基于改进CAE的物联网终端风险评估模型

doi:10.3969/j.issn.1671-1122.2024.01.015

信息网络安全 ›› 2024, Vol. 24 ›› Issue (1): 150-159.doi: 10.3969/j.issn.1671-1122.2024.01.015

基于改进CAE的物联网终端风险评估模型

王君艳¹, 伊鹏², 贾洪勇¹(), 张建辉¹^,³

1.郑州大学网络空间安全学院，郑州 450001
2.中国人民解放军战略支援部队信息工程大学信息技术研究所，郑州 450001
3.嵩山实验室，郑州 450001

收稿日期:2023-08-12 出版日期:2024-01-10 发布日期:2024-01-24
通讯作者: 贾洪勇 E-mail:hyjia@zzu.edu.cn
作者简介:王君艳（1997—），女，河南，硕士研究生，主要研究方向为物联网安全、深度学习|伊鹏（1977—），男，河南，研究员，博士，主要研究方向为网络内生安全、入侵检测、新型网络体系结构|贾洪勇（1975—），男，河南，讲师，博士，主要研究方向为云计算安全、物联网系统、零信任安全|张建辉（1977—），男，河南，副研究员，博士，主要研究方向为新型网络体系结构、网络路由技术、网络数据分析与安全管控
基金资助:
国家重点研发计划(2022YFB2901403);河南省重大科技专项(221100210900-01);中国高校产学研创新基金(2021ITA11021)

IoT Terminal Risk Assessment Model Based on Improved CAE

WANG Junyan¹, YI Peng², JIA Hongyong¹(), ZHANG Jianhui¹^,³

1. School of Cyber Science and Engineering, Zhengzhou University, Zhengzhou 450001, China
2. Institute of Information Technology, PLA Strategic Support Force Information Engineering University, Zhengzhou, 450001, China
3. Songshan Laboratory, Zhengzhou 450001, China

Received:2023-08-12 Online:2024-01-10 Published:2024-01-24
Contact: JIA Hongyong E-mail:hyjia@zzu.edu.cn

摘要/Abstract

摘要：

物联网异构终端数量大、结构简单、安全防护能力弱，容易成为攻击目标。针对传统风险评估方法处理不断变化的大量风险因素时，评估机制建立困难，评估效率不高的问题，文章提出基于改进卷积自动编码器的物联网终端风险评估模型（Lightweight Convolutional Autoencoder Combined with Fully Connected Layers and Classifier Model，LCAE-FC）。将更轻量化卷积自动编码器与分类器结合构建模型，使高维特征学习与逐阶降维输出评估概率值一体化；编码器引入深度可分离卷积，每个通道学习广义行为特征内部结构；每个输出特征均进行平均池化，最大限度保留风险信息；全连接层与分类器结合将高维特征抽象后阶梯式降维输出风险概率值。N-BaIoT数据集上的实验结果显示，文章所提模型精确度和F1值均高达99.3%以上，相较传统的CAE、Bi-LSTM和SAE-SBR模型，性能更优。

关键词: 物联网终端, 风险评估, 卷积自动编码器, 广义行为风险因素, 深度可分离卷积

Abstract:

The number of heterogeneous terminals in the Internet of Things is large, the structure is simple, the security protection ability is weak, and it is easy to become the target of attack. Aiming at the difficulties in establishing the evaluation mechanism and low evaluation efficiency when traditional risk assessment methods deal with a large number of changing risk factors, a risk assessment model of IoT terminal based on improved convolutional autoencoder was proposed(Lightweight Convolutional Autoencoder combined with Fully Connected Layers and Classifier Model,LCAE-FC). A lightweight convolutional encoder was combined with a classifier to build a model, which integrated high-dimensional feature learning with the output evaluation probability of order dimensional reduction. The encoder introduced deep separable convolution, and each channel learned the internal structure of generalized behavioral risk. Each output feature was averaged and pooled to retain risk information to the maximum extent. The risk probability value was output by step-dimensionality reduction after the high-dimensional features were abstracted by the fully connected layer and classifier. The experimental results on the N-BaIoT dataset show that the accuracy and F1 value of the proposed model are higher than 99.3%, which has better performance than the traditional CAE, Bi-LSTM and SAE-SBR models.

Key words: internet of things terminal, risk assessment, convolutional automatic encoder, broad behavioral risk factors, depth-separable convolution

中图分类号:

TP309

王君艳, 伊鹏, 贾洪勇, 张建辉. 基于改进CAE的物联网终端风险评估模型[J]. 信息网络安全, 2024, 24(1): 150-159.

WANG Junyan, YI Peng, JIA Hongyong, ZHANG Jianhui. IoT Terminal Risk Assessment Model Based on Improved CAE[J]. Netinfo Security, 2024, 24(1): 150-159.

图/表 11

图1

图2

表1

表2

表3

图3

图4

表4

表5

图5

图6

参考文献 22

[1]	LIN Meiyu, WANG Yazhong. Research on Security Capability of IoT Terminal[J]. Information and Communication Technology and Policy, 2020, (10): 93-96.
	林美玉, 王亚忠. 物联网终端安全能力研究[J]. 信息通信技术与政策, 2020, (10): 93-96.
[2]	CHEN Lin, CUI Tao. Research on Terminal Security in Massive Machine Communication Scenarios[J]. Information and Communication Technology and Policy, 2021, (12): 93-96.
	陈琳, 崔涛. 海量机器类通信场景终端安全问题研究[J]. 信息通信技术与政策, 2021, (12): 93-96.
[3]	MARUDHADEVI D, DHATCHAYANI V N, SRIRAM V S S. A Trust Evaluation Model for Cloud Computing Using Service Level Agreement[J]. The Computer Journal, 2014, 58(10): 2225-2232. doi: 10.1093/comjnl/bxu129 URL
[4]	JOSANG A. Subjective Logic: A Formalism for Reasoning Under Uncertainty[M]. Springer: Nature, 2016.
[5]	FENG Jingyu, YU Tingting, WANG Ziying, et al. Edge Zero Trust Model Against Lost Terminal Threat in Power Iot Scenario[J]. Journal of Computer Research and Development, 2022, 59(5): 1120-1132.
	冯景瑜, 于婷婷, 王梓莹, 等. 电力物联场景下抗失陷终端威胁的边缘零信任模型[J]. 计算机研究与发展, 2022, 59(5): 1120-1132.
[6]	WANG Jingwen, JING Xuyang, YAN Zhengyan, et al. A Survey on Trust Evaluation Based on Machine Learning[J]. ACM Computing Surveys, 2020, 53(5): 1-36.
[7]	ALHANDI S A, KAMALUDIN H, ALDUAIS N A M. Trust Evaluation Model in IoT Environment: A Comprehensive Survey[J]. IEEE Access, 2023: 11165-11182
[8]	TANG Xianzhi, DING Chunyan. Information Security Terminal Architecture of Power Transportation Mobile Internet of Things Based on Big Data Analysis[J]. Wireless Communications and Mobile Computing, 2021, 2021: 1-9.
[9]	ZHAO Yifan. Application of Machine Learning in Network Security Situational Awareness[C]// IEEE.2021 World Conference on Computing and Communication Technologies. New York: IEEE, 2021: 39-46.
[10]	ABBASI M, SHAHRAKI A, TAHERKORDI A. Deep Learning for Network Traffic Monitoring and Analysis (NTMA): A Survey[J]. Computer Communications, 2021, 170: 19-41. doi: 10.1016/j.comcom.2021.01.021 URL
[11]	LI Da, FUXingzhen, ZANYanzhu. MPTEM: A Reliable Trust Evaluation Model for Forest IoT System[C]/IEEE. 2022 7th International Conference on Computer and Communication Systems. New York: IEEE, 2022: 690-694.
[12]	BERGAMASCO L, SAHA S, BOVOLO F, et al. Unsupervised Change-Detection Based on Convolutional-Autoencoder Feature Extraction[C]// SPIE. 2019, Image and Signal Processing for Remote Sensing XXV. Edinburgh: SPIE, 2019: 352-332.
[13]	JAYASINGHE U, LEE G M, UM T-W, et al. Machine Learning Based Trust Computational Model for IoT Services[J]. IEEE Transactions on Sustainable Computing, 2019, 4(1): 39-52. doi: 10.1109/TSUSC.2018.2839623 URL
[14]	HE Chaoxun, PENG Weifeng, LI Yanfei, et al. Improved on Service Trust Model Based on Machine Learning[J]. Computer Engineering and Design, 2022(5): 1335-1343.
	何超勋, 彭伟锋, 李燕飞, 等. 基于机器学习的改进型物联网服务信任模型[J]. 计算机工程与设计, 2022(5): 1335-1343.
[15]	LIAO Junkai, CHENG Yongxin, ZHANG Jianhui. Construction of Access Control System Based on Dynamic Trust[J]. Communications Technology, 2022(4): 473-479.
	廖竣锴, 程永新, 张建辉. 基于动态信任的接入管控体系构建[J]. 通信技术, 2022(4): 473-479.
[16]	LIU Liang, XU Xiangyu, LIU Yulei, et al. A Detection Framework Against CPMA Attack Based on Trust Evaluation and Machine Learning in IoT Network[J]. IEEE Internet of Things Journal, 2021, 8(20): 15249-15258. doi: 10.1109/JIOT.2020.3047642 URL
[17]	KHAN M A, ALGHAMDI N S. A Neutrosophic WPM-Based Machine Learning Model for Device Trust in Industrial Internet of Things[J]. Journal of Ambient Intelligence and Humanized Computing, 2023: 3003-3017
[18]	FRAGKOS G, JOHNSON J, TSIROPOULOU E. Dynamic Role-Based Access Control Policy for Smart Grid Applications: An Offline Deep Reinforcement Learning Approach[J]. IEEE Transactions on Human-Machine Systems, 2022: 1-13.
[19]	ALGHOFAILI Y, RASSAM M A. A Trust Management Model for IoT Devices and Services Based on the Multi-Criteria Decision-Making Approach and Deep Long Short-Term Memory Technique[J]. Sensors, 2022, 22(2): 634-660. doi: 10.3390/s22020634 URL
[20]	MA Wei, WANG Xing, HU Mingsheng, et al. Machine Learning Empowered Trust Evaluation Method for IoT Devices[J]. IEEE Access, 2021, 9: 65066-65077. doi: 10.1109/ACCESS.2021.3076118 URL
[21]	RAO M, CHAUDHARY P, SHEORAN K, et al. A Secure Routing Protocol Using Hybrid Deep Regression Based Trust Evaluation and Clustering for Mobile Ad-Hoc Network[J]. Peer-to-Peer Networking and Applications, 2023, 16(6): 2794-2810. doi: 10.1007/s12083-023-01560-3
[22]	MEIDAN Y, BOHADANA M, MATHOV Y, et al. N-Baiot—Network-Based Detection of IoT Botnet Attacks Using Deep Autoencoders[J]. IEEE Pervasive Computing, 2018, 17(3): 12-22. doi: 10.1109/MPRV.2018.03367731 URL

数据来源	数据	统计量	总数/个
Source IP	Packet size(only outbound)	Mean, variance	3
Source IP	Packet count(only outbound)	Integer	3
Source MAC-IP	Packet size(only outbound)	Mean, variance	3
Source MAC-IP	Packet count	Integer	3
Channel	Packet size(only outbound)	Mean, variance	10
	Packet count	Integer
	Amount of time betweenpacket arrivals	Mean, variance,
	Packet size(both inbound and outbound)	Magnitude, radius, covariance, correlation coefficient
Socket	Packet size(only outbound)	Mean, variance	7
	Packet count	Integer
	Packet size(both inbound and outbound)	Magnitude, radius, covariance, correlation coefficient

层	各层输出大小	参数量/个
Input1	(115,0)	0
DephwiseConv1D	(115,1)	129
SeparableConv1D	(115,32)	96
GlobalAveragePooling1D	(None,32)	0
Deconv1DTranspose	(115,32)	2080
Deconv1DTranspose	(115,64)	4160
Deconv1DTranspose	(115,115)	14835
Flatten	(None,32)	0
Dense	(None,115)	3795
Dense	(None,64)	7424
Dense	(None,32)	2080
Dense	(None,1)	33
合计	—	34632

层	参数设置
DephwiseConv1D	Kernel_size:2，num_filters:64，activation:relu，padding: same
SeparableConv1D	Kernel_size:2，num_filters:32， activation:relu，padding: same
GlobalAveragePooling1D	data_format=channels_last
Conv1DTranspose	filters=32, kernel_size=2, activation=relu padding=same,
Conv1DTranspose	filters=64, kernel_size=2, activation=relupadding=same,
Conv1DTranspose	filters=115, kernel_size=2, padding=same, activation=linear
Dense	activation=relu
Dense	activation=relu
Dense	activation=relu
Dense	activation=sigmoid
epoch	200
batch_size	100

评价指标	终端1	终端2	终端3	终端4	终端5	终端6	终端7	终端8	终端9
TPR	99.9%	99.7%	99.4%	99.6%	99.3%	99.5%	98.2%	99.0%	98.3%
FPR	0.1%	0.1%	0.1%	0.1%	0.3%	0.3%	0.9%	0.1%	0
FNR	0.1%	0.3%	0.5%	0.4%	0.7%	0.5%	1.8%	1.0%	1.7%
TNR	99.9%	99.9%	99.9%	99.9%	99.7%	99.7%	99.1%	99.9%	100%

层	各层输出大小	参数/个
Input1	(115，0)	0
Conv1D	(115，64)	14784
MaxPooling1D	(57, 64)	0
Conv1D	(57, 32)	4128
MaxPooling1D	(28, 32)	0
Deconv1D	(28, 32)	2080
UpSampling1D	(57, 32)	0
Deconv1D	(57,64)	4160
UpSampling1D	(115,64)	0
Deconv1D	(115,115)	14755
Flatten	(None,32)	0
Dense	(115,0)	1539115
Dense	(None,64)	741504
Dense	(None,32)	2080
Dense	(None,1)	33
合计	—	2322639

基于改进CAE的物联网终端风险评估模型

IoT Terminal Risk Assessment Model Based on Improved CAE

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 11

参考文献 22

相关文章 15

编辑推荐

Metrics

本文评价

[1]	顾兆军, 杨睿, 隋翯. 面向网络架构的系统攻击面建模方法[J]. 信息网络安全, 2022, 22(3): 29-38.
[2]	黄波, 秦玉海, 刘旸, 季铎. 基于通用攻击树的脆弱性评估与风险概率研究[J]. 信息网络安全, 2022, 22(10): 39-44.
[3]	朱容辰, 李欣, 林小暖. 基于贝叶斯网络的视频专网安全风险分析方法[J]. 信息网络安全, 2021, 21(12): 91-101.
[4]	赵小林, 赵斌, 赵晶晶, 薛静锋. 基于攻击识别的网络安全度量方法研究[J]. 信息网络安全, 2021, 21(11): 17-27.
[5]	刘永磊, 金志刚, 郝琨, 张伟龙. 基于STRIDE和模糊综合评价法的移动支付系统风险评估[J]. 信息网络安全, 2020, 20(2): 49-56.
[6]	程洋, 雷敏, 罗群. 基于深度学习的物联网终端设备接入认证方法[J]. 信息网络安全, 2020, 20(11): 67-74.
[7]	王庆, 屠晨阳, shenjiahui@iie.ac.cn. 侧信道攻击通用框架设计及应用[J]. 信息网络安全, 2017, 17(5): 57-62.
[8]	董晓宁, 赵华容, 李殿伟, 王甲生. 基于模糊证据理论的信息系统安全风险评估研究[J]. 信息网络安全, 2017, 17(5): 69-73.
[9]	梁智强, 林丹生. 基于电力系统的信息安全风险评估机制研究[J]. 信息网络安全, 2017, 17(4): 86-90.
[10]	李涛, 张驰. 基于信息安全等保标准的网络安全风险模型研究[J]. 信息网络安全, 2016, 16(9): 177-183.
[11]	滕希龙, 曲海鹏. 基于区间值直觉模糊集相似性的信息安全风险评估方法研究[J]. 信息网络安全, 2015, 15(5): 62-68.
[12]	文伟平, 郭荣华, 孟正, 柏皛. 信息安全风险评估关键技术研究与实现[J]. 信息网络安全, 2015, 15(2): 7-8.
[13]	何鹏程, 方勇. 一种基于Web日志和网站参数的入侵检测和风险评估模型的研究[J]. 信息网络安全, 2015, 15(1): 61-65.
[14]	王星河，余洋，夏春和. 面向网络协同防御的动态风险评估模型[J]. 信息网络安全, 2014, 14(9): 39-43.
[15]	章恒，禄凯. 构建云计算环境的安全检查与评估指标体系[J]. 信息网络安全, 2014, 14(9): 115-119.