CN113115315B - IOT equipment behavior credible supervision method based on block chain - Google Patents

Abstract

The invention proposes a blockchain-based trusted monitoring method for IOT device behavior, which is based on blockchain and Internet of Things technologies and is applied to the field of Internet of Things. Aiming at the problem that a large number of devices in the Internet of Things industry lack effective security protection mechanisms and are easily attacked and then make untrustworthy behaviors, a blockchain-based IOT device supervision and management network architecture is designed. Nodes supervise, discover and deal with nodes that make untrustworthy behaviors, and effectively improve the security of IoT devices. Specifically, it includes: deploying the blockchain on the IoT platform, validating nodes on the chain using deep learning based on the data generated by ordinary nodes, neural networks and other algorithms to generate comprehensive reputation values for ordinary nodes, and using artificial intelligence algorithms to comprehensively evaluate the reputation of each node. It will report the untrustworthy behavior generated by nodes that are judged to be lower than the set reputation value threshold, and provide support for subsequent corresponding management and control operations.

Description

A Trusted Supervision Method for IOT Device Behavior Based on Blockchain

technical field

The invention relates to the technical field of blockchain and the Internet of Things, and is a scheme for using the blockchain technology to supervise the behavior of network nodes of the Internet of Things. The scheme generates a reputation value for all IoT network nodes and records it on the blockchain, reports the untrustworthy behavior of nodes that are judged to be lower than the set reputation value threshold, and provides support for subsequent corresponding management and control operations.

Background technique

With the entry into the era of big data, the rapid development of the Internet of Things industry has led to the large-scale application of Internet of Things technology in many industries. Because IoT devices have the characteristics of huge number of nodes, fragile computing and storage capabilities, and open environment, based on factors such as cost and management, a large number of IoT devices are deployed in harsh environments that are unsupervised, lacking effective security. Protection mechanisms, e.g. home cameras, smart lights, street light monitors, etc. These IoT devices are prone to hijacking. Hijacked IoT devices are often illegally invoked and arbitrarily controlled by malware, resulting in abnormal behaviors such as denial of service, information interception, and injection of a large number of redundant data packets in network nodes, thereby enabling criminals to destroy network devices and tamper with data. Therefore, it is of great significance to network security to supervise the behavior of IoT network nodes, and to evaluate and supervise the credibility of their transmitted information.

To solve this type of problem, hijacked IoT devices need to be discovered and blocked from connecting to the communication network, and cut off from the network before they can access the target server. Relevant institutions can upgrade the Internet of Things and connect the Internet of Things with the blockchain to jointly monitor, identify and process the network activities of the Internet of Things devices to ensure and improve network security.

SUMMARY OF THE INVENTION

The purpose of the present invention is to provide a blockchain-based trusted monitoring method for IOT device behavior to solve the problems raised in the above background technology.

To achieve the above object, the present invention provides the following technical solutions:

First, deploy the blockchain architecture in the IoT network, and provide device authentication and basic permission control functions.

In order to improve the concurrency of the blockchain to adapt to the Internet of Things network environment with a huge number of nodes, the present invention adopts the underlying architecture of the blockchain based on the DAG directed acyclic graph to replace the traditional single-chain underlying architecture of the blockchain. The blockchain network architecture based on the DAG directed acyclic graph structure is a multi-chain structure, which can be regarded as a horizontal expansion of the traditional single-chain structure. Each node or account maintains a chain to record local information. A parachain-based DAG is constructed by cross-referencing. Each basic unit in the ledger can reference one or more predecessor units, and can be referenced by multiple successor units at the same time, which enables multiple nodes to add transactions or block units to the ledger at the same time, thus greatly improving the system throughput . Since this structure is similar to the traditional single-chain blockchain structure, it has good support for smart contracts. In the present invention, each single chain is managed and maintained by a peer-to-peer base station, and it is assumed in the present invention that the base station is credible. The nodes on the chain conduct consensus through the PBFT consensus mechanism. Each peer-to-peer single chain acts as a node cluster, and the chain is composed of verification nodes and ordinary nodes. The verification nodes between clusters, that is, between chains, regularly exchange data according to preset timestamps, so as to achieve the purpose of information interconnection in the entire IoT blockchain network. Figure 1 is a schematic diagram of the blockchain structure based on the DAG directed acyclic graph.

The IoT node automatically uploads the data generated during work to the blockchain through the data collection program through the smart contract, so as to achieve the purpose of data security, non-tampering and traceability. The data collected by the IoT node may include node ID, time, location, event, transmission delay, data packet forwarding volume, data packet repetition rate, etc., depending on the working environment of the IoT device node. For example, the data collected by the node for environmental sensors may include temperature, humidity, pressure values, and so on. If the data collected by the IoT node includes temperature, humidity, pressure value, etc., it is necessary to write the normal value fluctuation range and threshold range in the smart contract in advance to compare to determine whether the node has abnormal or untrustworthy behavior. Based on this, the reliability of the node is determined.

然后计算信誉值与平均值的距离，进而判断推荐信誉值权重，第K个推荐信誉值m_k的权重c_k可表示为

所有推荐信誉值加权计算最终得到合并信誉值

The IoT nodes on each chain are divided into two categories: verification nodes and ordinary nodes. The verification node calculates according to the data submitted by each IoT node according to the smart contract arranged on the chain in advance, and generates the comprehensive reputation value of each node. The comprehensive reputation value is calculated by weighting the direct reputation value T ^a , the recommended reputation value T ^f and the historical reputation value ^Th , and using the weighting coefficients Q ₁ , Q ₂ , Q ₃ , the comprehensive reputation value T can be expressed as T=Q ₁ ×T ^a +Q ₂ ×T ^f +Q ₃ ×T ^h , where 0<Q ₁ ≤Q ₂ ≤Q ₃ <1, and Q ₁ +Q ₂ +Q ₃ =1. The evaluation standard of direct reputation value is composed of indicators such as transmission delay, data packet forwarding volume, and data packet repetition rate generated by the combination of interaction event triggering and periodicity between nodes. The node device is controlled by a smart contract to compare the collected data with a preset normal value range, and generate a direct reputation value through a machine learning algorithm. The recommendation reputation value is generated by multiple nodes based on neural network push. The historical reputation value is generated by long-term statistics. The length of the trust evaluation queue is fixed and updated on time. The addition of the historical reputation value makes the final comprehensive result more objective and stable. The comprehensive reputation value generation process is shown in Figure 2. When generating the recommendation trust value, in order to avoid malicious nodes sending false and conflicting recommendation trust values to intentionally raise or degrade the recommendation trust value of a node, the distance between each reputation value and the average reputation value is used as the weight, and the distance between each reputation value and the average reputation value is used as the weight, and the expected value The farther the weight is, the lower the weight is, and the possibility of malicious slander is excluded as much as possible. First calculate the average of all recommended reputation values

Then calculate the distance between the reputation value and the average value, and then judge the weight of the recommended reputation value. The weight _{ck of the Kth recommended reputation value m k can} be expressed as

The weighted calculation of all recommended reputation values finally obtains the combined reputation value

In the common node reputation evaluation, the verification node evaluates the comprehensive reputation value of the node through the past historical behavior of the node, generates a behavior judgment report, conducts consensus within the cluster based on PBFT, records the untrustworthy behavior and makes corresponding penalties. And manage all nodes in the cluster at the same time. The verification node layer is managed by the base station, which is assumed to be credible in the present invention. The base station uses artificial intelligence technology to evaluate its reputation value through the historical behavior of nodes, and selects nodes with high reputation value as verification nodes, and updates the reputation value at regular intervals. Re-select the high reputation value node as the verification node. The verification node also calculates the reputation value of the cluster as a reference for the entire cluster. When the reputation value of the cluster is lower than the threshold value, the entire cluster is removed from the network and a new node is deployed. This is all performed automatically by smart contracts already deployed on the IoT blockchain.

The blockchain-based trusted monitoring method for IOT device behavior proposed by the present invention records the data operations of licensed users through the deployed access control function module, so as to ensure the traceability of relevant data operations.

The verification node uses big data technology to regularly summarize the untrusted information that has been confirmed and processed, and generate a visual report, which is convenient for managers to review and supervise the security of the entire Internet of Things network.

As can be seen from the above content of the present invention, the present invention has the following advantages and beneficial effects compared with the existing Internet of Things network solution:

1. Using blockchain technology, encryption technology and security algorithms can be used to protect digital identities, so as to build a more secure and convenient digital identity authentication system in the Internet of Things environment. Before the digital identity is put on the chain, it needs to pass the certification and credit endorsement of the certification body (such as the government, enterprises, etc.). After the chain is put on the chain, the digital identity authentication system based on the blockchain guarantees the authenticity of the digital identity information and provides credible information. Certification Services. Each device in the IoT has its own blockchain address, which can be registered against a specific address, thus protecting its digital identity from other devices.

2. The use of blockchain technology to build an IoT application platform can "decentralize" the effective connection and integration of various IoT-related devices, gateways, services, etc., promote their mutual cooperation, and effectively avoid the failure of a single node. The whole network crashes problem. Open up the physical and virtual worlds, reduce costs, and meet the needs of trust establishment, transaction acceleration, and massive connections to the greatest extent possible.

3. The distributed ledger in the blockchain has the characteristics of anti-tampering, which can effectively reduce the risk of information leakage and malicious manipulation caused by any single node device in the IoT network being maliciously attacked and controlled. The use of blockchain technology to build and manage the Internet of Things network can timely control the status of various manufacturing equipment in the network and the status of all parties involved in the division of labor and collaboration, improve equipment utilization and maintenance efficiency, and provide more accurate, Efficient supply chain services.

4. The blockchain can provide a trust mechanism for the Internet of Things to ensure the credibility, reliability and transparency of records such as ownership and transactions. At the same time, it can also provide a protection mechanism for user privacy, so as to effectively solve the problems faced by the development of the Internet of Things. Issues such as data management, trust, security, and privacy promote the evolution of the Internet of Things to a more flexible and intelligent advanced form.

5. When the IoT business is deployed on the IoT blockchain in the form of smart contracts, IoT devices can access the corresponding IoT business by searching and executing relevant smart contracts on the IoT blockchain. When the IoT business is deployed outside the IoT blockchain, the IoT device can search and execute related auxiliary smart contracts through the IoT blockchain to obtain the access permission to access the IoT business, and then directly communicate with the corresponding IoT business. At the same time, according to the needs of the IoT business, the IoT business and the IoT device can store the result data of the interaction between the two parties on the IoT blockchain.

Description of drawings

Figure 1 is a schematic diagram of the blockchain structure based on the DAG directed acyclic graph;

Figure 2 is a schematic diagram of the generation process of the comprehensive reputation value;

Figure 3 is a schematic diagram of IOT device node deployment.

Detailed ways

The implementation process of the present invention is described below by taking the intelligent IOT device used in the company's intelligent office as an example. Suppose the solution includes smart door locks, smart switches, smart sockets, smart lights, smart speakers, smart air conditioners, smart water heaters, smart refrigerators, smart environmental sensors, smart sweeping robots, smart gateways, smart security alarms, cameras, etc. IOT devices , the communication protocols used by these devices are often very simple and easily hacked.

During the implementation of this plan, the company's internal department classification is used as the standard to divide the company into multiple parts. Each department will set up a server on its own to establish and maintain a blockchain network. The maintained blockchains together form a blockchain architecture based on the DAG directed acyclic graph structure, covering the entire company's IOT smart device network. The blockchain structure based on the DAG directed acyclic graph is shown in Figure 1. The department uses blockchain technology to conduct security authentication for the smart IOT devices used in the department based on cryptography and signature mechanism; through the form of smart contracts, the access and other behavior permissions of smart IOT devices are stipulated; The unified digital ID identification enables devices to identify and verify each other, and achieve the purpose of interconnection. The schematic diagram of IOT equipment deployment is shown in Figure 3. The following describes the deployment and implementation process of the patent of the present invention by taking a camera device of one of the nodes on the chain as an example.

(1) The department server puts the camera device on the chain, and generates a blockchain-based identity ID and an encrypted private key for it. After generation, if the user needs to obtain the management authority of the camera device, he must log in, and the private key must be entered to log in. If the private key is lost, anyone will lose the access authority to the data. Any operation of the camera device will be recorded on the chain and cannot be tampered with.

(2) The nodes on the chain are divided into verification nodes and ordinary nodes. It is assumed that the camera device node is an ordinary node. First, through the data acquisition program deployed by the device node, the transmission delay, data packet forwarding volume, and data packet repetition rate information generated by the camera equipment during operation are collected and recorded on the blockchain. The data indicator thresholds are compared and calculated, and the direct reputation value is generated based on the machine learning algorithm; the recommended reputation value is generated by the adjacent device nodes on the chain based on the neural network algorithm; the node records the generated reputation value each time on the blockchain for a long time. Form a queue of historical reputation values. The three types of reputation values are weighted and calculated by the verification node according to the smart contract on the chain to generate a comprehensive reputation value. The specific generation process is shown in Figure 2.

(3) The comprehensive reputation value is used as the criterion for judging whether the camera device node has untrustworthy behavior. After generation, the whole network consensus is carried out based on PBFT and recorded on the blockchain. The verification node is based on the smart contract, according to the generated comprehensive reputation The value is high or low, and artificial intelligence technology is used to judge whether the node has untrustworthy behavior.

(4) If it is finally concluded that the comprehensive reputation value is higher than the preset reputation value threshold, it is determined that the camera device node is not abnormal, that is, no untrustworthy behavior occurs, and the historical reputation value evaluation queue of the camera device node is at this time. Update and keep the queue length unchanged; if the final comprehensive reputation value is lower than the pre-set reputation value threshold, the machine learning algorithm is used to reduce the historical reputation score to different degrees under the condition that the number of times does not exceed 10 times. , if it exceeds 10 times, the device node will be directly offline for maintenance or direct disposal. After the processing is completed, it will be considered whether to use the device on the chain for a second time according to the specific situation. The specific number of times can be changed according to the specific situation.

(5) The department server manages the verification node layer uniformly. The server uses artificial intelligence technology to select nodes with high reputation value as verification nodes, and updates the reputation value at regular intervals. If the reputation value of the node is found to be lower than the threshold value, it revokes its verification node, and re-selects the high reputation value node as the verification node.

(6) The verification node regularly summarizes the untrusted information that has been confirmed and processed through big data technology, and generates a visual report, which is convenient for managers to review and supervise the security of the entire Internet of Things network.

Claims (10)

1. A blockchain-based trusted monitoring method for IOT device behavior, characterized in that the blockchain technology is used to supervise the behavior of IOT devices in the Internet of Things, to discover and deal with untrustworthy behaviors in a timely manner, and to provide security protection for the IOT devices mechanism, including the following steps: S1. Deploy the blockchain architecture based on the DAG directed acyclic graph in the IoT device network, and provide device authentication and basic permission control functions; S2. The IoT device writes the data generated by its own work into the blockchain distributed ledger in real-time or offline; S3. The consensus mechanism adopts PBFT consensus to ensure that the data on the chain cannot be tampered with; S4. Deploy access control functions to record data operations of licensed users to ensure traceability of relevant data operations; S5. The smart contract deployed on the chain in advance calculates and generates a comprehensive reputation value for each IoT node according to the indicators of the written data; S6. The verification node on the chain judges whether each node has untrustworthy behavior according to the generated comprehensive reputation value. If the reputation value is lower than the pre-set reputation value threshold, it is judged that the node has untrustworthy behavior and punishes it. ; S7. The verification node regularly summarizes the untrusted information that has been confirmed and processed, and generates a visual report for the management personnel to review and supervise. 2. A blockchain-based trusted monitoring method for IOT device behavior as claimed in claim 1, characterized in that, in step S1, the deployed blockchain network based on DAG directed acyclic graph structure The architecture is a multi-chain structure, which can be regarded as a horizontal expansion of the traditional single-chain structure. Each basic unit in the ledger can reference one or more predecessor units, and can be referenced by multiple successor units at the same time. Peer-to-peer trusted base stations are maintained, and nodes on the chain conduct consensus through the PBFT mechanism. 3. a kind of blockchain-based IOT device behavior credible supervision method as claimed in claim 1 is characterized in that, in step S2, the data collected by the Internet of Things node includes node ID, time, location, event, transmission Delay, data packet forwarding volume, data packet repetition rate. 4. a kind of blockchain-based IOT device behavior credible supervision method as claimed in claim 1, is characterized in that, in step S4, set up access rules, implement strict authority control to licensed users, and allow users to control data. The processing operation record is uploaded to the chain to save the record. 5. A blockchain-based trusted monitoring method for IOT device behavior as claimed in claim 1, wherein in step S5, the comprehensive reputation value is weighted by the direct reputation value, the recommended reputation value and the historical reputation value It is calculated that the evaluation standard of the direct reputation value is composed of the transmission delay, data packet forwarding volume, and data packet repetition rate indicators generated by the combination of interactive event triggering and periodicity between nodes, and the nodes are controlled by smart contracts. The device compares the collected data with the preset normal value range to generate a direct reputation value. The recommended reputation value is generated by multiple nodes at the same time, and the historical reputation value is generated by long-term statistics. The length of the trust evaluation queue is fixed and updated on time. 6. A blockchain-based trusted monitoring method for IOT device behavior as claimed in claim 5, characterized in that, when generating a recommended trust value, in order to avoid malicious nodes from sending false and conflicting recommended trust values, the value is intentionally elevated or To degrade the recommendation trust value of a node, the distance between the reputation value of each node and the average reputation value is used as the weight, and the weight of the recommendation reputation value provided by the node farther from the expected value is reduced the lower. 7. A blockchain-based trusted monitoring method for IOT device behavior as claimed in claim 1, characterized in that, in step S6, IoT nodes are divided into two categories, verification nodes and common nodes. In the node reputation evaluation, the verification node evaluates the comprehensive reputation value of the node through the past historical behavior of the node, generates a behavior judgment report, conducts consensus within the cluster based on PBFT, records the untrustworthy behavior and makes corresponding penalties, and at the same time. Manage all nodes in this cluster. 8. A blockchain-based trusted monitoring method for IOT device behavior as claimed in claim 7, wherein a multi-chain blockchain structure based on a DAG directed acyclic graph is used to replace the traditional single-chain region In the blockchain structure, each chain acts as a node cluster, and the verification nodes between the clusters, that is, the verification nodes between the chains, regularly exchange data according to the preset time stamp, so that the data between the chains can be exchanged. 9. A blockchain-based trusted monitoring method for IOT device behavior as claimed in claim 7, characterized in that the verification node layer is managed by the base station, and the base station evaluates its reputation value through the node's historical behavior, and selects a high reputation The value node is used as the verification node, and the reputation value is updated at regular intervals. If the node reputation value is found to be lower than the threshold value, the verification node is revoked, and the high reputation value node is re-selected as the verification node. 10. A blockchain-based trusted monitoring method for IOT device behavior as claimed in claim 7, wherein the verification node simultaneously calculates the reputation value of the cluster as a reference for the entire cluster, and when the cluster reputation value is Below the threshold, the entire cluster is removed from the network and new nodes are deployed.

Images