当前位置:
X-MOL 学术
›
Secur. Commun. Netw.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Online-Semisupervised Neural Anomaly Detector to Identify MQTT-Based Attacks in Real Time
Security and Communication Networks Pub Date : 2021-09-13 , DOI: 10.1155/2021/4587862 Zhenyu Gao 1, 2 , Jian Cao 1, 2 , Wei Wang 1, 2 , Huayun Zhang 1, 2 , Zengrong Xu 1, 2
Security and Communication Networks Pub Date : 2021-09-13 , DOI: 10.1155/2021/4587862 Zhenyu Gao 1, 2 , Jian Cao 1, 2 , Wei Wang 1, 2 , Huayun Zhang 1, 2 , Zengrong Xu 1, 2
Affiliation
Industry 4.0 focuses on continuous interconnection services, allowing for the continuous and uninterrupted exchange of signals or information between related parties. The application of messaging protocols for transferring data to remote locations must meet specific specifications such as asynchronous communication, compact messaging, operating in conditions of unstable connection of the transmission line of data, limited network bandwidth operation, support multilevel Quality of Service (QoS), and easy integration of new devices. The Message Queue Telemetry Transport (MQTT) protocol is used in software applications that require asynchronous communication. It is a light and simplified protocol based on publish-subscribe messaging and is placed functionally over the TCP/IP protocol. It is designed to minimize the required communication bandwidth and system requirements increasing reliability and probability of successful message transmission, making it ideal for use in Machine-to-Machine (M2M) communication or networks where bandwidth is limited, delays are long, coverage is not reliable, and energy consumption should be as low as possible. Despite the fact that the advantage that MQTT offers its way of operating does not provide a serious level of security in how to achieve its interconnection, as it does not require protocol dependence on one intermediate third entity, the interface is dependent on each application. This paper presents an innovative real-time anomaly detection system to detect MQTT-based attacks in cyber-physical systems. This is an online-semisupervised learning neural system based on a small number of sampled patterns that identify crowd anomalies in the MQTT protocol related to specialized attacks to undermine cyber-physical systems.
中文翻译:
用于实时识别基于 MQTT 的攻击的在线半监督神经异常检测器
工业4.0专注于持续互联服务,允许关联方之间持续不间断地交换信号或信息。用于将数据传输到远程位置的消息协议的应用必须满足特定规范,例如异步通信、紧凑消息、在数据传输线路连接不稳定的条件下运行、网络带宽运行受限、支持多级服务质量 (QoS)、并轻松集成新设备。消息队列遥测传输 (MQTT) 协议用于需要异步通信的软件应用程序。它是一种基于发布-订阅消息传递的轻量级简化协议,并且在功能上位于 TCP/IP 协议之上。它旨在最大限度地减少所需的通信带宽和系统要求,提高可靠性和成功消息传输的可能性,使其非常适用于机器对机器 (M2M) 通信或带宽有限、延迟长、覆盖范围不广的网络。可靠,能耗应尽可能低。尽管 MQTT 提供其操作方式的优势并没有在如何实现其互连方面提供严重的安全级别,因为它不需要依赖于一个中间第三方实体的协议,但接口依赖于每个应用程序。本文提出了一种创新的实时异常检测系统,用于检测网络物理系统中基于 MQTT 的攻击。
更新日期:2021-09-13
中文翻译:
用于实时识别基于 MQTT 的攻击的在线半监督神经异常检测器
工业4.0专注于持续互联服务,允许关联方之间持续不间断地交换信号或信息。用于将数据传输到远程位置的消息协议的应用必须满足特定规范,例如异步通信、紧凑消息、在数据传输线路连接不稳定的条件下运行、网络带宽运行受限、支持多级服务质量 (QoS)、并轻松集成新设备。消息队列遥测传输 (MQTT) 协议用于需要异步通信的软件应用程序。它是一种基于发布-订阅消息传递的轻量级简化协议,并且在功能上位于 TCP/IP 协议之上。它旨在最大限度地减少所需的通信带宽和系统要求,提高可靠性和成功消息传输的可能性,使其非常适用于机器对机器 (M2M) 通信或带宽有限、延迟长、覆盖范围不广的网络。可靠,能耗应尽可能低。尽管 MQTT 提供其操作方式的优势并没有在如何实现其互连方面提供严重的安全级别,因为它不需要依赖于一个中间第三方实体的协议,但接口依赖于每个应用程序。本文提出了一种创新的实时异常检测系统,用于检测网络物理系统中基于 MQTT 的攻击。
京公网安备 11010802027423号