计算机科学 ›› 2020, Vol. 47 ›› Issue (7): 299-306.doi: 10.11896/jsjkx.190700199
所属专题: 物联网技术 虚拟专题
杨威超1,2, 郭渊博1, 李涛1, 朱本全2
YANG Wei-chao1,2, GUO Yuan-bo1, LI Tao1, ZHU Ben-quan2
摘要: 物联网(Internet of Things,IoT)的大规模部署应用,使得有漏洞的物联网设备也可能联入网中。攻击者利用有漏洞的设备接入目标内部网络,就可潜伏伺机发起进一步的攻击。为防范这类攻击,需要开发一种对可疑设备接入控制并管理内部设备的安全机制。首先,为实现对可疑设备的接入控制,文中给出了一种设备识别方法,通过设置白名单,构建通信流量特征指纹,使用随机森林方法来训练设备识别模型;其次,为管理内部设备,提出了一种智能安全管理模型,构建基于资产、漏洞、安全机制等的本体威胁模型;最后,通过实验验证了设备识别模型的检测效果,其识别准确率达到96%以上,并将其与已有类似方法进行对比,结果证明了所提方法具有更好的检测稳定性。
中图分类号:
[1]HOWELL J.Number of connected iot devices will surge to 125 billion by 2030.[EB/OL].(2018-11-07)[2019-07-15].https://technology.ihs.com/596542/. [2]BORGIA E.The Internet of Things vision:Key features,applications and open issues[J].Computer Communications,2014,1(1):1-31. [3]RESTUCCIA F,D’ORO S,MELODIA T.Securing the internet of things:New perspectives and research challenges[J].IEEE Internet of Things Journal,2018,1(1):1-14. [4]STANKOVIC J A.Research directions for the internet of things[J].IEEE Internet of Things Journal,2014,1(1):3-9. [5]PACHECO J,HARIRI S.IoT security framework for smart cyber infrastructures[C]//2016 IEEE 1st International Workshops on Foundations and Applications of Self* Systems (FAS*W).IEEE,2016:242-247. [6]CALERO.3 Ways the Internet of Things will Impact Enterprise Security[EB/OL].(2018-06-17)[2019-7-15].https://www.calero.com/mobility-service-support/3-ways-the-internet-of-things-will-impact-enterprise-security/. [7]BOZTAS A,RIETHOVEN A,ROELOFFS M.Smart TV forensics:Digital traces on televisions.[EB/OL].https://doi.org/10.1016/j.diin.2015.01.012. [8]SAM B.WikiLeaks Dump Shows CIA Could Turn Smart TVs into Listening Devices[EB/OL].https://theintercept.com/2017/03/07/wikileaks-dump-shows-cia-could-turn-smart-tvs-into-listening-devices. [9]CACHE J.Fingerprinting 802.11 implementations via statistical analysis of the duration field[J].Uninformed.org,2006,5. [10]FRANKLIN J,MCCOY D,TABRIZ P,et al.Passive Data Link Layer 802.11 Wireless Device Driver Fingerprinting[C]//USENIX Security Symposium.2006:16-89. [11]BOJINOV H,MICHALEVSKY Y,NAKIBLY G,et al.Mobile device identification via sensor fingerprinting[J].arXiv:1408.1416. [12]VAN G T,SCHEEPERS W,PREUVENEERS D,et al.Accelerometer-based device fingerprinting for multi-factor mobile authentication[C]//International Symposium on Engineering Secure Software and Systems.Cham:Springer,2016:106-121. [13]MEIDAN Y,BOHADANA M,SHABTAI A,et al.Detection of unauthorized iot devices using machine learning techniques[J].arXiv:1709.04647. [14]NGUYEN T D,MARCHAL S,MIETTINEN M,et al.Diot:A crowdsourced self-learning approach for detecting compromised iot devices[J].arXiv:1804.07474. [15]MEIDAN Y,BOHADANA M,SHABTAI A,et al.ProfilIoT:a machine learning approach for IoT device identification based on network traffic analysis[C]//Proceedings of the Symposium on Applied Computing.ACM,2017:506-509. [16]SHAIKH F,BOU-HARB E,CRICHIGNO J,et al.A Machine Learning Model for Classifying Unsolicited IoT Devices by Observing Network Telescopes[C]//2018 14th International Wireless Communications & Mobile Computing Conference (IWCMC).IEEE,2018:938-943. [17]SALMAN O,CHADDAD L,ELHAJJ I H,et al.Pushing intelligence to the network edge[C]//2018 Fifth International Conference on Software Defined Systems (SDS).IEEE,2018:87-92. [18]THANGAVELU V,DIVAKARAN D M,SAIRAM R,et al.Deft:A distributed iot fingerprinting technique[J].IEEE Internet of Things Journal,2018,6(1):940-952. [19]MIETTINEN M,MARCHAL S,HAFEEZ I,et al.IoT Senti-nel:Automated device-type identification for security enforcement in IoT[C]//2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).IEEE,2017:2177-2184. [20]DIRO A A,CHILAMKURTI N.Distributed attack detectionscheme using deep learning approach for Internet of Things[J].Future Generation Computer Systems,2018,82(1):761-768. [21]FAURI D,KAPSALAKIS M,DOSSANTOS D R,et al.Role In-ference+ Anomaly Detection= Situational Awareness in BAC- net Networks[C]//International Conference on Detection of Intrusions and Malware,and Vulnerability Assessment.Cham:Springer,2019:461-481. [22]MILOSLAVSKAYA N,TOLSTOY A.Internet of Things:information security challenges and solutions[J].Cluster Computing,2019,1(1):1-17. [23]NAWIR M,AMIR A,YAAKOB N,et al.Internet of Things(IoT):Taxonomy of security attacks[C]//2016 3rd International Conference on Electronic Design (ICED).IEEE,2016:321-326. [24]PACHECO J,ZHU X,BADR Y,et al.Enabling risk management for smart infrastructures with an anomaly behavior analysis intrusion detection system[C]//2017 IEEE 2nd International Workshops on Foundations and Applications of Self* Systems (FAS* W).IEEE,2017:324-328. [25]MOZZAQUATRO B,AGOSTINHO C,GONCALVES D,et al.An Ontology-Based Cybersecurity Framework for the Internet of Things[J].Sensors,2018,18(9):3053-3061. [26]MOZZAQUATRO B A,JARDIM-GONCALVES R,Agostinho C.Towards a Reference Ontology for Security in the Internet of Things[C]//IEEE International Workshop on Measurement & Networking 2015.IEEE,2015:289-296. [27]HERZOG A,SHAHMEHRI N,DUMA C.An ontology of information security[J].International Journal of Information Security and Privacy (IJISP),2007,1(4):1-23. [28]FENZ S,EKELHART A.Formalizing information securityknowledge[C]//Proceedings of the 4th International Symposiumon Information,Computer,and Communications Security.ACM,2009:183-194. [29]UNDERCOFFER J,JOSHI A,PINKSTON J.Modeling com-puter attacks:An ontology for intrusion detection[C]//International Workshop on Recent Advances in Intrusion Detection.Berlin:Springer,2003:113-135. [30]ACRIS.IoT devices setup captures (IoT Sentinel experiments) [EB/OL].https:// research.Aalto.fi/files/1150458/captures IoT Sentinel.zip. |
[1] | 高振卓, 王志海, 刘海洋. 嵌入典型时间序列特征的随机Shapelet森林算法 Random Shapelet Forest Algorithm Embedded with Canonical Time Series Features 计算机科学, 2022, 49(7): 40-49. https://doi.org/10.11896/jsjkx.210700226 |
[2] | 胡艳羽, 赵龙, 董祥军. 一种用于癌症分类的两阶段深度特征选择提取算法 Two-stage Deep Feature Selection Extraction Algorithm for Cancer Classification 计算机科学, 2022, 49(7): 73-78. https://doi.org/10.11896/jsjkx.210500092 |
[3] | 王文强, 贾星星, 李朋. 自适应的集成定序算法 Adaptive Ensemble Ordering Algorithm 计算机科学, 2022, 49(6A): 242-246. https://doi.org/10.11896/jsjkx.210200108 |
[4] | 阙华坤, 冯小峰, 刘盼龙, 郭文翀, 李健, 曾伟良, 范竞敏. Grassberger熵随机森林在窃电行为检测的应用 Application of Grassberger Entropy Random Forest to Power-stealing Behavior Detection 计算机科学, 2022, 49(6A): 790-794. https://doi.org/10.11896/jsjkx.210800032 |
[5] | 章晓庆, 方建生, 肖尊杰, 陈浜, RisaHIGASHITA, 陈婉, 袁进, 刘江. 基于眼前节相干光断层扫描成像的核性白内障分类算法 Classification Algorithm of Nuclear Cataract Based on Anterior Segment Coherence Tomography Image 计算机科学, 2022, 49(3): 204-210. https://doi.org/10.11896/jsjkx.201100085 |
[6] | 刘振宇, 宋晓莹. 一种可用于分类型属性数据的多变量回归森林 Multivariate Regression Forest for Categorical Attribute Data 计算机科学, 2022, 49(1): 108-114. https://doi.org/10.11896/jsjkx.201200189 |
[7] | 杨小琴, 刘国军, 郭建慧, 马文涛. 基于随机森林的空域-频域联合特征全参考彩色图像质量评价方法 Full Reference Color Image Quality Assessment Method Based on Spatial and Frequency Domain Joint Features with Random Forest 计算机科学, 2021, 48(8): 99-105. https://doi.org/10.11896/jsjkx.200700106 |
[8] | 郑建华, 李小敏, 刘双印, 李迪. 融合级联上采样与下采样的改进随机森林不平衡数据分类算法 Improved Random Forest Imbalance Data Classification Algorithm Combining Cascaded Up-sampling and Down-sampling 计算机科学, 2021, 48(7): 145-154. https://doi.org/10.11896/jsjkx.200800120 |
[9] | 李娜娜, 王勇, 周林, 邹春明, 田英杰, 郭乃网. 基于特征重要度二次筛选的DDoS攻击随机森林检测方法 DDoS Attack Random Forest Detection Method Based on Secondary Screening of Feature Importance 计算机科学, 2021, 48(6A): 464-467. https://doi.org/10.11896/jsjkx.200900101 |
[10] | 曹扬晨, 朱国胜, 祁小云, 邹洁. 基于随机森林的入侵检测分类研究 Research on Intrusion Detection Classification Based on Random Forest 计算机科学, 2021, 48(6A): 459-463. https://doi.org/10.11896/jsjkx.200600161 |
[11] | 徐佳庆, 胡小月, 唐付桥, 王强, 何杰. 基于随机森林的高性能互连网络阻塞故障检测 Detecting Blocking Failure in High Performance Interconnection Networks Based on Random Forest 计算机科学, 2021, 48(6): 246-252. https://doi.org/10.11896/jsjkx.201200142 |
[12] | 周益旻, 刘方正, 王勇. 基于混合方法的IPSec VPN加密流量识别 IPSec VPN Encrypted Traffic Identification Based on Hybrid Method 计算机科学, 2021, 48(4): 295-302. https://doi.org/10.11896/jsjkx.200700189 |
[13] | 张天瑞, 魏铭琦, 高秀秀. 基于IPSO-WRF的选择性激光烧结件气泡溶解时间预测模型 Prediction Model of Bubble Dissolution Time in Selective Laser Sintering Based on IPSO-WRF 计算机科学, 2021, 48(11A): 638-643. https://doi.org/10.11896/jsjkx.210300080 |
[14] | 刘振鹏, 苏楠, 秦益文, 卢家欢, 李小菲. FS-CRF:基于特征切分与级联随机森林的异常点检测模型 FS-CRF:Outlier Detection Model Based on Feature Segmentation and Cascaded Random Forest 计算机科学, 2020, 47(8): 185-188. https://doi.org/10.11896/jsjkx.190600162 |
[15] | 王晓晖, 张亮, 李俊清, 孙玉翠, 田捷, 韩睿毅. 基于遗传算法与随机森林的XGBoost改进方法研究 Study on XGBoost Improved Method Based on Genetic Algorithm and Random Forest 计算机科学, 2020, 47(11A): 454-458. https://doi.org/10.11896/jsjkx.200600002 |
|