+

CN119759656A - A communication data backup method and system based on Internet of Things security service - Google Patents

A communication data backup method and system based on Internet of Things security service Download PDF

Info

Publication number
CN119759656A
CN119759656A CN202411827831.6A CN202411827831A CN119759656A CN 119759656 A CN119759656 A CN 119759656A CN 202411827831 A CN202411827831 A CN 202411827831A CN 119759656 A CN119759656 A CN 119759656A
Authority
CN
China
Prior art keywords
data
backup
communication data
communication
hash
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202411827831.6A
Other languages
Chinese (zh)
Inventor
俞振楠
赵志豪
褚亦伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
School of Information Engineering of Hangzhou Dianzi University
Original Assignee
School of Information Engineering of Hangzhou Dianzi University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by School of Information Engineering of Hangzhou Dianzi University filed Critical School of Information Engineering of Hangzhou Dianzi University
Priority to CN202411827831.6A priority Critical patent/CN119759656A/en
Publication of CN119759656A publication Critical patent/CN119759656A/en
Pending legal-status Critical Current

Links

Landscapes

  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a communication data backup method and system based on internet of things security service, which relate to the technical field of communication data backup, wherein backup periods are respectively set for various communication data according to importance evaluation of the communication data, backup requests of the various communication data are triggered according to the backup periods of the various communication data, the communication data triggering the backup requests are subjected to primary screening, the communication data after the primary screening is subjected to blocking processing, further, sequential backup is performed according to backup demand information of each data block, after the backup of the last data block is triggered, integrity check and risk prediction are performed on the backup data, full backup is performed on the communication data according to an integrity check result, the risk of attack and the possibility of loss of the backup data are evaluated according to a risk prediction result, and then a backup strategy is adjusted. The method realizes efficient and accurate backup operation, and enhances data security through integrity check and risk prediction.

Description

Communication data backup method and system based on Internet of things security service
Technical Field
The invention relates to the technical field of communication data backup, in particular to a communication data backup method and system based on internet of things security service.
Background
With the rapid development of internet of things (IoT, I nternet of Th i ngs) technology, various intelligent devices, sensors and communication devices have been widely used in smart home, industrial automation, smart cities, medical health and other fields, and these devices generate massive communication data in daily operations, including sensing data, control signals, environmental data and the like, and these data not only have a great volume, but also relate to characteristics of real-time, dynamic and diversity, and some data need to be backed up and recovered quickly, especially in industrial control and medical applications, where data loss or delay may have serious consequences.
However, the conventional data backup method generally does not fully consider the importance difference of communication data, and easily adopts a uniform backup period and strategy, so that the high-priority key data is not backed up sufficiently, the low-priority data is frequently backed up, thereby wasting storage resources and bandwidth, in the conventional backup system, the situation of repeated backup possibly occurs, especially in the application scene of the Internet of things with huge data volume, the repeated backup of the same data wastes storage space, time consumption and network load in the backup process are increased, the conventional backup method lacks effective integrity check and risk prediction after the data backup, so that potential safety hazards or errors exist in the backup data, and meanwhile, once the backup strategy is fixed, the backup strategy is difficult to adjust according to the actual situation, and in the environment of the Internet of things, the change of the communication data is frequent, the threat situation is also continuously changed, and the function of dynamically adjusting the backup strategy is lacking.
Therefore, in view of the above problems, there is a need for a communication data backup method and system based on the security service of the internet of things.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides a communication data backup method and a system based on the security service of the Internet of things, which solve the problems of low data backup efficiency and redundancy.
The communication data backup method based on the internet of things safety service comprises the following steps of collecting communication data based on internet of things equipment, carrying out importance assessment on the communication data, classifying the communication data according to the importance assessment of the communication data, setting backup periods for various communication data respectively, triggering backup requests of the various communication data according to the backup periods of the various communication data, carrying out primary screening on the communication data triggering the backup requests, identifying overlapping areas between the communication data triggering the backup requests and historical backup data, further screening the overlapping areas, carrying out blocking processing on the communication data after the primary screening, further carrying out sorting on the data blocks according to backup requirement information of each data block, carrying out sequential backup according to the sorting result, carrying out integrity check and risk prediction on the backup data after the backup of the last data block is triggered, verifying the backup integrity of the communication data according to the integrity check result, carrying out full backup on the communication data according to the integrity check result, further adjusting the risk of attack and the backup strategy according to the risk of the risk prediction result evaluation data.
Further, carrying out importance evaluation on the communication data, classifying the communication data according to the importance evaluation of the communication data, and respectively setting specific analysis of backup periods for various communication data, wherein the communication data comprises communication content, communication metadata and communication protocols; the method comprises the steps of obtaining importance evaluation parameters of communication data, wherein the importance evaluation parameters of the communication data comprise data sensitivity and data access frequency, obtaining a data sensitivity average value and a data access frequency average value of the communication data, further comparing the data sensitivity average value and the data access frequency average value of the communication data with the data sensitivity average value and the data access frequency average value respectively, dividing the communication data with the data sensitivity higher than the data sensitivity average value and the data access frequency higher than the data access frequency average value into communication first-stage data, representing the communication data of the type as high importance data, dividing the communication data with the data sensitivity higher than the data sensitivity average value and the data access frequency lower than or equal to the data access frequency average value into communication second-stage data, representing the communication data of the type as medium importance data, dividing the communication data with the data sensitivity lower than the data sensitivity average value and the data access frequency lower than the data access frequency average value into communication data, representing the communication data of the type as low importance data, setting the communication first-stage data, the communication second-stage data and third-stage communication data importance degree setting the communication data of the three-stage data importance degree respectively based on the communication first-stage data and the communication data importance of the communication first-stage data importance and the communication data importance degree, backup cycles of communication secondary data and communication tertiary data.
Further, the communication data triggering the backup request is primarily screened, and the overlapping area between the communication data triggering the backup request and the historical backup data is identified, so that the specific analysis of screening the overlapping area is that the communication data triggering the backup request is preprocessed, wherein the preprocessing comprises the processing of a missing value and an abnormal value and the repeated data processing; the method comprises the steps of calling historical backup communication data in a backup system, comparing the preprocessed communication data with the historical backup communication data in an identifier mode, identifying whether the preprocessed communication data have the same identifier data in the historical backup communication data, marking the same identifier data as a duplicate area, packaging and formatting the residual communication data after screening out the duplicate area to generate a backup request, determining a specific path of the duplicate area in the historical backup communication data according to a storage record of the historical backup communication data, and adding the backup path of the duplicate area in the historical backup communication data to the backup request.
The method comprises the steps of carrying out primary screening on communication data, carrying out block processing on the primary screened communication data, further sequencing the data blocks according to backup requirement information of the data blocks, and carrying out specific analysis of sequential backup according to sequencing results, wherein the primary screening communication data is blocked according to time stamps, backup requirement information of the data blocks is respectively obtained, the backup requirement information comprises data modification frequency and data capacity, format normalization processing is carried out on the data modification frequency and the data capacity of the data blocks, further priority scores of the data blocks are obtained according to the data modification frequency and the data capacity of the data blocks, sequencing the data blocks according to the priority scores of the data blocks, and further sequentially triggering backup according to the priority scores.
Further, verifying the backup integrity of the communication data according to the integrity verification result, and performing specific analysis on the communication data according to the integrity verification result, wherein the specific analysis comprises the steps of setting a first hash function, a second hash function and a third hash function, performing hash calculation on the communication data according to the first hash function, the second hash function and the third hash function respectively to obtain a first hash value, a second hash value and a third hash value of the communication data, splicing the first hash value, the second hash value and the third hash value of the communication data to obtain a unique hash identifier of the communication data, performing calculation on the communication data backed up by the first hash function, the second hash function and the third hash function respectively to obtain a first hash value, a second hash value and a third hash value of the backup data, performing hash calculation on the first hash value, the second hash value and the third hash value of the backup data according to obtain a unique hash identifier of the communication data, further performing communication hash identifier and the communication data to obtain a unique hash identifier of the communication data, triggering the communication data and the unique identifier if the communication data is different from the unique identifier, and the unique identifier is triggered, and prompting the safe operation staff of the Internet of things to check the backup abnormality by using the backup abnormality warning until the communication data is the same as the unique hash identifier of the backup data.
Further, according to risk prediction results, risk and loss possibility of the backup data under attack are evaluated, and further specific analysis of the backup strategy is adjusted, namely whether backup abnormal warning is triggered is identified, if the backup abnormal warning is triggered, the backup abnormal value is recorded as 1, if the backup abnormal warning is not triggered, the backup abnormal value is recorded as 0, risk evaluation parameters of the backup data are obtained, the risk evaluation parameters of the backup data specifically comprise vulnerability threat score and recovery capability score, the risk prediction value of the backup data is obtained according to the backup abnormal value, the vulnerability score and the recovery capability score of the backup data, the risk prediction value of the backup data is compared with a risk threshold, when the risk prediction value of the backup data exceeds the risk threshold, the backup data is marked as high risk data, and an internet of things security operation and maintenance person is prompted to adjust the backup strategy, wherein specific adjustment comprises backup period adjustment and backup storage position adjustment.
A communication data backup system based on the internet of things security service is applied to the communication data backup method based on the internet of things security service, and comprises a data collection module, a data classification module, a backup initial screening module, a backup control module, a verification and detection module, a integrity check and backup prediction module and a full-risk adjustment and risk adjustment module, wherein the data collection module is used for collecting communication data based on internet of things equipment, the data classification module is used for carrying out importance assessment on the communication data, classifying the communication data according to the importance assessment of the communication data, setting backup periods for various communication data respectively, triggering the backup request of the various communication data according to the backup periods of the various communication data, carrying out initial screening on the communication data triggering the backup request, identifying the overlapping area between the communication data triggering the backup request and historical backup data, further screening the overlapping area, the backup control module is used for carrying out blocking processing on the communication data after the initial screening, further carrying out sorting on the data blocks according to the backup requirement information of the data blocks, carrying out sequential backup according to the sorting result, and carrying out the backup checking and detection module is used for carrying out integrity check and backup prediction on the backup data after the backup of the last data block is triggered, and carrying out the full-risk check and backup prediction on the communication data according to the backup request.
The invention has the following beneficial effects:
According to the communication data backup method and system based on the security service of the Internet of things, by evaluating and classifying the importance of the communication data, different backup periods can be set according to the importance of the data, frequent backup of data which is not important or is not frequently changed is avoided, so that the backup efficiency is improved, and redundancy and resource waste are reduced; the method has the characteristics of saving storage space and backup resources, further improving efficiency by identifying and screening out the overlapping area with the historical backup data, carrying out blocking treatment on communication data, dividing large data volume into a plurality of small blocks for backup, effectively reducing the pressure of each backup, sorting the data blocks according to backup demand information, preferentially backing up key data according to the importance of the data blocks, ensuring that the most important data can be backed up preferentially, carrying out final integrity check, ensuring that the backup data is not damaged or lost in the transmission and storage process, carrying out full backup when the data backup is found to be incomplete, ensuring that the data integrity is comprehensively ensured, carrying out risk prediction on the backup data, evaluating the possibility of the attack risk and loss of the backup data, carrying out early warning on potential safety problems, helping to formulate a countermeasure, being favorable for timely adjusting the backup strategy when the potential threat is found, enhancing the safety of the data, flexibly adjusting the backup strategy according to the risk prediction result, for example, enhancing the encryption and backup frequency of the key data, improving the general attack resistance of the data, carrying out the full backup when the data is found, carrying out large-scale, and carrying out various communication and setting the mass data in real-time, and being suitable for the characteristics of mass communication, important data is timely and efficiently protected, and long-term availability of backup and security services is guaranteed.
Drawings
Fig. 1 is a flowchart of a communication data backup method based on internet of things security service.
Fig. 2 is a block diagram of a communication data backup system based on internet of things security service according to the present invention.
Detailed Description
According to the communication data backup method and system based on the security service of the Internet of things, efficient and accurate backup operation is achieved, and data security is enhanced through integrity check and risk prediction.
The general idea of the embodiment of the application is that based on communication data generated by the Internet of things equipment, different backup periods are set by carrying out importance evaluation and classification management on the data, and high-efficiency backup is carried out by carrying out blocking processing and screening out repeated data, and finally, integrity check and risk prediction are carried out, so that the safety of the data and the reliability of backup are ensured.
Referring to fig. 1, an embodiment of the invention provides a technical scheme of a communication data backup method based on internet of things security service, which comprises the following steps of collecting communication data based on internet of things equipment, carrying out importance assessment on the communication data, classifying the communication data according to the importance assessment of the communication data, setting backup periods for various communication data respectively, triggering backup requests of the various communication data according to the backup periods of the various communication data, carrying out primary screening on the communication data triggering the backup requests, identifying overlapping areas between the communication data triggering the backup requests and historical backup data, further screening the overlapping areas, carrying out blocking processing on the communication data after the primary screening, further carrying out sorting on the data blocks according to backup requirement information of each data block, carrying out sequential backup according to sorting results, carrying out integrity check and risk prediction on the backup data after the backup of the last data block is triggered, verifying the backup integrity of the communication data according to the integrity check results, carrying out full backup on the communication data according to the integrity check results, further adjusting backup strategies according to risk prediction results, and evaluating the possibility of attack and loss of the backup data.
The communication data is classified according to the importance evaluation of the communication data, the backup period is set for each type of communication data respectively, the communication data comprises communication content, communication metadata and a communication protocol, the importance evaluation parameters of the communication data are acquired, the importance evaluation parameters of the communication data comprise data sensitivity and data access frequency, the data sensitivity average value and the data access frequency average value of the communication data are acquired, the data sensitivity and the data access frequency of the communication data are respectively compared with the data sensitivity average value and the data access frequency average value, the data sensitivity is higher than the data sensitivity average value, the communication data with the data access frequency higher than the data access frequency average value is divided into communication primary data, the communication data is represented as high importance data, the communication data with the data sensitivity higher than the data sensitivity average value and the data access frequency lower than the data access frequency average value is represented as medium importance data, the communication data with the data sensitivity lower than the data sensitivity average value is represented as medium importance data, the communication data with the data sensitivity lower than the data access frequency average value is divided into communication secondary data, the communication data is represented as medium importance data, the communication data with the data sensitivity lower than the data access frequency average value is represented as medium importance data, and the communication data with the data access frequency lower than the data access frequency average value is represented as medium importance data, backup cycles of communication secondary data and communication tertiary data.
In this embodiment, the data sensitivity refers to the degree of sensitive information contained in the data, the high-sensitivity data contains important contents such as personal information, business confidentiality and the like, the loss or leakage of the important contents can cause serious consequences, the specific data sensitivity is represented by a numerical value or a grade (such as 1-5 grade), the larger the numerical value is, the higher the sensitivity is, the data access frequency refers to the frequency of accessing or using the data, and the data with high access frequency is usually retrieved, modified or shared, and is generally measured by the access times, the number of accesses in a time period (such as each hour and each day) and can also be represented by the access frequency grade.
The specific data sensitivity acquisition mode is that the communication content is analyzed through an automatic data classification tool, sensitive information (such as personal data, sensitive protocols and the like) is identified, sensitivity scores are distributed to the data according to the sensitivity level of the sensitive information, the data which is difficult to identify through automatic tools in specific business scenes is assigned by manually checking the data content, and the data sensitivity can be automatically distributed or evaluated according to industry standards and requirements.
The specific data access frequency acquisition mode is that the access frequency of each communication data is counted by analyzing access logs (such as communication logs, user request logs and the like), the access condition of the communication data can be tracked by using a real-time monitoring tool, and the access frequency is dynamically adjusted according to the actual condition.
Examples of specific settings for the backup period are backup for communication primary data (high importance data) which should be short, possibly daily or every few hours, because these data are very important and frequently accessed, backup for communication secondary data (medium importance data) which may be suitably prolonged, such as weekly or monthly, backup for communication tertiary data (low importance data) which may be longer, e.g. once a quarter or half year.
By classifying the importance of the communication data, a differentiated backup strategy can be realized, communication data with different importance can have different backup periods, for example, the backup period of the important data can be shorter, timely recovery is ensured, unimportant data can have a longer backup period, the waste of storage resources is reduced, the safety of key data can be ensured, the excessive consumption of resources can be reduced, the efficiency of a backup system is improved, and management personnel can reasonably configure storage, bandwidth and computing resources.
The method comprises the steps of pre-screening communication data triggering a backup request, identifying an overlapping area between the communication data triggering the backup request and historical backup data, and further screening out the overlapping area, wherein the pre-processing of the communication data triggering the backup request comprises the steps of processing a missing value and an abnormal value and repeating the data processing; the method comprises the steps of calling historical backup communication data in a backup system, comparing the preprocessed communication data with the historical backup communication data in an identifier mode, identifying whether the preprocessed communication data have the same identifier data in the historical backup communication data, marking the same identifier data as a duplicate area, packaging and formatting the residual communication data after screening out the duplicate area to generate a backup request, determining a specific path of the duplicate area in the historical backup communication data according to a storage record of the historical backup communication data, and adding the backup path of the duplicate area in the historical backup communication data to the backup request.
In this embodiment, the specific logic steps of the identifier comparison include extracting a key identifier (such as a data packet ID, a timestamp, a data hash value, etc.) from the communication data triggering the backup request and the historical backup data, performing necessary preprocessing on the communication data triggering the backup request, including removing a missing value and an abnormal value, processing repeated data, etc., to ensure the quality of the data to be compared, performing a one-to-one comparison on the identifier of the preprocessed communication data and the identifier in the historical backup data, typically using a hash matching, string comparison, etc., and identifying whether the same identifier exists, and if the same identifier exists, marking the same identifier as the overlapping area.
The data package is specifically organized according to a predetermined format, such as being divided into blocks with proper size, or being encoded according to a specific data structure (such as JSON, XML or binary format), and the formatted data package result is packaged into a backup request, wherein the backup request comprises information such as identifier, size, type and the like of newly added data, a corresponding backup path, metadata such as a backup time stamp, version number and the like, and backup path information of a superposition area
The method and the device have the advantages that the overlapping area between communication data triggering the backup request and historical backup data is identified, the repeated backup of the same data is avoided, the waste of storage space and time and computing resources required by backup are reduced, particularly when the data volume is large, the efficiency of the backup process can be remarkably improved, the backed-up data is removed from the current backup by screening the overlapping area, the backup of only newly added and unrepeated data is ensured, the storage space is saved to the greatest extent, the backup path of the overlapping area is accurately identified and recorded, the integrity and consistency of the new backup request and the historical backup data are ensured to be maintained, the problem of inconsistent data caused by repeated backup is avoided, the requirement of human intervention is reduced through an automatic overlapping area identification and path adding mechanism, the backup task can be managed more intelligently, and the automation level of a backup system is improved.
The method comprises the steps of carrying out block processing on communication data subjected to primary screening, and then sequencing the data blocks according to backup requirement information of the data blocks, wherein specific analysis of sequential backup is carried out according to sequencing results, namely carrying out block partitioning on the communication data subjected to primary screening according to a timestamp, respectively obtaining backup requirement information of the data blocks, wherein the backup requirement information comprises data modification frequency and data capacity, carrying out format normalization processing on the data modification frequency and the data capacity of the data blocks, further obtaining priority scores of the data blocks according to the data modification frequency and the data capacity of the data blocks, and further obtaining a specific priority score obtaining expression, wherein ps represents the priority score, dmr represents the data modification frequency, dcs represents the data capacity, alpha 1 represents a weight value of the data modification frequency, alpha 2 represents a weight value of the data capacity, sequencing the data blocks according to the priority score of the data blocks, and further triggering backup in sequence according to the priority score of the data blocks.
In the embodiment, the data modification frequency and the data capacity are set in a weight value setting mode that if the system considers that the data with high modification frequency is critical to service continuity, higher weight can be given, the backup of the data block with larger capacity can be ensured not to be ignored by setting a certain weight, the influence of the data modification frequency and the data capacity can be flexibly balanced according to the actual application scene, or importance degree analysis setting is carried out on the data modification frequency and the data capacity according to professionals in the related field, and finally the sum of the weight values of the data modification frequency and the data capacity is ensured to be 1.
The time stamp represents the collection time of communication data, is used for carrying out block processing on the data according to time, ensures that the data can be processed and backed up according to the correct time sequence, and specifically, the time stamp is generated through extracting time information from a data source or through the inside of a system, the data blocks represent single data segments of the communication data subjected to preliminary screening after being subjected to time stamp segmentation, each data block comprises a plurality of data records, and each data block is generated as required through carrying out segment processing on the time stamp of the original communication data.
The data modification frequency is obtained by analyzing modification time intervals in the data block or by the system log, and the data capacity size is obtained according to the size of the data block (e.g., number of bytes, number of records, etc.).
The method has the advantages that the method is beneficial to preferentially backing up the data blocks with higher modification frequency and larger capacity according to the priority of the data blocks, ensures that important data cannot be lost or damaged due to backup delay, improves the overall performance of the system, dynamically adjusts the backup strategy by acquiring the modification frequency and the capacity of the data in real time, can adapt to different data change conditions, avoids excessive backup or insufficient backup, reasonably arranges the backup sequence according to backup demand information, and can avoid resource competition and performance bottleneck caused by simultaneous backup of a large amount of data of the system.
The backup integrity of the communication data is verified according to the integrity check result, and the communication data is fully backed up according to the integrity check result is specifically analyzed by setting a first hash function, a second hash function and a third hash function; the communication data is respectively subjected to hash computation according to the first hash function, the second hash function and the third hash function to obtain a first hash value, a second hash value and a third hash value of the communication data, the first hash value, the second hash value and the third hash value of the communication data are spliced to obtain a unique hash identifier of the communication data, the communication data is respectively subjected to calculation by utilizing the first hash function, the second hash function and the third hash function to obtain a first hash value, a second hash value and a third hash value of the backup data, the first hash value, the second hash value and the third hash value of the backup data are spliced to obtain a unique hash identifier of the backup data, the unique hash identifier of the communication data is compared with the unique hash identifier of the backup data to identify whether the communication data is the same as the unique hash identifier of the backup data, if the communication data is the same as the unique hash identifier of the backup data, the communication data is full, if the communication hash data is not the communication hash identifier of the unique hash identifier of the backup data is different from the second hash value, the communication data is triggered by the second hash value, the communication data is not triggered by the unique hash identifier of the communication data, and the unique hash value of the communication data is triggered by the second hash value, and the communication data is triggered by the unique hash identifier of the communication data is triggered by the unique hash value, and the unique communication data is triggered by the unique hash identifier of the communication data is triggered by the communication data, if the communication data is different, until the communication data is identical to the unique hash identifier of the backup data.
In this embodiment, the first hash function, the second hash function and the third hash function are used to calculate the expression, wherein the first hash value of the communication data D is H 1(D)=hash1 (D), the second hash value of the communication data D is H 2(D)=hash2 (D), the third hash value of the communication data D is H 3(D)=hash3(D),hash(1,2,3) () representing a specific hash function, and in order to ensure that the different hash functions are not easy to collide, the first hash function, the second hash function and the third hash function are selected to satisfy the following conditions that the first hash function is selected to be MD5 or SHA-256 for quickly generating the hash value of the data, the second hash function is selected to be SHA-1 or SHA-512 for increasing the diversity, and the third hash function is selected to be HMAC (key-based hash) for providing additional security.
An example of a specific acquisition expression of the unique hash identifier is uhid =h 1(D)H2(D)H3 (D), where uhid is the unique hash identifier and l represents the concatenation operation of hash values.
The system automatically triggers a secondary backup request and checks once the hash identifiers are not matched, and timely discovers and solves the problem of backup abnormality, and through accurate hash identifier check, backup failure caused by data tampering or transmission errors can be effectively avoided, the safety risk of Internet of things equipment and communication data is reduced, the backup abnormality warning function is beneficial to safety operation staff of the Internet of things to discover potential problems in time and take measures, and the requirement of human intervention is reduced.
The risk assessment parameters of the backup data are obtained, the risk assessment parameters of the backup data specifically comprise vulnerability threat scores and recovery capacity scores, the risk prediction values of the backup data are obtained according to the backup abnormal values of the backup data, the vulnerability threat scores and the recovery capacity scores, and the specific risk prediction value obtaining expression examples are as follows: Wherein rpv represents a risk prediction value, bav represents a backup abnormal value, vts represents a vulnerability threat score, rcs represents a recovery capacity score, the risk prediction value of backup data is compared with a risk threshold, when the risk prediction value of the backup data exceeds the risk threshold, the backup data is marked as high risk data, and an Internet of things security operation and maintenance personnel is prompted to adjust a backup strategy, wherein the specific adjustment comprises backup period adjustment and backup storage position adjustment.
In this embodiment, the vulnerability threat score represents the severity of the security vulnerability threat currently faced by the backup data or the backup system, and specific considerations include the type of vulnerability present (such as a system vulnerability, a software vulnerability, etc.), the severity and potential impact of the vulnerability (such as whether it can be exploited by an attacker, whether it can lead to data leakage or tampering), whether the vulnerability has been repaired or alleviated (such as whether a patch, reinforcement, etc.), and the vulnerability threat score detects the known vulnerability present in the backup system, specifically by an automated security scanning tool (such as a vulnerability scanner), and is obtained based on the hazard level of the vulnerability.
The recovery capability score represents the recovery capability of the backup data after encountering an attack or a fault, and specific considerations include the speed and the integrity of the data recovery, the availability in the recovery process (such as whether the backup is easy to access, whether the recovery process needs manual intervention, etc.), the redundancy of the backup (such as whether the backup has a plurality of places or a plurality of backup versions), the recovery capability score is evaluated by testing the recovery process of the backup data, or is obtained through calculation according to the backup strategy (such as backup frequency, storage mode, etc.).
The specific acquisition mode of the risk threshold is that a relatively conservative threshold is set by analyzing the security event of the historical backup data, so that measures can be taken in time when the potential risk is found, and the threshold can be dynamically adjusted according to the overall security state of the backup system, the vulnerability threat score and the change condition of the recovery capacity score.
The method comprises the steps of monitoring and evaluating the safety of backup data in real time based on a risk evaluation mode, ensuring that potential risks in the backup process can be found timely, being beneficial to taking measures in advance to avoid data loss or being attacked, identifying and preventing the expansion of the data risks in advance by triggering a backup abnormality warning mechanism when the occurrence of abnormality is found, prompting operation and maintenance personnel to adjust the backup strategy in time if a risk prediction value exceeds a set threshold value, adjusting the backup strategy according to comparison results of the risk prediction value and the risk threshold value, for example, adjusting backup period and backup storage position according to different risk levels, thereby improving the safety of data backup, focusing on abnormality of the backup data, and carrying out multidimensional risk analysis by combining vulnerability threat score and recovery capacity score, so that the backup risk evaluation is more comprehensive and accurate.
A communication data backup system based on the internet of things security service is applied to the communication data backup method based on the internet of things security service, and comprises a data collection module, a data classification module, a backup initial screening module, a backup control module, a verification and detection module, a integrity check and backup prediction module and a full-risk adjustment and risk adjustment module, wherein the data collection module is used for collecting communication data based on internet of things equipment, the data classification module is used for carrying out importance assessment on the communication data, classifying the communication data according to the importance assessment of the communication data, setting backup periods for various communication data respectively, triggering the backup request of the various communication data according to the backup periods of the various communication data, carrying out initial screening on the communication data triggering the backup request, identifying the overlapping area between the communication data triggering the backup request and historical backup data, further screening the overlapping area, the backup control module is used for carrying out blocking processing on the communication data after the initial screening, further carrying out sorting on the data blocks according to the backup requirement information of the data blocks, carrying out sequential backup according to the sorting result, and carrying out the backup checking and detection module is used for carrying out integrity check and backup prediction on the backup data after the backup of the last data block is triggered, and carrying out the full-risk check and backup prediction on the communication data according to the backup request.
In summary, the present application has at least the following effects:
The method comprises the steps of carrying out importance evaluation and classification on communication data, setting different backup periods for various data, distributing backup resources more reasonably, avoiding the problem of resource waste or insufficient backup of key data caused by the same kernel of all data, identifying and screening out overlapping areas in a preliminary screening step, avoiding repeated backup, further improving backup efficiency, optimizing backup sequence according to backup requirement information of data blocks by a blocking processing and sequencing backup strategy, ensuring high priority or priority processing of important data, ensuring accuracy of the backup data, avoiding backup failure caused by data damage or transmission errors, evaluating risk of attack and possibility of loss of the backup data by risk prediction, adjusting the backup strategy in time, such as increasing backup frequency, adopting safer storage mode and the like, coping with potential safety threat, and taking the full backup strategy as a countermeasure of a integrity check result, so that when the data is found out to be damaged or lost, the full data can be restored rapidly, and the risk of data loss is reduced.
It will be apparent to those skilled in the art that embodiments of the present invention may be provided as methods, systems. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and block diagrams of methods, systems according to embodiments of the invention. It will be understood that each flowchart and block diagram combinations of the flowchart and block diagrams can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims (7)

1.一种基于物联网安全服务的通信数据备份方法,其特征在于,包括以下步骤:1. A communication data backup method based on Internet of Things security service, characterized in that it includes the following steps: 基于物联网设备收集通信数据;Collect communication data based on IoT devices; 对通信数据进行重要性评估,进而依据通信数据的重要性评估对通信数据进行分类,并为各类通信数据分别设定备份周期;Evaluate the importance of communication data, classify the communication data according to the importance evaluation, and set backup cycles for each type of communication data; 依据各类通信数据的备份周期触发各类通信数据的备份请求,对触发备份请求的通信数据进行初筛,识别触发备份请求的通信数据与历史备份数据之间的重合区域,进而筛除重合区域;Trigger backup requests for various communication data according to the backup cycles of various communication data, preliminarily screen the communication data that triggers the backup request, identify the overlapping areas between the communication data that triggers the backup request and the historical backup data, and then screen out the overlapping areas; 对初筛后的通信数据进行分块处理,进而依据各数据块的备份需求信息,对各数据块进行排序,依据排序结果进行依次备份;The communication data after the initial screening is processed in blocks, and then the data blocks are sorted according to the backup requirement information of each data block, and the data blocks are backed up in sequence according to the sorting results; 当触发最后一个数据块的备份完成后,对备份数据进行完整性校验与风险预测;When the backup of the last data block is completed, the backup data is checked for integrity and risk. 依据完整性校验结果验证通信数据的备份完整性,并根据完整性校验结果对通信数据进行全备份;Verify the backup integrity of the communication data based on the integrity check result, and perform a full backup of the communication data based on the integrity check result; 依据风险预测结果评估备份数据受到攻击的风险和丢失的可能性,进而调整备份策略。Assess the risk of backup data being attacked and the possibility of loss based on the risk prediction results, and adjust the backup strategy accordingly. 2.根据权利要求1所述的一种基于物联网安全服务的通信数据备份方法,其特征在于,对通信数据进行重要性评估,进而依据通信数据的重要性评估对通信数据进行分类,并为各类通信数据分别设定备份周期的具体分析为:2. According to claim 1, a communication data backup method based on an Internet of Things security service is characterized in that the communication data is evaluated for importance, and then the communication data is classified according to the importance evaluation of the communication data, and the specific analysis of setting a backup period for each type of communication data is as follows: 所述通信数据包括通信内容、通信元数据和通信协议;The communication data includes communication content, communication metadata and communication protocol; 获取通信数据的重要性评估参数,所述通信数据的重要性评估参数包括数据敏感度和数据访问频率;Acquiring importance assessment parameters of the communication data, wherein the importance assessment parameters of the communication data include data sensitivity and data access frequency; 获取信数据的数据敏感度均值和数据访问频率均值,进而分别将通信数据的数据敏感度和数据访问频率与数据敏感度均值和数据访问频率均值进行比对;Obtaining a data sensitivity mean value and a data access frequency mean value of the communication data, and then comparing the data sensitivity and the data access frequency of the communication data with the data sensitivity mean value and the data access frequency mean value respectively; 将数据敏感度高于数据敏感度均值,且数据访问频率高于数据访问频率均值的通信数据划分为通信一级数据,表示该类通信数据为高重要性数据;Classify the communication data whose data sensitivity is higher than the average data sensitivity and whose data access frequency is higher than the average data access frequency as first-level communication data, indicating that such communication data is of high importance; 将数据敏感度高于数据敏感度均值,且数据访问频率低于或等于数据访问频率均值的通信数据划分为通信二级数据,表示该类通信数据为中等重要性数据;Classify communication data with a data sensitivity higher than the average data sensitivity and a data access frequency lower than or equal to the average data access frequency as secondary communication data, indicating that such communication data is of medium importance; 将数据敏感度低于或等于数据敏感度均值,且数据访问频率高于数据访问频率均值的通信数据划分为通信二级数据,表示该类通信数据为中等重要性数据;Classify the communication data whose data sensitivity is lower than or equal to the mean data sensitivity and whose data access frequency is higher than the mean data access frequency as secondary communication data, indicating that such communication data is of medium importance; 将数据敏感度低于数据敏感度均值,且数据访问频率低于数据访问频率均值的通信数据划分为通信三级数据,表示该类通信数据为低重要性数据;The communication data whose data sensitivity is lower than the average data sensitivity and whose data access frequency is lower than the average data access frequency is classified as Class III communication data, indicating that such communication data is low-importance data; 基于通信一级数据、通信二级数据和通信三级数据的重要性程度分别设定通信一级数据、通信二级数据和通信三级数据的备份周期。The backup periods of the first-level communication data, the second-level communication data and the third-level communication data are set respectively based on the importance of the first-level communication data, the second-level communication data and the third-level communication data. 3.根据权利要求1所述的一种基于物联网安全服务的通信数据备份方法,其特征在于,对触发备份请求的通信数据进行初筛,识别触发备份请求的通信数据与历史备份数据之间的重合区域,进而筛除重合区域的具体分析为:3. According to the communication data backup method based on the Internet of Things security service of claim 1, it is characterized by preliminarily screening the communication data that triggers the backup request, identifying the overlapping area between the communication data that triggers the backup request and the historical backup data, and then screening out the specific analysis of the overlapping area as follows: 对触发备份请求的通信数据进行预处理,预处理包括缺失值和异常值处理,以及重复数据处理;Preprocess the communication data that triggers the backup request, including missing value and abnormal value processing, as well as duplicate data processing; 调取备份系统中的历史备份通信数据,进而将预处理后的通信数据与历史备份通信数据进行标识符比对,识别预处理后的通信数据在历史备份通信数据中是否存在相同标识符数据,进而将相同标识符数据标记为重合区域;Retrieving historical backup communication data in the backup system, and then comparing the identifiers of the preprocessed communication data with the historical backup communication data, identifying whether the preprocessed communication data has the same identifier data in the historical backup communication data, and then marking the same identifier data as an overlapping area; 针对筛除重合区域后的剩余通信数据进行打包格式化处理,生成备份请求,并依据历史备份通信数据的存储记录,确定重合区域在历史备份通信数据中的具体路径,进而将重合区域在历史备份通信数据中的备份路径添加至备份请求中。The remaining communication data after filtering out the overlapping areas is packaged and formatted to generate a backup request. Based on the storage records of the historical backup communication data, the specific path of the overlapping areas in the historical backup communication data is determined, and then the backup path of the overlapping areas in the historical backup communication data is added to the backup request. 4.根据权利要求1所述的一种基于物联网安全服务的通信数据备份方法,其特征在于,对初筛后的通信数据进行分块处理,进而依据各数据块的备份需求信息,对各数据块进行排序,依据排序结果进行依次备份的具体分析为:4. According to the communication data backup method based on the Internet of Things security service of claim 1, it is characterized in that the communication data after the initial screening is processed in blocks, and then the data blocks are sorted according to the backup requirement information of each data block, and the specific analysis of backing up in sequence according to the sorting result is as follows: 依据时间戳对初筛后的通信数据进行分块,并分别获得各数据块的备份需求信息;The communication data after the initial screening is divided into blocks according to the timestamp, and the backup requirement information of each data block is obtained respectively; 所述备份需求信息包括数据修改频率和数据容量大小;The backup requirement information includes data modification frequency and data capacity; 对各数据块的数据修改频率和数据容量大小进行格式归一化处理,进而依据各数据块的数据修改频率和数据容量大小得到各数据块的优先级评分;The data modification frequency and data capacity of each data block are formatted and normalized, and then the priority score of each data block is obtained according to the data modification frequency and data capacity of each data block; 依据数据块的优先级评分对各数据块进行排序,进而依据优先级评分大小依次触发备份。The data blocks are sorted according to their priority scores, and the backup is triggered in sequence according to the priority scores. 5.根据权利要求1所述的一种基于物联网安全服务的通信数据备份方法,其特征在于,依据完整性校验结果验证通信数据的备份完整性,并根据完整性校验结果对通信数据进行全备份的具体分析为:5. According to a communication data backup method based on an Internet of Things security service as claimed in claim 1, it is characterized in that the backup integrity of the communication data is verified according to the integrity check result, and the specific analysis of the full backup of the communication data according to the integrity check result is as follows: 设定第一哈希函数、第二哈希函数与第三哈希函数;Setting a first hash function, a second hash function, and a third hash function; 依据第一哈希函数、第二哈希函数与第三哈希函数分别对通信数据进行哈希计算,得到通信数据的第一哈希值、第二哈希值和第三哈希值,进而对通信数据的第一哈希值、第二哈希值和第三哈希值进行拼接,获得通信数据的唯一哈希标识符;Performing hash calculations on the communication data according to the first hash function, the second hash function, and the third hash function, respectively, to obtain a first hash value, a second hash value, and a third hash value of the communication data, and then concatenating the first hash value, the second hash value, and the third hash value of the communication data to obtain a unique hash identifier of the communication data; 利用第一哈希函数、第二哈希函数与第三哈希函数分别对通信数据备份后的数据进行计算,得到备份数据的第一哈希值、第二哈希值和第三哈希值,进而对备份数据的第一哈希值、第二哈希值和第三哈希值进行拼接,获得备份数据的唯一哈希标识符;Using the first hash function, the second hash function and the third hash function to calculate the data after the communication data is backed up, respectively, to obtain the first hash value, the second hash value and the third hash value of the backup data, and then concatenating the first hash value, the second hash value and the third hash value of the backup data to obtain a unique hash identifier of the backup data; 将通信数据的唯一哈希标识符与备份数据的唯一哈希标识符进行比对,识别通信数据与备份数据的唯一哈希标识符是否相同,若通信数据与备份数据的唯一哈希标识符相同,则通信数据备份完整,若通信数据与备份数据的唯一哈希标识符不相同,则触发二次备份请求,对通信数据进行二次备份;Compare the unique hash identifier of the communication data with the unique hash identifier of the backup data to identify whether the unique hash identifiers of the communication data and the backup data are the same. If the unique hash identifiers of the communication data and the backup data are the same, the backup of the communication data is complete. If the unique hash identifiers of the communication data and the backup data are different, a secondary backup request is triggered to perform a secondary backup of the communication data. 获得二次备份数据的唯一哈希标识符,识别通信数据与二次备份数据的唯一哈希标识符是否相同,若通信数据与二次备份数据的唯一哈希标识符不相同,则触发备份异常警示,利用备份异常警示提示物联网安全运维人员对备份异常进行检验,直至通信数据与备份数据的唯一哈希标识符相同。Obtain the unique hash identifier of the secondary backup data, identify whether the unique hash identifier of the communication data is the same as that of the secondary backup data, and if the unique hash identifier of the communication data is different from that of the secondary backup data, trigger a backup anomaly alert. Use the backup anomaly alert to prompt IoT security operation and maintenance personnel to check the backup anomaly until the unique hash identifier of the communication data is the same as that of the backup data. 6.根据权利要求5所述的一种基于物联网安全服务的通信数据备份方法,其特征在于,依据风险预测结果评估备份数据受到攻击的风险和丢失的可能性,进而调整备份策略的具体分析为:6. A communication data backup method based on Internet of Things security service according to claim 5, characterized in that the risk of backup data being attacked and the possibility of being lost are evaluated according to the risk prediction results, and the specific analysis of adjusting the backup strategy is as follows: 识别是否触发备份异常警示,若触发备份异常警示,则备份异常值记为“1”,若未触发备份异常警示,则备份异常值记为“0”;Identify whether a backup abnormality warning is triggered. If a backup abnormality warning is triggered, the backup abnormality value is recorded as "1". If a backup abnormality warning is not triggered, the backup abnormality value is recorded as "0". 获得备份数据的风险评估参数,所述备份数据的风险评估参数具体包括漏洞威胁评分与恢复能力评分;Obtaining risk assessment parameters of the backup data, wherein the risk assessment parameters of the backup data specifically include a vulnerability threat score and a recovery capability score; 依据备份数据的备份异常值、漏洞威胁评分与恢复能力评分得到备份数据的风险预测值;The risk prediction value of the backup data is obtained based on the backup anomaly value, vulnerability threat score and recovery capability score of the backup data; 将备份数据的风险预测值与风险阈值进行比对,当备份数据的风险预测值超过风险阈值时,标记备份数据为高风险数据,提示物联网安全运维人员对备份策略进行调整,具体调整包括备份周期调整和备份存储位置调整。The risk prediction value of the backup data is compared with the risk threshold. When the risk prediction value of the backup data exceeds the risk threshold, the backup data is marked as high-risk data, prompting the IoT security operation and maintenance personnel to adjust the backup strategy. Specific adjustments include backup cycle adjustment and backup storage location adjustment. 7.一种基于物联网安全服务的通信数据备份系统,应用权利要求1-6任意一项所述的一种基于物联网安全服务的通信数据备份方法,其特征在于,包括:7. A communication data backup system based on an Internet of Things security service, applying a communication data backup method based on an Internet of Things security service according to any one of claims 1 to 6, characterized in that it comprises: 数据收集模块,用于基于物联网设备收集通信数据;A data collection module, used to collect communication data based on IoT devices; 数据分类模块,用于对通信数据进行重要性评估,进而依据通信数据的重要性评估对通信数据进行分类,并为各类通信数据分别设定备份周期;A data classification module is used to evaluate the importance of communication data, and then classify the communication data according to the importance evaluation of the communication data, and set a backup period for each type of communication data; 备份初筛模块,用于依据各类通信数据的备份周期触发各类通信数据的备份请求,对触发备份请求的通信数据进行初筛,识别触发备份请求的通信数据与历史备份数据之间的重合区域,进而筛除重合区域;A backup initial screening module is used to trigger backup requests for various communication data according to the backup cycles of various communication data, perform initial screening on the communication data that triggers the backup request, identify the overlapping areas between the communication data that triggers the backup request and the historical backup data, and then screen out the overlapping areas; 备份控制模块,用于对初筛后的通信数据进行分块处理,进而依据各数据块的备份需求信息,对各数据块进行排序,依据排序结果进行依次备份;The backup control module is used to process the communication data after the initial screening into blocks, and then sort the data blocks according to the backup requirement information of each data block, and back up them in sequence according to the sorting results; 校验与检测模块,用于当触发最后一个数据块的备份完成后,对备份数据进行完整性校验与风险预测;The verification and detection module is used to perform integrity verification and risk prediction on the backup data after the backup of the last data block is completed; 备份完整性保证模块,用于依据完整性校验结果验证通信数据的备份完整性,并根据完整性校验结果对通信数据进行全备份;A backup integrity assurance module is used to verify the backup integrity of the communication data based on the integrity check result, and to perform a full backup of the communication data based on the integrity check result; 风险调整模块,用于依据风险预测结果评估备份数据受到攻击的风险和丢失的可能性,进而调整备份策略。The risk adjustment module is used to evaluate the risk of attack and the possibility of loss of backup data based on the risk prediction results, and then adjust the backup strategy.
CN202411827831.6A 2024-12-12 2024-12-12 A communication data backup method and system based on Internet of Things security service Pending CN119759656A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411827831.6A CN119759656A (en) 2024-12-12 2024-12-12 A communication data backup method and system based on Internet of Things security service

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411827831.6A CN119759656A (en) 2024-12-12 2024-12-12 A communication data backup method and system based on Internet of Things security service

Publications (1)

Publication Number Publication Date
CN119759656A true CN119759656A (en) 2025-04-04

Family

ID=95180585

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411827831.6A Pending CN119759656A (en) 2024-12-12 2024-12-12 A communication data backup method and system based on Internet of Things security service

Country Status (1)

Country Link
CN (1) CN119759656A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN120315946A (en) * 2025-06-16 2025-07-15 南昌首页科技股份有限公司 A data preservation method and application system for server

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN120315946A (en) * 2025-06-16 2025-07-15 南昌首页科技股份有限公司 A data preservation method and application system for server

Similar Documents

Publication Publication Date Title
CN111209131A (en) Method and system for determining fault of heterogeneous system based on machine learning
CN117336055B (en) Network abnormal behavior detection method and device, electronic equipment and storage medium
CN113553210A (en) Method, device, device and storage medium for processing alarm data
CN112711757B (en) Data security centralized management and control method and system based on big data platform
CN119759656A (en) A communication data backup method and system based on Internet of Things security service
CN115865649B (en) Intelligent operation and maintenance management control method, system and storage medium
CN119449432B (en) A network data risk assessment system for computers
CN118138352B (en) Multidimensional data security transmission method and system based on Internet of Things
CN118487872B (en) Nuclear power industry-oriented network abnormal behavior detection and analysis method
CN111666978B (en) Intelligent fault early warning system for IT system operation and maintenance big data
CN109391624A (en) A kind of terminal access data exception detection method and device based on machine learning
CN118228274B (en) Data security diagnosis method for dispatching automation system
CN120200830B (en) An industrial Internet encryption method and system based on blockchain evidence storage
CN118898518B (en) System and method for sharing transaction metadata information of financial assets based on blockchain
CN118473902A (en) Method for monitoring communication content based on Internet of things
CN111654405B (en) Method, device, equipment and storage medium for fault node of communication link
CN113220585A (en) Automatic fault diagnosis method and related device
CN120197104A (en) Power data analysis method and system based on AI model
CN119377041A (en) Automated operation and maintenance intelligent alarm handling method, device, equipment and storage medium
CN119127630A (en) Illegal behavior identification method, device, computer equipment and storage medium
CN116305135B (en) Safety detection method and system for industrial robot
CN106530199A (en) Multimedia integrated steganography analysis method based on window hypothesis testing
CN117573534A (en) System change risk control method, device, equipment and computer storage medium
CN117675273A (en) Network scanning behavior detection method and device
CN117319174A (en) Terminal monitoring method and system based on intelligent bank broadcasting control system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载