the search is carried out in the initial iteration, the matching degree is the same, after each iteration, the matching degree between the trapping nodes and the physical equipment in the optimal scheme is increased, the matching degree in other schemes is weakened, and finally more and more control nodes are gathered on the optimal deployment scheme through the positive feedback effect, so that the global optimal solution is screened out.
An embodiment, referring to fig. 1, is a flow chart of a honey network node deployment method for an electric power internet of things, which is provided by the embodiment of the invention, and includes steps S11 to S14, specifically:
step S11, a plurality of isolated scenes in a honey network and a plurality of first trapping nodes in each scene are obtained, initial first communication cost of the first trapping nodes in each scene is sequentially obtained, and initial first matching degree of the first trapping nodes deployed to idle first physical equipment is obtained.
The method for acquiring the initial first communication cost of the first trapping node in each scene sequentially comprises the following steps: sequentially acquiring a first communication matrix of communication between first trapping nodes in each scene, acquiring a first communication time matrix among a plurality of first physical devices, and acquiring a first communication cost of each scene according to the first communication matrix and the first communication time matrix.
It should be noted that, in the environment of electric power internet of things, the physical devices are devices already deployed in various places, and the communication time between the physical devices can be the communication time between the point-to-point transmission data acquisition, and the communication time is used as the communication distance or the communication cost between the two physical devices.
After the initial first communication cost of the first trap node in each scene is acquired in turn, the method further comprises: and acquiring the initial expected degree of the first trap node expected to be deployed to the first physical equipment according to the number of second trap nodes in the scene corresponding deployed set and the first communication cost, so that the deployment probability is calculated according to the expected degree and the first matching degree.
Specifically, the number of second trap nodes in the deployed set in the scene is obtained, when the first trap node is deployed to the first physical device, the sum of first communication costs of the first trap node and a plurality of second trap nodes is obtained, and the ratio of the number of the second trap nodes to the sum is used as the expected degree of the trap node deployment to the physical device.
It is worth to say that, before acquiring a plurality of isolated scenes in the honey network, a plurality of first trapping nodes in each scene, a first communication cost of each first trapping node in each scene and an initial expected degree of first trapping nodes expected to be deployed to first physical equipment, the scale, the topological structure, the types of trapping nodes to be processed and resources required by each trapping node of the honey network need to be determined; wherein the resources include: CPU, memory, and network, etc. Furthermore, an iteration threshold is set even before the iteration.
And step S12, performing iterative computation on all scenes, traversing each scene in turn, calculating the deployment probability of the first trap node deployed to the first physical equipment according to the first matching degree, and deploying the first trap node according to the deployment probability until a plurality of trap nodes in each scene are deployed and all scenes are traversed.
Wherein calculating a deployment probability of the first trap node to the first physical device according to the expected degree comprises: acquiring a demand response indicated value of a first trapping node according to a first total amount of resources of a first physical device in an idle physical device set, a second total amount of resources of a second physical device in an occupied physical device set and a request amount of the first trapping node for the resources; and acquiring the probability of the first trap node deployed to the first physical device according to the initial expected degree of the first trap node expected to be deployed to the first physical device, the first matching degree and the first resource total amount, and taking the product of the probability and the demand response indicated value as deployment probability.
According to the method, the first resource total amount of the first physical equipment in the idle physical equipment set and the second resource total amount of the second physical equipment in the occupied physical equipment set are adopted, and the trap nodes can be deployed according to the deployment probability under the limited resource constraint, so that the optimal solution can be conveniently deployed with the minimum communication cost after iteration, and the communication cost of the honey network nodes of the electric power Internet of things is reduced.
Obtaining a demand response indication value of the first trap node includes: acquiring a third total resource amount after responding to the request amount, and when the third total resource amount is not smaller than a first resource threshold value, responding to the demand as a first preset value; otherwise, the demand response is a second preset value.
As a preferred embodiment, the first resource threshold is 0.
As a preferred embodiment, the first preset value is 1.
As a preferred embodiment, the second preset value is 0.
After the deploying the first trap node with the deployment probability, further comprising: updating the deployed set according to the first trapping node, and updating the idle physical device set according to the first physical device; so that the next third trap node in the scenario uses the updated deployed set and the updated set of free physical devices.
And step S13, updating the first matching degree according to the deployed second communication cost after traversing all scenes, and carrying out next round of iterative computation according to the obtained second matching degree until the number of iterative rounds is larger than an iterative threshold.
The updating of the first matching degree according to the deployed second communication cost comprises the following steps: when the first trap node is deployed on the first physical device, the initial first matching degree is updated by taking the ratio of the preset first constant and the minimum third communication cost in the scene as a matching degree increment, and the next round of iterative computation is performed according to the obtained second matching degree.
As a preferred embodiment, when all scenes are traversed, completing one iteration, and for all traversed scenes, using the minimum communication cost as a second deployment optimal solution; and when the iteration round number is larger than the iteration threshold value, a plurality of second deployment optimal solutions corresponding to the iteration round number are obtained, and a first deployment optimal solution with the minimum communication cost is selected from the plurality of second deployment optimal solutions to serve as a final optimal solution.
It is worth to say that after each iteration is completed, the second deployment optimal solution of the minimum communication cost under the current iteration is calculated, and when all iterations are completed, the first deployment optimal solution with the minimum communication cost is selected again from a plurality of second deployment optimal solutions to serve as a final optimal solution, so that the global optimal solution is searched.
It should be noted that, when all scenes are traversed, one iteration is finished, and the remaining matching degree is processed. The method adopts a global updating strategy, and updates all matching degrees after each iteration is finished. The matching degree before is reduced in a certain proportion, and meanwhile, the matching degree corresponding to the optimal deployment scheme is enhanced, and the better the effect of the scheme is, the larger the increment is.
And step S14, when the iteration round number is larger than the iteration threshold, using the minimum communication cost as a first deployment optimal solution, and deploying the trapping nodes of the electric power Internet of things according to the first deployment optimal solution.
According to the method, each scene is traversed in sequence, iteration is carried out after all scenes are traversed, the global optimal solution of the trap nodes deployed on the physical equipment in the honey network after each iteration can be obtained, and the deployment scheme of multiple scenes can be suitable for a multi-terminal environment distributed by the electric power Internet of things, so that the method has higher applicability; and after iteration, the optimal solution is deployed at the minimum communication cost, so that the communication cost of the honey network node of the electric power internet of things can be reduced, the optimal global optimal solution is further obtained, the deployment decision of the trapping nodes in the honey network is further optimized, the trapping nodes are deployed according to the deployment optimal solution, and an attacker can be trapped quickly, and the attacker can be found out and blocked in time.
In a second embodiment, referring to fig. 2, a schematic diagram of a specific implementation flow of a honey network node deployment method for an electric power internet of things according to an embodiment of the present invention includes steps S21 to S24, specifically:
step S21, initializing a system. The size, topology, type of trap node to be processed, resources required by each trap node and iteration threshold of the honey network are determined.
The physical equipment set is S, the number of the physical equipment sets is m, the trapping nodes to be deployed are set U, the trapping nodes are n, and the scene number is v. A set of trap nodes in each scene: { c 1 ,c 2 ,…,c k ,…,c v }. The system sets up an n multiplied by n connectivity matrix CF= [ CF ] according to the constructed honey network topology structure i,j ] n×n ,cf i,j Representing whether there is communication between the mousetrap node i and the mousetrap node j. Obtaining an m x m communication time matrix T between physical devices i,j =[t i,j ] m×m Wherein t is i,j Representing the communication time between physical device i and physical device j. In the environment of electric power internet of things, the physical devices are devices already deployed in various places, and the communication time between the physical devices can be the communication time between the point-to-point transmission data acquisition, and the communication time is used as the communication distance (or communication cost) between the two physical devices. Initializing a matrix tau with the matching degree of n multiplied by m, wherein unified matrix elements are constant C, and matrix elements tau are i,j (0) Representing the degree of matching of the deployment of round 0 iteration mousing node i to physical device j. Setting the iteration threshold as I max I, I max The optimal solution of the secondary iteration is the global optimal solution.
Step S22, traversing the deployment schemes under each scene, namely searching the deployment schemes for all scenes. Firstly, randomly selecting a trapping node from a trapping node set U as a starting point, assuming that the number of the trapping node is i, calculating the probability of the trapping node i being deployed on each physical device according to a formula (2), and deploying the probability according to the probability And (5) completing deployment. Then create a deployed set tabu k ,tabu k The method only comprises the steps of initially including a starting point trap node i, adding the trap node into a deployed set after each deployment is completed, and avoiding repeated deployment.
As a preferred embodiment, the deployment probability can be expressed as:
wherein, allowed k (l) For the set of trap nodes to be deployed in the kth scene in the first search, allowed k (l)=c k -tabu kThe method comprises the steps that a physical machine set capable of accommodating a trap node i is provided, and the total amount of physical equipment resources of the set is not smaller than the required resources of the trap node deployed on the physical machine; τ i,j (l) For the first search, the matching degree of the node i deployed to the physical equipment j is trapped; alpha is a matching degree weighting coefficient; beta is a desired heuristic weighting coefficient; η (eta) i,j (l) As a heuristic function, represents the desired degree to which the mousing node i is assigned to the physical device j. X is x ij In the method, because the trap nodes are required to be deployed into corresponding physical devices, the resources of the physical devices are required to meet the requirements of the current nodes to be trapped. X is x ij And when the trapping node i deploys the physical device j, the current resource of the physical device j responds to the demand response indicated value of the trapping node i.
It should be noted that, the matching degree weighting coefficient represents the importance of the matching degree, and the heuristic weighting coefficient is expected to reflect the influence intensity of the deterministic factor in the searching process, the larger the value is, the higher the probability of selecting the local optimum at a certain local point is, the faster the algorithm converges, but the local optimum is easily trapped.
As a preferred embodiment, when the current resource of the physical device meets the requirement of the trap node, the requirement response indication value is 1, and if the current resource does not meet the requirement, the requirement response indication value is 0, and the requirement response indication value may be expressed as:
wherein,representing a physical device S j The total amount of first resources that the resource h is idle. />A second total amount of resources representing the occupancy of the resource h in the physical device. />Representing the amount of requests for resource h by mousetrap node i,to obtain a third total amount of resources in response to the request.
As a preferred embodiment, the invention aims at reducing communication cost and defines eta i,j To trap the sum of the reciprocal of the communication cost between node i and other connected nodes. This means η i,j The larger the trap node i is deployed to the physical device j, the better the effect is; i.e. eta i,j The larger the mousetrap node i is assigned to the physicalThe greater the probability of device j.
As a preferred embodiment, η i,j The calculation formula of (2) can be expressed as:
wherein r represents scene c to which virtual trap node i belongs k The number of mousetrap nodes that have been deployed,representing the communication costs required to communicate with other deployed nodes when the mousing node i is deployed to the physical device j.
And S23, updating the matching degree, and calculating an iterative deployment scheme for all scenes. After all scenes are searched, one round of searching is finished, and the rest matching degree is processed. The method adopts a global updating strategy, and updates all matching degrees after each iteration is finished. The matching degree before is reduced in a certain proportion, and meanwhile, the matching degree corresponding to the optimal deployment scheme is enhanced, and the better the effect of the scheme is, the larger the increment is.
As a preferred embodiment, the matching degree tau is changed by adopting an adaptive updating strategy i,j And (3) dynamically adjusting the matching degree of the value of (l+1), improving the global searching capability and avoiding sinking into a local optimal solution.
As a preferred embodiment, τ i,j The calculation of (l+1) can be expressed as:
wherein ρ is a matching degree volatilization coefficient, and 1- ρ is a matching degree residual coefficient;the number of stages for controlling the degree of matching; Δτ (l) is the match delta.
As a preferred embodiment of the present invention,c is a constant, q is the number of iteration rounds, < ->Is a function proportional to the number of iteration rounds.
As a preferred embodiment, the increment of the matching degree after the trap node i is deployed to the physical device j in the first search is related to the communication cost because the communication cost is considered.
As a preferred embodiment, the matching degree increment may be expressed as:
wherein Q is a constant, the intensity of the increment of the matching degree is controlled, P is the sum of communication cost under the scene, and tau max And the current maximum matching degree.
As a preferred embodiment, the sum of the communication costs can be expressed as:
wherein cf is i,j Representing whether there is communication between the trapping node i and the trapping node j, which is defined when constructed by the mesh; d, d i,j Representing the communication distance between the mousetrap node i and the mousetrap node j, which is obtained by the communication time between the physical devices deployed by the mousetrap node, the communication time between the respective physical devices can be obtained by command or instrument measurement at the time of system initialization.
And step S24, outputting the searched optimal solution to deploy according to the optimal solution. When the iteration round number exceeds I max Outputting the optimal solution after searching for the next time so as to deploy according to the optimal solution; that is, to minimize the communication cost of the honey network, the trap nodes in the honey network are partially configured according to the deployment schemeAnd (5) deployment.
According to the method, each scene is traversed in sequence, iteration is carried out after all scenes are traversed, the global optimal solution of the trap nodes deployed on the physical equipment in the honey network after each iteration can be obtained, and the deployment scheme of multiple scenes can be suitable for a multi-terminal environment distributed by the electric power Internet of things, so that the method has higher applicability; and after iteration, the optimal solution is deployed at the minimum communication cost, so that the communication cost of the honey network node of the electric power internet of things can be reduced, the optimal global optimal solution is further obtained, the deployment decision of the trapping nodes in the honey network is further optimized, the trapping nodes are deployed according to the deployment optimal solution, and an attacker can be trapped quickly, and the attacker can be found out and blocked in time.
In a third embodiment, referring to fig. 3, a flowchart of a method for deploying a honey network node for an electric power internet of things according to the embodiment of the present invention includes steps S301 to S316, specifically:
Input: trapping node sets U, the number of which is n; the total scene number is v; an idle physical device set S, the number of which is m; matching degree weighting coefficient alpha, expected heuristic weighting coefficient beta, iteration threshold I max Matching degree volatility coefficient rho, connected matrix CF= [ CF ] i,j ] n×n Communication time matrix T between physical devices i,j =[t i,j ] m×m
And (3) outputting: virtual machine deployment scheme F.
Step S301, obtaining initialization parameters; wherein, include: idle physical equipment set S, to-be-deployed trap node set U and iteration threshold I max Initial value τ (0) =c (C is a small constant); acquiring a total scene number v; the number of iteration rounds is initialized to 0.
Step S302, entering a present round of iteration, including: initializing the number of traversed scenes of the round of iteration to be 0; initializing the iteration round number I to be 1;
step S303, a deployed set is established for the scene traversed at this time.
Specifically, scene c k (k=1, 2, …, v) establishing a deployed set tabu k = { } set of trap nodes to be deployedAllowed is closed k (l)。
Step S304, searching the scene traversed at this time.
Step S305, randomly selecting the trapping nodes from the trapping node set to be deployed. In scene c k In the method, from the set of to-be-deployed trap nodes, allowed k (l) Is selected randomly for the trap node.
Step S306, the deployment probability of the trap node is obtained, and the deployment node is deployed on the physical equipment. When the trapping node i is deployed, an idle physical equipment set is obtained according to the resource requirement of the trapping node and the residual resources of each physical equipmentThen, the deployment probability of the trapping node i to the physical device j is calculated, and the trapping node i is deployed to the physical device j according to the deployment probability.
Step S307, updating the deployed set and the idle physical device set. The set of free physical devices is updated after deployment, including updating the remaining resources on physical device j. Updating the deployed set includes: adding the trap node i into the deployed set, and allocating from the set of trap nodes to be deployed k (l) Is removed.
Step S308, judging whether a set to be deployed is empty or not; if the set to be deployed is not empty, step S305 is performed. Scene c k After all the trapping nodes are processed, the residual resources of each physical device are reset, and updated idle physical devices are obtained, so that the updated idle physical devices are used for the next scene.
Step 309, if the set to be deployed is empty, resetting the deployed set and the idle physical device set.
Step S310, judging whether the number k of traversed scenes reaches the number v of scenes.
Step S311, if the number k of traversed scenes reaches the number v of scenes, accumulating 1 in the number k of traversed scenes: let k=k+1, and enter the next scene, and step S303 is entered.
Step S312, if the number of traversed scenes is not the number of scenes, calculating the optimal solution of the iteration of the round. Specifically, the communication cost of the scheme provided by the round is calculated, and compared to find out the solution with the minimum communication cost of the round.
Step S313, judging whether the iteration round number is not smaller than an iteration threshold. Specifically, it is determined whether the iteration round number I does not exceed I max
And step 314, if the number of iteration rounds is not smaller than the iteration threshold, calculating the optimal solution of the iteration round.
Step 315, if the number of iteration rounds is less than or equal to the iteration threshold, the matching degree is updated.
Step S316, accumulating the iteration round number I to 1: let i=i+1, go to the next iteration, and go to step S302.
In a fourth embodiment, referring to fig. 4, a schematic structural diagram of a honey network node deployment system facing the electric power internet of things provided in the embodiment of the present invention includes: an initial module 41, a traversal module 42, an iteration module 43, and a deployment module 44.
It should be noted that, the initialization module 41 is configured to initialize the deployment system and transmit the initialized value to the traversal module 42; the traversing module 42 sequentially performs deployment search on each scene according to the acquired initialized value, and transmits deployment results to the iteration module 43 after traversing all scenes; the iteration module 43 performs matching degree update according to the received deployment result, and performs iterative calculation according to the updated matching degree, so that an optimal solution after iteration is obtained and then transmitted to the deployment module 44; deployment module 44 deploys the mousing node upon receiving the optimal solution.
The initial module 41 is configured to obtain multiple isolated scenes in the honeynet and multiple first trapping nodes in each scene, sequentially obtain a first communication cost of the first trapping nodes in each scene, and obtain a first matching degree of the first trapping nodes deployed to an idle first physical device.
The method for acquiring the initial first communication cost of the first trapping node in each scene sequentially comprises the following steps: sequentially acquiring a first communication matrix of communication between first trapping nodes in each scene, acquiring a first communication time matrix among a plurality of first physical devices, and acquiring a first communication cost of each scene according to the first communication matrix and the first communication time matrix.
It should be noted that, in the environment of electric power internet of things, the physical devices are devices already deployed in various places, and the communication time between the physical devices can be the communication time between the point-to-point transmission data acquisition, and the communication time is used as the communication distance or the communication cost between the two physical devices.
After the initial first communication cost of the first trap node in each scene is acquired in turn, the method further comprises: and acquiring the initial expected degree of the first trap node expected to be deployed to the first physical equipment according to the number of second trap nodes in the scene corresponding deployed set and the first communication cost, so that the deployment probability is calculated according to the expected degree and the first matching degree.
Specifically, the number of second trap nodes in the deployed set in the scene is obtained, when the first trap node is deployed to the first physical device, the sum of first communication costs of the first trap node and a plurality of second trap nodes is obtained, and the ratio of the number of the second trap nodes to the sum is used as the expected degree of the trap node deployment to the physical device.
It is worth to say that, before acquiring a plurality of isolated scenes in the honey network, a plurality of first trapping nodes in each scene, a first communication cost of each first trapping node in each scene and an initial expected degree of first trapping nodes expected to be deployed to first physical equipment, the scale, the topological structure, the types of trapping nodes to be processed and resources required by each trapping node of the honey network need to be determined; wherein the resources include: CPU, memory, and network, etc. Furthermore, an iteration threshold is set even before the iteration.
The traversing module 42 is configured to perform iterative computation on all the scenes, sequentially traverse each scene, calculate deployment probability of the first trap node deployed to the first physical device according to the first matching degree, and deploy the first trap node with the deployment probability until a plurality of trap nodes in each scene are deployed and all the scenes are traversed.
Wherein calculating a deployment probability of the first trap node to the first physical device according to the expected degree comprises: acquiring a demand response indicated value of a first trapping node according to a first total amount of resources of a first physical device in an idle physical device set, a second total amount of resources of a second physical device in an occupied physical device set and a request amount of the first trapping node for the resources; and acquiring the probability of the first trap node deployed to the first physical device according to the initial expected degree of the first trap node expected to be deployed to the first physical device, the first matching degree and the first resource total amount, and taking the product of the probability and the demand response indicated value as deployment probability.
Obtaining a demand response indication value of the first trap node includes: acquiring a third total resource amount after responding to the request amount, and when the third total resource amount is not smaller than a first resource threshold value, responding to the demand as a first preset value; otherwise, the demand response is a second preset value.
After the deploying the first trap node with the deployment probability, further comprising: updating the deployed set according to the first trapping node, and updating the idle physical device set according to the first physical device; so that the next third trap node in the scenario uses the updated deployed set and the updated set of free physical devices.
And the iteration module 43 is configured to update the first matching degree according to the deployed second communication cost after all the scenes are traversed, and perform a next iteration calculation according to the obtained second matching degree until the number of iteration rounds is greater than an iteration threshold.
The updating of the first matching degree according to the deployed second communication cost comprises the following steps: when the first trap node is deployed on the first physical device, the initial first matching degree is updated by taking the ratio of the preset first constant and the minimum third communication cost in the scene as a matching degree increment, and the next round of iterative computation is performed according to the obtained second matching degree.
It should be noted that, when all scenes are traversed, one iteration is finished, and the remaining matching degree is processed. The method adopts a global updating strategy, and updates all matching degrees after each iteration is finished. The matching degree before is reduced in a certain proportion, and meanwhile, the matching degree corresponding to the optimal deployment scheme is enhanced, and the better the effect of the scheme is, the larger the increment is.
The deployment module 44 is configured to, when the number of iteration rounds is greater than the iteration threshold, use a minimum communication cost as a first deployment optimal solution, and deploy the trap node of the electric power internet of things according to the first deployment optimal solution.
According to the invention, the honey network node deployment method for the electric power Internet of things is integrated into a specific system according to the functional module, can be applied to honey network node deployment of more objects, and has higher adaptability.
A fifth embodiment is a computer readable storage medium provided by an embodiment of the present invention, including: the computer readable storage medium includes a stored computer program; and when the computer program runs, controlling the equipment where the computer readable storage medium is located to execute the honey network node deployment method facing the electric power Internet of things.
According to the computer readable storage medium, the honey network node deployment method facing the electric power Internet of things can be applied to specific computer equipment or terminal equipment, more Internet of things can be facing to the same honey network node method, honey network node deployment scenes facing different objects can be processed, and therefore the efficiency of large-scale honey network node deployment is further improved, and the honey network node deployment method has higher applicability.
It will be appreciated by those skilled in the art that embodiments of the present application may also provide a computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing is merely a preferred embodiment of the present invention, and it should be noted that modifications and variations could be made by those skilled in the art without departing from the technical principles of the present invention, and such modifications and variations should also be regarded as being within the scope of the invention.

Claims (10)

1. The honey network node deployment method for the electric power Internet of things is characterized by comprising the following steps of:
acquiring a plurality of isolated scenes in a honey network and a plurality of first trapping nodes in each scene, sequentially acquiring first communication cost of the first trapping nodes in each scene, and acquiring first matching degree of the first trapping nodes deployed to the initial of idle first physical equipment;
performing iterative computation on all scenes, traversing each scene in turn, calculating the deployment probability of the first trap node deployed to the first physical equipment according to the first matching degree, and deploying the first trap node according to the deployment probability until a plurality of trap nodes in each scene are deployed and all scenes are traversed;
After traversing all scenes, updating the first matching degree according to the deployed second communication cost, and carrying out next round of iterative computation according to the obtained second matching degree until the number of iterative rounds is larger than an iterative threshold;
when the iteration round number is larger than the iteration threshold, the optimal solution is deployed by taking the minimum communication cost as a first deployment optimal solution, and the trap nodes of the electric power Internet of things are deployed according to the first deployment optimal solution.
2. The method for deploying the honey network node facing the electric power internet of things according to claim 1, further comprising, after the sequentially acquiring the initial first communication cost of the first trap node in each scene:
and acquiring the initial expected degree of the first trap node expected to be deployed to the first physical equipment according to the number of second trap nodes in the scene corresponding deployed set and the first communication cost, so that the deployment probability is calculated according to the expected degree and the first matching degree.
3. The method for deploying the honey network nodes facing the electric power internet of things according to claim 2, wherein the obtaining, according to the number of the second trap nodes in the scene corresponding deployed set and the first communication cost, the initial expected degree of the first trap node expected to be deployed to the first physical device specifically includes:
And acquiring the number of second trap nodes in the deployed set in the scene, acquiring the sum of first communication costs of the first trap nodes and a plurality of second trap nodes when the first trap nodes are deployed to the first physical equipment, and taking the ratio of the number of the second trap nodes to the sum as the expected degree of deployment of the trap nodes to the physical equipment.
4. The method for deploying the honey network node towards the electric power internet of things according to claim 1, wherein the calculating the deployment probability of the first trap node to be deployed to the first physical device according to the first matching degree comprises:
acquiring a demand response indicated value of a first trapping node according to a first total amount of resources of a first physical device in an idle physical device set, a second total amount of resources of a second physical device in an occupied physical device set and a request amount of the first trapping node for the resources;
and acquiring the probability of the first trap node deployed to the first physical device according to the initial expected degree of the first trap node expected to be deployed to the first physical device, the first matching degree and the first resource total amount, and taking the product of the probability and the demand response indicated value as deployment probability.
5. The method for deploying a honey network node facing the electric power internet of things according to claim 4, wherein the obtaining the demand response indication value of the first trap node comprises:
acquiring a third total resource amount after responding to the request amount, and when the third total resource amount is not smaller than a first resource threshold value, responding to the demand as a first preset value; otherwise, the demand response is a second preset value.
6. The method for deploying the honey network node facing the electric power internet of things according to claim 1, wherein the sequentially obtaining the initial first communication cost of the first trapping node in each scene comprises:
sequentially acquiring a first communication matrix of communication between first trapping nodes in each scene, acquiring a first communication time matrix among a plurality of first physical devices, and acquiring a first communication cost of each scene according to the first communication matrix and the first communication time matrix.
7. The method for deploying the honey network node facing the electric power internet of things according to claim 1, wherein updating the first matching degree according to the deployed second communication cost comprises:
when the first trap node is deployed on the first physical device, the initial first matching degree is updated by taking the ratio of the preset first constant and the minimum third communication cost in the scene as a matching degree increment, and the next round of iterative computation is performed according to the obtained second matching degree.
8. The method for deploying a mesh node for an electric power internet of things according to claim 1, further comprising, after the deploying the first trap node with the deployment probability:
and updating the deployed set according to the first trap node, and updating the idle physical device set according to the first physical device, so that the next third trap node in the scene uses the updated deployed set and the updated idle physical device set.
9. The utility model provides a honey net node deployment system towards electric power thing networking which characterized in that includes:
the initial module is used for acquiring a plurality of isolated scenes in the honey network and a plurality of first trapping nodes in each scene, sequentially acquiring first communication cost of the first trapping nodes in each scene, and acquiring first matching degree of the first trapping nodes deployed to idle first physical equipment;
the traversing module is used for carrying out iterative computation on all scenes, traversing each scene in sequence, calculating the deployment probability of the first trapping node deployed to the first physical equipment according to the first matching degree, and deploying the first trapping node according to the deployment probability until a plurality of trapping nodes in each scene are deployed and all scenes are traversed;
The iteration module is used for updating the first matching degree according to the deployed second communication cost after traversing all scenes, and carrying out next round of iteration calculation according to the obtained second matching degree until the number of iteration rounds is larger than an iteration threshold value;
and the deployment module is used for deploying the trapping nodes of the electric power Internet of things by taking the minimum communication cost as a first deployment optimal solution when the iteration round number is larger than the iteration threshold value and according to the first deployment optimal solution.
10. A computer-readable storage medium, comprising: the computer readable storage medium includes a stored computer program; wherein, when the computer program runs, the device where the computer readable storage medium is located is controlled to execute the honey network node deployment method facing the electric power internet of things according to any one of claims 1-8.
CN202311587708.7A 2023-11-27 2023-11-27 Honey network node deployment method, system and storable medium for electric power Internet of things Pending CN117439810A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311587708.7A CN117439810A (en) 2023-11-27 2023-11-27 Honey network node deployment method, system and storable medium for electric power Internet of things

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311587708.7A CN117439810A (en) 2023-11-27 2023-11-27 Honey network node deployment method, system and storable medium for electric power Internet of things

Publications (1)

Publication Number Publication Date
CN117439810A true CN117439810A (en) 2024-01-23

Family

ID=89549884

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311587708.7A Pending CN117439810A (en) 2023-11-27 2023-11-27 Honey network node deployment method, system and storable medium for electric power Internet of things

Country Status (1)

Country Link
CN (1) CN117439810A (en)

Similar Documents

Publication Publication Date Title
CN108924198B (en) Data scheduling method, device and system based on edge calculation
CN107944610B (en) Method for predicting event popularity, server and computer-readable storage medium
CN112543049B (en) Energy efficiency optimization method and device of integrated ground satellite network
CN114286413B (en) TSN network joint routing and stream distribution method and related equipment
CN113490184B (en) Random access resource optimization method and device for intelligent factory
CN112381307A (en) Meteorological event prediction method and device and related equipment
CN113098714A (en) Low-delay network slicing method based on deep reinforcement learning
CN112784362A (en) Hybrid optimization method and system for unmanned aerial vehicle-assisted edge calculation
CN110858973A (en) Method and device for predicting network traffic of cell
CN107911300B (en) Multicast routing optimization method based on whale algorithm and application of multicast routing optimization method on Spark platform
CN110362380A (en) A kind of multiple-objection optimization virtual machine deployment method in network-oriented target range
CN113687875B (en) Method and device for unloading vehicle tasks in Internet of vehicles
US20090034433A1 (en) Method for Rebuilding an Ad Hoc Network and the Nodes Thereof
CN115358487A (en) Federal learning aggregation optimization system and method for power data sharing
CN114580636A (en) Neural network lightweight deployment method based on three-target joint optimization
CN112379985A (en) Computing task allocation method and device in cloud edge computing environment
CN116204325B (en) Algorithm training platform based on AIGC
CN111683010B (en) Method and device for generating double routes based on optical cable network optical path
CN117439810A (en) Honey network node deployment method, system and storable medium for electric power Internet of things
CN110019400A (en) Date storage method, electronic equipment and storage medium
CN111488208A (en) Edge cloud cooperative computing node scheduling optimization method based on variable step length bat algorithm
CN115150152B (en) Network user actual authority quick reasoning method based on authority dependency graph reduction
CN111008873A (en) User determination method and device, electronic equipment and storage medium
CN114707636A (en) Neural network architecture searching method and device, electronic equipment and storage medium
CN113326430A (en) Information pushing method and system based on live social big data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination