Network Security from the Perspective of the Internet of Things

Networking is one of the new technologies supported by our country’s national “125” strategic industry plan, mainly used in medicine, military industry, transportation and other fields. While enjoying the convenient business of the, people also pay more attention to the security of the Internet of Things information system. Therefore, this article mainly discusses security under the perspective of the IoT, and understands the relevant basic theoretical knowledge about the IoT and security on the basis of a large number of documents, and then conceives the security methods under the perspective of the IoT, and the designed method has been tested, and the test results show that the performance of the encryption algorithm in the network security scheme of this article is due to the traditional encryption algorithm. When the encrypted text is 15000 bytes, the encryption time is 40s.

of dollars. Secondly, the IoT will have a wider range of applications. The development of the IoT technology is gradually improving, and the accuracy and real-time of its data, as well as the efficiency and accuracy of management, are all inevitable steps in the development of technology [9]. As a new technology, some researchers believe that it will always face some difficulties and challenges. The data transmission process of IoT applications involves uploading data from sensor devices and user instructions. The accuracy of information transmission is directly related to the accuracy of the application. Most of the data transmitted to the IoT contains sensitive content such as user privacy, so it has a close impact on personal privacy and social stability and harmony. In a word, realizing the confidentiality, integrity and identity of IoT data sharing is an important issue to be solved urgently, and it is also a research hotspot [10]. For the security research of the IoT, some scholars have proposed a password-protected user authentication scheme in a hierarchical wireless sensor network environment, but this scheme is easy to crack and cannot meet higher security requirements. In terms of key distribution and management, network-wide pre-distribution models and random key predistribution have been continuously proposed in recent years [11]. In summary, the application potential of the IoT is huge, but security problems inevitably arise, and the security problems of the IoT need to be solved urgently.
This article conducts research on network security from the perspective of the IoT, analyzes the architecture of the IoT and the security issues of the IoT on the basis of literature data, and then designs a security solution based on the IoT for the problem, and then tests the design solution. The test results draw relevant conclusions.

The Architecture of the IoT
Now, EPCGlobal's IoT architecture is the most representative of the well-known IoT architecture. Its main components are EPC coding technology, EPC tags, EPC readers, ONS servers and EPC middleware [12]. Due to the different capabilities of the IoT system architecture, it can be divided into three levels: the perception level, the lower level used to collect information, and the network level, which also belongs to the middle level grade. The perception level is the application/middle level used for data transmission. Figure 1 shows the architecture diagram of the IoT.

IoT Security Issues
(1) At the perception level, the security protection of the perception layer is the security of the network itself, because its operation is performed by the wireless sensor network, acquiring the data information of the sensor node, and connecting to the external network through the gateway. The sensor nodes of the IoT generally have limited resources, weak computing power, and rich resources, so relatively large-scale security measures commonly used on the Internet are adopted. Therefore, the perception level must not only meet the security goal, but more importantly, apply the cryptographic mechanism to lighter weights and reduce resource consumption. In general, the perception layer needs to provide specific security solutions based on security requirements such as secure routing, identity verification, intrusion detection, and key management. Perception-level sensor nodes are vulnerable to attacks from other networks. In particular, denial of service can paralyze the entire network. Therefore, the sensor nodes in the wireless sensor network must be able to resist denial of service attacks.
(2) At the network level, the data transmission format is IP datagram, and each IP datagram contains individual information such as TCP, UDP, Internet Control Message Protocol, and Internet Group Message Management Protocol. These IP datagrams are sent directly from one host to another through network transmission technology, making the network layer extremely vulnerable to attackers. End-to-end can also achieve terminal security at the network level, which requires the creation of corresponding key sharing, key management and identity verification mechanisms.

Security Algorithm
First, define the inverse sequence transformation method as: ,

IoT Authentication Method
The IoT only guarantees the legitimacy of network access devices, which means that the collected information requires a strict IoT authentication mechanism, because it only guarantees the accuracy and reliability of the source. Nowadays, in the IoT, many wireless sensors are deployed in no man's land, making the equipment extremely vulnerable to physical damage or intrusion by attackers using illegal identities. Authentication is to determine whether a user is accessing a specific resource and has a specific usage authority, allowing both parties to establish a trust relationship to ensure the reliability of the data at the starting point. If a major relay node is detected during the collaborative data transmission process between sensor nodes, the entire network will face a huge security threat. In addition, although the sensor nodes themselves in harsh environments have passed the certification, physical damage may occur, the operation of the nodes may become unstable, and the accuracy of collected information may be reduced, which is also uncertain. The information collected in this case is not only meaningless, but also affects the judgment of the actual target person. At the same time, the information of the damaged node will consume a large amount of energy of other nodes in the network during the transmission and transfer process, resulting in a waste of resources.
The solution in this paper first performs two-way authentication on the communication part to prevent sensor nodes from accessing forged network system IDs. Two types of random numbers are used in the process of sending sensor node ID information. Even if the ID information is intercepted during the transmission process, it is difficult for an attacker to accurately analyze the sensor node ID information, because two types of random numbers are applied, which effectively resist repeated attacks, and by introducing a backup node, the original faulty sensor can be replaced. Collecting data in time to ensure business continuity. This solution also introduces the early warning mechanism of various alarm information displayed by the sensor node status monitoring device and the terminal base station, which can not only improve the security of the sensor node authentication, but also detect the performance and operating status of the equipment. This greatly improves the reliability of the sensor node data, confirms the accuracy of the collected information, and reduces the consumption of network resources by the transmission of information. The terminal will collect and verify the actual information based on the actual actual information to eliminate the interference of invalid data information. In the case of sensor damage, personnel can also perform various steps to repair the sensor in time to reduce system costs.

Intrusion Detection Methods
(1) Since the monitoring node and the cluster head node cannot be the same node, the monitoring node can also be the monitored cluster head node. In the static phase, the monitoring node monitors the communication content in real time, and sends an alarm message directly to the base station if a threat is detected. This process is mainly divided into the following processes to complete:

1) Data collection
At this stage, the information collected is messy. The terminal will filter the information before saving to facilitate subsequent analysis. Save the exported valid data in the terminal, and discard it after a period of time or the memory space is exhausted.

2) Application rules
At this stage, the stored data is controlled by standard rules. If the information of a specific rule fails, the number of cancellations will increase by one.

3) Intrusion detection
At this stage, the statistical analysis technique of the intrusion detection system is used to compare the cumulative number of failures with a given random damage limit. If the first is greater than the second, it is considered an invasion. In other words, if the number of abnormal behavior exceeds a certain limit, the monitoring node will consider it an intrusive behavior.

4) Send alarm information.
The monitoring node sends alarm information to the base station.

5) Blacklist management.
After each round, all invading nodes are included in the blacklist, and no longer accept the information sent by the nodes in the blacklist, and the nodes in the blacklist are no longer selected as cluster heads.
(2) Detection rules Intrusion detection systems usually use three technical tools: pattern matching, statistical analysis, and completeness analysis. This detection system is mainly based on statistical analysis methods. The specific detection rules are as follows:

1) Space rules
If the interval between two consecutive messages monitored by the watch node is not within the default range, it is invalid. In this scenario, this rule is used to detect DoS and snub attacks. In a DoS attack, malicious nodes continuously send cluster head applications to the network, and the time interval between successive application messages is relatively short. In an offensive attack, if some nodes become the target of the attack or cause energy diffusion due to other reasons, the normal information transmission will be insufficient, and the interval between consecutive messages will be very long.

2) Repeat rules
The number of times the same message is sent from the same node must be within a certain range. This rule can detect duplicate and DoS attacks.

3) Unlimited transmission range rule
The intensity of the information sent by the node must be within a certain range, and very strong information is considered a neighborhood flooding attack.

Key Management Scheme
(1) The security gateway node inserts the remote key management scheme. As a CA, the security gateway node issues certificates to the gateway node and the cluster head node, manages security certificates, and the communication between the gateway node and the cluster head node does not involve the security gateway node. The security gateway node is mainly composed of five parts: the main control panel, the security management module, the key agreement module, the authentication module, and the encryption and decryption module. Among them, the main control panel is the control center. The key agreement module and the authentication module are used to implement key agreement and authentication between nodes, and use the generated key as the encryption and decryption key of the encryption and decryption module. The encryption and decryption module is used to realize the encryption and decryption functions in the data. The security management module mainly performs key management and certificate management on cluster head nodes and gateway nodes. According to whether the gateway node is connected to the IP network to send data to the cloud platform, the WSN mode is divided into offline mode and offline mode. Among them, in the web mode, the gateway node manages the keys and certificates on the nodes in the WSN. In offline mode, the security gateway node selects the gateway node and the cluster head node to form a security