An equipment type identification and network intrusion detection method for the Internet of Things

Abstract

The invention discloses an equipment type identification and network intrusion detection method for the Internet of Things. the intrusion detection system is composed of an equipment type identification matching system and an abnormity detection system, and the type identification system can extract equipment characteristics according to characteristics of periodic communication of the equipment,classify and gather the equipment characteristics according to periodic statistical characteristics and the like, and classify the equipment into abstract types; The pattern recognition system based on the GRU neural network of the anomaly detection system can learn and memorize normal communication behaviors so as to establish a normal behavior sequence model, and due to the fact that the GRU neural network is designed for each device type, the recognition precision is higher, and the false alarm rate is greatly reduced; The gateway is adopted to monitor the communication condition of all Internet of Things devices in the network, so that all Internet of Things devices are directly or indirectly connected to the gateway, all communication between the Internet and the Internet and local communication between the Internet and the Internet of Things devices can be detected, local data processing is carried out through the gateway with higher performance, and shortage of resources of Internet of Things devices is avoided.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to a device type identification and network intrusion detection method for the Internet of Things. Background technique [0002] In recent years, with the rise of the Internet of Things technology, more and more electronic devices such as smart homes have come into people's sight, providing more convenience for people's lives and changing people's lives everywhere. Internet-connected products are also increasing day by day. However, the quality of IoT products currently produced is uneven, the standards are not uniform, and manufacturers often ignore security issues when designing and producing products. IoT has also become the hardest hit area for information security protection. In order to ensure security, a security protection system for the Internet of Things is required. The current common solutions can be divided into two types: upgrading the firmware of affected device...

AI Technical Summary

Problems solved by technology

Compared with these two types of methods, they are inefficient in identifying new types of attacks. Only when suppliers are updated can new types of attacks be detected, which may lead to significant delays and security losses, and cannot cope well with the rapidly growing IoT market.

Based on the characteristics of the Internet of Things, the designed system often faces the following problems: a large number of new Internet of Things products come out every day, and most of them have security risks

Intruders also develop malware for these device vulnerabilities at any time, so the resources and energy required to ensure the security of IoT devices are dynamically growing and changing; the available storage space, computing resources, and power capabilities of IoT devices are limited, so it is not applicable Traditional intrusion detection on devices; Internet of Things devices are heterogeneous, and the distribution of individual characteristics of devices is relatively scattered. There are large differences in various aspects between different types of devices, and the functions of each type of device are relatively limited; compared with other high-end devices , IoT devices generate less network traffic, and most of it is occasional user access queries

Images