RU2822581C1 - Method for trusted interaction of agents in decentralized cyber-physical environment based on group zoning - Google Patents

Abstract

FIELD: information technology.

SUBSTANCE: invention relates to a method for trusted interaction of Internet of things devices based on group zoning. Method comprises implementation of trusted interaction of Internet of things devices based on use of Bluetooth, wherein when using the group zoning technology to form zones around IoT devices, the devices interact with each other using reputational scores collected from other devices in the same zone, allowing to determine how much to trust the requesting device, which makes it possible to take into account the past experience of interaction with the device, the method provides a dynamic assessment of trust, calculated by the formula: , where is the sum of available estimates of the device, k = number of stored estimates, if there are no estimates or not enough, a coefficient gk = 1 is formed.

EFFECT: improved information security of trusted interaction of IoT devices based on use of Bluetooth.

1 cl, 5 dwg

Description

The invention relates to the field of organizing network data exchange schemes between multiple devices, in particular for data exchange between Internet of Things (hereinafter referred to as IoT) devices.

There is a known method for ensuring the interaction of IoT devices, described in patent RU 2695487, publ. 07/23/2019. It is an IoT device used as part of the implementation of the solution, which is carried out by supplying IoT devices participating in the information exchange with a specialized security module, which ensures the secure execution of the necessary procedures for data exchange between participants in the IoT infrastructure. The disadvantages of this method are the difficulty of implementation, the need for additional equipment, and productivity.

The technical result is increasing the information security of trusted interaction between IoT devices based on the use of Bluetooth.

According to the data obtained during the simulation, the proposed solution increases the efficiency of anomaly detection in the shortest time. The average time savings is 4.3%.

A distinctive feature of the new method is the use of group zoning technology to form zones around IoT devices. These zones represent areas where devices communicate with each other, which helps in assessing trust between devices within each zone. This method also uses reputation scores collected from other devices (trustor devices) in the same zone. These ratings help determine how much to trust the requesting device, which takes into account past experience with the device. And taking into account several factors when calculating the trust factor (hereinafter referred to as TF), including the presence of interaction experience, passing device identification, the number of devices in the area and reputation assessments, allows you to more accurately assess the level of trust. Another method provides a dynamic trust score that can change depending on changing conditions and the behavior of devices in the area, allowing you to adapt to changing threats and situations.

The proposed solution is based on the use of group reputation assessment. Sending a request to execute an algorithm for a device triggers two processes at once: the gradual execution of the algorithm on the device and the calculation of an assessment of the quality of the algorithm’s execution. The executing device interacts with a certain group of managed IoT devices on the same subnet and exchanges parameters. Based on the received parameters, a result is generated, according to which the device has the opportunity to complete the request algorithm with success or error.

If the result of the calculations results in a “low” trust score, then the device is excluded from interaction between devices, preventing the attacker from further interacting with it or through it with other devices until the user resets the settings. In another case, when the confidence score of the algorithm is high, the device is allowed to complete the executing algorithm while remaining in the IoT system on that subnet.

To solve the problems of information security of trusted interaction, the following type of algorithm and device interaction diagram is proposed, shown in Fig. 1 and 2.

For convention, the algorithm is divided into several parts: input parameters that are passed to work with the algorithm: Zone and Reputation rating coefficients (hereinafter referred to as Gr) for calculating the trust rating, trusted_list - a list of devices with which we can interact, information exchanged between devices etc. Next, we need to search through the devices that we can connect to and add them to the trusted_list variable. After this, we move to the block with anomalies that may arise during the interaction of IoT devices. The penultimate block checks the conditions whether the trusting device and the requesting device were able to identify themselves, checks for the presence of previous contacts and proceeds to calculating the score. Based on the results of the calculated trust factor (hereinafter referred to as TF), it is possible to calculate under what conditions the algorithm will continue unhindered, under what conditions user confirmation will be required and under what conditions the device will need to reboot the user and reset the settings.

The developed scheme is a division into the network level, represented by the access point and Internet service provider, and the subnet level in which IoT devices operate. Upon receiving a request, the executable device forms a zone around itself in which nearby devices are selected, and they are responsible for the reputation assessments of the device.

Thus, when calculating all reputation scores, there is no need to obtain confirmation from all devices, since the presence of “low” reputation scores in a small subset of the set of all devices will not allow an unverified algorithm to be made.

When implementing this method, it is necessary to calculate the coefficient on the basis of which permission will be given to the device that receives the request to execute its algorithm. The division into zones is shown in Fig. 3. This diagram presents the following elements: the device receiving the request is drawn in the center, then in the zone there are other devices that can evaluate the reputation coefficient of the trusting device (hereinafter referred to as UD) for the request device (hereinafter referred to as UD). However, to eliminate the load on calculations, the elements are limited to zones in which US and UD can also act. Zones are formed based on sensor coverage areas. In this work, the hone is limited by the Bluetooth operating radius.

In order to calculate the reputation coefficient for a requesting device, it is necessary to highlight the main stages that the trusting device must go through. The formation of the assessment is made up of the parameters presented in Fig. 4.

Reputation ratings

This parameter is given by formula (1), calculated by the sum of previous ratings divided by the number of ratings. This parameter is set by the last 30 ratings:

(1)

Where - sum of available ratings for the device, k = number of saved ratings. If there are no estimates or the coefficient g _k = 1 is not sufficiently formed;

The formation of a zone of all devices located in the UZ zone will be UD, calculating the reputation assessment, and form the number of devices in the zone.

Performing device identification

This parameter can take values 1 if identification is confirmed and 0 if this confirmation is absent;

UD experience

The parameter is responsible for indicating whether contacts between devices have been established before or not. Also accepts parameters 0 - no experience and 1 if there is contact.

Ultimately, the formula for assessing trust has the form:

(2)

where TF is the trust factor, Exp is the presence of experience, Ind is the coefficient of device identification, Gr is the sum of the reputation ratings of the UD, - the ratio of the sum of reputation ratings of devices in the zone of formation of the reputation coefficient to their number, j - the number of devices in the zone.

At the output we get a confidence coefficient ranging from 0 to 1.

To evaluate the effectiveness of this method, the work provides a comparison of the speed of detection of anomalous nodes. The detection time of infected nodes is shown in Fig. 5. This graph shows a decrease in the average time to detect infected devices from the total number. According to the data obtained during the simulation, the proposed solution increases the efficiency of anomaly detection in the shortest time. The average time savings is 4.3%. According to the data, this method can improve the detection efficiency of anomalous IoT devices.

Claims (3)

A method for trusted interaction of Internet of Things devices based on group zoning, containing implementations of trusted interaction of Internet of Things devices based on the use of Bluetooth, characterized in that when using group zoning technology to form zones around IoT devices, devices interact with each other using reputation assessments collected from others devices in the same zone, allowing you to determine how much to trust the requesting device, which allows you to take into account past experience of interaction with the device, the method provides a dynamic trust assessment, calculated by the formula: , Where - the sum of the available ratings for the device, k = the number of saved ratings, if there are no ratings or not enough, the coefficient g _k = 1 is formed.