Disclosure of Invention
In view of this, the present application provides a data protection method, device and storage medium based on industrial internet, which are used for industrial data protection and solve the technical problem that the existing industrial data protection method has little effect on the attack which is performed by knowing the legal data of a factory and utilizing the legal data.
The application in a first aspect provides a data protection method based on an industrial internet, which is characterized by comprising the following steps:
101. acquiring data to be verified which requests to be added into an industrial database;
102. calculating a time likelihood value of the data to be verified according to a first preset formula based on the time likelihood, and calculating a space likelihood value of the data to be verified according to a second preset formula based on the space likelihood;
103. and judging whether the time possibility value and the space possibility value are equal to corresponding preset threshold values, if so, determining that the data to be verified is credible data, and if not, determining that the data to be verified is attack data.
Preferably, the first preset formula is specifically:
L(x1j,x2j,…xnj)=L(x1j)L(x2j|x1j)...L(xnj|x(n-1)j);
wherein x isnjFor a position x in the data to be verifiednjData of (2), L (x)nj) Is a position xnjTime likelihood of data of (1), L (x)nj|x(n-1)j) At position x(n-1)jCalculating position xnjTime possibilities of (3).
Preferably, the second preset formula is specifically:
where L (fi) is the spatial probability of position i, ximThe probability of position i in different data tracks, m is the mth data track, L (x)ij) The probability of position i in different data traces.
Preferably, step 103 is followed by:
and when the data to be verified is credible data, adding the data to be verified into an industrial database, wherein the data in the industrial database is used for verifying whether the access data accessing the industrial Internet is credible data.
Preferably, step 103 specifically includes:
and judging whether the time possibility value is equal to a time possibility threshold value and the space possibility value is equal to a space possibility threshold value, if so, determining that the data to be verified is credible data, and if not, determining that the data to be verified is attack data.
This application second aspect provides a data protector based on industry internet, includes:
the acquisition unit is used for acquiring data to be verified which requests to be added into the industrial database;
the calculation unit is used for calculating the time likelihood value of the data to be verified according to a first preset formula based on the time likelihood, and calculating the space likelihood value of the data to be verified according to a second preset formula based on the space likelihood;
and the judging unit is used for judging whether the time possibility value and the space possibility value are equal to corresponding preset threshold values, if so, the data to be verified is credible data, and if not, the data to be verified is attack data.
Preferably, the first preset formula is specifically:
L(x1j,x2j,...xnj)=L(x1j)L(x2j|x1j)...L(xnj|x(n-1)j);
wherein x isnjFor a position x in the data to be verifiednjData of (2), L (x)nj) Is a position xnjTime likelihood of data of (1), L (x)nj|x(n-1)j) At position x(n-1)jCalculating position xnjTime possibilities of (3).
Preferably, the second preset formula is specifically:
where L (fi) is the spatial probability of position i, ximThe probability of position i in different data tracks, m is the mth data track, L (x)ij) The probability of position i in different data traces.
Preferably, the apparatus further comprises:
and the database adding unit is used for adding the data to be verified into an industrial database when the data to be verified is credible data, and the data in the industrial database is used for verifying whether the access data accessing the industrial Internet is credible data.
A third aspect of the present application provides a storage medium for storing program code for executing the industrial internet-based data protection method of the first aspect.
According to the technical scheme, the embodiment of the application has the following advantages:
the application provides a data protection method based on an industrial internet, which comprises the following steps: 101. acquiring data to be verified which requests to be added into an industrial database; 102. calculating a time likelihood value of the data to be verified according to a first preset formula based on the time likelihood, and calculating a space likelihood value of the data to be verified according to a second preset formula based on the space likelihood; 103. and judging whether the time possibility value and the space possibility value are equal to corresponding preset threshold values, if so, determining that the data to be verified is credible data, and if not, determining that the data to be verified is attack data.
In the method, two common data verification modes of the industrial data are analyzed, in the time correlation verification mode, verification is performed according to the mode that an attacker knows legal data to attack, in the space correlation verification mode, verification is performed according to the mode that the attacker knows the legal data to attack in the space correlation verification mode, industrial data protection is enhanced, and the technical problem that the existing industrial data protection method has little effect on knowing the legal data of a factory and attacking by utilizing the legal data is solved.
Detailed Description
The existing data protection methods in the industrial internet mainly comprise two methods, one method is to verify according to the time relevance of data to be verified, the other method is to verify according to the space relevance of the data to be verified, the two methods are correspondingly protected according to the two methods, and the attacks according to the two respective legal data are respectively:
the former adds noise to the legitimate data for an attacker, for example, the attacker adds each legitimate data to the interval between-90 dBm and-50 dBm, and adds 5 localized error signals to each legitimate data.
The latter changes the mapping between the legal data and the indoor position for the attacker, and the second data verification mode is verified according to the implicit relation between the legal data and the indoor position, namely the attacker attacks after changing the implicit relation between the legal data and the indoor position. E.g. piIndicating the ith position. Wherein f isiIs position piCorresponding legal data, assuming that the attacker will be fiMapping to position pi+kWhere k represents an offset.
Based on the above, the embodiment of the application provides a data protection method, a device and a storage medium based on an industrial internet, which are used for industrial data protection and solve the technical problem that the existing industrial data protection method has little effect on knowing legal data of a factory and attacking by utilizing the legal data.
Referring to fig. 1, a schematic flow chart of a first embodiment of a data protection method based on an industrial internet in an embodiment of the present application includes:
step 101, obtaining data to be verified which requests to be added into an industrial database.
It should be noted that, first, data to be verified that requests to join the industrial database is obtained.
And 102, calculating a time possibility value of the data to be verified according to a first preset formula based on the time likelihood, and calculating a space possibility value of the data to be verified according to a second preset formula based on the space likelihood.
It should be noted that, in the time correlation verification method, a series of data is verified, and for any kind of data, the relative verification center of the data exhibits a rule, that is, the closer to the verification center, the larger the signal value of the data is, and the farther from the verification center, the signal value of the data gradually decreases, that is, the time likelihood, so that the time correlation of the data to be verified is evaluated according to the time likelihood metric, thereby performing the verification. It is understood that the first preset value described herein in the time correlation is calculated according to the legal data (trusted data) in the industrial database, that is, the time likelihood value of the data to be verified is equal to the time likelihood of the legal data in the industrial database.
In the spatial correlation verification method, verification is performed on data, the data has a relative position with respect to a verification center, and a data signal value at the position with respect to the verification center is determined to be invariant. Therefore, for the possible attacks (i.e. changing the mapping relationship) suffered by the spatial correlation verification mode, the spatial likelihood value of the data to be verified is calculated according to the second preset formula based on the spatial likelihood, whether the spatial likelihood value is equal to the second preset value or not is judged, and if yes, the data to be verified is credible data. It can be understood that the second preset value described in the spatial correlation is calculated according to the legal data in the industrial database, that is, the spatial value of the data to be verified is equal to the time probability of the legal data in the industrial database.
And 103, judging whether the time possibility value and the space possibility value are both equal to corresponding preset threshold values, if so, executing a step 104, and otherwise, executing a step 105.
It should be noted that, when the time likelihood value and the space likelihood value are equal to the corresponding preset threshold values, the data to be verified is trusted data, otherwise, the data to be verified is attack data.
And step 104, the data to be verified is credible data.
It should be noted that, when the data to be verified is trusted data, the data requested to be added to the industrial database is trusted data.
And 105, taking the data to be verified as attack data.
It should be noted that, when the data to be verified is attack data, the data requested to be added to the industrial database is the attack data.
In the embodiment, two common data verification modes of the industrial data are analyzed, in the time correlation verification mode, a mode that an attacker knows legal data to attack is verified in the root time correlation verification mode, and in the space correlation verification mode, the mode that the attacker knows the legal data to attack is verified according to the space correlation verification mode, so that the industrial data protection is enhanced, and the technical problem that the existing industrial data protection method has little effect on knowing the legal data of a factory and attacking by utilizing the legal data is solved.
The above is a first embodiment of the data protection method based on the industrial internet provided by the embodiment of the present application, and the following is a second embodiment of the data protection method based on the industrial internet provided by the embodiment of the present application.
Referring to fig. 2, a flowchart of a second embodiment of a data protection method based on the industrial internet in the embodiment of the present application includes:
step 201, obtaining data to be verified which requests to be added into an industrial database.
It should be noted that step 201 in this embodiment is the same as step 101 in the first embodiment, and is not described herein again.
And step 202, calculating a time likelihood value of the data to be verified according to a first preset formula based on the time likelihood, and calculating a space likelihood value of the data to be verified according to a second preset formula based on the space likelihood.
It should be noted that, the first preset formula specifically includes:
L(x1j,x2j,...xnj)=L(x1j)L(x2j|x1j)...L(xnj|x(n-1)j);
wherein x isnjFor a position x in the data to be verifiednjData of (2), L (x)nj) Is a position xnjOf (2) dataTime possibility, L (x)nj|x(n-1)j) At position x(n-1)jCalculating position xnjTime possibilities of (3). In the actual calculation, L (x)nj) Is an assumption, that is, the assumption is based on the probability of the last position being computed, and the probability of that last position is random.
The second preset formula is specifically as follows:
where L (fi) is the spatial probability of position i, ximThe probability of position i in different data tracks, m is the mth data track, L (x)ij) The probability of position i in different data traces. In the actual calculation, L (x)ij) And also random.
Step 203, determining whether the time likelihood value is equal to the time likelihood threshold and the space likelihood value is equal to the space likelihood threshold, if yes, executing steps 204 and 205, and if no, executing step 206.
And step 204, the data to be verified is credible data.
It should be noted that, when the data to be verified is the trusted data, the data requested to be added to the industrial database is the trusted data, and at this time, the corresponding request result is passed.
And step 205, when the data to be verified is the credible data, adding the data to be verified into the industrial database.
And step 206, the data to be verified is attack data.
It should be noted that, when the data to be verified is attack data, the data requested to be added to the industrial database is the attack data, and at this time, the corresponding request result is failed.
In the embodiment, two common data verification modes of the industrial data are analyzed, in the time correlation verification mode, a mode that an attacker knows legal data to attack is verified in the root time correlation verification mode, and in the space correlation verification mode, the mode that the attacker knows the legal data to attack is verified according to the space correlation verification mode, so that the industrial data protection is enhanced, and the technical problem that the existing industrial data protection method has little effect on knowing the legal data of a factory and attacking by utilizing the legal data is solved.
The second embodiment of the data protection method based on the industrial internet according to the embodiment of the present application is described above, and an embodiment of the data protection device based on the industrial internet according to the embodiment of the present application is shown in fig. 3.
The data protector based on industrial internet that provides in this application embodiment includes:
an obtaining unit 301, configured to obtain data to be verified that requests to join an industrial database;
a calculating unit 302, configured to calculate a time likelihood value of the data to be verified according to a first preset formula based on the time likelihood, and calculate a space likelihood value of the data to be verified according to a second preset formula based on the space likelihood;
the determining unit 303 determines whether the time likelihood value and the space likelihood value are both equal to the corresponding preset threshold, if so, the data to be verified is trusted data, and if not, the data to be verified is attack data.
Further, the first preset formula specifically includes:
L(x1j,x2j,…xnj)=L(x1j)L(x2j|x1j)...L(xnj|x(n-1)j);
wherein x isnjFor a position x in the data to be verifiednjData of (2), L (x)nj) Is a position xnjTime likelihood of data of (1), L (x)nj|x(n-1)j) At position x(n-1)jCalculating position xnjTime possibilities of (3).
Further, the second preset formula specifically includes:
where L (fi) is the spatial probability of position i, ximThe probability of position i in different data tracks, m is the mth data track, L (x)ij) The probability of position i in different data traces.
Further, the apparatus further comprises:
and the database adding unit is used for adding the data to be verified into the industrial database when the data to be verified is the credible data, and the data in the industrial database is used for verifying whether the access data accessing the industrial Internet is the credible data.
In the embodiment, two common data verification modes of the industrial data are analyzed, in the time correlation verification mode, a mode that an attacker knows legal data to attack is verified in the root time correlation verification mode, and in the space correlation verification mode, the mode that the attacker knows the legal data to attack is verified according to the space correlation verification mode, so that the industrial data protection is enhanced, and the technical problem that the existing industrial data protection method has little effect on knowing the legal data of a factory and attacking by utilizing the legal data is solved.
The embodiment of the present application further provides a storage medium, where the storage medium is used to store a program code, and the program code is used to execute the industrial internet-based data protection method according to the foregoing embodiments.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions in the embodiments of the present application.