中图分类号：TP393.08；TP309文献标识码：ADOI:10.19358/j.issn.2097-1788.2025.12.004引用格式：黎珂. 物联网多维度安全防御模型研究［J］.网络安全与数据治理，2025，44（12）：26-33.

Research on a multi-dimensional security defense model for the Internet of Things

Abstract： The traditional "perception-network-application" three-layer architecture of the Internet of Things (IoT) exhibits security blind spots at the edge. Meanwhile, the "six-domain model" faces challenges in practical implementation due to high deployment costs and lack of inter-domain coordination mechanisms. Based on threat analysis across the physical, network, and service domains, this paper reconstructs a "terminal domain-edge domain-core network domain-cloud application domain" four-domain architecture and introduces a dual-layer control mechanism that decouples the data plane and control plane, proposing a "four-domain dual-layer" security framework. This framework systematically reveals multi-dimensional threats including hardware infiltration, protocol vulnerabilities, quantum computing impacts, and API semantic conflicts. It constructs models for terminal lightweight protection, quantum-enhanced transmission, server-side proactive defense, and full-lifecycle security management. Practical tests in banking zero-trust scenarios and industrial IoT scenarios demonstrate that the attack detection rate is ≥98%, and the average response time is ≤500 ms. The results provide a reusable, systematic methodology for large-scale IoT security engineering.

Key words : Internet of Things (IoT) security; four-domain duallayer architecture; zero trust; full-lifecycle defense; endogenous security