中图分类号：TP309文献标识码：ADOI:10.19358/j.issn.2097-1788.2024.06.002
引用格式：靳文京，周成胜，刘美伶.图结构下基于通信模式匹配的物联网异常流量检测方法［J］.网络安全与数据治理，2024，43（6）：8-15.

An IoT abnormal traffic detection method based on communication pattern matching within a graph structure

Abstract： The wide application of the Internet of Things has brought new security risks. In order to gain a real-time insight into the abnormal state of the network without interfering with the normal operation of the system, the anomaly detection scheme based on traffic came into being. However, the current detection scheme generally has problems such as lack of universality and strong dependence on attack samples. Based on this, according to the physical limitations and domain specifications of the operation of the Internet of Things system, this study innovatively proposed a method of abnormal traffic detection of the Internet of Things based on communication pattern matching under the graph structure. On the basis of the construction of the communication graph, subgraph mining, isomorphic subgraph discovery and other algorithms are used to analyze and characterize the communication mode of fixed, periodic and automatic operation in the Internet of Things system to build the detection benchmark.

Key words : communication patterns; Internet of Things; subgraph mining; community detection; isomorphic subgraph