Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Internet of Things platform attack detection system and method based on log analysis

An Internet of Things platform and attack detection technology, applied in the field of Internet of Things, can solve the problems of sacrificing real-time performance of the system, large number of logs, and inability to detect unknown attacks

Pending Publication Date: 2019-06-07
XIDIAN UNIV
View PDF4 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But this rule base based on feature matching is still far from enough, it can only identify known attacks, and cannot identify features that do not exist in the rule base
There is also a round-robin intrusion detection model that uses anomaly detection models and misuse detection models at the same time. Although the detection rate and false detection rate have improved, the huge computing pressure has sacrificed the real-time performance of the system, making it only possible to use to perform offline detection of web logs
[0003] To sum up, the problems existing in the existing technology are: the existing technology is limited to known attack types, and the calculation is difficult. For devices with low or no computing power, the existing scheme does not support it; Detect unknown attacks, and attack detection requires computing power
But at the same time, there are some problems: 1: The number of logs is huge, and the system log will generate hundreds of logs every day, but not all log data is valuable; 2: There are many types of logs and various formats; 3: It is difficult to identify log semantics, Logs cannot be used directly for research

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Internet of Things platform attack detection system and method based on log analysis
  • Internet of Things platform attack detection system and method based on log analysis
  • Internet of Things platform attack detection system and method based on log analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] In order to make the object, technical solution and advantages of the present invention more clear, the present invention will be further described in detail below in conjunction with the examples. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0033] In order to solve the abnormal attack detection in the Internet of Things system, the present invention relies on the existing multi-domain platform MicroThingsOS as the data source and method verification. Because existing methods can only detect known attack types, the present invention can add unknown attacks to the learning process on the basis of detectable known attacks, and add new attack clusters on the basis of known attack clusters. Expand detection types.

[0034] The application principle of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0035] S...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of Internet of Things, and discloses an Internet of Things platform attack detection system and method based on log analysis. The normal logs and the abnormal logs form corresponding clusters respectively, and system logs and system hardware data are collected in real time; perform regular processing on the log information to obtain a key feature value,and doa log text vectorization; perform unified vectorization on the log text and real-time data generated in the aspect of hardware according to the extracted feature values to obtain a multi-dimensional matrix; performing dimension reduction processing on the vectorized log; clustering operation is carried out on the matrix after dimension reduction, and different attack types are classified toform a plurality of clusters for subsequent inspection operation; and finally, inspect the constructed model, and analyze the detection effect. The method not only considers the real-time performanceof detection, but also considers the operation intensity of final detection.

Description

technical field [0001] The invention belongs to the technical field of the Internet of Things, and in particular relates to an attack detection system and method for an Internet of Things platform based on log analysis. Background technique [0002] At present, the existing technologies commonly used in the industry are as follows: With the rapid development of computer technology and network technology, the Internet of Things system is no longer limited to sensor networks and independent hosts, it has developed into a complex, interconnected open system, And the Internet of Things has penetrated into all aspects of human life. Smart parks, smart homes, and mobile payments are all supported by Internet of Things technologies. Once an IoT security incident occurs, the user’s private data will be leaked, and the property loss will be caused. “Security” is a key principle of the IoT. Similarly, for the existing multi-domain system MicroThings OS also needs to detect the securi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57G06K9/62
Inventor 沈玉龙常二慧李腾景玉潘超杰张立郝飞扬
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products