Cloud identification method for abnormal behaviors of Internet of Things equipment

An Internet of Things device and identification method technology, which is applied in the field of cloud identification of abnormal behavior of Internet of Things devices, can solve problems such as the difficulty of security analysis programs, and achieve the effects of reducing preliminary preparation work, facilitating calls, and reducing false positives and missed negatives

Inactive Publication Date: 2019-12-17
SICHUAN CHANGHONG ELECTRIC CO LTD
View PDF5 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The purpose of the present invention is to provide a cloud-based identification method for abnormal behavior of IoT devices, which is used to solve the problem that it is difficult to develop security analysis programs for IoT devices in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cloud identification method for abnormal behaviors of Internet of Things equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0045] combined with figure 1 As shown, a cloud-based identification method for abnormal behavior of IoT devices uses terminal data collection and cloud threat analysis decoupling and analysis program modularization to solve the problem of continuous security protection for various IoT devices. It mainly includes IoT terminal operation service for status information collection, IoT terminal using mqtt protocol for status information transmission, cloud using RabbitMQ to add components to support mqtt protocol for data reception, cloud using sub-module program for threat analysis, cloud analysis sub-module (abnormal External links, botnets, illegal injection, and other scalable) analysis rules and cloud analysis results are regularly stored in the database.

[0046] Specifically include:

[0047] 1. Terminal data collection

[0048] The terminal agent adopts the form of Android Service, which performs periodic data collection as the background service of the Android terminal....

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a cloud identification method for abnormal behaviors of Internet of Things equipment, and the method comprises the steps: the Internet of Things equipment collects data, and carries out the data transmission with a cloud through an mqtt protocol; the cloud adopts RabbitMQ to receive the mqtt message, and stores the mqtt message in an asset set queue corresponding to the Internet of Things device; the cloud analysis module subscribes an asset set queue in an mqtt protocol mode, receives data collected by the Internet of Things device and calls the analysis sub-module toperform threat analysis, the cloud storage module judges whether threat data exists in a memory regularly, and if yes, the cloud storage module needs to store the threat data into an MONGO database. The terminal only collects data and sends the collected data to the queue component RabbitMQ, and the cloud reads the data from the RabbitMQ for analysis, so that direct terminal cloud interaction is avoided, and the coupling is reduced. Modularized design is adopted in exception analysis programs, calling is convenient, the portability is good, and the expansibility is good.

Description

technical field [0001] The invention relates to the technical field of network information security, in particular to a cloud identification method for abnormal behavior of Internet of Things devices. Background technique [0002] Traditional equipment security detection products generally run offline programs manually to detect various configurations and service operations, such as some security baseline detection tools, and most of them are aimed at traditional computers or mobile terminals. However, with the rapid development of science and technology today, the number of IoT devices has increased geometrically compared to the past. While IoT devices bring us smart life, they also bring new hidden dangers to information security. Since most IoT devices lack built-in security features, this makes them more vulnerable to malware and hackers; moreover, most of the built-in chips or systems of IoT devices are relatively lightweight and cannot be used to protect most IoT devi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1408H04L63/1441H04L67/025H04L67/06H04L67/30
Inventor 文有庆夏康丽常清雪
Owner SICHUAN CHANGHONG ELECTRIC CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap