Research On Authentication And Secure Transmission Technologies In Large-scale IoT Systems

In the era of rapid development of the Internet,the Internet of Things(Io T),an emerging network system,is becoming more and more widely used in various fields of life.While Io T brings great convenience to society,Io T security technology is an indispensable cornerstone in the process of its steady development.Due to the existence of device heterogeneity,interaction between devices and complex deployment environment,the security of Io T terminals is generally fragile.To ensure the security of Io T systems,Io T authentication schemes and endto-end secure transmission mechanisms are currently hot research topics in Io T security technologies.In the context of the current development of "Internet of Everything",the scale of Io T is gradually huge.There are more and more large-scale Io T scenarios with thousands of terminal devices accessing like bicycle sharing,smart-grid,traffic monitoring,internet of vehicles,etc.On the one hand,the massive data processing requirements will bring huge computational pressure to the server in such scenarios,resulting in the traditional Io T security mechanisms being inefficient or unable to perform properly.On the other hand,most of the terminal devices in large-scale Io T systems are resource-constrained devices with limited computing and storage capabilities,so traditional encryption algorithms or security protocols cannot be performed properly on the devices,which makes the system vulnerable.Therefore,further research is needed for the key technologies for system security in large-scale Io T scenarios.In this paper,the flaws and shortcomings of authentication schemes and secure transmission schemes are studied and analyzed respectively for large-scale Io T scenarios,and corresponding solutions are proposed.The main work and research results of this paper are as follows:(1)To solve the problems of device heterogeneity,single point of failure,environmental changes,and time delay caused by a large number of device authentication requests in largescale Io T scenarios,an environment-change adaptable and fast authentication scheme(EAFA)is proposed in combination with device fingerprinting technology.In EAFA,an Infinite Gaussian Mixture Model is built from the fingerprints generated by devices in the Io T initialization phase.In the authentication phase,the distribution similarity between the model and the fingerprints is compared,which helps to identify the devices,and the successfully authenticated fingerprints is added to the Bloom filter to shorten the authentication time of the same fingerprints.A transfer learning approach is used to detect environment-induced fingerprint changes and reduce false alarms.Simulation results show that the proposed scheme effectively improves the hit-rate of authentication and speeds up the completion of devices' authentication,while reducing the false alarm caused by environmental changes.(2)An IoT security architecture based on edge computing is proposed to address the problems of insufficient storage space,poor computing power,unstable communication links,and inability to use Internet standard security protocols to guarantee end-to-end security in largescale Io T scenarios.On the basis of this architecture,an edge computing-based secure transmission protocol(ECST)for large-scale Io T is proposed.The scheme incorporates edge computing devices between resource-constrained nodes and gateways,and uses them to proxy the standard DTLS protocol handshake process,reducing the storage resource consumption of resource-constrained nodes and shortening the time to complete the handshake to establish a secure connection.Analysis and experiments show that the scheme enables resourceconstrained devices in the Io T to communicate securely using Internet-standard transmission protocols.At the same time,the protocol is scalable,feasible and practical.