Search

CN-121984730-A - Data transmission safety protection and anomaly monitoring method and system for women and children Internet of things equipment

CN121984730ACN 121984730 ACN121984730 ACN 121984730ACN-121984730-A

Abstract

The invention discloses a data transmission safety protection and abnormality monitoring method and system for equipment of a women and children Internet of things, which belong to the technical field of medical Internet of things safety and comprise the following steps of S10, performing risk monitoring on related data, wherein the related data comprises fetal heart monitoring data, dividing the fetal heart monitoring data into fetal movement data, uterine contraction pressure data and fetal heart rate variation data, S20, performing risk monitoring, acquiring related information corresponding to the fetal movement data, the uterine contraction pressure data and the fetal heart rate variation data, wherein the related information comprises text characteristics and byte capacity, and acquiring fetal movement data, uterine contraction pressure data and fetal heart rate variation data tampered by an attacker in the text characteristics and the byte capacity. The method can effectively identify and defend data tampering attack, simultaneously ensure the integrity of high-level importance data, improve the safety of data transmission and the accuracy of anomaly monitoring, and provide effective safety protection for data protection in the field of medical Internet of things.

Inventors

  • ZHU HAO
  • ZHANG BIAO
  • WANG ZHOU
  • SUN LEI
  • XIE XIANZHENG

Assignees

  • 南京智慧云网络科技有限公司

Dates

Publication Date
20260505
Application Date
20260120

Claims (9)

  1. 1. The data transmission safety protection and anomaly monitoring method for the equipment of the internet of things for women and children is characterized by comprising the following steps of: S10, performing risk monitoring on related data, wherein the related data comprise fetal heart monitoring data, and dividing the fetal heart monitoring data into fetal movement data, uterine contraction pressure data and fetal heart rate variability data; S20, risk monitoring, including acquiring relevant information corresponding to the fetal movement data, the uterine contraction pressure data and the fetal heart rate variability data, wherein the relevant information includes text characteristics and byte capacity, and acquiring fetal movement data, uterine contraction pressure data and fetal heart rate variability data tampered by an attacker in the text characteristics and byte capacity; S30, performing association analysis in fetal movement data, uterine contraction pressure data and fetal heart rate variation data tampered by a attacked person, wherein the association analysis comprises the steps of analyzing the association of the uterine contraction pressure data with the fetal heart rate variation data and the fetal movement data based on the fetal movement data; S40, acquiring data with the greatest tampering and tampering times by an attacker first in fetal movement data, uterine contraction pressure data and fetal heart rate variability data based on the relevance, marking the data with the greatest tampering times by the attacker as risk data, marking the data with the greatest tampering times as monitoring data, and carrying out related rotation when data corresponding to the risk data and the monitoring data are transmitted at future time, wherein the related rotation comprises dynamic rotation of transmission paths of the data corresponding to the risk data and the monitoring data; S50, carrying out relevant adjustment based on the dynamic rotation, wherein the relevant adjustment comprises distinguishing the data corresponding to the risk data and the monitoring data before transmission, and the distinguishing comprises distinguishing the importance level of the data corresponding to the risk data and the monitoring data; And S60, dividing the importance grade into low-grade importance and high-grade importance, transmitting the data corresponding to the low-grade importance and the high-grade importance by using the same transmission path when transmitting the data corresponding to the risk data and the monitoring data, and performing data integrity assurance on the data corresponding to the high-grade importance if the data corresponding to the low-grade importance is tampered, wherein the data integrity assurance comprises independently encrypting the data corresponding to the high-grade importance and adding a digital signature.
  2. 2. The method for protecting data transmission safety and monitoring anomalies of equipment of the internet of things of women and children according to claim 1, wherein the text characteristics of fetal movement data comprise structured data and semi-structured data, and the structured data comprise time stamps, fetal movement times and duration; The semi-structured data includes subjective descriptions of pregnant women; Text features of the uterine contraction pressure data comprise time sequence data and medical labels; The time series data comprises a pressure value, a time stamp and a waveform characteristic; The medical label is of the uterine contraction type; the text characteristics of the fetal heart rate variability data comprise numerical data and graphic descriptions; The numerical data includes short-term variations, long-term variations; the graphical description includes a baseline swing pattern.
  3. 3. The method for protecting and monitoring the data transmission safety of the equipment of the internet of things for women and children according to claim 1, wherein in the step S30, the correlation between the uterine contraction pressure data and the fetal heart rate variability data and fetal movement data is analyzed, and the analyzing step is as follows: Aligning fetal movement data, uterine contraction pressure data and fetal heart rate variability data with time stamps; Presetting a safety threshold based on the time stamp, wherein the safety threshold is +/-10 seconds, and judging that fetal movement data, uterine contraction pressure data and fetal heart rate variation data are tampered if the deviation of the time stamp corresponding to fetal movement and the time stamp corresponding to fetal heart rate variation/uterine contraction pressure exceeds the safety threshold; if the safety threshold is not exceeded, calculating the cross correlation of the time sequence of the time stamp corresponding to fetal movement and the time stamp corresponding to fetal heart rate/uterine contraction pressure; aligning the unsynchronized time sequences by a dynamic time warping algorithm; And according to the aligned asynchronous time sequence, if the transmission frequency of the fetal movement data is synchronous with the uterine contraction pressure data, judging that the fetal movement data is tampered.
  4. 4. A method for protecting and monitoring data transmission security and abnormality of equipment in internet of things for women and children as set forth in claim 3, wherein in said step S30, said analyzing of said correlation further includes analyzing said correlation of said uterine contraction pressure data with text features of fetal heart rate variability data with byte capacities and said analyzing of fetal movement data with byte capacities, said analyzing steps being as follows: The fetal movement data, uterine contraction pressure data and fetal heart rate variability data are given a normal byte capacity range as follows: fetal movement data, namely 1-2 bytes per minute; Uterine contraction pressure data of 2-4 bytes per second; Fetal heart rate variability data of 4-8 bytes per second; if the data packet corresponding to the fetal movement data is increased, judging that the attacked person injects malicious codes or fake data; And if the data packet corresponding to the uterine contraction pressure data is reduced, judging that the key field is truncated or lost by an attacker.
  5. 5. The method for protecting and monitoring anomaly in data transmission of internet of things equipment for women and children according to claim 1, wherein in S60, the data of low-level importance corresponding to the fetal movement data includes a data source identifier and environmental noise data; data of high-level importance corresponding to the fetal movement data, including the number of fetal movements, the fetal movement time distribution, and the fetal movement intensity; Data of low-level importance corresponding to the uterine contraction pressure data, including repeated sampling values of equipment battery state or signal strength and uterine contraction pressure data; Data of high level importance corresponding to the uterine contraction pressure data, including a peak uterine contraction pressure, a frequency of uterine contraction, and a duration; The low-level importance data corresponding to the fetal heart rate variability data comprises a maternal body position or an activity state and a signal-to-noise ratio of a fetal heart rate signal during data acquisition; Data of high-level importance corresponding to the fetal heart rate variability data includes baseline fetal heart rate, fetal heart rate acceleration and deceleration patterns, and short and long variability magnitudes.
  6. 6. A method for protecting and monitoring data transmission security and abnormality of a maternal and child internet of things device according to claim 3, wherein the cross-correlation of the time series of time stamps corresponding to fetal movements and to fetal heart rate/uterine contraction pressure is calculated according to the following formula: ; In the formula, Time series representing fetal movement at time Is a measurement of the observed value of (2); time series representing fetal heart rate/uterine contraction pressure at time instant Is a measurement of the observed value of (2); 、 A mean value representing a time series of fetal movements and fetal heart rate/uterine contraction pressure; Representing the total length of the time series; representing cross-correlation coefficients for quantifying fetal movement And fetal heart rate/uterine contraction pressure At a time delay The cross-correlation coefficient is the linear cooperative variation degree; the time delay parameter is the time difference between fetal activity events and fetal heart rate/uterine contraction pressure changes.
  7. 7. The method for protecting data transmission security and monitoring anomalies of a gynecological and child internet of things device according to claim 6, further comprising the step of calculating according to the following formula: ; In the formula, Representing normalized cross-correlation coefficients, the range being [ -1,1]; 、 standard deviations representing time series of fetal movements and fetal heart rate/uterine contractile pressure are used to eliminate dimensional effects. =1, Representing a complete positive correlation; -1, representing a complete negative correlation; And 0, representing the radio correlation.
  8. 8. The data transmission safety protection and abnormality monitoring method for the internet of things equipment for women and children according to any one of claims 6 to 7, wherein time stamps corresponding to fetal movements are divided into 3 to 5 time points according to calculation results, fetal heart rate data and uterine contraction pressure data corresponding to each time point are obtained, if the fetal heart rate data and the uterine contraction pressure data are different from the fetal heart rate data and the uterine contraction pressure data corresponding to the previous time points and each time point at future time points, the fetal heart rate data and the uterine contraction pressure data are judged to be tampered, and otherwise, the fetal heart rate data and the uterine contraction pressure data are not judged to be tampered.
  9. 9. The system applied to the data transmission safety protection and anomaly monitoring method of the equipment of the internet of things of women and children as set forth in claim 1, comprising: The data monitoring module is used for performing risk monitoring on related data, wherein the related data comprise fetal heart monitoring data, and the fetal heart monitoring data are divided into fetal movement data, uterine contraction pressure data and fetal heart rate variability data; the data acquisition module responds to the risk monitoring and is used for acquiring related information corresponding to the fetal movement data, the uterine contraction pressure data and the fetal heart rate variation data, wherein the related information comprises text characteristics and byte capacity, and fetal movement data, uterine contraction pressure data and fetal heart rate variation data tampered by an attacker are acquired in the text characteristics and the byte capacity; The data analysis module is used for carrying out association analysis in fetal movement data, uterine contraction pressure data and fetal heart rate variation data tampered by a attacked person, and the association analysis comprises the step of analyzing the association of the uterine contraction pressure data with the fetal heart rate variation data and the fetal movement data based on the fetal movement data; the data fusion processing module comprises a dynamic rotation unit, a distinguishing unit and a processing unit; The dynamic rotation unit is used for collecting data which is tampered by an attacker and has the greatest tampering times first in fetal movement data, uterine contraction pressure data and fetal heart rate variation data according to the relevance, marking the data which is tampered by the attacker first as risk data, marking the data which has the greatest tampering times as monitoring data, and carrying out relevant rotation when data corresponding to the risk data and the monitoring data are transmitted at future time, wherein the relevant rotation comprises dynamic rotation of a transmission path when the data corresponding to the risk data and the monitoring data are transmitted; The distinguishing unit is used for carrying out relevant adjustment according to the dynamic rotation, the relevant adjustment comprises distinguishing the data corresponding to the risk data and the monitoring data before transmission, and the distinguishing comprises distinguishing the importance level of the data corresponding to the risk data and the monitoring data; the processing unit is used for dividing the importance level into low-level importance and high-level importance, transmitting the data corresponding to the risk data and the monitoring data by using the same transmission path, and if the data corresponding to the low-level importance is tampered, performing data integrity guarantee on the data corresponding to the high-level importance, wherein the data integrity guarantee comprises independently encrypting the data corresponding to the high-level importance and attaching a digital signature.

