Network security threats and solutions research was
Abstract : Internet of Things (Internet of Things) is seen as the third revolution in the information technology industry, and is widely used in industrial, commercial, agricultural and transportation intelligent, smart home, intelligent logistics, intelligent security, intelligence and energy . Back in 2009, Europe and other developed countries will be of things as an important area for future development, and have made things develop strategic planning, core technology and key industries, China's relevant government departments on related issues quickly made deployment, especially in recent years, the State Council, the Ministry of industry and Reform Commission issued a series of major policies to promote development in order to strengthen the networking industry. However, while its rapid development there are serious security threat. Through Internet of Things composition framework, characteristics and key technologies elaborate, perception layer, transport layer, application layer of the Internet of Things security threats that exist are analyzed and summarized in key technologies, policies and regulations, management standards made from a number of solution.
Keywords: networking, security threats, countermeasures, sensor networks, smart city
I. Introduction:
Since 1995, Bill Gates in "The Road Ahead", a book for the first time mentioned the concept of things, until now has not been a widely accepted definition of all walks of life, a lot of countries and regions controversial things, our things are defined: IOT refers to information sensing apparatus according to the agreement, to any article connected with the Internet, information exchange and communication, to achieve intelligent identification, tracking, positioning, monitoring and management. Things to perception layer, network layer and application layer as the basic framework is based on the Internet to establish a ubiquitous network that through a variety of wired and wireless network, objects, things and things of Internet communications and real-time intelligence management control. The basic process can be summarized as characterized in the overall perception, reliable transmission and intelligent.
Things in the field of intelligent transportation, smart logistics, smart security, smart energy, smart healthcare, smart home, intelligent manufacturing and wisdom and agriculture development of increasingly rapidly, but security problems exposed are becoming increasingly prominent, typical things threats there are remote video recordings, data theft, malicious intrusions, communications monitoring, physical capture, botnets. A typical case: 2018 State Food and Drug Administration issued a large number of medical device companies take the initiative to recall notice, which Medtronic, GE, Abbott and other big names are in the column, retrieve equipment including magnetic resonance imaging systems, anesthesia systems, artificial heart-lung machine, announcement display equipment product recall involving over 240,000, mainly due to lack of security, at the end of 2016, found that white hat hackers can remotely control the Medtronic pacemaker, in which there are about 8000 bugs vulnerable to hacker attacks. This shows the importance of things to protect system security, architecture and key technologies of things from this article will mainly discuss the security threats they face and the solutions.
Second, security threats and solutions:
(A). Aware layer
1. Composition and key technologies
Perception layer, also known as the physical layer, the main features for the full perception that identify objects, collecting information. By the mass of the sensor module, the processor module, a wireless communication module and a power supply module, the type and structure of the sensor nodes are endless, wherein the sensor module is responsible for collecting sensing data detection area and Data Converters, when the sensor node processor module the core part, responsible for controlling the entire operation of the sensor node, the wireless communication module is responsible for wireless communication with other sensor nodes, transceiver exchange control messages and data acquisition, the energy supply module provide the energy required for the operation of the entire node. The key technologies used are radio frequency identification (RFID), wireless sensor networks (WSNs) and a short-range wireless communication technology. RFID technology allows object "speak", corresponding to the given characteristics of things that can be tracked
2. Security Threat Analysis
Compared to other networks, most of the things sensing nodes distributed in unattended environments, also part of the work environment or dynamic, such that their ability fragile, limited resources, but also makes the attacker can easily come into contact with these devices and can even replace the hardware and software equipment by local operation. In perception layer, the security aspect of things appear as physical security, i.e., sensor mass safety device, the sensor comprises interference shielding, signal interception, denial of service.
That perception sensor node presents multi-source heterogeneity, and a single sensing nodes simple functional structure in general, less information, key management becomes more difficult, high-intensity operation can not be encrypted so that it can not have sophisticated security capacity; the whole perception layer network showing data transmission and message of diversity between the node and the node is no specific standard, and therefore can not provide a unified security system, has seriously affected the perception of safety information collection and transmission, which leads to things are facing the interruption, eavesdropping, interception, tampering, counterfeiting and other security threats. On the other hand, a large number of nodes of things, there is a collective way, it will lead to a lot of equipment when the data transmission network congestion, resulting in denial of service attacks, resulting in a substantial decline in network performance; due to a hardware failure, software defects, depletion of resources or network harsh environmental conditions can also cause damage to availability.
