A dynamic multi-dimensional trust management method and system for navigation hub industrial network security communication and data collection

Abstract

This invention discloses a dynamic multi-dimensional trust management method for network security communication and data collection in general aviation hub industrial networks. Applied to a cloud-edge-device collaborative multi-domain industrial IoT system, the method includes: an edge agent acquiring direct trust evidence reported by device-layer nodes based on interaction count decay weighting; during cross-domain device migration, generating initial social trust based on source domain reputation sequence inheritance and target domain similarity recommendation mechanisms; the edge agent comprehensively evaluating social trust, data trust, and energy consumption trust to construct a multi-dimensional trust evidence system; dynamically fusing and generating the comprehensive reputation of nodes based on the CRITIC objective weighting algorithm; and the edge agent implementing long-term incentives based on global clustering and time series, while device-layer nodes dynamically update their trust tolerance, collaboratively completing a two-layer trust decision. This invention solves problems such as cross-domain trust cold start, trust whitewashing, subjective weighting bias, and switch attacks, significantly improving the security and data collection collaboration efficiency of multi-domain industrial IoT.

Description

Technical Field

[0001] This invention relates to the fields of industrial Internet of Things (IIoT), network security and trust management, and in particular to a dynamic multi-dimensional trust management mechanism for cross-domain migration of equipment, data collection and secure communication in general aviation hub industrial networks, oriented towards a cloud-edge-device collaborative architecture. Specifically, it is a dynamic multi-dimensional trust management method and system for network security communication and data collection in general aviation hub industrial networks. Background Technology

[0002] In recent years, the Industrial Internet and intelligent manufacturing technologies have developed rapidly, and multi-domain Industrial Internet of Things (IIoT) has been widely used in multi-domain collaborative networks such as aviation hub industrial networks. Typical IIoT systems usually adopt a cloud-edge-device three-layer architecture, which can assist in tasks such as long-cycle strategy analysis, intra-domain device management, and edge data acquisition in complex production and edge management scenarios. However, there are often significant differences in network topology, node characteristics, and node behavior between different industrial domains. In this environment, mobile inspection robots or operators holding electronic devices frequently patrol between multiple workshops. Traditional single-domain trust models struggle to utilize historical device behavior records, leading to trust cold start problems during cross-domain device migration. Furthermore, malicious nodes can achieve trust whitewashing through cross-domain switching, severely impacting system operation.

[0003] To address the aforementioned issues, the multi-dimensional trust fusion model, with its comprehensive advantages, has been introduced into the security management system of the Industrial Internet of Things (IIoT). This model comprehensively considers multiple factors such as device communication behavior, data quality, and resource status to construct a trust model, which helps to comprehensively characterize the security status of devices. By combining the reliability of data reporting with forwarding behavior, and incorporating resource attributes such as remaining energy and task participation rate into the evaluation system, the multi-dimensional trust model can effectively constrain the long-term selfish behavior of nodes and improve the accuracy of malicious node detection. It has become an important development direction for trusted interaction and data collection in multi-domain environments.

[0004] Existing multi-dimensional trust management solutions have significant limitations in terms of indicator weighting and trust decision-making. Regarding weighting methods, current work generally relies on manual experience or fuzzy rules to set the weights of each dimension. This calculation is highly subjective and difficult to adapt to the dynamic changes in the importance of indicators under different scenarios. Furthermore, different trust indicators may have strong correlations or even conflicts; simple linear superposition and fusion can easily lead to information redundancy and weight imbalance, weakening the model's sensitivity to key attack characteristics. In terms of trust decision-making and incentive strategies, most traditional solutions use fixed thresholds or simple linear decay patterns, lacking dynamic adjustment and global coordination capabilities.

[0005] In the complex interactive scenarios of multi-domain Industrial Internet of Things (IIoT), existing trust management mechanisms face the following typical challenges: First, the cold start of trust and security vulnerabilities caused by cross-domain migration are prominent. Traditional mechanisms struggle to smoothly inherit and rebuild trust when devices cross domains, hindering the normal tasks of legitimate nodes and allowing malicious nodes to launder trust through cross-domain switching, inducing serious migration attack risks. Second, multi-dimensional trust fusion suffers from indicator conflicts and subjective deficiencies in weighting. Existing assessments often rely on manual experience to allocate static weights, failing to effectively quantify and handle the cross-correlation and comparative strength between multi-dimensional indicators, and lacking joint analysis combining time series and task similarity, making it difficult to cope with indicator redundancy and covert group collusion attacks in dynamic environments. Third, trust decision-making mechanisms are rigid and lack multi-level collaboration. Traditional solutions often use fixed threshold truncation or single-layer decision-making, making it difficult to accurately distinguish between "local anomalies" caused by environmental interference and intentional "long-term malice," easily leading to over-punishment; at the same time, the lack of collaboration between edge-global long-term incentives and terminal local dynamic tolerance results in severely insufficient robustness in dealing with alternating honest and malicious on / off attacks. Summary of the Invention

[0006] To address the technical challenges of cross-domain migration leading to trust cold start and trust whitewashing risks in the existing multi-domain environment of general aviation hub industrial networks, including conflicting indicators and subjective deficiencies in weighting of multi-dimensional trust integration, and rigid trust decision-making mechanisms lacking multi-level collaboration to counter switch attacks, this invention provides a dynamic multi-dimensional trust management method for secure communication and data collection in general aviation hub industrial networks. This method enables cross-domain trust anti-forgery inheritance and reconstruction, objective quantification and integration of multi-dimensional trust indicators, and the execution of a two-layer dynamic collaborative decision-making mechanism at the edge and terminal levels within a multi-domain collaborative environment, thereby ensuring secure communication and reliable data collection between multi-domain industrial IoT devices.

[0007] According to one aspect of this specification, a dynamic multi-dimensional trust management method for network security communication and data collection in general aviation hub industrial networks is provided, applied to a multi-domain industrial Internet of Things system with cloud-edge-device collaboration, comprising: The edge agent obtains direct trust evidence reported by the device layer node when performing data collection and forwarding tasks. The direct trust evidence is obtained by weighted calculation based on the decay of the number of successful and failed interactions. When a device migrates across domains, the edge agent performs a smooth migration and gradual reconstruction of trust based on the source domain reputation sequence inheritance and the target domain similarity recommendation mechanism, generating the initial social trust of the migrated device. The edge agent comprehensively evaluates the social trust, data trust, and energy consumption trust of the node. For cross-domain migration devices, the initial social trust serves as the initial basis for social trust evaluation, constructing a multi-dimensional trust evidence system covering communication interaction, data quality, and resource status. The edge agent is based on the CRITIC objective weighting algorithm to calculate the comparative strength and cross-correlation of each indicator in the multidimensional trust evidence system, and dynamically integrates and generates the comprehensive reputation of the node. The edge agent implements long-term incentives based on comprehensive reputation, using global clustering and time series analysis. At the same time, the device layer nodes dynamically update trust tolerance by combining local interaction history, and work with the edge agent to complete two-layer trust decision-making and management.

[0008] Through the above-mentioned technical means, the present invention can perform adaptive and robust comprehensive trust assessment of nodes in highly dynamic industrial IoT scenarios with frequent cross-domain migration of devices, effectively suppressing migration attacks and multi-dimensional group collusion attacks, and improving the long-term security of the system and the efficiency of data collection and collaboration.

[0009] As a further technical solution, when a device undergoes cross-domain migration, a smooth migration and gradual reconstruction of trust is performed based on the source domain reputation sequence inheritance and target domain similarity recommendation mechanism, including: When a node migrates from the source domain to the target domain, the edge agent in the target domain receives the node's reputation and historical trust sequence within the time window sent by the source domain, which serves as the initial basis for trust reconstruction in the new domain. Extract the direct trust records of the original domain neighbor nodes of the migrated device, calculate the Jaccard similarity and cosine similarity between the migrated device and its original domain neighbors, and use the product of the two as the cross-domain recommendation reliability of the original domain neighbors. Based on the cross-domain recommendation reliability aggregation, direct trust is formed to create initial social trust for the migrated device in the new domain.

[0010] Through the above technical means, this invention ensures the consistency of the trust vector weight distribution while constraining the overlap of common neighbor structures to a sufficient degree. This greatly increases the difficulty for malicious nodes to forge coincidental similarities to achieve trust whitewashing, effectively overcomes the trust cold start problem, and suppresses migration attacks.

[0011] As a further technical solution, at the edge proxy layer, a multi-dimensional trust evidence system is constructed that comprehensively evaluates the social trust, data trust, and energy consumption trust of nodes, covering communication interaction, data quality, and resource status, including: In the intra-domain social trust assessment, the common neighbor set of the directly trusted node and the evaluated node is extracted. The reliability of intra-domain recommendations is measured by calculating the product of Hellinger similarity and Pearson correlation coefficient, and social trust is aggregated to generate social trust. For existing devices in the current domain, social trust is directly assessed based on their historical interaction records in the current domain. For devices migrated across domains, the generated initial social trust is used as the initial value, and combined with the interaction records accumulated in the target domain, the social trust is dynamically updated using the same social trust assessment method as for existing devices in the current domain. In data trust assessment, edge agents are used to perform truth discovery algorithms to converge node weights, and data collected by trusted mobile nodes are introduced as reference initial truth values. Through time-based horizontal anomaly analysis and similarity-based vertical anomaly cross analysis, malicious data injection and group collusion behavior are detected, and colluding nodes are downgraded or their trust is set to zero. In the energy consumption trust assessment, the weighted average energy consumption and weighted average task participation rate within the cluster are statistically analyzed. As the task participation rate of a node increases, its energy consumption threshold is dynamically relaxed, and the baseline threshold is adjusted through global trust weighted energy consumption statistics.

[0012] Through the above-mentioned technical means, the present invention can not only effectively suppress malicious attacks and systematic deviations caused by collusive groups raising trust values, but also accurately identify false data injection and prevent selfish nodes or malicious devices from covering up their true abnormal energy consumption by forging false high task participation rates.

[0013] As a further technical solution, the method of calculating the comparative strength and cross-correlation of multi-dimensional trust indicators based on the CRITIC objective weighting algorithm, and dynamically fusing them to generate the comprehensive reputation of nodes, includes: The multidimensional trust matrix, which includes social trust, data trust, and energy consumption trust, is positiveized. Calculate the standard deviation of each trust index to reflect the comparative strength of the differences in values ​​between the evaluation schemes; Calculate the correlation coefficients between various trust indicators to reflect the degree of conflict among multidimensional indicators; The information content of each trust dimension is calculated based on the product of the standard deviation and the correlation coefficient. The objective weights of each dimension are automatically assigned according to the proportion of information content, and the weighted fusion is used to obtain the final comprehensive reputation of the device.

[0014] Through the above-mentioned technical means, this invention utilizes the objective attributes of data itself for scientific evaluation, avoids the subjective uncertainty of traditional manual experience-based weighting, effectively solves the redundancy and conflict problems among multi-dimensional indicators, and enables the model to adaptively highlight the most discriminative trust dimension under the current attack mode.

[0015] As a further technical solution, the edge agent, based on the comprehensive reputation, employs global clustering and time series analysis to implement long-term incentives; simultaneously, device-level nodes dynamically update trust tolerance by combining local interaction history, collaborating with the edge agent to complete a two-layer trust decision-making and management process, including: The edge agent uses the k-means++ algorithm to cluster devices based on their trust values ​​and changes in trust over multiple past evaluation periods, classifying devices into three categories: trustworthy, uncertain, and malicious. Edge agents perform exponential trust rewards, trust penalties, or trust smoothing adjustments based on consecutive honest records, malicious records, or uncertain sequence records within a time window, respectively. Device-level nodes integrate their own directly observed trust with the target node's global reputation, and dynamically adjust the integration weight based on the total number of interactions between the two parties; The device layer nodes simultaneously record and maintain the dynamic trust tolerance of the interacting nodes. After each trust decision, they use a smoothing function to update their own trust tolerance baseline and make local fine adjustments to the tolerance of specific neighbors based on the success rate of interactions between nodes.

[0016] Through the above-mentioned technical means, this invention constructs a collaborative two-layer decision-making mechanism of "long-term edge incentive prevention + terminal local tolerance and anti-jitter". It can accurately identify and punish on-off attacks that alternate between honesty and malice, and effectively avoid the excessive punishment of normal nodes due to environmental noise or occasional failures. It achieves excellent comprehensive performance between security and system availability.

[0017] As a further technical solution, in the cross-domain recommendation reliability, Jaccard similarity is used to measure the overlap of the common neighbor structure between the migrating device and the original domain neighbor, and cosine similarity is used to measure the consistency of the trust vectors of the two in their common neighbors.

[0018] As a further technical solution, in the domain recommendation reliability, Hellinger similarity is used to measure the similarity of the trust probability distribution shape between the node providing direct trust and the node being evaluated on their common neighbors, and Pearson correlation coefficient is used to measure the consistency of the linear change trend of the trust vectors of the two nodes on their common neighbors after the mean is removed.

[0019] As a further technical solution, the energy consumption trust assessment further includes: By statistically analyzing the cluster's trust-weighted average energy consumption and weighted average task participation rate, the energy consumption threshold of nodes is dynamically adjusted. Nodes with a task participation rate higher than the cluster average enjoy a more lenient energy consumption threshold, while those with a lower task participation rate have a tighter threshold. The baseline threshold is adaptively updated based on global trust-weighted energy consumption statistics to prevent malicious devices from masking abnormal energy consumption by faking high task participation rates.

[0020] According to one aspect of the present invention, an electronic device is provided, including a memory and a processor, the memory storing program instructions executed by the processor, the processor invoking the program instructions to execute the dynamic multi-dimensional trust management method for secure communication and data collection in a general aviation hub industrial network.

[0021] According to one aspect of the present invention, a non-transitory computer-readable storage medium is provided, the non-transitory computer-readable storage medium storing computer instructions that cause the computer to execute the dynamic multi-dimensional trust management method for secure communication and data collection in a general aviation hub industrial network.

[0022] Compared with the prior art, the beneficial effects of the present invention are as follows: Through the above technical solution, the present invention can effectively extract anti-counterfeiting cross-domain evidence, eliminate subjective fusion bias, and execute a highly robust dynamic decision-making mechanism in multi-domain industrial IoT scenarios with large-scale cross-domain migration and complex collusion attack behavior, thereby significantly improving the anti-attack capability, security collaboration efficiency and data acquisition accuracy of multi-domain industrial systems. Attached Figure Description

[0023] To more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the accompanying drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the accompanying drawings described below are some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0024] Figure 1 This invention provides an architecture diagram of a dynamic multi-dimensional trust management method for network security communication and data collection in general aviation hub industrial networks, and briefly illustrates the initiation method of cross-domain migration attacks in this scenario. That is, a problematic device is detected in the upper gate head domain (source domain), and after the worker repairs the corresponding vulnerability, it is installed in the lower gate head domain (target domain) to continue to attack or commit malicious acts in the lower gate head domain. Figure 2 A schematic diagram of a dynamic multi-dimensional trust management method for network security communication and data collection in general aviation hubs, provided in an embodiment of the present invention; Figure 3 This is a schematic diagram of a dynamic multi-dimensional trust management method for network security communication and data collection in general aviation hubs, provided as an embodiment of the present invention, which includes a trust cross-domain inheritance and reconstruction method. Detailed Implementation

[0025] The terms “comprising” and “having”, and any variations thereof, in the specification, claims, and accompanying drawings of this invention are intended to cover a non-exclusive inclusion, such as a process, method, system, product, or apparatus that includes a series of steps or units, not necessarily limited to those explicitly listed, but may include other steps or units not explicitly listed or inherent to such processes, methods, products, or apparatus.

[0026] To make the objectives, technical solutions, and advantages of the embodiments of the present invention clearer, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention. In addition, the technical features of the various embodiments or individual embodiments provided by the present invention can be arbitrarily combined to form new technical solutions. Such combinations are not bound by the order of steps and / or structural composition patterns, but must be based on the ability of those skilled in the art to implement them. When the combination of technical solutions is contradictory or cannot be implemented, it should be considered that such a combination of technical solutions does not exist and is not within the scope of protection claimed by the present invention.

[0027] I. System Model like Figure 1 As shown, the system architecture adopted by the method of this invention consists of three entities: a central server, a proxy server, and devices, corresponding to the server layer, edge proxy layer, and device layer of the cloud-edge-device architecture, respectively. The device layer is divided into different regions based on its associated proxy server. Each region executes a specific type of data collection task, and each region is managed by its corresponding edge proxy. This method assesses the reliability of the devices at the device layer, ensuring reliable interaction between devices and preventing malicious devices from submitting unreliable data.

[0028] Each domain executes specific types of data collection tasks, with tasks issued and data aggregated by the corresponding edge agent. Nodes can relay data via multi-hop relay, and some nodes can migrate between different domains during task execution. The cloud is mainly responsible for cross-domain policy coordination and global parameter configuration, the edge agent is responsible for intra-domain trust calculation and management, and device-level nodes are responsible for data collection, forwarding, and local trust decisions.

[0029] II. Implementation Process of Trust Management Methods like Figure 2 As shown, the method operates according to the following process within each data acquisition cycle: Step 1: Calculation and Upload of Direct Trust Evidence for Devices When performing data collection and forwarding tasks, the device layer nodes record the interaction status and results with neighboring nodes, and periodically report the statistical values ​​as direct trust evidence to the local domain proxy server.

[0030] Step 2: Equipment Reputation Calculation The three types of trust evidence—social trust, data trust, and energy consumption trust—of a proxy server computing device are aggregated to form the device's overall reputation.

[0031] Step 3: Trust-based incentive methods The proxy server uses a clustering algorithm to generate a time series of device reputations, and then adjusts the node reputations through an incentive mechanism.

[0032] Step 4: Trust Decision The device aggregates the total trust based on direct trust and the device reputation calculated by the proxy server, and then maintains a dynamic trust threshold based on local interaction records to complete the trust decision.

[0033] Figure 3 The proposed trust migration and reconstruction mechanism is demonstrated. When a device migrates from the source domain to the target domain, the edge agent of the target domain receives the reputation of the node and the historical trust sequence within the time window sent by the source domain, which serves as the initial basis for trust reconstruction in the new domain.

[0034] III. Detailed Calculation Process Step 1: Calculation and Upload of Direct Trust Evidence for Devices Direct trust is calculated by statistically analyzing direct interactions between devices over a period of time. The time period is divided into n time slots. Let represent the length of each time slot, and let s and f be the weighted counts of successful and failed interactions within that time slot, respectively. Then, the direct trust of device i in device j is: ,

[0035] in These represent the number of successful and failed interactions within the u-th time slot. This is a penalty factor used to amplify the impact of failed interactions on trust, calculated using the following formula: .

[0036] Step 2: Equipment Reputation Calculation In this step, the proxy server integrates trust evidence such as direct trust, data trust, and energy consumption, and finally aggregates it into the overall reputation of the device.

[0037] 1. Social Trust Calculation: Comprehensively considers the direct trust that other devices have in the device being evaluated. Case 1: Intra-domain assessment: Let the device being assessed be j and the device providing direct trust be i. Neither of them is in the collusion set col (col is determined in the data trust part).

[0038] Let the set of their common neighbor nodes be . ,remember These neighboring nodes each hold direct trust in both devices, and are denoted as follows: and Then, normalization is performed to obtain the normalized set. and .

[0039] Calculate the Hellinger similarity and Pearson similarity coefficients for these two sets: , in The two are then combined to obtain the similarity coefficient. .

[0040] Combined with the equipment's reputation in the previous cycle (Initial value 0.5), calculate the recommended reliability of device i for device j. : ; Finally, direct trust is aggregated based on recommendation reliability to form social trust for the device: .

[0041] Hellinger's similarity emphasizes the similarity of probability composition or distribution shape, meaning the two sets have similar proportions and structures. Pearson's similarity emphasizes linear similarity after removing the mean, meaning the two sets have similar relative fluctuations. The product ensures resistance to collusive groups and malicious attacks. Mutual inflation within a collusive group may make the correlation appear consistent, but the overall distribution shape may appear unnatural or reversed externally; the product makes it difficult to improve the reliability of its recommendations. Devices carrying out malicious attacks lower the trust value of the target device; they may maintain some similarity on a single indicator, but another indicator will be exposed. The product reduces its impact.

[0042] Scenario 2: When the device being evaluated is a new device migrated from another domain, it will not have a common neighbor with devices in the current domain. Therefore, the evaluation of devices in the domain where the device was previously located will be taken into account.

[0043] Let the migrated device be q, and its original set of neighboring devices in the domain be q. ,for Let the set of neighboring devices of the i-th neighbor be denoted as . Its direct trust set for its neighboring devices is Let device q's direct trust in its neighboring devices be denoted as . None of these devices are in the conspiracy set col.

[0044] The similarity between device q and its i-th neighbor's Jaccard is Let the set of their common neighbors be denoted as . The cosine similarity between them is: , in Describes the set of q pairs of migrated devices. Direct trust in the j-th device Describes the set of the i-th neighbor pairs of the migrating device q. Direct trust in the j-th device.

[0045] Recommended reliability of the i-th neighbor of the migrated device q for: , Finally, direct trust is aggregated to form social trust for the migrated device q. : .

[0046] Jaccard similarity constraint ensures that two devices have enough common neighbors to prevent them from posing as similar by sharing only one or two neighbors; cosine similarity constraint ensures that the trust vectors on common neighbors are in the same direction, and through multiplication, it guarantees that there will be high recommendation reliability only when there is structural intersection and weight alignment.

[0047] 2. Data Trust Calculation: Statistics The data trust of the device is calculated based on the situation of each time slot within a time period. This process is divided into two steps: data quality assessment and collusion detection.

[0048] Each domain executes specific data collection tasks, which are distributed to various devices by the proxy server. After the devices collect the data, they upload it to the edge proxy. The proxy server then executes a truth discovery algorithm to assess the data trustworthiness of each device.

[0049] Record that device i participated in the u-th time slot The data for these M tasks is provided.

[0050] Step 2.1: Data Quality Assessment Phase The truth discovery algorithm is used to evaluate data quality. The truth discovery algorithm consists of two phases: weight update and truth update.

[0051] Phase 1: Weight Update Assume the most recently updated truth value is The data submitted by K sensing devices are Then the weight of the k-th sensing device is: , For the weight function, This is the distance function.

[0052] Phase 2: Truth Update After the weights are updated, the truth value is updated using the following formula: , Repeat the above process until the truth converges (the difference between two truth values ​​is less than 1 / 3). Finally, the data trust of the sensing device is the weight when the truth value converges. .

[0053] Step 2.2: Collusion Detection Malicious data injection from individual nodes (i.e., submitting unreasonable data such as excessively large or small amounts) can be addressed using truth discovery algorithms, but it cannot eliminate the impact of group malicious data injection on task data quality. Group malicious data injection can be categorized into data duplication and collusion. Data duplication occurs when malicious nodes influence the final data collection results by submitting identical anomalous data; collusion involves malicious nodes negotiating to submit consistent malicious data. The former can be detected through simple statistics, but this is unrealistic. In real-world scenarios, malicious nodes often negotiate to avoid submitting identical data, posing a significant challenge to detecting malicious collusion. Therefore, trusted mobile nodes are introduced to assist in the detection of malicious collusion.

[0054] For data acquisition tasks It collects data submitted from N nodes. To detect collusion among nodes, the edge agent additionally dispatches a trusted mobile node to perform the same task, and the data it collects is denoted as... Because data collection is affected by spatiotemporal variations and sensor accuracy, directly using data collected by trusted mobile nodes as the final truth value is inappropriate. Furthermore, truth discovery algorithms often lack an initial reference truth value and frequently employ random weights or initial truth values ​​in their initial iterations, which can negatively impact the assessment of node data trust. Therefore, this paper uses data collected by mobile nodes as the reference initial truth value for the truth discovery algorithm, and uses the truth value after algorithm convergence. Collusion detection is performed based on the baseline. In other words, the detection method is optimized as follows: like ,in Let be the detection threshold. Let the set of all nodes detected as abnormal be denoted as . .

[0055] Time-based lateral anomaly analysis: For the same task Its past The set of abnormal nodes detected in each cycle is: ,statistics The number of times each node appears in the past set (j is the node number), if If so, then add it to the collusion node set col.

[0056] Similarity-based longitudinal anomaly analysis: For another task The corresponding set of abnormal nodes is ,like Then Add to the collusion node set col, where , where is the detection threshold.

[0057] For nodes in the collusion set col, their data trust is set to 0, and recommendations between collusion nodes are filtered.

[0058] Finally, considering all n time slots, the data trust of device i is: .

[0059] 3. Energy consumption trust: through statistics The energy consumption of these n time slot devices within a time period is calculated to prevent selfish nodes from refraining from message forwarding or participating in data collection tasks in order to save their own energy, and to prevent malicious nodes from actively launching attacks within the network.

[0060] First, calculate the trust-weighted average energy consumption of devices within the cluster in the u-th time slot. , in This represents the energy consumption of the i-th device in the u-th time slot.

[0061] The trust-weighted average task participation rate of devices within this cluster in the u-th time slot is , The energy consumption and task participation rate of node i in the u-th time slot are denoted as follows: and Then the energy consumption trust of node i in the u-th time slot is , in , A baseline value representing energy consumption. This represents the average task participation rate of all devices within the u-th time slot. This represents the average energy consumption of all devices within the u-th time slot.

[0062] As nodes participate more in data collection tasks, their energy consumption threshold will be relaxed, and vice versa.

[0063] Edge proxies calculate the trust-weighted energy consumption threshold across all nodes. To adjust the baseline threshold, thereby preventing malicious devices from falsely displaying high task participation rates. , Considering all n time slots, the transmission rate of device i can be assumed to be: .

[0064] 4. Equipment Reputation Calculation The calculation of device reputation requires the aggregation of the three types of trust evidence mentioned above. Therefore, it is necessary to determine the weights of these three types of trust evidence. Here, the CRITIC algorithm is used to determine the weights.

[0065] The CRITIC algorithm comprehensively measures the objective weight of indicators based on the comparative strength and conflict between them. It considers both the magnitude of indicator variability and the correlation between indicators, ensuring that a larger number does not necessarily indicate greater importance. It relies entirely on the objective attributes of the data itself for scientific evaluation.

[0066] The strength of contrast refers to the magnitude of the difference between the values ​​of different evaluation schemes for the same indicator, expressed in the form of standard deviation. The larger the standard deviation, the greater the fluctuation, that is, the greater the difference between the values ​​of the schemes, and the higher the weight will be; the conflict between indicators is expressed by the correlation coefficient. If there is a strong positive correlation between two indicators, it means that their conflict is smaller, and the weight will be lower.

[0067] The specific calculation process for the weights is as follows: Let the total number of devices be N, then the trust matrix of all nodes at time t is: , Each row represents a node's social, data, and energy consumption trust information.

[0068] Step 1: Forward processing. (The process involves...) and express The minimum and maximum values ​​of the elements in column j.

[0069] .

[0070] Step 2: Calculate the variability of the index, i.e., the variance of the confidence level in each dimension. : , Step 3: Calculate the conflict of indicators That is, the correlation coefficient of trust in each dimension is aggregated. : , in Let the covariance of the trust in the i-th and j-th dimensions be denoted as . .

[0071] Step 4: Calculate the information content for each trust. .

[0072] Step 5: Calculate the weight of each trust, where j represents the trust in the j-th dimension. .

[0073] Finally, the reputation of node i is calculated through weight aggregation. ,in These represent the weight values ​​corresponding to the three trust dimensions of social, data, and energy consumption trust calculated in step 5, respectively.

[0074] Step 3: Trust Incentive Program The proxy server uses the k-means++ algorithm to classify devices into three categories: trustworthy, uncertain, and malicious. Based on the classification results, a trust incentive scheme is then implemented. The k-means++ algorithm selects more dispersed initial centers through distance weighting, significantly avoiding the instability caused by random center initialization, resulting in better clustering results, faster convergence, and higher stability in repeated runs.

[0075] The classification is based on trust characteristics: the trust level of the device over the past N evaluation periods and the change in trust are used as characteristic values, i.e. (N is usually 3-5).

[0076] Based on the edge agent classification results, the time window is divided into these three sequences according to the continuous classification results of the devices, and the reputation of the devices is rewarded or punished according to the time behavior sequence of the devices.

[0077] Scenario 1: Reputation incentives based on honest records Assume there are a total of A series of consecutive honest records, each honest record having a length of [length missing]. The reward value for equipment reputation is then... ,in As a trust incentive value, and As a regulatory factor, This represents the distance between this consecutive record and the starting window.

[0078] Scenario 2: Reputation penalties based on malicious records Suppose there exists a total of P A series of consecutive malicious records, each with a length of [length missing]. The penalty value for the equipment reputation is then... ,in Trust penalty value, As a regulatory factor, This represents the distance between this consecutive record and the starting window.

[0079] Scenario 3: Reputation Adjustment Based on Uncertain Records Suppose there are a total of u consecutive malicious records, and the length of each malicious record is... ,like If trust in the device is not rewarded or punished, then no reward or punishment will be given; if Then the device trust is adjusted to These are the parameters for adjustment.

[0080] Step 4: Trust Decision This process is divided into two steps. First, the total trust is calculated based on direct trust and device reputation. Then, the dynamic trust threshold is maintained based on local interaction records to complete the trust decision.

[0081] First, calculate the total trust. Let the evaluating device be i and the evaluated device be j. Then, the total trust of device i over device j is: , The number of interactions between device i and device j is ,but ,in As a regulatory factor, it is used to control the impact of the number of interactions on the weights. As the number of interactions increases, the weight of direct trust also increases.

[0082] Then, a dynamic trust threshold is maintained. Device i records the total trust of all devices it has interacted with, and the set of all devices that have interacted with device i is denoted as . The trust tolerance of device i is For The trust tolerance of device i for device j is , in It is a control parameter ( Determine the strength of the influence of a single neighbor on the threshold. (Used to adjust the impact of interaction volume) After each trust decision is made, device i updates its trust tolerance by first calculating the average value. : , Then perform a smooth update to reduce the jitter caused by the update: , in This is the smoothness coefficient, used to adjust the degree of jitter in the update.

[0083] For devices, only those with total trust exceeding their trust tolerance will be considered honest devices; otherwise, they will be considered malicious devices.

[0084] Based on the same inventive concept as the foregoing embodiments, this invention also provides an electronic device that can be deployed and used as an edge proxy server, cloud center server, or terminal device with computing capabilities (such as an industrial gateway, intelligent inspection robot, etc.) in a general aviation hub industrial network. The electronic device includes at least one processor, at least one memory, and a communication interface. The memory stores computer program instructions, and the processor invokes the computer program instructions stored in the memory to execute the dynamic multi-dimensional trust management method for secure communication and data collection in a general aviation hub industrial network.

[0085] Specifically, when the electronic device acts as an edge agent, the processor executes the computer program instructions to perform the following functions: acquiring direct trust evidence reported by device layer nodes in the local domain; generating initial social trust based on source domain reputation sequence inheritance and target domain similarity recommendation mechanisms during device cross-domain migration; comprehensively evaluating the social trust, data trust, and energy consumption trust of nodes to construct a multi-dimensional trust evidence system; dynamically fusing and generating the comprehensive reputation of nodes using the CRITIC objective weighting algorithm; performing global clustering and time-series long-term incentives based on the comprehensive reputation, and collaborating with device layer nodes to complete a two-layer trust decision. The communication interface is used for data interaction with device layer nodes, other edge agents, and the cloud.

[0086] By combining the aforementioned hardware structure and software program, the electronic device in this embodiment can effectively address security challenges such as cross-domain trust cold start, trust whitewashing, subjective weighting bias of multi-dimensional indicators, and switch attacks in multi-domain industrial IoT scenarios, thereby improving the overall security of the system and the efficiency of data acquisition and collaboration.

[0087] Based on the same inventive concept as the foregoing embodiments, this invention also provides a non-transitory computer-readable storage medium. This storage medium can be a USB flash drive, portable hard drive, read-only memory (ROM), random access memory (RAM), magnetic disk, or optical disk, or any other medium capable of storing program code. The storage medium stores computer instructions, which, when executed by one or more processors, cause the processors to execute the dynamic multi-dimensional trust management method for secure communication and data collection in a general aviation hub industrial network.

[0088] Specifically, when the computer instructions are loaded into and executed by the edge agent device or cloud server in the general aviation hub industrial network, the following operations can be achieved: obtaining direct trust evidence reported by the device layer nodes based on the weighted calculation of the number of successful and failed interactions; generating initial social trust based on the source domain reputation sequence inheritance and target domain similarity recommendation mechanism when the device migrates across domains; comprehensively evaluating the social trust, data trust, and energy consumption trust of the nodes to construct a multi-dimensional trust evidence system; dynamically fusing and generating the comprehensive reputation of the nodes based on the CRITIC objective weighting algorithm; performing global clustering and time series long-term incentives based on the comprehensive reputation, and collaborating with the device layer nodes to complete a two-layer trust decision.

[0089] The computer-readable storage medium of this embodiment enables computing devices in the general aviation hub industrial network to have dynamic, objective, and collaborative trust management capabilities by storing and executing the above instructions, effectively suppressing migration attacks, collusion attacks, and switch attacks, and ensuring secure communication and reliable data collection in a multi-domain industrial Internet of Things environment.

[0090] In summary, this invention discloses a dynamic multi-dimensional trust management method for secure communication and data collection in general aviation hub industrial networks. It relates to the fields of industrial IoT, network security, and trust management, and particularly to a dynamic multi-dimensional trust management mechanism for cross-domain migration, data collection, and secure communication of devices in general aviation hub industrial networks, oriented towards a cloud-edge-device collaborative architecture. This mechanism includes: device-level nodes recording interaction states and reporting direct trust evidence calculated based on interaction count decay weighting when performing data collection and forwarding tasks; and when devices migrate across domains, a recommendation mechanism based on source domain reputation sequence inheritance and target domain similarity is used. The system enables smooth migration and gradual reconstruction of cross-domain trust. Edge agents comprehensively evaluate nodes' social trust, data trust, and energy consumption trust, constructing a multi-dimensional trust evidence system covering communication interaction, data quality, and resource status. Based on the CRITIC objective weighting algorithm, the system calculates the comparative strength and cross-correlation of multi-dimensional trust indicators, dynamically fusing them to generate the device's comprehensive reputation and eliminating subjective weighting bias. The edge agent implements long-term trust reward and punishment incentives based on global clustering and time-series records, while the device dynamically updates trust tolerance based on local interaction history. Through a two-layer collaborative mechanism between the edge and the terminal, dynamic trust decisions and management are implemented for nodes.

[0091] All parts not described in detail in this invention belong to the prior art. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of this invention should be included within the protection scope of this invention.

[0092] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention, and not to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that modifications can still be made to the technical solutions described in the foregoing embodiments, or equivalent substitutions can be made to some or all of the technical features therein; and these modifications or substitutions do not cause the essence of the corresponding technical solutions to deviate from the technical solutions of the embodiments of the present invention.

Claims

1. A dynamic, multi-dimensional trust management method for network security communication and data collection in general aviation hub industrial networks, applied to a multi-domain industrial IoT system with cloud-edge-device collaboration, characterized in that... include: The edge agent obtains direct trust evidence reported by the device layer node when performing data collection and forwarding tasks. The direct trust evidence is obtained by weighted calculation based on the decay of the number of successful and failed interactions. When a device migrates across domains, the edge agent performs a smooth migration and gradual reconstruction of trust based on the source domain reputation sequence inheritance and the target domain similarity recommendation mechanism, generating the initial social trust of the migrated device. The edge agent comprehensively evaluates the social trust, data trust, and energy consumption trust of the node. For cross-domain migration devices, the initial social trust serves as the initial basis for social trust evaluation, constructing a multi-dimensional trust evidence system covering communication interaction, data quality, and resource status. The edge agent is based on the CRITIC objective weighting algorithm to calculate the comparative strength and cross-correlation of each indicator in the multidimensional trust evidence system, and dynamically integrates and generates the comprehensive reputation of the node. The edge agent implements long-term incentives based on comprehensive reputation, using global clustering and time series analysis. At the same time, the device layer nodes dynamically update trust tolerance by combining local interaction history, and work with the edge agent to complete two-layer trust decision-making and management.

2. The dynamic multi-dimensional trust management method for network security communication and data collection in general aviation hub industrial networks according to claim 1, characterized in that, When a device undergoes cross-domain migration, a smooth migration and gradual reconstruction of trust is performed based on the source domain reputation sequence inheritance and target domain similarity recommendation mechanism, including: When a node migrates from the source domain to the target domain, the edge agent in the target domain receives the node's reputation and historical trust sequence within the time window sent by the source domain, which serves as the initial basis for trust reconstruction in the new domain. Extract the direct trust records of the original domain neighbor nodes of the migrated device, calculate the Jaccard similarity and cosine similarity between the migrated device and its original domain neighbors, and use the product of the two as the cross-domain recommendation reliability of the original domain neighbors. Based on the cross-domain recommendation reliability aggregation, direct trust is formed to create initial social trust for the migrated device in the new domain.

3. The dynamic multi-dimensional trust management method for network security communication and data collection in general aviation hub industrial networks according to claim 1, characterized in that, At the edge proxy layer, a multi-dimensional trust evidence system is constructed by comprehensively evaluating the social trust, data trust, and energy consumption trust of nodes, covering communication interaction, data quality, and resource status, including: In the intra-domain social trust assessment, the common neighbor set of the directly trusted node and the evaluated node is extracted. The reliability of intra-domain recommendations is measured by calculating the product of Hellinger similarity and Pearson correlation coefficient, and social trust is aggregated to generate social trust. For existing devices in the current domain, social trust is directly assessed based on their historical interaction records in the current domain. For devices migrated across domains, the generated initial social trust is used as the initial value, and combined with the interaction records accumulated in the target domain, the social trust is dynamically updated using the same social trust assessment method as for existing devices in the current domain. In data trust assessment, edge agents are used to perform truth discovery algorithms to converge node weights, and data collected by trusted mobile nodes are introduced as reference initial truth values. Through time-based horizontal anomaly analysis and similarity-based vertical anomaly cross analysis, malicious data injection and group collusion behavior are detected, and colluding nodes are downgraded or their trust is set to zero. In the energy consumption trust assessment, the weighted average energy consumption and weighted average task participation rate within the cluster are statistically analyzed. As the task participation rate of a node increases, its energy consumption threshold is dynamically relaxed, and the baseline threshold is adjusted through global trust weighted energy consumption statistics.

4. The dynamic multi-dimensional trust management method for network security communication and data collection in general aviation hub industrial networks according to claim 1, characterized in that, The method based on the CRITIC objective weighting algorithm calculates the comparative strength and cross-correlation of multi-dimensional trust indicators, and dynamically fuses them to generate the comprehensive reputation of nodes, including: The multidimensional trust matrix, which includes social trust, data trust, and energy consumption trust, is positiveized. Calculate the standard deviation of each trust index to reflect the comparative strength of the differences in values ​​between the evaluation schemes; Calculate the correlation coefficients between various trust indicators to reflect the degree of conflict among multidimensional indicators; The information content of each trust dimension is calculated based on the product of the standard deviation and the correlation coefficient. The objective weights of each dimension are automatically assigned according to the proportion of information content, and the weighted fusion is used to obtain the final comprehensive reputation of the device.

5. The dynamic multi-dimensional trust management method for network security communication and data collection in general aviation hub industrial networks according to claim 1, characterized in that, The edge agent, based on the comprehensive reputation, employs global clustering and time series analysis to implement long-term incentives; simultaneously, device-level nodes dynamically update trust tolerance based on local interaction history, collaborating with the edge agent to complete a two-layer trust decision-making and management process, including: The edge agent uses the k-means++ algorithm to cluster devices based on their trust values ​​and changes in trust over multiple past evaluation periods, classifying devices into three categories: trustworthy, uncertain, and malicious. Edge agents perform exponential trust rewards, trust penalties, or trust smoothing adjustments based on consecutive honest records, malicious records, or uncertain sequence records within a time window, respectively. Device-level nodes integrate their own directly observed trust with the target node's global reputation, and dynamically adjust the integration weight based on the total number of interactions between the two parties; The device layer nodes simultaneously record and maintain the dynamic trust tolerance of the interacting nodes. After each trust decision, they use a smoothing function to update their own trust tolerance baseline and make local fine adjustments to the tolerance of specific neighbors based on the success rate of interactions between nodes.

6. The dynamic multi-dimensional trust management method for network security communication and data collection in general aviation hub industrial networks according to claim 2, characterized in that, In the cross-domain recommendation reliability, Jaccard similarity is used to measure the overlap of the common neighbor structure between the migrating device and its original domain neighbors, while cosine similarity is used to measure the consistency of their trust vectors on their common neighbors.

7. The dynamic multi-dimensional trust management method for network security communication and data collection in general aviation hub industrial networks according to claim 3, characterized in that, In the domain-specific recommendation reliability, Hellinger similarity is used to measure the similarity in the shape of the trust probability distribution between the node providing direct trust and the node being evaluated in their common neighbors, while Pearson correlation coefficient is used to measure the consistency in the linear change trend of the trust vectors of the two nodes in their common neighbors after the mean has been removed.

8. The dynamic multi-dimensional trust management method for network security communication and data collection in general aviation hub industrial networks according to claim 3, characterized in that, The assessment of energy consumption trust further includes: By statistically analyzing the cluster's trust-weighted average energy consumption and weighted average task participation rate, the energy consumption threshold of nodes is dynamically adjusted. Nodes with a task participation rate higher than the cluster average enjoy a more lenient energy consumption threshold, while those with a lower task participation rate have a tighter threshold. The baseline threshold is adaptively updated based on global trust-weighted energy consumption statistics to prevent malicious devices from masking abnormal energy consumption by faking high task participation rates.

9. An electronic device, characterized in that, The system includes a memory and a processor, the memory storing program instructions that are executed by the processor, the processor invoking the program instructions to execute the dynamic multi-dimensional trust management method for secure communication and data collection in a general aviation hub industrial network as described in any one of claims 1 to 8.

10. A non-transitory computer-readable storage medium, characterized in that, The non-transitory computer-readable storage medium stores computer instructions that cause the computer to execute the dynamic multi-dimensional trust management method for secure communication and data collection in a general aviation hub industrial network as described in any one of claims 1 to 8.

Images