WO2016031384A1 - Système de communication, appareil de gestion, appareil de communication, procédé et programme - Google Patents

Système de communication, appareil de gestion, appareil de communication, procédé et programme Download PDF

Info

Publication number
WO2016031384A1
WO2016031384A1 PCT/JP2015/068827 JP2015068827W WO2016031384A1 WO 2016031384 A1 WO2016031384 A1 WO 2016031384A1 JP 2015068827 W JP2015068827 W JP 2015068827W WO 2016031384 A1 WO2016031384 A1 WO 2016031384A1
Authority
WO
WIPO (PCT)
Prior art keywords
communication
fraud
information
detected
electric field
Prior art date
Application number
PCT/JP2015/068827
Other languages
English (en)
Japanese (ja)
Inventor
幹晴 石井
浩志 中石
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Priority to JP2016512157A priority Critical patent/JP6350652B2/ja
Publication of WO2016031384A1 publication Critical patent/WO2016031384A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B17/00Monitoring; Testing
    • H04B17/30Monitoring; Testing of propagation channels
    • H04B17/309Measuring or estimating channel quality parameters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B17/00Monitoring; Testing
    • H04B17/30Monitoring; Testing of propagation channels
    • H04B17/309Measuring or estimating channel quality parameters
    • H04B17/318Received signal strength

Definitions

  • the present invention relates to a communication system, a management device, a communication device, a method, and a program.
  • Patent Document 1 An example of a method for specifying the position of a noise generation source such as an interference radio wave is described in Patent Document 1.
  • each base station measures the signal strength received via each antenna, transmits the data to a management computer via a mobile phone communication network, and the management computer is based on the signal strength.
  • the position of the source of noise such as jamming is estimated.
  • Patent Document 2 describes a jamming radio wave alarm device that detects the presence of jamming radio waves and issues an alarm indicating the occurrence of jamming radio waves based on the electric field strength of radio waves received via an antenna in a vehicle. Yes.
  • the notification target is a user, the surroundings of the vehicle, an information center, or the like.
  • Patent Document 3 describes a fraud management frame detection method in a wireless LAN (Local Area Network) access point device.
  • the access point device described in this document uses an unauthorized terminal and an unauthorized access point to perform an unauthorized frame detection process to prevent a spoofing attack performed by a third party who does not have the authority to access the network.
  • Patent Document 4 describes an example of a smart meter.
  • Patent Document 5 describes an example of an emergency call device.
  • the emergency notification device described in this document notifies a monitoring person via a telephone line when a notification button of a plurality of notification devices connected to a network is pressed.
  • each communication device autonomously detects communication fraud and notifies the management device of the detected communication fraud. According to such a configuration, communication fraud of each communication device can be centrally managed. Furthermore, compared to the above-described technique, it is possible to expect a reduction in communication traffic and a reduction in processing load on the management apparatus.
  • the present invention has been made in view of the above circumstances, and an object thereof is to provide a technique in which a communication device having a plurality of communication paths detects communication fraud and reliably notifies the detected communication fraud. There is.
  • the first aspect relates to a communication device.
  • the communication device according to the first aspect is Fraud detection means for detecting fraud in communication via multiple communication paths; When communication fraud is detected in the first communication path by the fraud detection means, the second communication path different from the first communication path is used to notify the management apparatus of information regarding the detected communication fraud Notification means.
  • the second aspect relates to the management device.
  • the management device is Unauthorized information acquisition means for acquiring information related to communication fraud and unique information for identifying the communication device from at least some of the plurality of communication devices; Estimating means for extracting position information of the plurality of communication devices based on the information related to the fraud and the unique information, and estimating a position of the source of the communication fraud based on the plurality of extracted position information; Have
  • a third aspect relates to a method for controlling a communication device executed by at least one computer.
  • the control method of the communication device according to the third aspect is The communication device Detect fraud against communication on multiple communication paths, Including, when communication fraud is detected in the first communication path, using a second communication path different from the first communication path, notifying the management apparatus of information relating to the detected communication fraud. .
  • the fourth aspect relates to a management apparatus control method executed by at least one computer.
  • the control method of the management device according to the fourth aspect is Management device Obtaining information related to communication fraud and unique information identifying the communication device from at least some of the plurality of communication devices; Extracting position information of the plurality of communication devices based on the information related to the fraud and the unique information, and estimating a position of the source of the communication fraud based on the extracted plurality of position information. .
  • the fifth aspect relates to a communication system.
  • the communication system according to the fifth aspect is A plurality of communication devices; A management device for managing the plurality of communication devices; A communication system comprising: The communication device Fraud detection means for detecting fraud in communication via multiple communication paths; When communication fraud is detected by the fraud detection means in the first communication path, information on the detected communication fraud is transmitted to the management device using a second communication path different from the first communication path.
  • Notification means for notifying,
  • the management device Fraud information acquisition means for acquiring information related to communication fraud and unique information for identifying the communication device from at least some of the plurality of communication devices;
  • Estimating means for extracting position information of the plurality of communication devices based on the information related to the fraud and the unique information, and estimating a position of the source of the communication fraud based on the plurality of extracted position information;
  • a sixth aspect relates to an information processing method executed by at least one computer in a communication system.
  • the information processing method according to the sixth aspect is: In a communication system having a plurality of communication devices and a management device that manages the plurality of communication devices, The communication device is Detect fraud against communication on multiple communication paths, When communication fraud is detected in the first communication path, the second communication path different from the first communication path is used to notify the management apparatus of information related to the detected communication fraud, The management device is Obtaining information related to the communication fraud and unique information for identifying the communication device from at least a part of the plurality of communication devices; Extracting position information of a plurality of communication devices based on the information related to the fraud and the unique information, and estimating the position of the source of the communication fraud based on the extracted pieces of position information.
  • a program for causing at least one computer to execute the method of the third aspect or a computer-readable recording medium recording such a program. May be.
  • This recording medium includes a non-transitory tangible medium.
  • the computer program includes computer program code that, when executed by a computer, causes the computer to implement its control method on the communication device.
  • Another aspect of the present invention may be a program that causes at least two computers to execute the method of the fourth aspect, or a computer-readable recording medium that records such a program. May be.
  • This recording medium includes a non-transitory tangible medium.
  • the computer program includes computer program code that, when executed by a computer, causes the computer to implement its control method on the management device.
  • a plurality of components are formed as a single member, and a single component is formed of a plurality of members. It may be that a certain component is a part of another component, a part of a certain component overlaps with a part of another component, or the like.
  • the plurality of procedures of the method and computer program of the present invention are not limited to being executed at different timings. For this reason, another procedure may occur during the execution of a certain procedure, or some or all of the execution timing of a certain procedure and the execution timing of another procedure may overlap.
  • FIG. 1 is a functional block diagram logically showing the configuration of the communication apparatus 100 according to the embodiment of the present invention.
  • the communication device 100 includes a fraud detector 106 that detects fraud with respect to communication on a plurality of communication paths (“A route” and “B route” in the figure), and fraud detection on the first communication path.
  • a notification for notifying the management device (not shown in FIG. 1) of information related to the detected communication fraud using a second communication path different from the first communication path Unit 108.
  • the communication device 100 may include a communication unit 102 and a storage unit 104.
  • the communication unit 102 communicates with a plurality of independent communication paths (for example, A route and B route).
  • the plurality of independent communication paths are different from each other in the physical communication medium (communication board, antenna, cable, etc.) or in the plurality of communication paths having different communication protocols, or in the same communication medium and communication protocol. It means multiple communication paths. However, a configuration in which a plurality of communication paths partially overlap each other is not excluded. Further, it is desirable that the plurality of communication paths do not include communication paths provided redundantly for backup. In other words, it is desirable that the plurality of communication paths are communication paths that are normally used by a device in which the communication device of the present invention is mounted.
  • the communication method in the plurality of communication paths may be wireless, wired, or a combination.
  • the communication unit 102 uses wireless communication using a mobile phone system such as 3G (3rd Generation) or LTE (Long Term Evolution), WiMAX (Worldwide Interoperability for Microwave Access), and wireless LAN (Local Area Network) (so-called “Wi-”).
  • a mobile phone system such as 3G (3rd Generation) or LTE (Long Term Evolution), WiMAX (Worldwide Interoperability for Microwave Access), and wireless LAN (Local Area Network) (so-called “Wi-”).
  • Fi Wireless Fidelity
  • wireless communication using a specific low-power wireless method using the 920 MHz band can be used for communication by at least one of various communication methods.
  • a plurality of communication paths are communication paths (referred to as “A route”) with a management device by wireless communication using a mobile phone communication system such as 3G or LTE.
  • a route a communication path
  • B route a communication path with HEMS (Home Energy Management System) by wireless communication of the 920 MHz band method.
  • the storage unit 104 stores unique information of the communication device itself.
  • the unique information of the communication device 100 is not particularly limited as long as it is information that can identify the communication device 100.
  • the MAC (Media Access Control) address the IP (Internet Protocol) address, and the position of the communication device 100 It may be information, identification information of a device arbitrarily given by the system or device, or identification information of a user of the system or device.
  • the unique information is identification information of the smart meter or identification information of a consumer who receives the electricity supplied by the watt-hour meter of the smart meter. There may be. Alternatively, it may be HEMS user information connected to the smart meter.
  • the unique information may be information that can identify the communication device 100 or the smart meter 50 subject to communication fraud, or the position (range, area, region, etc.) thereof. Which information is adopted as the specific information can be determined according to the system or apparatus. In this case, the communication device 100 acquires identification information from a smart meter or the like.
  • the storage unit 104 can be realized by the ROM 44 or the RAM 46 of FIG. Alternatively, the unique information may be written in the register using a predetermined register as the storage unit 104. Alternatively, the unique information may be recorded on an external recording medium accessible by the communication device 100.
  • the fraud detection unit 106 detects fraud with respect to communication through a plurality of communication paths.
  • the fraud detection process may be performed constantly or periodically, and may be performed before or after performing communication, before or after performing a predetermined process, or at a predetermined timing or condition.
  • the timing and conditions of this fraud detection process are appropriately determined for each system depending on the type of communication fraud (event) to be detected, the type and communication method of the communication device 300, fraud content, damage level due to fraud, required security level, etc. Alternatively, it can be determined for each communication device.
  • communication fraud refers to an illegal act on communication, in which a malicious person sends a jamming wave or sends an illegal frame for the purpose of communication interruption or system malfunction. This refers to an event that is caused to communication by an illegal act.
  • the specific configuration of the fraud detection unit 106 varies depending on the communication method, detection target, and the like, and detailed description thereof will be given in an embodiment described later.
  • the notification unit 108 uses a second communication path that is different from the first communication path to provide at least information on the detected communication fraud. Notify the management device.
  • the notification unit 108 may further notify the management device of unique information for identifying the communication device 100.
  • the management device is a device that manages a communication device of the present invention or some device on which the communication device of the present invention is mounted.
  • the notification destination management device may be a different device for each communication path, or may be the same device.
  • the present specification includes a server device (for example, MDMS (Meter Data Management System)) in which the communication device 100 communicates with the A route, and a HEMS with which the communication device 100 communicates with the B route.
  • MDMS Metal Data Management System
  • the HEMS is further connected to the MDMS via another communication path, so-called “C route”.
  • C route another communication path
  • FIG. 2 is a block diagram illustrating a configuration example of the smart meter 50 to which the communication device 100 is applied.
  • the smart meter 50 is realized by a computer 40 including a CPU (Central Processing Unit) 42, a ROM (Read Only Memory) 44, a RAM (Random Access Memory) 46, and an I / O (Input / Output) 48.
  • the computer 40 includes a CPU 42, a memory (RAM 46), a program 30 that implements the functions of the smart meter 50, a storage (ROM 44) that stores the program 30, and an I that inputs and outputs data and control signals. / O48 is provided.
  • the ROM 44, the RAM 46, and the I / O 48 are connected to each other via a bus 49, and the entire computer 40 is controlled by the CPU 42 together with each element.
  • the ROM 44 and the RAM 46 in this figure are a non-volatile memory such as a flash memory or a disk drive, another memory having a function for storing setting data for operating the program 30, temporary storage data, user data, or the like. It may be a storage device.
  • the smart meter 50 uses, for example, a watt-hour meter 52 that measures the power consumption of the load device 20 such as home appliances in a residence and a mobile phone communication method such as 3G (3rd Generation) or LTE (Long Term Evolution).
  • the first communication unit 54 connected to the mobile phone communication network 3 via a base station (not shown) and communicating via an antenna (not shown) and an antenna (not shown) using a specific low power wireless system using the 920 MHz band.
  • a second communication unit 56 that communicates with each other.
  • FIG. 2 the configuration of parts not related to the essence of the present invention is omitted and is not shown.
  • the CPU 42 of the computer 40 reads out the program 30 stored in the ROM 44 to the RAM 46 and executes it, whereby each function of each unit of the communication device 100 in FIG. 1 can be realized.
  • the function itself of the smart meter 50 does not relate to the essence of the present invention, and thus is not particularly limited, and the function described in this specification is merely an example.
  • the smart meter 50 has a function of transmitting information on the power consumption measured by the energy meter 52 to the MDMS 80 by the first communication unit 54 every 30 minutes.
  • the smart meter 50 further has a function of transmitting information on the power consumption measured by the watt hour meter 52 to the HEMS 82 by the second communication unit 56.
  • the first communication unit 54 and the second communication unit 56 correspond to the communication unit 102 in FIG.
  • the communication path through which the smart meter 50 communicates with the MDMS 80 is called the A route.
  • a communication path through which the smart meter 50 communicates with the HEMS 82 is called a B route.
  • a communication path called a C route is also defined.
  • the communication medium and protocol in each route are not particularly limited.
  • the first communication unit 54 uses wireless communication via the mobile phone communication network 3 for communication in the A route, and the second communication unit 56. Is exemplified by using 920 MHz wireless communication for communication in the B route.
  • the smart meter 50 communicates with another smart meter 50 at 920 MHz by the second communication unit 56 as communication of the A route, forms a multi-hop network, and connects to the MDMS 80 via a concentrator (not shown). You can also communicate.
  • the wireless information measuring unit 58 has functions such as measurement of electric field strength of received radio waves and analysis of received frames in the first communication unit 54 or the second communication unit 56.
  • the fraud detection unit 106 in FIG. 1 can detect communication fraud based on information measured by the wireless information measurement unit 58.
  • the measurement or analysis processing by the wireless information measurement unit 58 may be performed constantly or periodically, and can be performed before and after performing communication, before and after performing predetermined processing, or at a predetermined timing or condition.
  • the timing and conditions of this measurement or analysis processing are the type of communication fraud (event) subject to fraud detection based on the measured or analyzed information, the type and communication method of the communication device 300, the content of fraud, the damage level due to fraud, the request It can be determined for each system or each communication device as appropriate depending on the security level.
  • the information obtained by measurement or analysis by the wireless information measurement unit 58 may include more detailed information related to detected communication fraud in addition to information used for fraud detection. These pieces of information may be notified as communication information to the management apparatus after fraud is detected.
  • the communication device of the present invention is applied to a smart meter.
  • an application example of the communication device of the present invention is not limited to a smart meter.
  • the present invention can be applied to any apparatus as long as it has a function of communicating via a plurality of independent communication paths and a function of connecting to a management apparatus via each communication path.
  • the smart meter 50 has a function of metering the amount of electric power, but may have a function of metering the amount of gas used, the amount of water used, and the like.
  • the communication device of the present invention may be realized as a communication module included in the smart meter 50, a single chip, or may be realized in a form of being attached to another device.
  • the communication module includes at least the computer 40 of FIG. 2, the first communication unit 54, the second communication unit 56, and the wireless information measurement unit 58.
  • FIG. 1 is realized by an arbitrary combination of hardware and software of the smart meter 50 (computer 40) in FIG. It will be understood by those skilled in the art that there are various modifications to the implementation method and apparatus.
  • the functional block diagram showing the communication apparatus of each embodiment to be described below shows a logical functional unit block, not a hardware unit configuration.
  • the CPU 42 executes various processing operations corresponding to the computer program 30, whereby various units as shown in FIG. 1 are realized as various functions.
  • the computer program of the present embodiment includes a procedure for communicating with a computer 40 for realizing the communication device 100 via a plurality of communication paths (A route and B route), a procedure for storing unique information of the communication device 100 itself, a plurality of Procedure for detecting fraud in communication on the communication path, if communication fraud is detected in the first communication path, information on detected communication fraud using a second communication path different from the first communication path And a procedure for notifying the management apparatus (MDMS 80 or HEMS 82) of the unique information.
  • a procedure for communicating with a computer 40 for realizing the communication device 100 via a plurality of communication paths (A route and B route) a procedure for storing unique information of the communication device 100 itself, a plurality of Procedure for detecting fraud in communication on the communication path, if communication fraud is detected in the first communication path, information on detected communication fraud using a second communication path different from the first communication path
  • a procedure for notifying the management apparatus (MDMS 80 or HEMS 82) of the unique information includes a procedure for communicating with
  • the computer program of the present embodiment only needs to include at least a communication procedure, a fraud detection procedure, and a communication procedure, and a procedure for storing unique information is not necessarily required.
  • the notification procedure at least information related to detected communication fraud may be notified, and unique information does not necessarily have to be notified.
  • the computer program 30 of the present embodiment may be recorded on a recording medium readable by the computer 40.
  • the recording medium is not particularly limited, and various forms can be considered.
  • the program 30 may be loaded from the recording medium into the memory of the computer 40, or may be downloaded to the computer 40 through a network and loaded into the memory.
  • the recording medium for recording the computer program 30 includes a medium that can be used by a non-transitory tangible computer 40, and a program code that can be read by the computer 40 is embedded in the medium.
  • the computer 40 is caused to execute the following control method for realizing the communication device 100.
  • FIG. 3 is a flowchart illustrating an example of the operation of the communication apparatus 100 according to the present embodiment.
  • the control method according to the embodiment of the present invention is a control method for the communication apparatus 100, and is a control method executed by the computer 40 that implements the communication apparatus 100.
  • the communication device 100 communicates through a plurality of communication paths (A route and B route) (step S101), stores unique information of the communication device 100 itself (step S103), and performs a plurality of communication operations.
  • step S105 If an unauthorized communication is detected on the route (step S105) and an unauthorized communication is detected on the first communication route (YES in step S107), a second communication route different from the first communication route is used.
  • the management apparatus MDMS 80 or HEMS 82
  • the management apparatus is notified of the information related to the detected communication fraud and the unique information (step S109).
  • the control method of the communication apparatus 100 only needs to include at least step S105, step S107, and step S109, and may not necessarily include step S101 and step S103.
  • step S109 at least information related to detected communication fraud may be notified, and unique information does not necessarily have to be notified.
  • the communication unit 102 establishes communication through a plurality of independent communication paths (A route and B route) (step S101).
  • the first communication unit 54 establishes communication with the MDMS 80 via the mobile phone communication network 3 via the A route
  • the second communication unit 56 communicates with the HEMS 82 via the B route.
  • the communication establishment procedure in step S101 is performed when the communication device 100 is activated or reconnected.
  • the storage unit 104 stores unique information of the communication device 100 itself (step S103).
  • the information storage procedure in step S103 is performed, for example, at the time of initial setting, at the time of setting update, at the time of startup, periodically, or at any time.
  • the fraud detection unit 106 monitors fraud with respect to communication via a plurality of communication paths (step S105).
  • the notification unit 108 detects at least using a second communication path different from the first communication path.
  • the management device MDMS 80 or HEMS 82
  • the notification unit 108 may further notify the management apparatus of unique information.
  • step S105 the fraud detection unit 106 continues to monitor fraud.
  • the end of this flow can be considered when the communication device 100 is turned off, when an instruction such as the end of the program is received from the user or the management device, when it is restarted, or the like, but is not limited thereto.
  • the HEMS 82 receives information related to communication fraud notified by the communication device 100 through the B route in step S109, for example, the communication received on an IHD (In-Home Display) (not shown) Information on fraud may be presented. Also. As shown in FIG. 2, information regarding communication fraud may be transferred from the HEMS 82 to the MDMS 80 via the public line network 5 via the C route. Note that the case where the MDMS 80 receives from the communication device 100 information related to communication fraud notified by the communication device 100 via the A route in step S109 will be described later.
  • IHD In-Home Display
  • the notification unit 108 manages information related to communication fraud on a second communication path different from the first communication path on which the fraud detection unit 106 has detected communication fraud. Notify the device.
  • the communication apparatus 100 having a plurality of communication paths can autonomously detect communication fraud, and further, communication paths in which no communication fraud is detected.
  • the information regarding the detected communication fraud can be reliably notified to the management device.
  • communication fraud of each communication device can be centrally managed in the management device. Furthermore, since each communication device detects communication fraud, communication traffic between the communication device and the management device can be reduced, and the processing load on the management device can be reduced.
  • FIG. 4 is a diagram conceptually showing the configuration of the communication system 1 according to the embodiment of the present invention.
  • the communication system 1 of this embodiment includes a plurality of communication devices 100 (smart meters SM1 to SM7) and a management device 130 that receives meter reading data from the smart meters SM1 to SM7 via the mobile phone communication network 3. .
  • the smart meters SM1 to SM7 may be connected to the HEMS 82. Further, the HEMS 82 may be connected to the management apparatus 130 via the public line network 5.
  • the numbers of smart meters SM1 to SM7, HEMS 82, and management device 130 are examples, and are not limited thereto. Moreover, although this embodiment demonstrates the combination with the structure of the communication apparatus 100 of FIG. 1 as an example, it can also be combined with the structure of the communication apparatus of other embodiment.
  • the communication path between the smart meters SM1 to SM7 and the management device 130 via the mobile phone communication network 3 is called A route, and communication between the smart meters SM1 to SM7 and the HEMS 82 is performed.
  • the route is called B route, and the communication route between the HEMS 82 and the management apparatus 130 via the public network 5 is called C route.
  • the smart meters SM1 to SM7 and the management device 130 communicate with each other by the 3G communication method by the first communication unit 54 (FIG. 2) of the smart meters SM1 to SM7. Communication between the smart meters SM1 to SM7 and the HEMS 82 is performed by the second communication unit 56 (FIG. 2) of the smart meters SM1 to SM7 using the 920 MHz band communication method. Further, the smart meters may communicate with each other by the second communication unit 56 using the 920 MHz band communication method to form a multi-hop network. Information can be exchanged between a plurality of smart meters and the management apparatus 130 via a multi-hop network, and this communication path is also called an A route.
  • FIG. 5 is a functional block diagram showing a logical configuration of management device 130 of communication system 1 according to the embodiment of the present invention.
  • the communication system 1 of the present embodiment includes a plurality of communication devices 100 of the above-described embodiment of FIG. 1 and a management device 130 of the present embodiment of FIG.
  • the management apparatus 130 of this embodiment has the structure which acquires the information regarding communication fraud from the communication apparatus 100 of the said embodiment, and estimates the position of the generation source of communication fraud.
  • the management apparatus 130 includes an unauthorized information acquisition unit 132 that acquires information related to communication fraud and unique information for identifying the communication apparatus 100 from at least a part of the plurality of communication apparatuses 100; And an estimation unit 134 that extracts the location information of the communication fraud source based on the extracted location information.
  • the unauthorized information acquisition unit 132 differs from at least a part of the plurality of communication devices 100 a plurality of combinations of information regarding communication fraud and unique information from the first communication path in which the communication fraud is detected. Obtained via the second communication path.
  • the estimation unit 134 extracts the position information of the plurality of communication devices 100 specified by the acquired plurality of pieces of unique information from the position information storage unit 136 that stores unique information and position information regarding the plurality of communication devices 100, respectively. Then, based on the extracted pieces of position information, the position of the communication fraud source is estimated.
  • the unique information for identifying the communication device 100 is not necessarily acquired from the communication device 100.
  • the management apparatus 130 acquires and stores information such as the IP address of the communication apparatus 100 to be managed in advance, and stores the communication apparatus 100 from information such as the IP address of the transmission source during communication of information related to communication fraud. You may specify.
  • the management device 130 is configured to include the location information storage unit 136.
  • the management device 130 corresponds to the MDMS 80 or the HEMS 82 in FIG. 2 that realizes a function of receiving information related to communication fraud from the communication device 100.
  • the management device 130 collects information related to communication fraud from the plurality of communication devices 100 and realizes a function for estimating the location of the source of communication fraud, so that the management device 130 can communicate with the plurality of communication devices 100. It is preferably included in a server device such as MDMS. MDMS realizes the function of the management apparatus 130 of the present invention as at least part of the function.
  • FIG. 6 is a block diagram illustrating a configuration of a computer that implements the management apparatus 130 according to the present embodiment.
  • Each component of the management device 130 of FIG. 5 described above includes the CPU 62, the memory 64, the program 32 that implements the components of FIG. 5 loaded in the memory 64, and the storage 66 that stores the program 32 shown in FIG.
  • This is realized by an arbitrary combination of hardware and software of an arbitrary computer including a communication I / F (interface) 70.
  • I / F interface
  • the CPU 62 executes various processing operations corresponding to the computer program 32, whereby various units as shown in FIG. 5 are realized as various functions.
  • the computer program according to the present embodiment is a procedure for acquiring information related to communication fraud and unique information for identifying the communication device 100 from at least a part of the plurality of communication devices 100 in the computer 60 for realizing the management device 130. Description is made so that the position information of the plurality of communication devices 100 is extracted based on the information on the information and the specific information, and the procedure for estimating the position of the source of communication fraud is performed based on the extracted plurality of position information. Has been.
  • the computer program 32 of this embodiment may be recorded on a recording medium readable by the computer 60.
  • the recording medium is not particularly limited, and various forms can be considered.
  • the program 32 may be loaded from a recording medium into the memory 64 of the computer 60, or may be downloaded to the computer 60 through a network (not shown) and loaded into the memory 64.
  • the recording medium for recording the computer program 32 includes a medium that can be used by a non-transitory tangible computer 60, and a program code that can be read by the computer 60 is embedded in the medium.
  • the computer 60 is caused to execute the following control method for realizing the management device 130.
  • FIG. 7 is a flowchart illustrating an example of the operation of the management apparatus 130 according to the present embodiment.
  • the information processing method according to the embodiment of the present invention includes the control method of the communication apparatus 100 of the above-described embodiment of FIG. 3 and the control method of the management apparatus 130 of FIG.
  • the control method of the management apparatus 130 is a control method executed by the computer 60 that implements the management apparatus 130.
  • the information processing method includes a plurality of communication devices 100 and a management device 130 that manages the plurality of communication devices 100.
  • the communication device 100 includes a plurality of independent communication paths (A (Route S and route B) (step S101 in FIG. 3), the unique information of the communication device 100 itself is stored (step S103 in FIG. 3), and fraud for communication on a plurality of communication paths is detected (in FIG. 3).
  • Step S105 when communication fraud is detected in the first communication path (YES in Step S107 in FIG. 3), the second communication path different from the first communication path is used to detect the detected communication fraud.
  • the information is notified to the management device (MDMS 80 or HEMS 82) (step S109 in FIG.
  • step S131 Information relating to communication fraud and unique information identifying the communication device 100 are acquired from at least a part of the information (step S131), and position information of the plurality of communication devices 100 is extracted based on the information relating to fraud and the unique information (step S131).
  • step S133 Based on the extracted pieces of position information, the position of the communication fraud source is estimated (step S135).
  • control method of the communication system of the present embodiment only needs to include step S105, step S107, step S131, step S133, and step S135.
  • Step S101 and step S103 may not be included.
  • the unique information is not necessarily acquired from the communication device 100 in step S131.
  • the unauthorized information acquisition unit 132 acquires a plurality of combinations of information related to communication unauthorizedness and unique information from at least a part of the plurality of communication devices 100 via the second communication path (Step S1). S131).
  • the estimation part 134 extracts the positional information on the some communication apparatus 100 specified by the acquired some specific information from the positional information storage part 136 which each memorize
  • the communication device 100 since the communication device 100 is included in the smart meter, it exists in a high density over a wide area. For example, as shown in FIG. 8, it is assumed that a plurality of smart meters SM1 to SM7 can communicate with the management device 130 via the mobile phone communication network 3, and each smart meter is connected to the HEMS.
  • each smart meter detects communication fraud by fraud detector 106 (YES in step S107 in FIG. 3).
  • the notification unit 108 uses the A route different from the B route in which the communication fraud is detected, and information related to the communication fraud and unique information of each smart meter, for example, The MAC address is transmitted to the management apparatus 130 (step S109).
  • the information related to communication fraud includes, for example, the value of the electric field strength of the received radio wave.
  • the communication unit 102 may temporarily stop communication with the HEMS on the B route by the second communication unit 56.
  • the fraud information acquisition unit 132 of the management device 130 receives the communication fraud information transmitted from each smart meter (SM2, SM3, and SM4) and the MAC address of each smart meter (step S131).
  • position information storage unit 136 of the management device 130 position information and unique information of a plurality of smart meters managed by the management device 130 are stored in association with each other.
  • the estimation unit 134 of the management device 130 extracts the position information of the smart meters (SM2, SM3, and SM4) that have transmitted information related to communication fraud from the received unique information of the smart meter (step S133). And the estimation part 134 estimates the position of the generation
  • Various methods for estimating the location of the communication fraud source by the estimating unit 134 are conceivable. However, since they are not related to the essence of the present invention, a detailed description thereof is omitted.
  • the management device 130 determines the communication device from the unique information of the communication device 100.
  • 100 position information is extracted, and the position of the communication fraud source 7 can be estimated based on the extracted position information of each communication device 100 and the like.
  • the smart meter 50 to which the communication device 100 of the present embodiment is applied exists over a wide area with a high density. This means that sensors for detecting communication fraud are arranged over a wide area at a high density. Furthermore, the smart meter 50 to which the communication apparatus 100 of the present embodiment is applied communicates at a short distance by the B route using the 920 MHz band communication method. That is, if the electric field strength is higher than the radio wave used in the 920-band communication system communication, there is a high possibility that even an interference wave generated locally in a narrow range with a relatively weak radio wave can be detected.
  • the communication apparatus 100 of the present embodiment not only a communication fraud detected in a wide range such as a communication area such as a mobile phone communication network, but also a communication fraud occurring locally can be detected. Based on fraud detection information from a plurality of communication devices 100, the position of the communication fraud source can be estimated with high accuracy. And in the smart meter 50 to which the communication apparatus 100 of this embodiment is applied, when communication fraud is detected by B route, it can notify to the management apparatus 130 by A route currently used for meter-reading data transmission. .
  • FIG. 9 is a functional block diagram showing a logical configuration of communication apparatus 300 according to the embodiment of the present invention.
  • the communication device 300 of this embodiment includes a fraud detection unit 106 similar to that of the communication device 100 of the above embodiment of FIG. 1, and further includes a communication information acquisition unit 302 and a notification unit 304.
  • the notification unit 304 has the same function as the notification unit 108 of the communication apparatus 100 of the above embodiment, and further has the function of the present embodiment described later.
  • the communication device 300 may further include a communication unit 102 and a storage unit 104 that are the same as the communication device 100 of the above-described embodiment of FIG. 1.
  • the communication apparatus 300 of this embodiment is demonstrated to the example with the combination with the structure of the communication apparatus 100 of FIG. 1, it can also be combined with the structure of the communication apparatus of other embodiment.
  • the communication system includes a communication device 300 and the management device 130 of FIG.
  • the communication apparatus 300 of this embodiment includes a communication information acquisition unit 302 that acquires communication information related to wireless communication on the first communication path when communication fraud is detected by the fraud detection unit 106.
  • the notification unit 304 notifies the management apparatus of communication information.
  • the communication information acquisition unit 302 may acquire detection time information at which communication fraud is detected as notification information.
  • the notification unit 304 may notify the management device of the detection time information.
  • the communication information is detailed information related to wireless communication in the first communication path in which communication fraud is detected by the fraud detection unit 106.
  • the transmission source information IP address or MAC address
  • IP address IP address or MAC address
  • It contains information on the field strength of received radio waves, the type of fraudulent frame, or the communication method.
  • the communication fraud detection time information may be, for example, the time (or period) when the fraud detection unit 106 detected the communication fraud, or the time (or period) regarding the communication information at which the fraud detection unit 106 detected fraud. ) For example, the time (or period) at which a received radio wave whose electric field strength is greater than or equal to the threshold is received, the time (or period) at which the communication device 300 receives a received frame in which an illegal frame is detected, or time information included in the received frame And so on.
  • Which information is acquired by the communication information acquisition unit 302 depends on the type of communication fraud (event) to be detected, the type and communication method of the communication device 300, fraudulent content, damage level due to fraud, required security level, etc. It can be determined appropriately for each system or each communication device.
  • the communication information acquisition unit 302 can acquire information already acquired by the wireless information measurement unit 58 from the wireless information measurement unit 58 after communication fraud is detected by the fraud detection unit 106 as communication information or notification information. .
  • the communication information acquisition unit 302 acquires (receives) new information about the wireless communication detected by the wireless information measurement unit 58 after the communication fraud is detected by the fraud detection unit 106 as communication information or notification information. Measurement of electric field strength of radio waves and analysis of received frames) may be performed.
  • the smart meter 50 When the communication device 300 is included in the smart meter 50, the smart meter 50 has a storage unit (for example, the RAM 46 in FIG. 2) that stores meter reading data for a predetermined period.
  • a storage unit for example, the RAM 46 in FIG. 2 that stores meter reading data for a predetermined period.
  • communication information (such as electric field strength) and detection time information can be recorded in a storage unit together with detection data for a predetermined period.
  • the communication information acquisition unit 302 acquires communication information such as the value of the electric field strength of the received radio wave, the transmission source address information of the received frame, or the content of the received frame.
  • the notification unit 304 includes the communication information acquired by the communication information acquisition unit 302 and the detection time information of communication fraud as information related to the communication fraud detected on the first communication path, along with the unique information of the communication device 300 itself.
  • the management apparatus 130 (FIG. 5) is notified using a second communication path different from the first communication path where the communication fraud is detected.
  • the unauthorized information acquisition unit 132 includes a plurality of pieces of communication information, communication fraud detection time information, and unique information of the communication device 300 itself notified from at least some of the plurality of communication devices 300. Is obtained via the second communication path. And the estimation part 134 extracts the positional information on the some communication apparatus 320 specified by the acquired some specific information from the positional information storage part 136 which each memorize
  • the estimation unit 134 may use the detection time information for estimating the position of the communication fraud occurrence source. For example, the estimation unit 134 estimates that the communication fraud whose detection time approximates between the communication devices 300 close to each other is one source.
  • the estimation unit 134 not only estimates the position of the communication fraud occurrence source, but also uses the communication fraud detection time information, and further exemplifies the number of communication fraud occurrence sources and the periodicity as illustrated below. Communication fraud can be estimated. In the estimation of the number of communication fraud generation sources, the estimation unit 134 can estimate frauds with similar detection times among the communication frauds detected by the plurality of communication devices 300 as one generation source. In addition, the estimation unit 134 can analyze a communication fraud that occurs at a certain time or a certain period of time and can estimate the position of the fraud, not a communication fraud continuously occurring. .
  • FIG. 10 is a flowchart illustrating an example of the operation of the communication apparatus 300 according to the present embodiment.
  • the control method of the present embodiment is a control method of the communication device 300 and is a control method executed by the computer 40 that implements the communication device 300.
  • the control method of the present embodiment includes steps S101 to S107 similar to the control method of the communication apparatus 300 of the above embodiment of FIG. 3, and further includes steps S301 and S303. If communication fraud is detected on the first communication path by the fraud detection unit 106 in step S107 (YES in step S107), the communication information acquisition unit 302 performs wireless communication on the first communication path on which communication fraud is detected. Communication information related to communication is acquired (step S301).
  • the notification unit 304 notifies the management apparatus 130 of the communication information acquired in step S301 using the second communication path (step S303).
  • the notification unit 304 may further notify the management device 130 of the unique information of the communication device 300 and the communication fraud detection time information.
  • the estimation part 134 can perform the position estimation of a communication fraud generation
  • the management device 130 operates similarly according to the processing procedure of the flowchart of FIG. 7 described in the above embodiment.
  • the estimation unit 134 specifies the plurality of pieces of unique information acquired from the position information storage unit 136 that stores the pieces of unique information and position information about the plurality of communication devices 300 that have notified the detection of communication fraud.
  • the position information of the plurality of communication devices 320 to be used is extracted.
  • the position estimation procedure of the communication fraud generation source of this embodiment described below is a detailed procedure of step S135 of the flowchart of FIG. 7 of the above embodiment.
  • the estimation unit 134 groups the communication devices 300 related to communication fraud based on the proximity of the detection time and the proximity of the communication devices 300 (step S331 (not shown)). Then, the estimation unit 134 estimates a communication fraud position (for example, a center position, a center of gravity position, etc.) (or range) based on the position of the grouped communication devices 300 (step S333 (not shown)).
  • a communication fraud position for example, a center position, a center of gravity position, etc.
  • the communication information acquisition unit 302 acquires communication information related to wireless communication in the first communication path in which communication fraud is detected, and the notification unit 304 Communication information, unique information of the communication device 300 (and communication fraud detection time information) are notified to the management device 130 using the second communication path. Then, in the management apparatus 130, the unauthorized information acquisition unit 132 sets a plurality of combinations of communication information related to wireless communication on the first communication path in which communication fraud has been detected, and (detection time information) and unique information to the second Obtained via the communication path, the estimation unit 134 estimates the location of the communication fraud source.
  • route in which communication fraud was detected is further, specific information ( Further, the management apparatus 130 can be notified using the second communication path together with the detection time information), and the position information (the communication apparatus 300 in which the fraud is detected in the estimation of the position of the communication fraud source in the management apparatus 130 ( Further, the position (range) (and time (period)) of the communication fraud generation source can be estimated more accurately using the communication fraud detection time).
  • FIG. 11 is a functional block diagram illustrating a logical configuration of the communication device 320 according to the present embodiment.
  • the communication device 320 of this embodiment is different from the communication device 300 of FIG. 9 in that it has a configuration that measures the electric field strength of a received radio wave and detects communication fraud when it is equal to or greater than a threshold value.
  • the communication device 320 of the present embodiment includes a communication unit 102, a storage unit 104, and a notification unit 304 similar to the communication device 300 of FIG. 9, and further includes a measurement unit 322, a fraud detection unit 324, A communication information acquisition unit 326.
  • the fraud detection unit 324 and the communication information acquisition unit 326 have functions similar to those of the fraud detection unit 106 and the communication information acquisition unit 302 of the communication device 300, and further have the following functions of the present embodiment.
  • measurement unit 322 measures the electric field strength of the received radio wave.
  • the fraud detection unit 324 detects communication fraud based on determination of whether or not the measured electric field strength is greater than or equal to a threshold value.
  • the communication information acquisition unit 326 acquires the electric field strength as communication information.
  • the measurement unit 322 of the communication device 320 always measures the electric field strength of the received radio wave regularly at a predetermined timing.
  • the wireless information measurement unit 58 of the smart meter 50 in FIG. 2 corresponds to the measurement unit 322.
  • the fraud detection unit 324 determines whether or not the electric field strength measured by the measurement unit 322 is greater than or equal to a threshold value. If the electric field strength is greater than or equal to the threshold value, the fraud detection unit 324 detects communication fraud.
  • the setting of the frequency range, sensitivity, accuracy, threshold value, and the like for measuring the electric field strength depends on the communication method of the communication unit 102 of the communication apparatus 100, the frequency of the channel used, or the like. It can be determined as appropriate.
  • the communication information acquisition unit 326 acquires the electric field strength determined by the fraud detection unit 324 as communication fraud as communication information.
  • the notification part 304 is communication information (electric field strength) which the communication information acquisition part 326 acquired as information regarding communication fraud detected on the first communication path, communication fraud detection time information, and the communication device 320 itself. Is transmitted to the management apparatus 130 using a second communication path different from the first communication path in which the communication fraud is detected.
  • the unauthorized information acquisition unit 132 acquires a plurality of combinations of communication information including the electric field strength and unique information from at least a part of the plurality of communication devices 320 via the second communication path. May be.
  • the estimation unit 134 extracts position information of the plurality of communication devices 320 specified by the plurality of acquired pieces of unique information from the position information storage unit 136 that stores unique information and position information about the plurality of communication devices 320, respectively. Based on the extracted position information and a plurality of combinations of the electric field strength, the position of the communication fraud source is estimated.
  • the unauthorized information acquisition unit 132 obtains a plurality of combinations of communication information including the electric field strength, unique information, and communication fraud detection time information from at least a part of the plurality of communication devices 320. You may acquire via a communication path.
  • the estimation unit 134 estimates at least one fraud event and its occurrence position based on a plurality of combinations of position information, electric field strength, and communication fraud detection time information. For example, the estimation unit 134 extracts the position information of the plurality of communication devices 320 specified by the acquired plurality of pieces of unique information from the position information storage unit 136 that stores unique information and position information about the plurality of communication devices 320, respectively. Then, the position of the communication fraud source is estimated based on a plurality of combinations of the extracted position information, electric field strength, and communication fraud detection time information.
  • the control method of the communication apparatus 320 of this embodiment is the same as the control method of the communication apparatus 300 of the said embodiment, and differs in the following points from the procedure of the flowchart of FIG.
  • the fraud detection unit 324 monitors communication fraud based on the electric field strength measured by the measurement unit 322.
  • the fraud detection unit 324 determines whether or not the electric field strength is equal to or greater than the threshold value. If the electric field strength is equal to or greater than the threshold value, the fraud detection unit 324 detects communication fraud.
  • the communication information acquisition unit 326 acquires the electric field strength as communication information.
  • the notification unit 304 notifies the management apparatus 130 of communication information (electric field strength), communication fraud detection time information, and unique information of the communication apparatus 320 itself using the second communication path.
  • the measurement unit 322 measures the electric field strength of the received radio wave
  • the fraud detection unit 324 detects communication fraud based on the measured electric field strength, and obtains communication information.
  • the unit 326 acquires the electric field strength as communication information
  • the notification unit 304 notifies the management device 130 of the communication information, unique information, and detection time information.
  • FIG. 12 is a functional block diagram illustrating a logical configuration of the communication device 340 according to the present embodiment.
  • the communication device 340 of this embodiment is different from the communication device 300 of FIG. 9 in that it has a configuration for detecting an illegal frame from a received frame.
  • the communication device 340 of the present embodiment includes a communication unit 102, a storage unit 104, and a notification unit 304 similar to the communication device 300 of FIG. 9, and further includes a measurement unit 322, an illegal frame detection unit 342, and the like.
  • the fraud detection unit 344 and the communication information acquisition unit 346 are provided.
  • the fraud detection unit 344 and the communication information acquisition unit 346 have functions similar to those of the fraud detection unit 106 and the communication information acquisition unit 302 of the communication device 300, and further have the following functions of the present embodiment.
  • the unauthorized frame detection unit 342 detects an unauthorized frame from the frame received by the communication unit 102.
  • the measurement unit 322 measures the electric field strength of the received radio wave.
  • the measurement part 322 is the same as that of the said embodiment.
  • the fraud detector 344 detects communication fraud by continuously receiving illegal frames. When the fraud detection unit 344 determines that the communication is illegal, the communication information acquisition unit 346 acquires at least one of the transmission source information and the electric field strength of the illegal frame as communication information.
  • the fraud detection unit 344 detects communication fraud when fraud frames are continuously received for frames received by the communication unit 102.
  • the illegal frames to be detected are exemplified below, but are not limited thereto.
  • broadcast request a regular frame that needs to be processed when it is received by the communication device. Frames that may increase the load on the device and cause a malfunction (busy state, etc.)
  • Continuous reception does not mean concatenation of an illegal frame and an illegal frame, and a regular frame may be included between the illegal frame and the illegal frame.
  • Continuous reception means that at least one of (a1) to (a4) or a combination of illegal frames is received under the following conditions. In addition, the following is an illustration and it is not limited to these.
  • the fraud detector 344 determines whether or not fraudulent frames are continuously received under at least one of the following conditions (b1) to (b3) or a combination of conditions.
  • B1 When an illegal frame is repeatedly received at an interval equal to or shorter than a predetermined time, the number of receptions is equal to or greater than a predetermined number.
  • B2 When an illegal frame is repeatedly received at an interval equal to or shorter than a predetermined time, the period is equal to or longer than a predetermined period. Receive illegal frames repeatedly more than a predetermined number of times within a specified period
  • the measurement unit 322 always measures the electric field strength of the received radio wave regularly at a predetermined timing.
  • the wireless information measurement unit 58 of the smart meter 50 in FIG. 2 corresponds to the measurement unit 322.
  • the communication information acquisition unit 346 acquires, as communication information, at least one of the transmission source information of the fraud frame determined by the fraud detection unit 344 as the communication fraud and the electric field strength measured by the measurement unit 322.
  • the communication information acquisition unit 346 may acquire information on illegal frames (type of illegal frame, data length, frequency, etc.) as communication information.
  • step S ⁇ b> 105 the fraud detector 344 monitors fraud frames from frames received by the communication unit 102.
  • step S107 the fraud detector 344 determines whether or not fraudulent frames are continuously received. If fraudulent frames are continuously received, the fraud detector detects a communication fraud. If fraud frames are not continuously received, the fraud detector detects a communication fraud. do not do.
  • step S301 the communication information acquisition unit 346 acquires at least one of the transmission source information and the electric field strength of the illegal frame as communication information.
  • step S303 the notification unit 304 uses the second communication path to manage the communication information (sender information or electric field strength), the communication fraud detection time information, and the unique information of the communication device 320 itself. Notify
  • the unauthorized frame detector 342 detects an unauthorized frame from the received frame
  • the measuring unit 322 measures the electric field strength of the received radio wave
  • the unauthorized detector 344 Communication fraud is detected by continuous reception of frames
  • communication information acquisition unit 346 acquires transmission source information or electric field strength of illegal frames as communication information
  • notification unit 304 manages communication information, unique information, and detection time information. 130 is notified.
  • the communication apparatus 340 of this embodiment while having the same effect as the said embodiment, in addition, since communication fraud is detected by continuous reception of a fraud frame, it can detect a fraud attack from the outside. Can do.
  • the management device 130 of the above embodiment can acquire communication information including the transmission source information or electric field strength of the unauthorized frame, unique information, and detection time information from the plurality of communication devices 340, thereby preventing unauthorized communication. It is possible to estimate the source with high accuracy.
  • FIG. 13 is a functional block diagram showing a logical configuration of the communication device 360 of the present embodiment.
  • the communication device 360 according to the present embodiment has a configuration obtained by combining the configuration of the communication device 320 in FIG. 11 and the configuration of the communication device 340 in FIG.
  • the communication device of this embodiment is the same as the communication device 340 of FIG. 12, the communication unit 102, the storage unit 104, the notification unit 304, the measurement unit 322, the unauthorized frame detection unit 342, and the communication information acquisition unit 346.
  • a fraud detector 364 is the same as the communication device 340 of FIG. 12, the communication unit 102, the storage unit 104, the notification unit 304, the measurement unit 322, the unauthorized frame detection unit 342, and the communication information acquisition unit 346.
  • a fraud detector 364 is the same as the communication device 340 of FIG. 12, the communication unit 102, the storage unit 104, the notification unit 304, the measurement unit 322, the unauthorized frame detection unit 342, and the communication information acquisition unit 346.
  • the fraud detector 364 has the same function as the fraud detector 324 of the communication device 320 in FIG. 11 and the same function as the fraud detector 344 of the communication device 340 in FIG.
  • the fraud detection unit 364 determines whether the electric field strength measured by the measurement unit 322 is greater than or equal to a threshold, detects communication fraud based on the determination result, and the fraud frame detection unit 342 is received by the communication unit 102.
  • Communication fraud is detected by continuous reception of illegal frames detected from frames.
  • the control method of the communication apparatus 360 according to the present embodiment is the same as the control method of the communication apparatus 300 according to the above-described embodiment, and differs from the procedure of the flowchart of FIG. 10 in the following points.
  • the fraud detection unit 364 monitors communication fraud based on the electric field strength measured by the measurement unit 322, and the fraud frame detection unit 342 detects a fraud frame from the frame received by the communication unit 102. Monitor.
  • the fraud detector 364 determines whether the electric field strength is greater than or equal to a threshold value or whether fraud frames are continuously received. If the field strength is greater than or equal to the threshold value or if illegal frames are continuously received, communication fraud is detected.
  • step S301 the communication information acquisition unit 346 acquires at least one of the transmission source information and the electric field strength of the illegal frame as communication information.
  • step S303 the notification unit 304 uses the second communication path to manage the communication information (sender information or electric field strength), the communication fraud detection time information, and the unique information of the communication device 320 itself. Notify
  • the fraud detection unit 364 detects communication fraud based on the electric field strength measured by the measurement unit 322 or is detected by the fraud frame detection unit 342.
  • the communication information acquisition unit 346 acquires the transmission source information or the electric field strength of the illegal frame as communication information
  • the notification unit 304 receives the communication information, unique information, and detection time information. Notify the management device 130.
  • the management device 130 of the above embodiment can acquire communication information including the transmission source information of the unauthorized frame or the electric field strength, unique information, and detection time information from the plurality of communication devices 360. It is possible to estimate the source with high accuracy.
  • the management device 130 of the above embodiment functions similarly and has the same effect even in a configuration in which a plurality of communication devices 320, communication devices 340, and communication devices 360 are combined.
  • FIG. 14 is a functional block diagram showing a logical configuration of communication apparatus 400 according to the embodiment of the present invention.
  • the communication device 400 according to the present embodiment includes a communication unit 102, a storage unit 104, a fraud detection unit 106, and a notification unit 108 similar to the communication device 100 according to the above-described embodiment of FIG.
  • a receiving unit 402 and a control unit 404 are provided.
  • the communication device 400 of the present embodiment will be described by taking a combination with the configuration of the communication device 100 of FIG. 1 as an example, but may be combined with the configuration of the communication device of other embodiments.
  • the communication device 400 the instruction receiving unit 402 that receives the instruction information from the management device 130, and according to the instruction information, temporarily stops communication on the first communication path where communication fraud is detected, or the first communication path And a control unit 404 that changes a use frequency of at least one of the second communication paths.
  • the instruction receiving unit 402 receives instruction information from the management apparatus 130 via the second communication path used for notification of information related to communication fraud.
  • the management device 130 transmits the instruction information to the communication device 400 that is the transmission source of the notification in the same session when the communication unit 400 notifies the communication unit 400 of information related to communication fraud through the second communication path. May be.
  • information related to communication fraud is notified by the notification unit 108 via the second communication path, information regarding the used communication path may be notified from the communication device 400 together.
  • the management apparatus 130 can transmit the instruction information to the communication apparatus 400 using the notified communication path.
  • the control method of the communication apparatus 400 of this embodiment is demonstrated.
  • two communication paths (A route and B route) are used in the first communication unit 54 and the second communication unit 56, respectively. Therefore, when communication fraud is detected on the A route, the control unit 404 temporarily stops communication in the first communication unit 54 in accordance with the instruction information from the management device 130. Further, the notification unit 108 uses the second communication unit 56 to notify the management apparatus of information related to communication fraud via the B route and the C route. When communication fraud is detected on the B route, the control unit 404 temporarily stops communication in the second communication unit 56 in accordance with the instruction information from the management device 130. Further, the notification unit 108 uses the first communication unit 54 to notify the management apparatus of information related to communication fraud through the A route.
  • control unit 404 may change the use frequency of either the first communication path or the second communication path in accordance with the instruction information from the management device 130. Which frequency to change in which range is determined in accordance with the communication method, application, fraudulent content, etc., regardless of the essence of the present invention, and thus detailed description thereof is omitted.
  • the second communication unit 56 uses a different frequency for each communication path.
  • the control unit 404 changes at least the frequency used for the communication of the A route in the second communication unit 56, and 2 Information about communication fraud is notified to the management device via the B route and the C route using the communication unit 56.
  • the control unit 404 changes at least the frequency used for the communication of the B route in the second communication unit 56, and the second communication unit 56 is used to notify the management apparatus of information related to communication fraud through the A route.
  • control unit 404 detects communication fraud voluntarily according to the instruction information that is determined in advance or received in advance from the management device 130 without waiting for reception of the instruction information from the management device 130.
  • the communication on the first communication path may be temporarily stopped, or the use frequency of at least one of the first communication path and the second communication path may be changed.
  • the instruction receiving unit 402 receives instruction information from the management device using the second communication path, and the communication fraud is performed according to the instruction information received by the control unit 404.
  • the communication on the first communication path in which is detected is temporarily stopped, or the use frequency of one of the first communication path and the second communication path is changed.
  • processing related to meter reading data collection may be controlled when communication fraud is detected.
  • the estimation unit 134 estimates the communication fraud generation source, the estimation unit 134 further specifies the smart meter 50 corresponding to the position (range) and time (period). The meter reading data from the identified smart meter 50 may be unreliable information.
  • the meter reading data received at the position (range) and time (period) from which the communication fraud generation source is estimated may not be received by the management device 130 or may not be adopted.
  • the transmission of meter reading data may be temporarily stopped and stored in the RAM 46 (FIG. 2) so that it can be transmitted later.
  • the management device 130 again sends the meter meter data transmission request instruction to the smart meter 50 in the above embodiment. It may be transmitted as instruction information.
  • the smart meter 50 may retransmit the meter reading data stored for a predetermined period to the management device 130 according to the instruction information. According to this configuration, meter reading data during communication fraud can be rejected or collected again after communication fraud has been eliminated, so that the reliability of meter reading data can be improved. it can.
  • Procedures for detecting fraud in communications over multiple communication paths When communication fraud is detected in the first communication path, using a second communication path different from the first communication path, a procedure for notifying the management apparatus of information regarding the detected communication fraud;
  • a program for running 2. 1. To cause a computer to execute a procedure for notifying information relating to communication fraud and unique information for identifying the communication device.
  • the program described in. 3. A procedure for acquiring communication information related to wireless communication in the first communication path when a communication fraud is detected by the procedure for detecting the fraud; Procedure for causing a computer to execute a procedure for notifying the management apparatus of the communication information. Or 2.
  • Procedure to obtain detection time information when communication fraud was detected 2. causing a computer to execute a procedure of notifying the management apparatus of the detection time information; The program described in. 5.
  • Procedure for measuring the electric field strength of received radio waves A procedure for detecting the communication fraud based on determining whether the measured electric field strength is greater than or equal to a threshold; 2.
  • the program described in. 6 Procedures for detecting illegal frames from received frames; 2.
  • a procedure for causing a computer to execute a procedure for acquiring transmission information of the fraud frame as the communication information if it is determined that the communication is fraudulent due to continuous reception of the fraud frame, a procedure for causing a computer to execute a procedure for acquiring transmission information of the fraud frame as the communication information.
  • a program for running 9. Obtaining the communication information including the electric field strength from at least a part of the plurality of communication devices; 7.
  • the communication device Detect fraud against communication on multiple communication paths, When communication fraud is detected in the first communication path, the second communication path different from the first communication path is used to notify the management apparatus of information related to the detected communication fraud.
  • the communication device is 10. Notifying information relating to the communication fraud and unique information identifying the communication device
  • the communication device is When communication fraud is detected, communication information related to wireless communication in the first communication path is acquired, Notifying the management device of the communication information; 11. Or 12.
  • the communication device is Obtain detection time information when communication fraud was detected, Notifying the management device of the detection time information; 13
  • the communication device is Measure the electric field strength of the received radio wave, Based on the determination whether the measured electric field strength is equal to or greater than a threshold, the communication fraud is detected, When it is determined that the communication is illegal, the electric field strength is acquired as the communication information. 13 Or 14.
  • the communication device is Detect illegal frames from received frames, When it is determined that the communication is illegal due to continuous reception of the illegal frames, Obtaining the transmission information of the illegal frame as the communication information; 13 To 15.
  • the communication device control method according to any one of the above. 17.
  • the communication device is Receiving instruction information from the management device; According to the instruction information, the communication is temporarily stopped in the first communication path where the communication fraud is detected, or the use frequency of at least one of the first communication path and the second communication path is changed. 11. To 16. The communication device control method according to any one of the above.
  • Management device Obtaining information related to communication fraud and unique information identifying the communication device from at least some of the plurality of communication devices; Extracting the position information of the plurality of communication devices based on the information on the fraud and the specific information, and estimating the position of the source of the communication fraud based on the extracted plurality of position information, Management device control method. 19.
  • the management device is Obtaining the communication information including the electric field strength from at least a part of the plurality of communication devices; Based on a plurality of combinations of the position information and the electric field strength, the position of the communication fraud source is estimated. 18.
  • the management method of management apparatus as described in 2. 20.
  • the management device is Obtaining communication fraud detection time information from at least some of the plurality of communication devices, Based on a plurality of combinations of the position information, the electric field strength, and the communication fraud detection time information, estimate at least one fraud event and its occurrence position. 19. The management method of management apparatus as described in 2.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)

Abstract

L'invention concerne un appareil de communication (100) qui comporte : une unité de détection de fraude (106) qui détecte une fraude par rapport à la communication sur une pluralité de chemins de communication ; et une unité de notification (108) qui, si l'unité de détection de fraude (106) a détecté une fraude de communication dans un premier chemin de communication, notifie un appareil de gestion d'informations associées à la fraude de communication détectée, au moyen d'un deuxième chemin de communication différent du premier chemin de communication.
PCT/JP2015/068827 2014-08-27 2015-06-30 Système de communication, appareil de gestion, appareil de communication, procédé et programme WO2016031384A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2016512157A JP6350652B2 (ja) 2014-08-27 2015-06-30 通信装置、方法、およびプログラム

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2014-172495 2014-08-27
JP2014172495 2014-08-27

Publications (1)

Publication Number Publication Date
WO2016031384A1 true WO2016031384A1 (fr) 2016-03-03

Family

ID=55399288

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2015/068827 WO2016031384A1 (fr) 2014-08-27 2015-06-30 Système de communication, appareil de gestion, appareil de communication, procédé et programme

Country Status (2)

Country Link
JP (1) JP6350652B2 (fr)
WO (1) WO2016031384A1 (fr)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2017195481A (ja) * 2016-04-19 2017-10-26 パナソニックIpマネジメント株式会社 機器管理装置
JP2018073004A (ja) * 2016-10-26 2018-05-10 トヨタ自動車株式会社 攻撃通知システムおよび攻撃通知方法
JP2018101973A (ja) * 2016-10-27 2018-06-28 フォルクスヴァーゲン アクチエンゲゼルシャフトVolkswagen Aktiengesellschaft 第1の通信コネクションを管理するための方法、第1の通信パートナおよび第2の通信パートナを含んでいるシステム、ならびに、車両
WO2019181550A1 (fr) * 2018-03-23 2019-09-26 日本電信電話株式会社 Appareil d'analyse de trafic anormal, procédé d'analyse de trafic anormal et programme d'analyse de trafic anormal

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4886463B2 (ja) 2006-10-20 2012-02-29 キヤノン株式会社 通信パラメータ設定方法、通信装置及び通信パラメータを管理する管理装置

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH1041901A (ja) * 1996-07-24 1998-02-13 Nissin Electric Co Ltd 監視制御装置
JP2001217754A (ja) * 2000-02-01 2001-08-10 Toshiba Corp 通信システム
JP2005348285A (ja) * 2004-06-07 2005-12-15 Nippon Telegr & Teleph Corp <Ntt> 二重化伝送路における警報転送システム、装置及び方法
WO2008035600A1 (fr) * 2006-09-20 2008-03-27 Panasonic Corporation Dispositif et procédé de transmission de relais

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4211545B2 (ja) * 2003-09-16 2009-01-21 株式会社デンソー 妨害電波報知装置
JP2005142750A (ja) * 2003-11-05 2005-06-02 Motorola Inc 位置特定方法及び位置特定システム
JP4914468B2 (ja) * 2004-02-02 2012-04-11 株式会社サイバー・ソリューションズ 不正情報検知システム及び不正攻撃元探索システム
US20110066896A1 (en) * 2008-05-16 2011-03-17 Akihiro Ebina Attack packet detecting apparatus, attack packet detecting method, video receiving apparatus, content recording apparatus, and ip communication apparatus
JP4763819B2 (ja) * 2009-05-22 2011-08-31 株式会社バッファロー 無線lanアクセスポイント装置、不正マネジメントフレーム検出方法
KR101079929B1 (ko) * 2010-07-02 2011-11-04 엘에스산전 주식회사 전기 기기의 에너지 관리 시스템, 전기 기기의 에너지 관리 장치, 전기 기기의 에너지 관리 방법
JP2013070325A (ja) * 2011-09-26 2013-04-18 Nec Corp 通信システム、通信装置、サーバ、通信方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH1041901A (ja) * 1996-07-24 1998-02-13 Nissin Electric Co Ltd 監視制御装置
JP2001217754A (ja) * 2000-02-01 2001-08-10 Toshiba Corp 通信システム
JP2005348285A (ja) * 2004-06-07 2005-12-15 Nippon Telegr & Teleph Corp <Ntt> 二重化伝送路における警報転送システム、装置及び方法
WO2008035600A1 (fr) * 2006-09-20 2008-03-27 Panasonic Corporation Dispositif et procédé de transmission de relais

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2017195481A (ja) * 2016-04-19 2017-10-26 パナソニックIpマネジメント株式会社 機器管理装置
JP2018073004A (ja) * 2016-10-26 2018-05-10 トヨタ自動車株式会社 攻撃通知システムおよび攻撃通知方法
JP2018101973A (ja) * 2016-10-27 2018-06-28 フォルクスヴァーゲン アクチエンゲゼルシャフトVolkswagen Aktiengesellschaft 第1の通信コネクションを管理するための方法、第1の通信パートナおよび第2の通信パートナを含んでいるシステム、ならびに、車両
WO2019181550A1 (fr) * 2018-03-23 2019-09-26 日本電信電話株式会社 Appareil d'analyse de trafic anormal, procédé d'analyse de trafic anormal et programme d'analyse de trafic anormal
JP2019169880A (ja) * 2018-03-23 2019-10-03 日本電信電話株式会社 異常トラヒック分析装置、異常トラヒック分析方法及び異常トラヒック分析プログラム
US11870792B2 (en) 2018-03-23 2024-01-09 Nippon Telegraph And Telephone Corporation Abnormal traffic analysis apparatus, abnormal traffic analysis method, and abnormal traffic analysis program

Also Published As

Publication number Publication date
JPWO2016031384A1 (ja) 2017-04-27
JP6350652B2 (ja) 2018-07-04

Similar Documents

Publication Publication Date Title
JP6350652B2 (ja) 通信装置、方法、およびプログラム
JP6690009B2 (ja) 反復無線送信に基づく動き検出
EP3729876B1 (fr) Fourniture de capteur dans des réseaux de capteurs sans fil
PH12015501768A1 (en) Systems and methods for discovering devices in a neighborhood aware network
WO2015148103A1 (fr) Détection d&#39;un dispositif de communication sans fil non autorisé
MX2018001772A (es) Metodo, dispositivo y sistema para detectar interferencias.
EP2482521A3 (fr) Procédé, système et dispositif pour détecter une tentative d&#39;intrusion dans un réseau
CN111901809A (zh) 一种定位信息的处理方法、装置及存储介质
CN106797320A (zh) 用硬件实施的设备接近检测
US9542837B2 (en) Ulifecare management service method and device using adaptive control protocol for USN interface
JP2014075813A5 (fr)
JP2016033692A (ja) 不正接続検知システム、方法およびプログラム
KR20060118471A (ko) 네트워크에서 디바이스의 도난 방지를 위한 방법 및 장치
US20140115148A1 (en) Decommission of a Server in Wireless Environment
JP2010191552A (ja) 認証対象装置およびキー、並びに無線認証システム
US9426838B2 (en) System and method of pairing wireless sensors with an access point control panel
US10488489B2 (en) Method for determining the location of a mobile device within a building, and apparatuses for performing same
WO2022262688A1 (fr) Procédé de sensibilisation à la sécurité, dispositifs, support d&#39;enregistrement lisible par ordinateur et puce
Ambassa et al. Secure and reliable power consumption monitoring in untrustworthy micro-grids
JP2019020170A (ja) 位置探索システム、サーバ、位置探索方法および位置探索プログラム
JP7433778B2 (ja) 通信装置、通信装置の制御方法およびプログラム
US20200245108A1 (en) Data collection method using user terminal and data collection system
US11798328B2 (en) System and method for monitoring access to a residential structure
US20230156827A1 (en) Wireless broadcast and detection of data availability
JP2009231982A (ja) 無線信号伝送システムおよび無線基地局装置

Legal Events

Date Code Title Description
ENP Entry into the national phase

Ref document number: 2016512157

Country of ref document: JP

Kind code of ref document: A

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15836016

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15836016

Country of ref document: EP

Kind code of ref document: A1