English | 中文

手机二维码
 
【打印本页】      【下载PDF全文】   查看/发表评论  下载PDF阅读器  关闭
←前一篇|后一篇→ 过刊浏览    高级检索
本文已被:浏览 488次   下载 393 本文二维码信息
码上扫一扫!
基于搜索的物联网设备识别框架
邹宇驰,刘松,于楠,朱红松,孙利民,李红,王旭
分享到: 微信 更多
(中国科学院大学网络空间安全学院 北京中国 100049;中国科学院信息工程研究所物联网信息安全技术北京市重点实验室 北京中国 100093)
摘要:
越来越多的物联网设备接入到互联网中,但由于设计上的缺陷或者缺乏安全防护手段,这些暴露在公网上的物联网设备极容易受到黑客的攻击与利用。研究表明,具有相似产品属性的物联网设备很有可能存在相同漏洞,因此有效的识别网络空间中的物联网设备,对其产品属性,如设备品牌、型号等相关信息进行细粒度识别和标定,对把握网络空间实体设备的安全态势具有重要意义。本文提出一种基于搜索的物联网设备识别框架,利用物联网设备协议标语中富含的产品属性信息,通过自动化网络搜索技术构建物联网设备信息库,进而实现对未知新设备细粒度地自动分级识别和标定。通过公网实验,该框架能够很好识别视频监控和工控设备的产品属性,型号识别准确率均超过90%。
关键词:  物联网安全  设备产品属性识别  协议标语  细粒度
DOI:10.19363/J.cnki.cn10-1380/tn.2018.07.03
投稿时间:2018-03-30修订日期:2018-05-30
基金项目:本课题得到国家重点研发计划(No.2016YFB0801303-1);自然基金面上项目(No.U1536107)和中国科学院信息工程研究所国际合作项目(No.Y7Z0451104)资助。
IoT Device Recognition Framework based on Web search
ZOU Yuchi,LIU Song,YU Nan,ZHU Hongsong,SUN Limin,LI Hong,WANG Xu
School of CyberSpace Security, University of Chinese Academy of Sciences, Beijing 100049, China;Beijing Key Laboratory of IOT information security, Institute of Information Engineering, CAS, Beijing, 100093, China
Abstract:
More and more internet of things (IoT) devices are connected to the Internet, but many of them have design defects and less security consideration because of lower price and limit resources. These devices, therefore, are more easily cracked by malicious attackers by utilizing various implementation vulnerabilities. It is well known that IoT devices from same manufactures were tend to have same vulnerabilities, so we can obtain some valuable hints through the brand and model of devices without the need to verified the vulnerabilities one by one while evaluating devices' security status. Some research proposed methods to identify the categories or manufactures of IoT devices, but the information is so coarse that many devices may be marked with wrong security tags. In this paper, we proposed a IoT devices recognition framework based on Web search, which identified IoT devices in fine-grained manner, the brand and model, by matching their protocol banners with the products attributes database collected from specific electronic business Webs. Because the collecting is never end, we can recognize more and more IoT devices as some new products are found and put into the database. Internet experiments showed that, with our framework, the recognition accuracy on brands and models, for video surveillance and industrial control equipment, exceeds 90%.
Key words:  internet of things security  products attributes recognition  protocol banners  fine-grained manner