共查询到20条相似文献,搜索用时 140 毫秒
1.
工业物联网是信息技术和网络技术在工业领域的典型应用,能够显著降低传统工业的资源消耗、提升工业产品质量。但是,工业物联网的后门隐私泄露成为其推广应用的主要障碍之一。基于此,文中基于工业物联网框架,讨论了工业控制系统与工业物联网的数据安全问题,提出了一种工业物联网的后门隐私泄露的感知方法。该方法包括上层语义生成和判决语义生成两部分,能够有效感知工业物联网后门隐私的数据泄露。 相似文献
2.
3.
4.
针对网络中信息接收端数据传输过程中受到链接攻击,导致个人隐私泄露的问题,提出一种宽带物联网信息接收端隐私抗泄露算法.分层分析宽带物联网关键技术,对物理层、通信层以及应用层进行控制和调试,依据被动响应得到私有数据属性、对应函数以及矩阵配置.计算数据泄露与高维函数空间显示间的平衡值,通过Mercer理论运算最优线性回归函数,从而建立了物联网数据信息隐私抗泄漏检测的相空间重构模型,保护用户的隐私信息.实验结果,上述方法具有功能性强、时间短特点,能够保证加密后的隐私信息的完整性,加强宽带物联网信息的安全性. 相似文献
5.
物联网终端设备的数量急剧增加,终端设备无人值守,终端设备本身的安全及信息传递过程中的安全无法保障,用户隐私信息被泄露等,本文将上述问题归类为物联网自身安全问题和网络应用安全问题。在介绍了物联网概念和体系结构的基础上对各种安全问题存在的原因进行了详细的分析,提出了终端设备与感知节点本地安全对策、物联网核心网络安全对策、物联网的加密机制安全对策、用户隐私安全对策。 相似文献
6.
移动群智感知作为一种新兴的物联网感知范式,通过激励现代化智能感知设备获得高质量的感知数据,从而高效地完成大规模且复杂的社会感知任务并服务人类社会.移动群智感知系统由感知用户、感知平台和服务提供商组成,在感知任务执行过程中,感知数据经历感知、上传和交易三个阶段,各阶段均面临多种多样的数据安全和隐私泄露风险,危害感知用户隐私和感知数据安全.首先介绍移动群智感知的系统模型、实际应用场景并给出主要安全研究方法,以感知数据参与感知任务的生命周期为轴线,讨论在感知数据生命周期的三个阶段所面临的安全与隐私威胁;在上述威胁基础上,分别从三个阶段系统阐述现有的数据安全与隐私保护解决方案;最后,从隐私度量、隐私框架、隐私保护和隐私计算等方面探讨进一步的发展趋势与研究方向. 相似文献
7.
针对工业物联网环境下数据访问控制方案存在解密设备计算负担过重,无法保护解密设备隐私信息,以及不能追踪恶意设备等问题,文章提出一种工业物联网环境下可外包的策略隐藏属性基加密方案。该方案借助边缘计算技术将海量工业数据的大部分解密操作外包给边缘计算节点,极大减轻了解密设备的计算负担。该方案将属性基加密中的访问结构进行拆分,引入策略隐藏技术,在实现工业数据机密性的同时保护解密设备的隐私信息。此外,文章利用区块链技术对系统内设备进行监管和审计。安全性分析表明,该方案在选择明文攻击下是安全的。文章在PBC密码库和Hyperledger Fabric区块链平台上将该方案与同类方案进行模拟仿真,结果表明,该方案具有较高的计算效率,适用于工业物联网环境。 相似文献
8.
为解决物联网移动感知服务的数据隐私安全问题,在分析移动感知服务框架及其隐私安全需求的基础上,设计了一个面向移动感知服务的数据隐私保护模型,并采用ε-差分隐私保护算法进行模型的实现与分析.安全性与性能分析表明,该保护模型可满足感知数据、查询请求、控制信息和查询结果等物联网移动感知服务数据的隐私安全保护需求. 相似文献
9.
社交网络用户隐私泄露的量化评估有利于帮助用户了解个人隐私泄露状况,提高公众隐私保护和防范意识,同时也能为个性化隐私保护方法的设计提供依据.针对目前隐私量化评估方法主要用于评估隐私保护方法的保护效果,无法有效评估社交网络用户的隐私泄露风险的问题,提出了一种社交网络用户隐私泄露量化评估方法.基于用户隐私偏好矩阵,利用皮尔逊相似度计算用户主观属性敏感性,然后取均值得到客观属性敏感性;采用属性识别方法推测用户隐私属性,并利用信息熵计算属性公开性;通过转移概率和用户重要性估计用户数据的可见范围,计算数据可见性;综合属性敏感性、属性公开性和数据可见性计算隐私评分,对隐私泄露风险进行细粒度的个性化评估,同时考虑时间因素,支持用户隐私泄露状况的动态评估,为社交网络用户了解隐私泄露状况、针对性地进行个性化隐私保护提供支持.在新浪微博数据上的实验结果表明,所提方法能够有效地对用户的隐私泄露状况进行量化评估. 相似文献
10.
11.
With Industry 4.0 and Internet of Things (IoT) era coming, remote passwords and control-flow vulnerabilities play a key role to detect attackers in Industry IoT (IIoT), who can easily complete remote session and control-flow hijacking on leverage of these types of Sensitive Information (SI). However, how to measure security degree of Sensitive Information is an open issue. To our best knowledge, no effective method can detect secret trace of SI thieves in Advanced Persistent Threat (APT), especially for backdoors and vulnerabilities in software or firmware. To deal with these problems, we propose a new design, called, IIoT-SIDefender (IIoT-SID), we measure security degree of Sensitive Information via Analytic Hierarchy Process (AHP) and Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS), based on selected taint tracking and real-time memory modification, attack-defense and fix-distribution approaches are proposed. Until now, it is the first defined SI guard method to detect SI-leakage scenarios and reject SI-leverage attack. To verify our proposal, experimental tests are verified in a large number of IIoT applications and devices, including IP cameras, smart meters, PLCs and smart routers. Test results have demonstrated that we can capture security level for Sensitive Information as expected, detect potential leakage points in data lifetime (including unknown backdoors and vulnerabilities), describe fine-grained semantics of accidental leakage and secret leverage points, and generate relative hot fix to prevent further attack. 相似文献
12.
由于工业物联网数据具备较强的私密性,数据是否能够安全存储成为工业物联网发展的关键问题。针对这一问题,提出一种基于联盟链的工业物联网数据存储模型。为保证数据存储的效率与安全,首先,在原有PBFT算法的基础上搭建节点状态信用评估模型同时增加投票机制;其次,结合节点状态在SM9数字签名算法中设置多密钥生成中心共同参与密钥生成。对模型的吞吐量、共识时延及通信开销进行实验分析,结果表明,该模型相较于传统模型在数据存储、安全性方面得到了进一步保障,降低了黑客攻击并防止数据泄露或被窜改,并在通信开销方面提升了40%。 相似文献
13.
The evolution of the Internet of Things (IoT) has empowered modern industries with the capability to implement large-scale IoT ecosystems, such as the Industrial Internet of Things (IIoT). The IIoT is vulnerable to a diverse range of cyberattacks that can be exploited by intruders and cause substantial reputational and financial harm to organizations. To preserve the confidentiality, integrity, and availability of IIoT networks, an anomaly-based intrusion detection system (IDS) can be used to provide secure, reliable, and efficient IIoT ecosystems. In this paper, we propose an anomaly-based IDS for IIoT networks as an effective security solution to efficiently and effectively overcome several IIoT cyberattacks. The proposed anomaly-based IDS is divided into three phases: pre-processing, feature selection, and classification. In the pre-processing phase, data cleaning and normalization are performed. In the feature selection phase, the candidates’ feature vectors are computed using two feature reduction techniques, minimum redundancy maximum relevance and neighborhood components analysis. For the final step, the modeling phase, the following classifiers are used to perform the classification: support vector machine, decision tree, k-nearest neighbors, and linear discriminant analysis. The proposed work uses a new data-driven IIoT data set called X-IIoTID. The experimental evaluation demonstrates our proposed model achieved a high accuracy rate of 99.58%, a sensitivity rate of 99.59%, a specificity rate of 99.58%, and a low false positive rate of 0.4%. 相似文献
14.
The rapid growth of the Internet of Things (IoT) in the industrial
sector has given rise to a new term: the Industrial Internet of Things (IIoT).
The IIoT is a collection of devices, apps, and services that connect physical and virtual worlds to create smart, cost-effective, and scalable systems.
Although the IIoT has been implemented and incorporated into a wide range
of industrial control systems, maintaining its security and privacy remains
a significant concern. In the IIoT contexts, an intrusion detection system
(IDS) can be an effective security solution for ensuring data confidentiality,
integrity, and availability. In this paper, we propose an intelligent intrusion
detection technique that uses principal components analysis (PCA) as a
feature engineering method to choose the most significant features, minimize
data dimensionality, and enhance detection performance. In the classification
phase, we use clustering algorithms such as K-medoids and K-means to
determine whether a given flow of IIoT traffic is normal or attack for binary
classification and identify the group of cyberattacks according to its specific
type for multi-class classification. To validate the effectiveness and robustness
of our proposed model, we validate the detection method on a new driven
IIoT dataset called X-IIoTID. The performance results showed our proposed
detection model obtained a higher accuracy rate of 99.79% and reduced error
rate of 0.21% when compared to existing techniques. 相似文献
15.
工业物联网传统的单路传输方式无法有效保证信息传递的机密性与完整性,在通信过程中容易发生信息传输错误进而产生安全风险.本文针对工业物联网环境下智能化生产线设备间感知信息的安全通信需求,构建了一种多重冗余的工业物联网智能产线安全通信模型,提出了一种工业物联网辅助路径多重冗余传输方法,有效防止因通信节点失效而造成数据传输失败,降低了初始通信数据被整体捕获的概率,提高了通信的安全性.此外,针对安全通信模型由于特殊因素造成通信数据周期性丢失的特殊情况,本文进一步提出了一种智能产线通信缺失数据预测方法.该方法对于25个周期温度预测目标的多周期预测结果误差控制在0.15℃之内,在安全通信模型失效的特殊情况下有效预测填充了连续周期缺失通信数据,满足了工业物联网智能产线对于通信数据的完整性要求. 相似文献
16.
物联网的三层体系结构感知层、传输层和应用层与安防系统的数据采集、传输、应用三个主要部分有诸多相似之处,这种相似为公安院校安全技术防范课程教学实践提供了一个崭新的思路。文中对物联网的基本概念、数据感知、数据传输以及数据处理技术在安全技术防范课程的理论与实践教学方面的应用进行了研究,并探讨了物联网在安全技术防范教学实践中所面临的主要问题。 相似文献
17.
With the widespread application of Industrial Internet of Things (IIoT) technology in the industry, the security threats are also increasing. To ensure the safe sharing of resources in IIoT, this paper proposes a data security sharing model based on privacy protection (DSS‐PP) for blockchain‐enabled IIoT. Compared with previous works, DSS‐PP has obvious advantages in several important aspects: (1) In the process of identity authentication, it protects users' personal information by using authentication technology with hidden attributes; (2) the encrypted shared resources are stored in off‐chain database of the blockchain, while only the ciphertext index information is stored in the block. It reduces the storage load of the blockchain; (3) it uses blockchain logging technology to trace and account for illegal access. Under the hardness assumption of Inverse Computational Diffe–Hellman (ICDH) problem, this model is proven to be correct and safe. Through the analysis of performance, DSS‐PP has better performance than the referred works. 相似文献
18.
In this paper, we intend to address the value creation of utilizing the Industrial Internet of Things (IIoT)-driven resource synchronization and sharing-based robotic mobile fulfillment system (RMFS) to enhance the overall operational effectiveness and efficiencies during information transfer and synchronization of resources. With the advent of IIoT, a graph theory-based heuristic under the multi-deep RMFS is used for computing the shortest path. A-star, Dijkstra, and genetic heuristic algorithms are applied for comparison. A simulation with a consideration of the different types of collisions is conducted for different algorithms. By providing a new three-tier IIoT architecture which includes the suppliers, RMFS, and the disposal center, a model is developed with different storage location assignment rules and strategies under the particular parties to minimize the operation costs. IIoT enables resource synchronization and information sharing, and the path will be generated under different order scenarios with different algorithms. The results show that different storage assignment rules and strategies may lead to 30% cost differences compared to the company’s current practice with random storage. 相似文献
19.
20.
随着物联网概念的提出,各国政府专家、企业和技术人员都开始着手研究和建设物联网的工作。物联网安全和隐私问题必然会影响其建设与发展。为了解除物联网发展过程中的障碍,同时为物联网的安全与隐私保护提供相关措施,分析了物联网体系架构所面临的安全威胁,并从感知层、传输层和应用层分别对安全威胁进行详细的研究和总结,最后针对物联网面临的各类安全威胁给出了对应的安全措施。 相似文献