Device and method for detecting Zigbee protocol vulnerabilities

Abstract

The invention provides a device and a method for detecting Zigbee protocol vulnerabilities. The corresponding device comprises an activity monitoring module, a data generation module, a data injection module and an abnormality monitoring module, wherein the activity monitoring module is used for monitoring a behavior of an MAC (medium access control) layer of a Zigbee module, and intercepting and transmitting the data to be transmitted if a data encapsulation of valid data transferred at the upper layer of the MAC layer is finished; the data generation module is used for carrying out a randomized treatment on the data to be transmitted within a prescribed limit of the protocol, and generating and transmitting a test case; the data injection module is used for filling the test case into a to-be-transmitted data buffer area, and invoking a data transmission command to transmit the data included in the test case through a physical layer; and the abnormality monitoring module is used for analyzing network data captured by a WinSock expert from a Zigbee wireless sensor network, detecting whether an abnormal behavior or a node collapse appears in the node in the network, and determining a detection result of the vulnerabilities. The device and the method which are suitable for a large-scale wireless sensor network have the advantages that the security vulnerabilities of the protocol are determined, the number of the test cases is reduced, and the validity of the test cases is increased. As a result, the test efficiency is improved.

Description

technical field [0001] The invention relates to a Zigbee protocol loophole detection device and method, belonging to the technical field of protocol security in information security. Background technique [0002] In order to resist malicious attacks from inside and outside the network, the Zigbee protocol has regulations on data confidentiality, data replay detection, and access control. However, because wireless sensor network data propagates through electromagnetic waves in the air, the storage capacity, computing power and power supply capacity of the backup node are limited, resulting in many security threats and vulnerabilities in the IEEE 802.15.4 network, such as: node cloning attack, man-in-the-middle attack, black hole attack, ACK attack, flood attack, DoS attack, etc. [0003] The current detection methods for wireless sensor network protocol vulnerabilities mainly include the following: [0004] 1) Protocol analysis method: Through the research on the working me...

AI Technical Summary

Problems solved by technology

[0007] The present invention solves the problems that the existing Zigbee protocol loophole detection technology cannot be applied to large-scale wireless sensor networks, the security loopholes in the protocol itself cannot be determined, and the number of test cases is huge and the efficiency is low, and further provides A detection device and method for Zigbee protocol vulnerabilities

Images