Things combined sensing node deployment characteristics analyzed may face attacks: block interference, obtaining the center frequency of the target frequency communication network, transmission radio wave interference, and then near the frequency, so that the network paralysis, which is a typical DoS attacks; collision attack, the attacker continuously transmitting data packets during transmission and normal packet collision sensing things sent by the node, which is an effective DoS attacks; exhaustion attacks, using a communication protocol vulnerabilities Length energy depletion of the node; unfair attack continuously transmits a high priority data packets so as to occupy the channel; selecting forwarding, denial message forwarding and discard specific, confusion neighboring sensing node; redness attack, an attacker sends a large number packets resulting in decreased overall network performance, affecting the normal communication; information tampering, eavesdropping information to be modified and then forwarded to the original recipient, in order to achieve the purpose of attack.
3. Solution
Increase the perceived level of perception node authentication mechanism used to verify the legality of the exchange process, the authenticity and validity of the exchange of information, including the identification between nodes within the network, the user will perceive the identification layer node identification and perception layer messages. Since the limit sensor node energy, computing power and storage space may be employed lightweight encryption algorithm aware layer. Before things device into the market, its comprehensive safety audit, enterprises in the production of things need to deploy the product basic safety standards in the design of things end products, set the hardware firewall with IPS module. Manufacturers should ensure there is no back door or malicious code, and the device can not be copied UUID, monitoring or capture, ensure that the equipment is not due to the presence of illegal wiretapping or monitoring mechanisms leading to important information leaks in the online registration process.
(B) transport layer
1. Composition and key technologies
The transport layer is also called the network layer, and mainly by the gateway protocols, responsible for processing the sensor data and provides a variety of standard interfaces, such as Ethernet, Bluetooth, ZigBee, RFID, etc., to support both IPv4 and IPv6, provide end to end communication services . The main features of the network layer is a reliable transmission, play the role in the IOT data transfer information and the instruction information, including communications and Internet converged network, the network management center and an information processing center. Based primarily to transport TCP, UDP protocol, and introduces security TLS and DTLS network transport protocols based on this, the use of wired communication and wireless communication technologies.
2. Security Threat Analysis
At the network layer, security aspect of things appears as secure data security and communication protocols, involving information transmission system and a processing system with a conventional information system security substantially similar security threats that may occur with a theft, tampering, forgery, repudiation , there are privacy issues. Things device itself due to limitations of the performance, the complexity of the communication protocol is not high, even prevailing circumstances expressly transmission, an attacker can be further analyzed using a communication protocol or a particular vendor product specific things, the control of all the same type of communication protocol products, expand the reach of attack. When this stage, the system of things during Bluetooth, ZigBee, Wi-Fi wireless network for data transmission, different types of heterogeneous network authentication problem has not been fully effective solution, resulting in the network layer more susceptible to external system types of malicious attacks.
3. Solution
At the transport layer using secure routing mechanism to ensure network when subjected to threats and attacks, it is still able to carry out the correct route discovery, build and maintain, including data privacy and authentication mechanisms, and real-time data integrity verification mechanisms, devices and authentication mechanisms to identify and route messages broadcast mechanism. For different network transmission part, configure different key management scheme, to make the system even after subjected to external attack, did not encounter network transmission part of the attack are still protected and running, to avoid the collapse of the entire system together.
Business dealings traffic between different devices and back-end server is encrypted by signature or strong coding to protect information during transmission of data confidentiality, integrity. In strict accordance with rules of the organization and communication protocol parties (such as embedded devices, the cloud, the end-user, etc.) to exchange information and data.
(C) Application layer
1. Composition and key technologies
In simple terms, the application layer is the end-user access to data and their main features and interfaces, application-layer communications of things are intelligent processing equipment, application layer is the depth of networking and business technology integration, combined with the industry needs, achieve industry intelligence. The application layer key technologies have SPINs protocol, Web application firewall, authentication technology, intelligent data processing technology. An application layer element has a custom application, encryption protocols and third-party libraries, and drivers
2. Security Threat Analysis
Platform supports networking applications such as cloud computing, distributed systems, massive information processing and so on, all have different security policies for large-scale, multi-platform, multi-service type of things business level the lack of a unified security architecture. Network intrusion, denial of service attacks, Sybil attack, routing attacks the integrity and availability of information and so will be destroyed. Application layer security threats still exist have a database of information leakage, credential theft, and API interface is black, account hijacking, and other permanent data loss. Because not set a CAPTCHA mechanism or mechanisms to identify weak, and the user terminal equipment for simple and easy to remember more inclined to set up a user name and password, the attacker can replay attacks and brute force the user to modify passwords, access rights have to control smart devices . Not strict enough authentication will result in an attacker can easily spoof the clouds, cloud fake packets, things interact with the terminal device, sending abnormal instruction impede the normal operation of equipment, and illegal collection of user data.
3. Solution
Things physical devices and many other applications associated to ensure network stability and connectivity is very important, the use of access control mechanisms at the application layer, to determine the rights of legitimate users of Things system resources enjoyed by preventing the invasion of illegal users and non-legitimate users permission to resources, which is to maintain the safe operation of the system, to protect the safety of important information technology systems, including autonomous access mechanism and mandatory access mechanisms. Security threats against data leakage, multi-factor authentication and encryption can be used as a defensive strategy, and take good care of the key, to establish a good public key infrastructure protection, regular replacement of key credential; security threats to account hijacking. The company should be prohibited from sharing account credentials between users and services, user accounts and service accounts should be regulated, so that every transaction can be traced to one specific person, at the same time, enterprises should control their own encryption and key, effective log so that separation of duties, minimize user permissions, recording, monitoring and auditing of administrator activity
Things vendors need to provide access to API interface protocols, and access credentials, so you can more comprehensive monitoring of Things equipment, better judgment anomalies. On the other hand, you can restrict access to the port of APP, the traditional SQLi, XSS and so do the testing, periodic back-end Web application, database server, networking and so do big data analytics platform operating systems, middleware, database vulnerability scanning, with penetration testing found more problems. Providing a unique identity for each device and equipped Things ideal security authentication mechanism, the device itself has a security and back-end connectivity and control system and management platform, if each device has its own independent identity, businesses will be able to understand the current communications equipment claims is true.
III Conclusion:
Construction of things not just technical issues, but also issues related to all aspects of planning, infrastructure, management, security, etc., which requires the national level in response to the introduction of supporting policies, regulations and strengthening reducing technology. At present, the things that have occurred there are security threats botnets and DDoS attacks, remote video recordings, spam, advanced persistent threat (APT), extortion software, data theft, remote control vehicles.
At present things are still in the development stage, the security issues can probably be summarized as: safety awareness, safety regulations, safety technology and security management four aspects.
Aspects of security awareness, the performance of the user's lack of safety awareness, such as browsing some irregular site, their user name and password security level is set low. Some manufacturers of safety awareness is relatively weak, when the factory into the market, still retains a hardware debug interface is not blocked, and even make a significant mark, a viable solution is to increase their security awareness through safety education. Safety regulations, networking products research and development of production processes and even the lack of security lax supervision, the overall safety standards and regulations should be improved, which requires the national level in response to the introduction of supporting policies and regulations, improve the safety evaluation system and safety supervision system, improve overall things security products. Safety technology, due to the special nature of things, the traditional network security technology can not fully apply to the Internet of Things, security operations staff needs innovation for the Internet of Things security technology, a comprehensive understanding of potential security threats at all levels of things, targeted to take appropriate protective measures. Security management, performance schedule in order to find the best and economic benefits, not strictly comply with the safety development process, resulting in the application process and abuse of privacy, lack of security of user data management, so enterprises should strengthen management of R & D personnel and operations personnel security management, focusing on top-level security planning.
references
[1] Wu Chuankun Things key technology and security challenges [J] Password Journal, 2015,2 (01): 40-53.
. [2] Wang Xiaoxia, Wang Qi Zhi Things composition and safe to explore [J] Things technology, 2019,9 (08): 93-94.
. [3] Haowen Jiang, Wu Jie Analysis of networking technology security issues [J] Information Network Security, 2010 (01): 49-50.
.. Security threats [4] Li Yang, the top ten of things have to prevent [J]. Computer and network, 2018,44 (05): 56-57.
. [5] button Xin, Yang Things to system security analysis and research [J] threats Technology Bulletin, 2019,35 (05): 132-137.
[6] often Kiyoshi, Liu Dong, Hao Xinda, Ma Nan security threats and countermeasures Things smart home terminal [J] Network Security Technology and Application, 2018 (10): 127-129.
[7] Yang Geng, Xu Jian, Chen Wei, Qi Zhenghua, Wanghai Yong Things security features and key technologies [J] Nanjing University of Posts and Telecommunications (Natural Science), 2010,30 (04): 20-29.
[8] Wang Hao, Zheng Wu, Xiehao Fei, Wang Ping Things security technology [M] Beijing: People's Posts and Telecommunications Press, 2016
. [9] Phantom of the children of Things security risks Threat Report .https: //www.freebuf.com/articles/terminal/133668.html,2017-05-09
[10] Su Meiwen study Theoretical Analysis and Countermeasures development of networking industry [D]. Jilin University, 2015.
. [11] Shen Ping explore safety and privacy of Things applications [J] modern information technology, 2019,3 (14): 161-163.