Description

Data transmission safety protection and anomaly monitoring method and system for women and children Internet of things equipment Technical Field The invention relates to the technical field of medical internet of things safety, in particular to a data transmission safety protection and anomaly monitoring method and system for equipment of a women and children internet of things. Background The internet of things equipment for women and children is applied to the field of medical care of women and children, and aims to improve the safety, infection control and medical efficiency of mother and infant. In the aspect of the safety application of the Internet of things, the safety risks of data leakage, tampering, abnormal operation of equipment and the like still exist in a medical scene of women and children. For the research in this aspect, the application document with the application number of CN202410783356.0 provides a method and a system for monitoring the data security of the equipment of the Internet of things, and the technical scheme comprises the steps of acquiring environmental data and environmental control parameters acquired by environmental acquisition equipment in a plurality of areas at a plurality of moments in the current monitoring period, and determining the change record of the environmental control parameters; the method comprises the steps of obtaining predicted environment control parameters of each area through a trained control parameter operation model, determining abnormal change records, determining tamper-resistant safety scores and tamper-resistant safety scores of each environment control device, and further determining data safety scores of the Internet of things device. According to the technical scheme, the tamper resistance and the disturbance resistance of the environment regulation equipment can be accurately determined, timely measures can be taken, and the overall data security of the Internet of things is improved. The technical scheme includes that an abnormality detection requirement and target monitoring equipment of an Internet of things platform are extracted, an interface of the Internet of things platform is set, operation data of the target monitoring equipment are obtained in real time, the operation data are processed by an abnormality detection model of the Internet of things platform, and whether the current target monitoring equipment has an abnormal condition or not is judged. The system comprises modules corresponding to the steps of the method. The technical scheme provides a lightweight implementation scheme and specification for an abnormality detection algorithm of the Internet of things platform, and provides a feasible solution for the abnormality detection algorithm of the Internet of things platform. However, the above-mentioned technical scheme lacks dynamic key rotation mechanism when being applied to woman and child thing networking data transmission, and attacker can utilize protocol loophole (such as KRACK loophole of Wi-Fi) to intercept and tamper child heart guardian data in the transmission, and then cause misdiagnosis risk, and above-mentioned technical scheme relies on single threshold value to judge, is difficult to discern complicated time sequence data anomaly (such as child heart baseline drift), has increased medical personnel's burden. Disclosure of Invention The invention is provided in view of the problems existing in the prior art of medical internet of things security. Therefore, one of the purposes of the invention is to provide a data transmission safety protection and anomaly monitoring method and system for equipment of the internet of things of women and children, which can effectively identify and defend data tampering attacks through mechanisms such as risk monitoring, association analysis, dynamic rotation transmission paths, data importance level distinction and the like, simultaneously ensure the integrity of high-level importance data, improve the safety of data transmission and the accuracy of anomaly monitoring, and provide effective safety protection for data protection in the field of medical internet of things. In order to solve the technical problems, the invention provides the following technical scheme: on the one hand, the invention provides a data transmission safety protection and anomaly monitoring method for equipment of a women and children Internet of things, which comprises the following steps: S10, performing risk monitoring on related data, wherein the related data comprise fetal heart monitoring data, and dividing the fetal heart monitoring data into fetal movement data, uterine contraction pressure data and fetal heart rate variability data; S20, risk monitoring, including acquiring relevant information corresponding to the fetal movement data, the uterine contraction pressure data and the fetal heart rate variability data, wherein the relevant information includes text characteristics and byte