| 引用本文: |
-
刘宸睿,李科,李红,宋站威,朱红松,孙利民.基于场景上下文异常的智能家居入侵检测[J].信息安全学报,已采用 [点击复制]
- LIU Chenrui,LI Ke,LI Hong,SONG Zhanwei,ZHU Hongsong,SUN Limin.Context-Aware Anomaly Intrusion Detection Method for Smart Home Automation[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 智能家居设备通过物联网平台上的联动规则实现设备之间的互联和互动,为用户带来便利的同时,也导致安全威胁的增 加。在此场景下,传统的基于异常的入侵检测方法存在准确率低、误报率高和可解释性差的问题。本文提出一种基于场景上下 文异常的智能家居入侵检测方法。首先,从设备事件和设备状态等多个角度构建不同设备之间的关联关系表示模型;其次,本 文综合分析了联动规则、设备类型、设备属性、配置文件等多元信息,使用自然语言处理技术辅助挖掘关联关系,并利用系统 事件日志进行验证;最后,根据通过验证的关联关系对系统事件流进行异常检测。我们在搭建的真实智能家居环境中,对本方 法的有效性进行验证与评估,通过与传统方法对比,本方法具有更优的检测效果。 |
| 关键词: 物联网 场景上下文 智能家居场景联动 入侵检测 自然语言处理 |
| DOI:10.19363/J.cnki.cn10-1380/tn.2023.08.31 |
| 投稿时间:2021-06-07修订日期:2021-08-16 |
| 基金项目:广东省重点研发计划新型基础设施的自动网络攻防对抗关键技术 |
|
| Context-Aware Anomaly Intrusion Detection Method for Smart Home Automation |
|
LIU Chenrui, LI Ke, LI Hong, SONG Zhanwei, ZHU Hongsong, SUN Limin
|
(Beijing Key Laboratory of IoT Information Security Technology,Institute of Information Engineering,Chinese Academy of Sciences,
Beijing) |
| Abstract: |
| Smart home IoT devices realize the interconnection and interaction between devices through the automation rules on the IoT platform, which not only brings convenience to users, but also leads to the increase of security threats. In this scenario, the traditional anomaly intrusion detection methods have the problems of low accuracy, high false alarm rate and poor interpretability. This paper proposes a context-aware anomaly intrusion detection method. Firstly, we built the correlation representation model between different devices from the perspectives of device events and device states; Sec- ondly, we comprehensively analyzes the automation rules, device types, device attributes, configuration files and other mul- tiple information, uses natural language processing technology to assist mining correlations, and uses the system event log to verify them; Finally, the system event flow is detected according to the verified correlations. We verify and evaluate the effectiveness of our method in the real smart home environment. Compared with traditional methods, this method has better detection effect. |
| Key words: internet of things context smart home automation intrusion detection natural language processing |
