| 主权项 |
1. A network security method, implemented in a network security servo system, comprising:
decrypting a plurality of encrypted data points from a first Internet of Things device by a hardware processor executing instructions recorded in a storage device of the network security servo system; aggregating the data points into a plurality of aggregated data points by the hardware processor, wherein the aggregated data points form a plurality of data sets and the aggregating comprises characterizing a plurality of successive data points as one of the aggregated data points; retrieving a plurality of first centroid data points corresponding to the data sets by the hardware processor, wherein the first centroid data points form a first core data set; retrieving a plurality of second centroid data points corresponding to the first core data set and a second core data set by the hardware processor, wherein the second core data set corresponds to other Internet of Things devices; determining whether the first Internet of Things device is in an anomaly state based on the second centroid data points by the hardware processor, comprising:
executing a data stream cluster algorithm on the second centroid data points to determine whether a plurality of anomalous data points appear in the second centroid data points by the hardware processor; anddetermining the first Internet of Things device is in the anomaly state by the hardware processor; and isolating the first Internet of Things device to a specific virtual network by the hardware processor when the first Internet of Things device is in the anomaly state, wherein the isolating prevents the other Internet of Things device from cyber attacks. |
