Internet of Things honeynet system based on SOAP service simulation

A technology of the Internet of Things and honeynet, applied in the field of Internet of Things security, can solve the problems of endangering the security of the Internet of Things, and cannot be directly applied to the field of Internet of Things.

Active Publication Date: 2019-10-29
HARBIN INST OF TECH
View PDF8 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

IoT devices follow the UPnP architecture and control devices through the SOAP protocol, which has led to many hackers controlling IoT devices through SOAP service vulnerabilities, endangering the security of IoT
However, the honeynet system in the existing technology is developed for the traditional Internet system and cannot be directly applied to the field of the Internet of Things.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Internet of Things honeynet system based on SOAP service simulation
  • Internet of Things honeynet system based on SOAP service simulation
  • Internet of Things honeynet system based on SOAP service simulation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] Attached below Figure 1-2 And and table are set forth as follows to the realization of the Internet of Things honeynet system based on SOAP service simulation of the present invention:

[0052] 1. SOAP service simulation honeypot based on CVE-2017-17215 vulnerability

[0053] HG532 series routers provide insecure SOAP services for device upgrades, resulting in unauthorized access and remote code injection. Using this vulnerability to send a specially constructed request packet to port 37215 monitored by the router's UPnP service, you can execute arbitrary commands remotely.

[0054] The IoT device models and their configuration information affected by this vulnerability are shown in Table 1:

[0055] Table 1 CVE-2017-17215 vulnerability information

[0056]

[0057] The outermost layer of the overall structure of the honeypot is an intelligent guardian framework, which consists of four main modules, namely the honeypot core module, the honeypot daemon class, the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an Internet of Things honeynet system based on SOAP service simulation, and belongs to the technical field of Internet of Things security. The objective of the invention is tomonitor and collect the security state of the Internet of Things, capture the malicious request of a hacker for the Internet of Things, and collect malicious samples. According to the method, a middle-high interaction honeypot is designed according to a router SOAP service vulnerability CVE-2017-17215;; in order to prevent the situation that a hacker performs injecting service details which are not completed by the simulation serviceand the simulation service honeypot cannot respond and cannot capture subsequent malicious codes and samples, the function of supplementing the simulation servicehoneypot with the honeypot for providing the real SOAP service is realized by using equipment firmware with vulnerabilities; in order to capture more types of SOAP attacks, the SOAP port exposed mostin 2018 is analyzed, and a corresponding multi-port honeypot is manufactured. The honeypots are deployed to a plurality of nodes, a control center is designed at the same time to distribute commands and transmit files, and Docker technology packaging is assisted to achieve rapid deployment. Hackers cannot control the Internet of Things equipment through SOAP service vulnerabilities, so that the security of the Internet of Things is improved.

Description

technical field [0001] The invention relates to an Internet of Things honeynet system based on SOAP service simulation, belonging to the technical field of Internet of Things security. Background technique [0002] In recent years, with people's demand for smart life, the Internet of Things industry has developed rapidly. According to the survey, the scale of IoT devices has exceeded tens of billions. Although such a large number of IoT devices can greatly improve our living environment, it also hides huge security risks. At the same time, IoT devices are more vulnerable to attacks because it is difficult to deploy conventional network security measures due to their limited device resources and various operating system architectures. On the one hand, hackers can use IoT devices to steal information or carry out malicious attacks, such as invading cameras to obtain video recordings, controlling the opening and closing of smart devices, etc.; , enterprises, and personal inf...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L29/06H04L29/08
CPCH04L41/145H04L41/0273H04L63/1433H04L63/1491H04L67/02H04L67/06H04L67/34
Inventor 张伟哲何慧方滨兴丁泽宇
Owner HARBIN INST OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap