Internet of Things protocol security automatic analysis method and system based on formal verification

A protocol security and formal verification technology, which is applied in the field of automatic analysis of IoT protocol security based on formal verification, can solve the problems that the correctness of protocol security cannot be determined, cannot be extended, and the interaction of IoT protocols is complex. The effect of realizing systematic safety analysis and reducing manual burden

Active Publication Date: 2020-12-29
杭州智达融信科技有限公司
View PDF7 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The above formal verification methods are manual formal expressions based on protocol specifications, and cannot be extended to other protocols
Currently, there is no systematic and scalable solution for the formal analysis of IoT protocols
[0005] In addition, due to the large number of participants in the IoT protocol and the complex interaction process, the existing state-of-the-art formal verification tools still have some verification limitations
Tamarin is currently the most advanced tool, but since the correctness of protocol security is an undeterminable problem, and the interaction of IoT protocols is complex, Tamarin has the limitation that it cannot stop the verification, and manual help is needed to prove the lemma to solve the verification problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Internet of Things protocol security automatic analysis method and system based on formal verification
  • Internet of Things protocol security automatic analysis method and system based on formal verification
  • Internet of Things protocol security automatic analysis method and system based on formal verification

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] The present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be noted that the following embodiments are intended to facilitate the understanding of the present invention, but do not limit it in any way.

[0055] The present invention provides a method and system for automatic analysis of Internet of Things protocol security based on formal verification, which needs to be analyzed based on the protocol state machine and basic security attributes, wherein the protocol state machine can be automatically extracted through model learning and other methods , the basic security attributes are extracted through the protocol specifications summarized by researchers, and each protocol only needs to be extracted once. The method and system can automatically formalize the state machines of different protocols on multiple platforms, extend protocol security attributes, apply an attacker model, and implement fo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an Internet of Things protocol security automatic analysis method and system based on formal verification, and the method comprises the steps: building a security attribute needing to be satisfied by a protocol based on an Internet of Things protocol state machine, and automatically achieving the formal description of an Internet of Things protocol and the security attribute needing to be satisfied by the Internet of Things protocol; modeling attacker ability by applying two attack scenes, and formal verification being realized based on a dynamic priority strategy. According to the Internet of Things protocol security automatic analysis method based on formal verification, protocol state machines, deployed on a plurality of Internet of Things platforms, of MQTT, CoAP and AMQP protocols can be efficiently converted into formal languages, and automatic and systematic security analysis is carried out.

Description

technical field [0001] The invention belongs to the field of Internet of Things protocol security analysis, in particular to a formal verification-based automatic analysis method and system for Internet of Things protocol security. Background technique [0002] In recent years, the Internet of Things has developed rapidly and has received extensive attention from all walks of life. The Internet of Things protocol is used by major Internet of Things vendor platforms to connect massive devices and users. Unlike traditional protocols, IoT protocols are often designed to work with low-bandwidth, resource-constrained, unreliable devices, which also introduce new security and privacy risks. [0003] Recently, researchers discovered some security issues of IoT protocols through manual analysis, which led to some serious consequences. For example, Jia Yan and others discovered that there are problems such as privacy leakage and malicious message injection in the Internet of Things...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/26H04L29/08
CPCH04L63/1408H04L43/18H04L67/12H04L63/1416H04L63/20
Inventor 纪守领王琴应陈建海林昶廷赵彬彬
Owner 杭州智达融信科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap