Research On Several Key Security Issues In Internet Of Things

With the continuous development and improvement of information and communication technology and advanced manufacturing,Internet of Things(Io T)has become more and more widely used in socioeconomic development and daily life.In the process of deeply reshaping the social production mode and transforming the traditional industrial form,it has greatly improved the efficiency of social operation and the quality of daily life.However,due to the continuous enrichment of the Io T application scenarios,the security risks and threats it is facing are increasing day by day,and the security situation is increasingly severe.Many attacks show that the current security architecture of the Io T cannot solve the risks brought by its own security vulnerabilities.At the same time,the security models and schemes deployed in actual application scenarios usually do not adapt to the characteristics of the Io T.In addition to threatening the system stability and information security of the Io T,this will inevitably affect the user experience and confidence,and may even become a key factor limiting the future better development and widespread deployment of the Io T.Therefore,there is an urgent need to research and deploy security mechanisms,models and solutions which better meet the actual needs of the Io T,to further ensure the security and reliability of Io T.Based on the above introduction and considerations,this dissertation outlines the basic concepts,development history,main features,system architecture,and typical applications of Io T.It elaborates the similarities and differences between Io T security and traditional information security on the Internet,sorts out the current research status of Io T security,studies the general security challenges,security requirements and goals,and security architecture of Io T.Specially,it focuses on several key security issues such as privacy protection,traceability and certification,and anomaly detection;designs more secure and efficient system models and schemes aiming at the actual security requirements and specific security issues.Moreover,the dissertation focuses on Smart Grid(SG)and Internet of Vehicles(IOV)which are typical application scenarios of Io T,and then conducts relevant safety analysis,performance evaluation and experimental verification.In general,this dissertation specifically includes the following:The first issue is focusing on the research of Io T security theory and mechanism.On the basis of summarizing the current status of Io T security,from the perspective of holistic,systemic and synergy,this dissertation sorts out the current security challenges and influencing factors of Io T,researches the security requirements,security goals and security architecture of Io T,analyzes the common attack methods in Io T,separately studying the main security threats and specific security issues at different architecture levels in Io T from the perspective of the four-layer architecture,and then discusses several key security issues in Io T,such as privacy protection,traceability and certification,and anomaly detection.The second issue is focusing on privacy protection in Io T.Taking SG which is one typical application scenario of Io T as the research scenario,this dissertation specifically researches on multi-user privacy data protection in SG,aiming at the characteristics of weak computing power and limited resources of user nodes in SG,abandons the traditional fully homomorphic public-key encryption,uses a data aggregation method that supports privacy protection to establish a formal model for multi-user data privacy protection aggregation based on trapdoor one-way function,secure multi-party computation,full homomorphic encryption and addition homomorphic encryption,specifically constructs three different efficient multi-user data privacy protection aggregation schemes in SG.Security analysis and performance evaluation show that these above three schemes realize the statistical analysis of regional privacy data in the ciphertext domain of the multi-user scenario in SG,effectively reduce the computation complexity for users with weak computing power and limited resources in SG.The third issue is focusing on the privacy protection and certification for mobile users in Io T.Still taking SG as the research scenario,this dissertation specifically researches the data privacy protection aggregation and certification problem that meets the demand for mobile users to get electricity outdoor in SG,proposes a system solution to the needs of mobile users for outdoor use of electricity in SG,designs and constructs a data aggregation and certification scheme for mobile users in SG,outsources the aggregate computing phase to some other third party that does not require authoritative certification but has powerful computing capabilities under the premise of mobile users who provide their own electricity consumption data commitments.Security analysis and performance evaluation show that the above scheme effectively reduces the computation overhead and communication load while achieving indistinguishability under chosen ciphertext attack(IND-CCA).Compared with the aggregation and certification scheme using the traditional fully homomorphic public-key encryption,it can achieve resistance to internal and external adversary attacks and ensure the privacy,authentication,and integrity of data such as electricity consumption of mobile users,track and confirm the source of illegal acts such as tampering with electricity consumption data.The fourth issue is focusing on anomaly detection in Io T.Taking IOV which is another typical application scenario of Io T as the research scenario,this dissertation specifically studies the problem of real-time anomaly detection of the smart vehicle under the "end-pipe-cloud" architecture in IOV.It uses data fusion technology to take advantage of the sudden drop in correlation of data from multi-source sensors in vehicle under abnormal conditions.Basing on the edge computing technology and analysis of the correlation multi-source sensor data,this dissertation aims at the variety of information security risks faced by the smart vehicle,proposes a lightweight vehicle real-time anomaly detection algorithm with low computation complexity and space complexity,and then specifically constructs a vehicle real-time anomaly detection system based on this algorithm.Experimental verification and performance analysis show that,the above algorithm and system can achieve better anomaly detection without adding redundant sensors in the vehicle,not only meet the high real-time requirements of the security services in the smart vehicle,but also avoid the large-scale occupation of the CAN communication resources which are originally scarce,and they also have high accuracy,reliability and feasibility.In summary,this dissertation reviews the basic concepts and related basic knowledge of Io T,also researches and analyzes the security theory,mechanism,and several key security issues of Io T,and then designs and constructs the system models and some specific schemes,focusing on the practical security issues in the typical application scenarios of Io T such as SG and Io V.At the same time,the corresponding security analysis,performance evaluation and experimental verification are carried out,and the results show that the specific models and schemes proposed in this dissertation for several key security issues in Io T,such as privacy protection,traceability and certification,and anomaly detection,not only meet the actual security needs of the typical application scenarios such as SG and Io V,but also have very concrete application and promotion value in other application scenarios of IoT.