[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN112600694B - Internet of things security monitoring and management method, system and medium - Google Patents

Internet of things security monitoring and management method, system and medium Download PDF

Info

Publication number
CN112600694B
CN112600694B CN202011401515.4A CN202011401515A CN112600694B CN 112600694 B CN112600694 B CN 112600694B CN 202011401515 A CN202011401515 A CN 202011401515A CN 112600694 B CN112600694 B CN 112600694B
Authority
CN
China
Prior art keywords
network management
cluster head
management agent
management station
polling
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011401515.4A
Other languages
Chinese (zh)
Other versions
CN112600694A (en
Inventor
张小飞
伍军
李佳纳
徐传华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Electric Power Research Institute
Shanghai Jiao Tong University
Original Assignee
State Grid Electric Power Research Institute
Shanghai Jiao Tong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Electric Power Research Institute, Shanghai Jiao Tong University filed Critical State Grid Electric Power Research Institute
Priority to CN202011401515.4A priority Critical patent/CN112600694B/en
Publication of CN112600694A publication Critical patent/CN112600694A/en
Application granted granted Critical
Publication of CN112600694B publication Critical patent/CN112600694B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0213Standardised network management protocols, e.g. simple network management protocol [SNMP]
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/10Detection; Monitoring
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/30Control
    • G16Y40/35Management of things, i.e. controlling in accordance with a policy or in order to achieve specified objectives
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/50Safety; Security of things, users, data or systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0246Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/04Network management architectures or arrangements
    • H04L41/046Network management architectures or arrangements comprising network management agents or mobile agents therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • H04L45/04Interdomain routing, e.g. hierarchical routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/46Cluster building

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明提供了一种物联网安全监测与管理方法、系统及介质,在SNMP协议的基础上,融合了观察者机制、簇间路由、确认机制以及重传机制;本发明方法同时通过基于统计特征的轮询优先级算法,与观察者机制配合,在减少数据获取冗余的同时,提高了网管代理对于特定事件主动通知管理站的能力。为了完善该方法在物联网环境的应用,利用层次路由优化观察者机制,从而既减少了代理数据的冗余又提高了通信的可靠性。

Figure 202011401515

The invention provides a method, system and medium for the security monitoring and management of the Internet of Things. On the basis of the SNMP protocol, it integrates the observer mechanism, inter-cluster routing, confirmation mechanism and retransmission mechanism; The advanced polling priority algorithm, in conjunction with the observer mechanism, improves the network management agent's ability to proactively notify the management station of specific events while reducing data acquisition redundancy. In order to perfect the application of this method in the Internet of Things environment, the observer mechanism is optimized by using hierarchical routing, which not only reduces the redundancy of agent data but also improves the reliability of communication.

Figure 202011401515

Description

物联网安全监测与管理方法、系统及介质Internet of things security monitoring and management method, system and medium

技术领域technical field

本发明涉及网络安全领域,具体地,涉及一种物联网安全监测与管理方法、系统及介质。The present invention relates to the field of network security, in particular to a method, system and medium for security monitoring and management of the Internet of Things.

背景技术Background technique

物联网将各种信息传感设备与互联网结合起来而形成的一个巨大网络,实现在任何时间、任何地点,人、机、物的互联互通。物联网涵盖了诸如智能洗衣机,智能冰箱,智能微波炉,智能手机,智能电表和智能车辆之类的物体。这些智能对象与Internet的连接可实现许多有价值的卓越应用,例如智能家居,智能建筑,智能交通,数字健康,智能电网和智能城市,有效的推动了这些方面的智能化发展,使得有限的资源更加合理的使用分配,从而提高了行业效率、效益。随着通信技术与可穿戴设备的发展,物联网得到了蓬勃发展。The Internet of Things is a huge network formed by combining various information sensing devices with the Internet to realize the interconnection of people, machines and things at any time and any place. IoT encompasses objects such as smart washing machines, smart refrigerators, smart microwave ovens, smartphones, smart meters, and smart vehicles. The connection of these smart objects with the Internet can realize many valuable and excellent applications, such as smart home, smart building, smart transportation, digital health, smart grid and smart city, effectively promoting the intelligent development of these aspects, making limited resources More reasonable use and distribution, thus improving the efficiency and benefits of the industry. With the development of communication technology and wearable devices, the Internet of Things has been flourishing.

当数十亿台设备连接到Internet时,显然会产生大量数据。相比于传统的互联网,物联网有着网络规模大、动态性高的特点,因此一个适用于物联网的安全监测与网络管理协议需要满足以下特点:(1)通用性:新协议在不需要额外硬件的条件下更好地支持大部分现有物联网设备;(2)轻量性:由于物联网设备的计算能力、能耗有限,新协议应当是轻量的;(3)时效性:由于物联网设备的动态性,新协议应当确保送达的数据是有效的;(4)可靠性:新协议应当确保数据能够在大部分情况下成功送达,并被执行;(5)安全性:新协议应当确保物联网设备的状态信息不被泄漏。When billions of devices are connected to the Internet, obviously a lot of data is generated. Compared with the traditional Internet, the Internet of Things has the characteristics of large network scale and high dynamics. Therefore, a security monitoring and network management protocol suitable for the Internet of Things needs to meet the following characteristics: (1) Versatility: the new protocol does not require additional Under the conditions of hardware, it can better support most existing IoT devices; (2) Lightweight: Due to the limited computing power and energy consumption of IoT devices, the new protocol should be lightweight; (3) Timeliness: due to Due to the dynamic nature of IoT devices, the new protocol should ensure that the delivered data is valid; (4) reliability: the new protocol should ensure that the data can be successfully delivered and executed in most cases; (5) security: The new protocol should ensure that the state information of IoT devices is not leaked.

目前简单网络管理协议SNMP因其简单高效、兼容性高等优点已经成为了网络管理领域默认的事实标准。SNMP使网络管理员能够管理网络效能,发现并解决网络问题以及规划网络增长。通过SNMP接收随机消息(及事件报告)网络管理系统获知网络出现问题。SNMP协议中,管理站获取设备参数数据的方式主要有主动与被动两种。网络管理站通过按一定频率向网管代理发出请求信息来获取MIB的信息,这是管理站对于网络设备状态的主动获取。此外,网管代理能够在出现一定错误时通过Trap信息主动向管理站进行通报,这是网络管理站被动的数据获取方式,往往能够让管理站对于错误情况有及时的了解与处理。因此,SNMP协议是适应物联网安全监测与网络管理功能需求的标准协议。然而,物联网动态复杂的特性为SNMP 协议在物联网中进行安全监测与网络管理带来了挑战,其主要体现在三个方面:At present, the Simple Network Management Protocol (SNMP) has become the default de facto standard in the field of network management because of its simplicity, high efficiency and high compatibility. SNMP enables network administrators to manage network performance, discover and resolve network problems, and plan for network growth. Receive random messages (and event reports) through SNMP to inform the network management system that there is a problem in the network. In the SNMP protocol, there are mainly two ways for the management station to obtain device parameter data: active and passive. The network management station obtains MIB information by sending request information to the network management agent at a certain frequency, which is the active acquisition of the status of the network equipment by the management station. In addition, the network management agent can actively report to the management station through Trap information when certain errors occur. This is a passive data acquisition method for the network management station, which often enables the management station to understand and deal with errors in a timely manner. Therefore, the SNMP protocol is a standard protocol that meets the functional requirements of IoT security monitoring and network management. However, the dynamic and complex nature of the Internet of Things has brought challenges to the security monitoring and network management of the SNMP protocol in the Internet of Things, which are mainly reflected in three aspects:

1.SNMP协议将数据收集、处理任务集中在了管理站进行操作,使其在拓扑结构复杂的物联网环境下难以高效工作。1. The SNMP protocol concentrates the data collection and processing tasks on the management station for operation, making it difficult to work efficiently in the IoT environment with complex topology.

2.现有SNMP协议并没有很好地考虑到物联网设备有限的能耗与计算资源,并且物联网环境下的数据时效性无法得到保证。2. The existing SNMP protocol does not take into account the limited energy consumption and computing resources of IoT devices, and the timeliness of data in the IoT environment cannot be guaranteed.

3.SNMP协议基于UDP的传输方式,必然使得数据传输的可靠性与安全性无法得到保证。而在物联网环境下,需要在提高可靠性的同时确保较低的计算资源消耗。3. The SNMP protocol is based on the UDP transmission method, which inevitably makes the reliability and security of data transmission unable to be guaranteed. In the Internet of Things environment, it is necessary to ensure low computing resource consumption while improving reliability.

发明内容Contents of the invention

针对现有技术中的缺陷,本发明的目的是提供一种物联网安全监测与管理方法、系统及介质。In view of the defects in the prior art, the object of the present invention is to provide a method, system and medium for the security monitoring and management of the Internet of Things.

根据本发明提供的一种物联网安全监测与管理方法,在物联网中管理站对于网络设备状态的主动获取过程,基于统计特征的轮询优先级算法对于动态信息,按照被管理对象的统计特征自适应地调节访问频率,包括:According to a method for security monitoring and management of the Internet of Things provided by the present invention, in the Internet of Things, the management station actively obtains the status of the network equipment, and the polling priority algorithm based on statistical characteristics is used for dynamic information according to the statistical characteristics of the managed objects. Adaptively adjust access frequency, including:

步骤11:经过多次轮询后,计算第i个被管理对象的取值Vi与平均值的偏离程度D(i):Step 11: After multiple polls, calculate the deviation degree D(i) between the value V i of the i-th managed object and the average value:

Figure RE-RE-GDA0002929409410000021
Figure RE-RE-GDA0002929409410000021

Figure RE-RE-GDA0002929409410000022
Figure RE-RE-GDA0002929409410000022

其中,Vj为被管理对象第j轮轮询所得的值,

Figure RE-RE-GDA0002929409410000023
为被管理对象历史取值的平均值;Among them, V j is the value obtained from the jth round of polling of the managed object,
Figure RE-RE-GDA0002929409410000023
It is the average value of the historical value of the managed object;

步骤12:确定各个被管理对象的轮询周期T(i)与优先级P:Step 12: Determine the polling cycle T(i) and priority P of each managed object:

T(i)=F(D(i))T(i)=F(D(i))

Figure RE-RE-GDA0002929409410000024
Figure RE-RE-GDA0002929409410000024

其中,Pn为第n个被管理对象的当前优先级,F()的设定需要使得T(i)与D(i)负相关,C为可设定参数,确保轮询周期相同的对象拥有不同的优先级;Among them, P n is the current priority of the nth managed object, the setting of F() needs to make T(i) and D(i) negatively correlated, C is an object that can be set to ensure the same polling cycle have different priorities;

步骤13:管理站按照被管理对象的当前优先级Pn将其插入轮询队列中,如果出现相同优先级的情况则比较轮询周期,周期小的先插入;Step 13: The management station inserts the managed object into the polling queue according to the current priority P n of the managed object. If the same priority occurs, the polling cycle is compared, and the one with the smaller cycle is inserted first;

步骤14:轮询队列每次完成后进行更新,生成各个被管理对象新的优先级与轮询周期,若队列已经完成,则结束轮询过程,否则跳转步骤13。Step 14: The polling queue is updated every time it is completed, and a new priority and polling cycle of each managed object is generated. If the queue has been completed, the polling process is ended, otherwise, jump to step 13.

优选地,为了降低轮询得到的无效数据引发的冗余,还包括基于观察者机制的数据获取方法,被管理对象能够主动地通知管理站,不必一次次响应来自管理站的GetRequest请求,基于观察者机制的数据获取方法包括:Preferably, in order to reduce the redundancy caused by the invalid data obtained by polling, it also includes a data acquisition method based on the observer mechanism, and the managed object can actively notify the management station without having to respond to the GetRequest request from the management station again and again, based on observation The data acquisition methods of the mechanism include:

步骤20:管理站向网管代理发送请求订阅的报文,包含有管理站的信息以及希望观察的数据规则与观察对象的标识符OID;Step 20: The management station sends a subscription request message to the network management agent, including the information of the management station, the data rule to be observed and the identifier OID of the observation object;

步骤21:网管代理收到报文后,将观察者信息存入订阅者列表中,并将对应的数据规则与观察对象OID存入订阅要求中;Step 21: After receiving the message, the network management agent stores the observer information into the subscriber list, and stores the corresponding data rule and the observation object OID into the subscription request;

步骤22:网管代理按照订阅要求对管理信息库(MIB)的对象的值进行观测,当值的变化满足预设规则时主动通知观察者。Step 22: The network management agent observes the value of the object of the management information base (MIB) according to the subscription requirement, and actively notifies the observer when the change of the value satisfies the preset rule.

优选地,采用层次路由的数据转发方法配合所述基于观察者机制的数据获取方法,所述数据转发方法包括:Preferably, the data forwarding method using hierarchical routing cooperates with the data acquisition method based on the observer mechanism, and the data forwarding method includes:

步骤30:在每次管理站向网管代理请求订阅时,附上0~1的随机数、管理站当前的CPU闲置率U与时间;Step 30: Each time the management station requests a subscription from the network management agent, attach a random number of 0 to 1, the current CPU idle rate U and time of the management station;

步骤31:网管代理通过比较收到请求的时刻,计算出管理站与网管代理间的通信时延d并生成阈值T(n):Step 31: The network management agent calculates the communication delay d between the management station and the network management agent by comparing the time when the request is received, and generates a threshold T(n):

Figure RE-RE-GDA0002929409410000031
Figure RE-RE-GDA0002929409410000031

Figure RE-RE-GDA0002929409410000032
Figure RE-RE-GDA0002929409410000032

其中p为簇首节点数占总节点数的比例,r为当前工作的轮数,G为网络中未成为簇首节点的集合,Wb函数中,A与B是控制因子,U(i)为节点i的当前CPU闲置率,Umax为所有管理站中最大闲置率,d(i)为节点i到网管代理的通信时延,davg为当前所有节点到网管代理的平均时延;Among them, p is the ratio of the number of cluster head nodes to the total number of nodes, r is the number of rounds of current work, G is the set of nodes that have not become cluster head nodes in the network, in the W b function, A and B are control factors, U(i) is the current CPU idle rate of node i, U max is the maximum idle rate in all management stations, d(i) is the communication delay from node i to the network management agent, and d avg is the average delay from all current nodes to the network management agent;

步骤32:比较管理站生成的随机数与对应的T(n),若随机数小于T(n),则该节点被选为本轮的簇首候选节点,若有多个节点被选为簇首候选节点,从中选择与网管代理通信延时最小的管理站作为本轮的簇首节点;Step 32: Compare the random number generated by the management station with the corresponding T(n). If the random number is smaller than T(n), the node is selected as the cluster head candidate node for this round. If there are multiple nodes selected as the cluster The first candidate node, from which the management station with the smallest communication delay with the network management agent is selected as the cluster head node of the current round;

步骤33:当设置的订阅要求被满足时,网管代理将通知信息与对应的订阅表一同发送给担任簇首节点的管理站,管理站收到信息后将通知信息转发给订阅表中的其余观察者,完成本轮的数据转发工作。Step 33: When the set subscription requirements are met, the network management agent sends the notification information together with the corresponding subscription table to the management station serving as the cluster head node. After receiving the information, the management station forwards the notification information to the remaining observers in the subscription table Or, complete the current round of data forwarding work.

优选地,对网管代理与簇首管理站间的通信以及簇首管理站与簇内其余节点之间通信的情况采用确认重传方法,确认重传方法包括:Preferably, the communication between the network management agent and the cluster head management station and the communication between the cluster head management station and the remaining nodes in the cluster adopt a confirmation retransmission method, and the confirmation retransmission method includes:

步骤40:网管代理向簇首管理站发送订阅信息与订阅表后,簇首管理站向网管代理发送确认报文;Step 40: After the network management agent sends the subscription information and the subscription form to the cluster head management station, the cluster head management station sends a confirmation message to the network management agent;

步骤41:如果网管代理收到确认报文则结束通信,否则跳转步骤42;Step 41: If the network management agent receives the confirmation message, then end the communication, otherwise jump to step 42;

步骤42:在网管代理中查找重传次数,若重传次数达到预设阈值则跳转步骤43,否则网管代理重新转发信息;Step 42: Search the number of retransmissions in the network management agent, if the number of retransmissions reaches the preset threshold, then jump to step 43, otherwise the network management agent re-transmits the information;

步骤43:网管代理从簇首候选节点中选择任意其他节点作为新的簇首,向新的簇首转发信息。Step 43: The network management agent selects any other node from the cluster head candidate nodes as a new cluster head, and forwards information to the new cluster head.

根据本发明提供的一种物联网安全监测与管理系统,在物联网中管理站对于网络设备状态的主动获取过程,基于统计特征的轮询优先级算法对于动态信息,按照被管理对象的统计特征自适应地调节访问频率,包括:According to a security monitoring and management system of the Internet of Things provided by the present invention, in the Internet of Things, the management station actively obtains the status of network equipment, and the polling priority algorithm based on statistical characteristics For dynamic information, according to the statistical characteristics of the managed objects Adaptively adjust access frequency, including:

模块M11:经过多次轮询后,计算第i个被管理对象的取值Vi与平均值的偏离程度D(i):Module M11: After multiple polls, calculate the deviation degree D(i) between the value V i of the i-th managed object and the average value:

Figure RE-RE-GDA0002929409410000041
Figure RE-RE-GDA0002929409410000041

Figure RE-RE-GDA0002929409410000042
Figure RE-RE-GDA0002929409410000042

其中,Vj为被管理对象第j轮轮询所得的值,

Figure RE-RE-GDA0002929409410000043
为被管理对象历史取值的平均值;Among them, V j is the value obtained from the jth round of polling of the managed object,
Figure RE-RE-GDA0002929409410000043
It is the average value of the historical value of the managed object;

模块M12:确定各个被管理对象的轮询周期T(i)与优先级P:Module M12: Determine the polling cycle T(i) and priority P of each managed object:

T(i)=F(D(i))T(i)=F(D(i))

Figure RE-RE-GDA0002929409410000044
Figure RE-RE-GDA0002929409410000044

其中,Pn为第n个被管理对象的当前优先级,F()的设定需要使得T(i)与D(i)负相关,C为可设定参数,确保轮询周期相同的对象拥有不同的优先级;Among them, P n is the current priority of the nth managed object, the setting of F() needs to make T(i) and D(i) negatively correlated, C is an object that can be set to ensure the same polling cycle have different priorities;

模块M13:管理站按照被管理对象的当前优先级Pn将其插入轮询队列之中,如果出现相同优先级的情况则比较轮询周期,周期小的先插入;Module M13: The management station inserts the managed object into the polling queue according to the current priority P n of the managed object, and compares the polling cycle if the same priority occurs, and inserts the one with the smaller cycle first;

模块M14:轮询队列每次完成后进行更新,生成各个被管理对象新的优先级与轮询周期,若队列已经完成,则结束轮询过程,否则模块M13执行工作。Module M14: The polling queue is updated every time it is completed, and a new priority and polling cycle of each managed object is generated. If the queue has been completed, the polling process is ended, otherwise, the module M13 executes the work.

优选地,为了降低轮询得到的无效数据引发的冗余,还包括基于观察者机制的数据获取方法,被管理对象能够主动地通知管理站,不必一次次响应来自管理站的GetRequest请求,基于观察者机制的数据获取方法包括:Preferably, in order to reduce the redundancy caused by the invalid data obtained by polling, it also includes a data acquisition method based on the observer mechanism, and the managed object can actively notify the management station without having to respond to the GetRequest request from the management station again and again, based on observation The data acquisition methods of the mechanism include:

模块M20:管理站向网管代理发送请求订阅的报文,包含有管理站的信息以及希望观察的数据规则与观察对象的标识符OID;Module M20: The management station sends a subscription request message to the network management agent, including the information of the management station, the data rules to be observed and the identifier OID of the observation object;

模块M21:网管代理收到报文后,将观察者信息存入订阅者列表中,并将对应的数据规则与观察对象OID存入订阅要求中;Module M21: After receiving the message, the network management agent stores the observer information into the subscriber list, and stores the corresponding data rule and the observation object OID into the subscription request;

模块M22:网管代理按照订阅要求对管理信息库(MIB)的对象的值进行观测,当值的变化满足预设规则时主动通知观察者。Module M22: The network management agent observes the values of the objects in the management information base (MIB) according to subscription requirements, and actively notifies the observer when the value changes meet the preset rules.

优选地,采用层次路由的数据转发方法配合所述基于观察者机制的数据获取方法,所述数据转发方法包括:Preferably, the data forwarding method using hierarchical routing cooperates with the data acquisition method based on the observer mechanism, and the data forwarding method includes:

模块M30:在每次管理站向网管代理请求订阅时,附上0~1的随机数、管理站当前的CPU闲置率U与时间;Module M30: each time the management station requests subscription from the network management agent, attach a random number from 0 to 1, the current CPU idle rate U and time of the management station;

模块M31:网管代理通过比较收到请求的时刻,计算出管理站与网管代理间的通信时延d并生成阈值T(n):Module M31: The network management agent calculates the communication delay d between the management station and the network management agent by comparing the time when the request is received, and generates a threshold T(n):

Figure RE-RE-GDA0002929409410000051
Figure RE-RE-GDA0002929409410000051

Figure RE-RE-GDA0002929409410000052
Figure RE-RE-GDA0002929409410000052

其中p为簇首节点数占总节点数的比例,r为当前工作的轮数,G为网络中未成为簇首节点的集合,Wb函数中,A与B是控制因子,U(i)为节点i的当前CPU闲置率,Umax为所有管理站中最大闲置率,d(i)为节点i到网管代理的通信时延,davg为当前所有节点到网管代理的平均时延;Among them, p is the ratio of the number of cluster head nodes to the total number of nodes, r is the number of rounds of current work, G is the set of nodes that have not become cluster head nodes in the network, in the W b function, A and B are control factors, U(i) is the current CPU idle rate of node i, U max is the maximum idle rate in all management stations, d(i) is the communication delay from node i to the network management agent, and d avg is the average delay from all current nodes to the network management agent;

模块M32:比较管理站生成的随机数与对应的T(n),若随机数小于T(n),则该节点被选为本轮的簇首候选节点,若有多个节点被选为簇首候选节点,从中选择与网管代理通信延时最小的管理站作为本轮的簇首节点;Module M32: Compare the random number generated by the management station with the corresponding T(n), if the random number is less than T(n), then the node is selected as the cluster head candidate node for this round, if multiple nodes are selected as the cluster The first candidate node, from which the management station with the smallest communication delay with the network management agent is selected as the cluster head node of the current round;

模块M33:当设置的订阅要求被满足时,网管代理将通知信息与对应的订阅表一同发送给担任簇首节点的管理站,管理站收到信息后将通知信息转发给订阅表中的其余观察者,完成本轮的数据转发工作。Module M33: When the set subscription requirements are met, the network management agent sends the notification information together with the corresponding subscription table to the management station serving as the cluster head node. After receiving the information, the management station forwards the notification information to the remaining observers in the subscription table Or, complete the current round of data forwarding work.

优选地,对网管代理与簇首管理站间的通信以及簇首管理站与簇内其余节点之间通信的情况采用确认重传方法,确认重传方法包括:Preferably, the communication between the network management agent and the cluster head management station and the communication between the cluster head management station and the remaining nodes in the cluster adopt a confirmation retransmission method, and the confirmation retransmission method includes:

模块M40:网管代理向簇首管理站发送订阅信息与订阅表后,簇首管理站向网管代理发送确认报文;Module M40: After the network management agent sends the subscription information and subscription form to the cluster head management station, the cluster head management station sends a confirmation message to the network management agent;

模块M41:如果网管代理收到确认报文则结束通信,否则模块M42执行工作;Module M41: If the network management agent receives the confirmation message, the communication ends, otherwise, the module M42 performs work;

模块M42:在网管代理中查找重传次数,若重传次数达到预设阈值则模块M43执行工作,否则网管代理重新转发信息;Module M42: Search the number of retransmissions in the network management agent. If the number of retransmissions reaches the preset threshold, the module M43 will execute the work, otherwise the network management agent will re-transmit the information;

模块M43:网管代理从簇首候选节点中选择任意其他节点作为新的簇首,向新的簇首转发信息。Module M43: The network management agent selects any other node from the cluster head candidate nodes as a new cluster head, and forwards information to the new cluster head.

根据本发明提供的一种存储有计算机程序的计算机可读存储介质,所述计算机程序被处理器执行时实现上述的物联网安全监测与管理方法的步骤。According to the present invention, a computer-readable storage medium storing a computer program is provided, and when the computer program is executed by a processor, the steps of the above-mentioned Internet of Things security monitoring and management method are realized.

与现有技术相比,本发明具有如下的有益效果:Compared with the prior art, the present invention has the following beneficial effects:

本发明首次融合基于统计特征的轮询优先级算法、观察者机制来解决物联网拓扑复杂,资源有限的场景中的安全监测与管理问题,其首先利用基于统计特征的轮询算法访问动态信息,自适应地调节访问频率以及有效减少对于非动态对象的轮询。在此基础上,本方法通过观察者机制将对于数据变化的观测任务由管理站下放到了管理代理之上,降低轮询得到的无效数据引发的冗余。此外,加入层次路由与观察者机制协作,利用簇间路由协议,进一步减少了多个管理站同时订阅同一网管代理而产生的通信资源、计算资源的消耗。最后,本发明关注了物联网中数据传输可靠性与计算资源限制的平衡问题,采用确认机制与重传机制以确保信息能够可靠地传输到目标节点,完善了观察者机制在物联网环境的应用。The present invention integrates the polling priority algorithm based on statistical features and the observer mechanism for the first time to solve the security monitoring and management problems in the scene with complex topology and limited resources of the Internet of Things. It first uses the polling algorithm based on statistical features to access dynamic information, Adaptively adjust access frequency and effectively reduce polling for non-dynamic objects. On this basis, this method delegates the task of observing data changes from the management station to the management agent through the observer mechanism, reducing the redundancy caused by polling invalid data. In addition, the hierarchical routing is added to cooperate with the observer mechanism, and the inter-cluster routing protocol is used to further reduce the consumption of communication resources and computing resources generated by multiple management stations subscribing to the same network management agent at the same time. Finally, the present invention pays attention to the balance between the reliability of data transmission and the limitation of computing resources in the Internet of Things, adopts the confirmation mechanism and the retransmission mechanism to ensure that the information can be reliably transmitted to the target node, and improves the application of the observer mechanism in the Internet of Things environment .

附图说明Description of drawings

通过阅读参照以下附图对非限制性实施例所作的详细描述,本发明的其它特征、目的和优点将会变得更明显:Other characteristics, objects and advantages of the present invention will become more apparent by reading the detailed description of non-limiting embodiments made with reference to the following drawings:

图1为本发明的所解决的物联网安全监测与管理的改进的协议模型;Fig. 1 is the improved protocol model of the Internet of Things security monitoring and management solved by the present invention;

图2为本发明提出的基于统计特征的轮询流程;Fig. 2 is the polling process based on statistical features proposed by the present invention;

图3为本发明提出的处于观察者机制下的SNMP协议模型;Fig. 3 is the SNMP protocol model under the observer mechanism proposed by the present invention;

图4为本发明提出的观察者机制采用层次路由的改进方向;Fig. 4 is the improvement direction that the observer mechanism that the present invention proposes adopts hierarchical routing;

图5为簇组织形成的流程;Fig. 5 is the flow process that cluster organization forms;

图6为本发明提出的网管代理与簇首管理站通信的流程;Fig. 6 is the flow process of network management agent and cluster head management station communication that the present invention proposes;

图7为本发明提出的簇内节点间通信的流程;Fig. 7 is the flow process of inter-node communication in the cluster proposed by the present invention;

图8为Opnet建模下的物联网场景;Figure 8 is the Internet of Things scene modeled by Opnet;

图9为本方法与传统SNMP协议的平均时延对比;Fig. 9 is the average time delay contrast of this method and traditional SNMP protocol;

图10为本方法与传统SNMP协议的网络瞬时负载对比;Fig. 10 is this method and the network instantaneous load contrast of traditional SNMP agreement;

图11为本方法与传统SNMP协议的网络平均负载对比。Figure 11 is a comparison of the average network load between this method and the traditional SNMP protocol.

具体实施方式Detailed ways

下面结合具体实施例对本发明进行详细说明。以下实施例将有助于本领域的技术人员进一步理解本发明,但不以任何形式限制本发明。应当指出的是,对本领域的普通技术人员来说,在不脱离本发明构思的前提下,还可以做出若干变化和改进。这些都属于本发明的保护范围。The present invention will be described in detail below in conjunction with specific embodiments. The following examples will help those skilled in the art to further understand the present invention, but do not limit the present invention in any form. It should be noted that those skilled in the art can make several changes and improvements without departing from the concept of the present invention. These all belong to the protection scope of the present invention.

如图1所示,本发明提供了一种物联网安全监测与管理方法,考虑到物联网环境下计算能力有限,高动态性的特点,该方法在SNMP协议的基础上,首次融合了观察者机制、簇间路由、确认机制以及重传机制;在物联网设备资源有限的情况下有效通信,实现了物联网内的安全监测与网络管理。As shown in Figure 1, the present invention provides a security monitoring and management method for the Internet of Things. Considering the characteristics of limited computing power and high dynamics in the Internet of Things environment, this method integrates observers for the first time on the basis of the SNMP protocol. Mechanism, inter-cluster routing, confirmation mechanism, and retransmission mechanism; effective communication in the case of limited resources of IoT devices, realizing security monitoring and network management in IoT.

本发明实例假设物联网的安全监测与管理在100m*100m的场地之中进行,且基于SNMPv1协议进行改进,如图8。模型中包含了三个主体部分,NMS(Network Manage System)即为网络管理系统,负责对代理进行管理与数据获取;Router为路由设备,将 NMS与Agent相互连接,负责管理站间的通信以及管理站与网管代理的通信;Agent为网管代理,负责本地控制物联网设备。由于仿真中只对于网管代理与管理站之间的通信进行分析,因此建模时将网管代理上运行的数据库视为MIB。此外,App_Config为应用定义模块,Prof_Config为业务规格定义模块,用于配置仿真模型中使用到的相关业务。而Task_Config是任务定义模块,为各个节点配置相关执行操作。The example of the present invention assumes that the security monitoring and management of the Internet of Things is carried out in a site of 100m*100m, and is improved based on the SNMPv1 protocol, as shown in Figure 8. The model contains three main parts. NMS (Network Manage System) is the network management system, which is responsible for the management and data acquisition of agents; Router is a routing device, which connects NMS and Agent, and is responsible for communication and management between stations. The communication between the station and the network management agent; Agent is the network management agent, responsible for local control of IoT devices. Since the simulation only analyzes the communication between the network management agent and the management station, the database running on the network management agent is regarded as MIB when modeling. In addition, App_Config is an application definition module, and Prof_Config is a business specification definition module, which is used to configure related services used in the simulation model. Task_Config is a task definition module that configures related execution operations for each node.

如图2、图3所示,执行SNMP协议时,NMS会按一定频率向Agent发出请求信息来获取MIB信息。由于在以上物联网场景中设备数量较多,且产生的数据较多,传统SNMP 协议中的使用固定频率的轮询算法不可避免会产生大量不需要的数据冗余,甚至无法及时地对于发生错误的NMS进行访问,降低了SNMP协议在物联网中的工作效率。同时考虑到NMS,Agent等物联网设备有限的能耗与计算资源,在NMS中加入基于统计特征的轮询优先级算法,使其只在设备初始化时访问静态数据以及减少访问变动不大的设备信息,其具体流程为:As shown in Figure 2 and Figure 3, when implementing the SNMP protocol, the NMS will send request information to the Agent at a certain frequency to obtain MIB information. Due to the large number of devices and the large amount of data generated in the above IoT scenarios, the polling algorithm using a fixed frequency in the traditional SNMP protocol will inevitably generate a large amount of unnecessary data redundancy, and even fail to respond to errors in a timely manner. NMS to access, reducing the efficiency of the SNMP protocol in the Internet of Things. At the same time, considering the limited energy consumption and computing resources of IoT devices such as NMS and Agent, a polling priority algorithm based on statistical characteristics is added to NMS, so that it can only access static data when the device is initialized and reduce access to devices that do not change much. information, the specific process is:

步骤0:初始化所有对象的轮询周期T,设定为一个固定值T0Step 0: Initialize the polling period T of all objects and set it to a fixed value T 0 .

步骤1:经过两次轮询后,计算被管理对象取值Vi与平均值的偏离程度D(i):Step 1: After two rounds of polling, calculate the degree of deviation D(i) between the value V i of the managed object and the average value:

步骤2:确定各个被管理对象的轮询周期T与优先级P:Step 2: Determine the polling cycle T and priority P of each managed object:

T(i)=F(D(i))T(i)=F(D(i))

Figure RE-RE-GDA0002929409410000081
Figure RE-RE-GDA0002929409410000081

其中,F()的值设置为0.01*D(i),C的值设置为1.01nWherein, the value of F() is set to 0.01*D(i), and the value of C is set to 1.01 n .

步骤3:Pn为第n个被管理对象的当前优先级,NMS按照各个被管理对象当前的优先级Pn插入轮询列表之中,如果Pn的值相同则比较T,周期小者先插入。Step 3: P n is the current priority of the nth managed object, and the NMS inserts it into the polling list according to the current priority P n of each managed object. If the values of P n are the same, compare T, and the one with the shorter cycle will be the first insert.

步骤4:轮询队列每次完成后进行更新,生成各个对象新的优先级与轮询周期。若队列已经完成,则结束轮询过程,否则跳转步骤3。Step 4: The polling queue is updated every time it is completed, and a new priority and polling cycle of each object is generated. If the queue has been completed, then end the polling process, otherwise jump to step 3.

如图4所示,本方法在该协议中进一步设置观察者机制,减少轮询得到的无效数据引发的冗余,即物联网设备数据变化时能主动通知NMS,其具体流程如下:As shown in Figure 4, this method further sets the observer mechanism in the protocol to reduce the redundancy caused by the invalid data obtained by polling, that is, the NMS can be actively notified when the data of the IoT device changes, and the specific process is as follows:

步骤0:NMS向Agent发送请求订阅的报文,其中包含有NMS的信息以及希望观察的数据规则与观察对象的标识符OID。Step 0: The NMS sends a subscription request message to the Agent, which contains the information of the NMS, the data rule to be observed and the identifier OID of the observed object.

步骤1:Agent收到请求信息后,将观察者信息存入订阅者列表中,并将其对应的数据规则与观察对象OID存入订阅要求中。Step 1: After the Agent receives the request information, it stores the observer information in the subscriber list, and stores the corresponding data rule and the observation object OID in the subscription request.

步骤2:Agent按照订阅要求对MIB对象的值进行观测,当值的变化满足规则时主动通知订阅表中的所有观察者。Step 2: The Agent observes the value of the MIB object according to the subscription requirements, and actively notifies all observers in the subscription table when the value changes meet the rules.

如图5、图6、图7所示,在本实例中,存在着多个管理站对于同一网管代理进行管理的情况,因此在协议中加入观察者机制后,就变成了一个网管代理被多个管理站请求订阅的情况。那么当设置的订阅要求满足,触发通知机制时,网管代理就不得不向所有订阅者发出通知,这就对于代理的通信资源造成了负担,也会加大其能耗。通过加入层次路由的技术以配合观察者机制,一同改进SNMP协议在物联网中的应用。改进后的协议在每次通知机制被触发后只通知所有订阅者中的一个NMS,该NMS再负责将该通知信息转发给其他订阅者。考虑到物联网设备的功耗问题,选择了LEACH协议作为改进基础,它根据各个设备的地理位置、剩余能量及簇内成员的节点数目,动态地选择簇首节点进行转发,具体流程如下:As shown in Figure 5, Figure 6, and Figure 7, in this example, there are multiple management stations that manage the same network management agent, so after adding the observer mechanism to the protocol, it becomes a network management agent that is The case where multiple management stations request a subscription. Then, when the set subscription requirements are met and the notification mechanism is triggered, the network management agent has to send a notification to all subscribers, which imposes a burden on the agent's communication resources and increases its energy consumption. By adding hierarchical routing technology to cooperate with the observer mechanism, we can improve the application of SNMP protocol in the Internet of Things. The improved protocol only notifies one NMS among all subscribers each time the notification mechanism is triggered, and the NMS is responsible for forwarding the notification information to other subscribers. Considering the power consumption of IoT devices, the LEACH protocol is selected as the basis for improvement. It dynamically selects the cluster head node for forwarding according to the geographical location of each device, the remaining energy and the number of nodes in the cluster members. The specific process is as follows:

步骤0:在每次NMS向Agent请求订阅时,除了请求订阅信息外,附上0~1的随机数与NMS当前的CPU闲置率U与时间。Step 0: Each time the NMS requests subscription from the Agent, in addition to requesting subscription information, attach a random number from 0 to 1, the current CPU idle rate U and time of the NMS.

步骤1:Agent通过比较收到请求的时刻,计算出NMS与Agent间的通信时延d并以此为依据生成阈值T(n)Step 1: The Agent calculates the communication delay d between the NMS and the Agent by comparing the time when the request is received, and generates a threshold T(n) based on this

步骤2:比较NMS生成的随机数与其对应的T(n),若随机数小于T(n),则该节点被选为本轮的簇首候选节点,若有多个节点被选为簇首候选节点,从中选择与Agent通信延时最小的管理站作为本轮的簇首节点。Step 2: Compare the random number generated by NMS with its corresponding T(n). If the random number is smaller than T(n), the node is selected as the cluster head candidate node in this round. If there are multiple nodes selected as the cluster head Candidate nodes, from which the management station with the smallest communication delay with the Agent is selected as the cluster head node of this round.

步骤3:当通知机制被触发,Agent将通知信息与对应的订阅表一同发送给担任簇首节点的NMS,NMS收到信息后将通知信息转发给订阅表中的其他NMS。Step 3: When the notification mechanism is triggered, the Agent sends the notification information together with the corresponding subscription table to the NMS acting as the cluster head node. After receiving the information, the NMS forwards the notification information to other NMSs in the subscription table.

传统的SNMP协议为了信息传输的便捷与实时性使用了UDP协议传输SNMP报文,造成了其在传输过程中的可靠性与安全性的问题。在本实例中进行通信时,需要在提高可靠性的同时,确保较低的计算资源消耗。针对Agent与簇首NMS间以及簇首NMS与其他 NMS间的通信情况,在SNMP协议中加入了确认机制与重传机制以确保信息能够可靠地传输到目标节点。Agent向簇首NMS发送订阅信息与订阅表后,簇首NMS应当向Agent发送确认报文,表示已经成功接收。否则,Agent向簇首NMS重新发送信息,若重传次数达到阈值N,则Agent从簇首候选节点中选择任意其他NMS作为新的簇首。NMS间通信具体流程如下:The traditional SNMP protocol uses the UDP protocol to transmit SNMP messages for the convenience and real-time performance of information transmission, which causes problems of reliability and security in the transmission process. When communicating in this example, it is necessary to ensure low computing resource consumption while improving reliability. For the communication between the Agent and the cluster head NMS and between the cluster head NMS and other NMSs, a confirmation mechanism and a retransmission mechanism are added to the SNMP protocol to ensure that the information can be reliably transmitted to the target node. After the Agent sends the subscription information and subscription form to the cluster head NMS, the cluster head NMS should send a confirmation message to the Agent, indicating that it has been successfully received. Otherwise, the Agent resends information to the cluster head NMS, and if the number of retransmissions reaches the threshold N, the Agent selects any other NMS from the cluster head candidate nodes as the new cluster head. The specific flow of communication between NMSs is as follows:

步骤0:当簇首NMS收到来自Agent的信息后,其按照订阅表将订阅信息通过UDP 协议转发。Step 0: After the cluster head NMS receives the information from the Agent, it forwards the subscription information through the UDP protocol according to the subscription table.

步骤1:簇内其余NMS在收到订阅信息后,向簇首NMS返回确认信息。Step 1: After receiving the subscription information, other NMSs in the cluster return confirmation information to the cluster head NMS.

步骤2:如果簇首NMS收到确认报文则结束通信,否则跳转步骤3。Step 2: If the cluster head NMS receives the confirmation message, the communication ends, otherwise, jump to step 3.

步骤3:在簇首NMS中查找重传次数,若重传次数达到阈值则跳转步骤4,否则簇首NMS重新转发信息。Step 3: Find the number of retransmissions in the cluster head NMS, if the number of retransmissions reaches the threshold, jump to step 4, otherwise, the cluster head NMS retransmits the information.

步骤4:簇首NMS认为该节点失效,从订阅表中移除该节点并将更新后的订阅表发送给Agent。Step 4: The cluster head NMS considers the node invalid, removes the node from the subscription table and sends the updated subscription table to the Agent.

本发明所提出的改进的协议使得网络性能表现了良好的稳定性。图9为选取了10个管理站对于同一代理管理的安全监测与管理情况的仿真0.5小时的结果。考虑到网络性能的稳定程度可由时延波动程度表现,仿真比较了传统SNMP协议与改进后的协议的通信时延,分别对应传统SNMP协议与改进后的协议仿真结果。从图9中可以发现两者的通信时延最终都趋于稳定后,改进前后的平均延时都趋于0.4微妙,而改进后的协议平均时延更快地趋于平稳,总体波动也较小。结果表明,使用本发明方法所设计的物联网安全监测与管理方法通过簇间路由能够使得上述物联网场景具有更高的可靠性。The improved protocol proposed by the invention makes the network performance show good stability. Fig. 9 is the simulation result of 0.5 hours for the security monitoring and management situation managed by the same agent with 10 management stations selected. Considering that the stability of network performance can be expressed by the degree of delay fluctuation, the simulation compares the communication delay of the traditional SNMP protocol and the improved protocol, corresponding to the simulation results of the traditional SNMP protocol and the improved protocol respectively. From Figure 9, it can be found that after the communication delays of the two eventually stabilize, the average delay before and after the improvement tends to be 0.4 microseconds, while the average delay of the improved protocol tends to be stable faster, and the overall fluctuation is also smaller. Small. The results show that the Internet of Things security monitoring and management method designed by the method of the present invention can make the above Internet of Things scene have higher reliability through inter-cluster routing.

此外,考虑到物联网设备可用的资源是有限的,所带来的数据冗余与通信成本开销是衡量其实用性的关键性指标之一,在仿真中,我们采用网络负载说明以上指标。相较于传统SNMP协议在物联网中的应用,本发明所提出的物联网安全监测与管理方法具有更低的网络瞬时负载,如图10所示。在仿真中,我们使用了Opnet Modeler建模的改进的SNMPv1协议,如图11所示,我们对比改进前后协议在物联网应用时的网络平均负载,说明整体通信过程的资源消耗。改进前网络平均负载趋于1600b/s,而改进后网络平均负载趋于800b/s,降低了50%左右。由于本方法基于统计特征的轮询优先级算法、观察者机制与簇间路由相互协作,有效地减少了网管代理与管理站间的数据冗余与通信负担。In addition, considering that the available resources of IoT devices are limited, the resulting data redundancy and communication costs are one of the key indicators to measure their practicality. In the simulation, we use network load to illustrate the above indicators. Compared with the application of the traditional SNMP protocol in the Internet of Things, the security monitoring and management method for the Internet of Things proposed by the present invention has lower instantaneous network load, as shown in FIG. 10 . In the simulation, we used the improved SNMPv1 protocol modeled by Opnet Modeler, as shown in Figure 11, we compared the average network load of the protocol before and after the improvement in the application of the Internet of Things to illustrate the resource consumption of the overall communication process. Before the improvement, the average network load tends to be 1600b/s, but after the improvement, the average network load tends to be 800b/s, which is about 50% lower. Because the polling priority algorithm based on statistical characteristics, the observer mechanism and inter-cluster routing cooperate with each other in this method, the data redundancy and communication burden between the network management agent and the management station are effectively reduced.

本领域技术人员知道,除了以纯计算机可读程序代码方式实现本发明提供的系统及其各个装置、模块、单元以外,完全可以通过将方法步骤进行逻辑编程来使得本发明提供的系统及其各个装置、模块、单元以逻辑门、开关、专用集成电路、可编程逻辑控制器以及嵌入式微控制器等的形式来实现相同功能。所以,本发明提供的系统及其各项装置、模块、单元可以被认为是一种硬件部件,而对其内包括的用于实现各种功能的装置、模块、单元也可以视为硬件部件内的结构;也可以将用于实现各种功能的装置、模块、单元视为既可以是实现方法的软件模块又可以是硬件部件内的结构。Those skilled in the art know that, in addition to realizing the system provided by the present invention and its various devices, modules, and units in a purely computer-readable program code mode, the system provided by the present invention and its various devices can be completely programmed by logically programming the method steps. , modules, and units implement the same functions in the form of logic gates, switches, ASICs, programmable logic controllers, and embedded microcontrollers. Therefore, the system and its various devices, modules, and units provided by the present invention can be regarded as a hardware component, and the devices, modules, and units included in it for realizing various functions can also be regarded as hardware components. The structure; the devices, modules, and units for realizing various functions can also be regarded as not only the software modules for realizing the method, but also the structures in the hardware components.

以上对本发明的具体实施例进行了描述。需要理解的是,本发明并不局限于上述特定实施方式,本领域技术人员可以在权利要求的范围内做出各种变化或修改,这并不影响本发明的实质内容。在不冲突的情况下,本申请的实施例和实施例中的特征可以任意相互组合。Specific embodiments of the present invention have been described above. It should be understood that the present invention is not limited to the specific embodiments described above, and those skilled in the art may make various changes or modifications within the scope of the claims, which do not affect the essence of the present invention. In the case of no conflict, the embodiments of the present application and the features in the embodiments can be combined with each other arbitrarily.

Claims (5)

1. A method for monitoring and managing the safety of the Internet of things is characterized in that in the process of actively acquiring the state of network equipment by a management station in the Internet of things, a polling priority algorithm based on statistical characteristics adaptively adjusts the access frequency of dynamic information according to the statistical characteristics of a managed object, and comprises the following steps:
step 11: passing through multiple wheelsAfter inquiry, the value V of the ith managed object is calculated i Degree of deviation from average D (i):
Figure FDA0003798654640000011
Figure FDA0003798654640000012
wherein, V j The resulting value is polled for managed objects jth,
Figure FDA0003798654640000013
averaging historical values of the managed objects;
step 12: determining the polling period T (i) and the priority P of each managed object:
T(i)=F(D(i))
Figure FDA0003798654640000014
wherein, P n Setting F () to make T (i) and D (i) negatively correlated, C being a settable parameter, ensuring that objects with the same polling period have different priorities;
step 13: the management station follows the current priority P of the managed object n Inserting the managed object into a polling queue, comparing polling periods if the managed object has the same priority, and inserting the managed object into the polling queue first when the period is short;
step 14: updating the polling queue after each completion to generate new priorities and polling periods of the managed objects, if the queue is completed, ending the polling process, otherwise, skipping to the step 13;
in order to reduce redundancy caused by invalid data obtained by polling, the data acquisition method based on the observer mechanism is further included, the managed object can actively inform the management station without responding to a GetRequest request from the management station once and again, and the data acquisition method based on the observer mechanism comprises the following steps:
step 20: the management station sends a message requesting subscription to the network management agent, wherein the message comprises information of the management station, a data rule expected to be observed and an identifier OID of an observed object;
step 21: after receiving the message, the network management agent stores the information of the observer into a subscriber list and stores the corresponding data rule and the observed object OID into a subscription requirement;
step 22: the network management agent observes the value of an object in a management information base MIB according to subscription requirements, and actively informs an observer when the change of the value meets a preset rule;
the data forwarding method adopting hierarchical routing is matched with the data acquisition method based on the observer mechanism, and the data forwarding method comprises the following steps:
and step 30: attaching a random number of 0-1, the current CPU idle rate U and time of the management station when the management station requests a subscription to the network management agent each time;
step 31: the network management agent calculates the communication time delay d between the management station and the network management agent and generates a threshold value T (n) by comparing the time of receiving the request:
Figure FDA0003798654640000021
Figure FDA0003798654640000022
wherein p is the proportion of the cluster head node number to the total node number, r is the number of current working rounds, G is the set of nodes which do not become cluster head nodes in the network, W b In the function, A and B are control factors, U (i) is the current CPU idle rate of node i, U (i) max For the maximum idle rate in all management stations, d (i) is the communication delay from node i to the network management agent, d avg The average time delay from all the current nodes to the network management agent is obtained;
step 32: comparing the random number generated by the management station with the corresponding T (n), if the random number is smaller than the T (n), selecting the node as a cluster head candidate node of the current round, and if a plurality of nodes are selected as the cluster head candidate nodes, selecting the management station with the minimum communication time delay with the network management agent as the cluster head node of the current round;
step 33: when the set subscription requirement is met, the network management agent sends the notification information and the corresponding subscriber list to the management station serving as the cluster head node, and the management station forwards the notification information to other observers in the subscriber list after receiving the notification information, so that the data forwarding work of the round is completed.
2. The internet of things safety monitoring and management method according to claim 1, wherein a confirmation retransmission method is adopted for communication between the network management agent and the cluster head management station and communication between the cluster head management station and other nodes in the cluster, and the confirmation retransmission method comprises the following steps:
step 40: after the network management agent sends subscription information and a subscriber list to the cluster head management station, the cluster head management station sends a confirmation message to the network management agent;
step 41: if the network management agent receives the confirmation message, the communication is ended, otherwise, the step 42 is skipped;
step 42: searching retransmission times in the network management agent, if the retransmission times reach a preset threshold value, jumping to step 43, otherwise, the network management agent retransmits the information again;
step 43: and the network management agent selects any other node from the cluster head candidate nodes as a new cluster head and forwards information to the new cluster head.
3. The utility model provides a thing networking safety monitoring and management system which characterized in that, in the initiative acquisition process of management station to the network equipment state in the thing networking, for dynamic information, the polling priority algorithm based on statistical character adjusts the access frequency according to the statistical character self-adaptation of managed object, includes:
a module M11: after a plurality of polling, the value V of the ith managed object is calculated i Degree of deviation from average D (i):
Figure FDA0003798654640000031
Figure FDA0003798654640000032
wherein, V j The resulting value is polled for managed objects jth,
Figure FDA0003798654640000033
averaging historical values of the managed objects;
a module M12: determining the polling period T and the priority P of each managed object:
T(i)=F(D(i))
Figure FDA0003798654640000034
wherein, P n Setting F () to make T (i) and D (i) negatively correlated, C being a settable parameter, for the current priority of the nth managed object, ensuring that objects with the same polling period have different priorities;
a module M13: the management station follows the current priority P of the managed object n Inserting the managed object into a polling queue, comparing polling periods if the managed object has the same priority, and inserting the managed object into the polling queue first when the period is short;
a module M14: updating the polling queue after each completion to generate new priorities and polling periods of each managed object, ending the polling process if the queue is completed, otherwise jumping to a module M13 to execute work;
in order to reduce redundancy caused by invalid data obtained by polling, the data acquisition method based on the observer mechanism is further included, the managed object can actively inform the management station without responding to a GetRequest request from the management station for a time, and the data acquisition method based on the observer mechanism comprises the following steps:
a module M20: the management station sends a message requesting subscription to the network management agent, wherein the message comprises information of the management station, a data rule expected to be observed and an identifier OID of an observed object;
a module M21: after receiving the message, the network management agent stores the information of the observer into a subscriber list and stores the corresponding data rule and the observation object OID into a subscription requirement;
a module M22: the network management agent observes the value of an object of a management information base MIB according to subscription requirements, and actively informs an observer when the change of the value meets a preset rule;
the data forwarding method adopting hierarchical routing is matched with the data acquisition method based on the observer mechanism, and the data forwarding method comprises the following steps:
module M30: attaching a random number of 0-1, the current CPU idle rate U of the management station and time when the management station requests a subscription from a network management agent each time;
module M31: the network management agent calculates the communication time delay d between the management station and the network management agent and generates a threshold value T (n) by comparing the time when the request is received:
Figure FDA0003798654640000041
Figure FDA0003798654640000042
wherein p is the proportion of the cluster head node number to the total node number, r is the number of current working rounds, G is the set of nodes which do not become the cluster head in the network, and W b In the function, A and B are control factors, U (i) is the current CPU idle rate of node i, U (i) max For the maximum idle rate in all management stations, d (i) is the communication delay from node i to the network management agent, d avg Average time delay from all current nodes to the network management agent;
the module M32: comparing the random number generated by the management station with the corresponding T (n), if the random number is smaller than the T (n), selecting the node as a cluster head candidate node of the current round, and if a plurality of nodes are selected as the cluster head candidate nodes, selecting the management station with the minimum communication time delay with the network management agent as the cluster head node of the current round;
a module M33: when the set subscription requirement is met, the network management agent sends the notification information and the corresponding subscriber list to the management station serving as the cluster head node, and the management station receives the information and forwards the notification information to other observers in the subscriber list to complete the data forwarding work of the current round.
4. The internet of things safety monitoring and management system according to claim 3, wherein a confirmation retransmission method is adopted for communication between the network management agent and the cluster head management station and communication between the cluster head management station and other nodes in the cluster, and the confirmation retransmission method comprises the following steps:
a module M40: after the network management agent sends subscription information and a subscriber list to the cluster head management station, the cluster head management station sends a confirmation message to the network management agent;
a module M41: if the network management agent receives the confirmation message, the communication is ended, otherwise, the network management agent jumps to the module M42 to execute the work;
module M42: searching retransmission times in the network management agent, if the retransmission times reach a preset threshold value, skipping to a module M43 to execute work, otherwise, the network management agent retransmits the information again;
module M43: and the network management agent selects any other node from the cluster head candidate nodes as a new cluster head and forwards information to the new cluster head.
5. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, implements the steps of the method for monitoring and managing security of internet of things of any one of claims 1 to 2.
CN202011401515.4A 2020-12-04 2020-12-04 Internet of things security monitoring and management method, system and medium Active CN112600694B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011401515.4A CN112600694B (en) 2020-12-04 2020-12-04 Internet of things security monitoring and management method, system and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011401515.4A CN112600694B (en) 2020-12-04 2020-12-04 Internet of things security monitoring and management method, system and medium

Publications (2)

Publication Number Publication Date
CN112600694A CN112600694A (en) 2021-04-02
CN112600694B true CN112600694B (en) 2022-11-15

Family

ID=75188035

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011401515.4A Active CN112600694B (en) 2020-12-04 2020-12-04 Internet of things security monitoring and management method, system and medium

Country Status (1)

Country Link
CN (1) CN112600694B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104980314A (en) * 2015-06-10 2015-10-14 上海市地震应急救援保障中心 Earthquake industry cluster equipment active monitoring system and polling mechanism
CN111538570A (en) * 2020-05-12 2020-08-14 广东电网有限责任公司电力调度控制中心 VNF deployment method and device for energy conservation and QoS guarantee

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7991865B2 (en) * 2006-05-23 2011-08-02 Cisco Technology, Inc. Method and system for detecting changes in a network using simple network management protocol polling

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104980314A (en) * 2015-06-10 2015-10-14 上海市地震应急救援保障中心 Earthquake industry cluster equipment active monitoring system and polling mechanism
CN111538570A (en) * 2020-05-12 2020-08-14 广东电网有限责任公司电力调度控制中心 VNF deployment method and device for energy conservation and QoS guarantee

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"SNMP网络管理中高效轮询方法研究";朱创录;《计算机技术与发展》;20121231;第135-138页 *
"基于观察者模式的CoAP课程教学与实验设计";张笑非等;《软件导刊》;20191231;第18卷(第12期);第199-203页 *
"改进的无线传感器网络簇首选择策略及其路由算法";姚光顺;《计算机应用》;20130401;第908-911页 *

Also Published As

Publication number Publication date
CN112600694A (en) 2021-04-02

Similar Documents

Publication Publication Date Title
US8582470B2 (en) Arrangement and method relating to network management
CN102209041B (en) Scheduling method, device and system
CN102480759B (en) Network-management realizing method and system on basis of fit wireless access point architecture
Chatzimilioudis et al. A novel distributed framework for optimizing query routing trees in wireless sensor networks via optimal operator placement
Alishahi et al. Multi-class routing protocol using virtualization and SDN-enabled architecture for smart grid
CN107210607A (en) Method and system for providing energy service
CN113543160B (en) 5G slice resource allocation method, device, computing equipment and computer storage medium
Ndiaye et al. SDNMM—A generic SDN-based modular management system for wireless sensor networks
Staglianò et al. D-MQTT: design and implementation of a pub/sub broker for distributed environments
Chadha et al. Policy-based mobile ad hoc network management for drama
CN112600694B (en) Internet of things security monitoring and management method, system and medium
Lee et al. Optimal MAC design based on utility maximization: Reverse and forward engineering
Kim et al. Network management framework and lifetime evaluation method for wireless sensor networks
Nguyen et al. A software-defined model for IoT clusters: Enabling applications on demand
Hamzaoui et al. Enhancing OLSR routing protocol using k-medoids clustering method in manets
CN116132251A (en) Network traffic management method, device, equipment and readable storage medium
Mohsenian-Rad et al. Optimal SINR-based random access
Parag et al. Value-aware resource allocation for service guarantees in networks
Aboubakar et al. A novel scheme for congestion notification in IoT low power networks
Fallon et al. Self-forming network management topologies in the madeira management system
JP7625106B2 (en) Base station function allocation control device, base station function allocation control method, and computer program
Bruno et al. Design and Implementation of a COAP-Based Broker for Heterogeneous M2M Applications
EP4145806A1 (en) Device data retrieval
Yang et al. Bayesian model based services awareness of power line communications for smart power grid
Urakawa et al. Task allocation method combining reorganization of agent networks and resource estimation in unknown environments

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant