Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

ARP man-in-the-middle attack protection design for Internet of Things sensing layer terminal

An IoT terminal and protection design technology, applied in electrical components, transmission systems, etc., can solve problems such as unsustainability, infeasible IoT perception layer, and high price.

Active Publication Date: 2021-05-18
北京辰信领创信息技术有限公司
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The problem of this type of implementation: because the number of sensing terminals is large, and the deployment and planning time is long, it is a long-term process. This solution gives each terminal an independent IP segment, which increases the network topology complexity and implementation cost, and is impossible Continuous (every time a new terminal is deployed, the IP network segment must be re-divided and designed, the project volume is huge, and it is basically not feasible), so it is mainly used in the aggregation layer, and it is basically not feasible in the IoT perception layer
[0005]2. It is implemented through a gateway with horizontal isolation function. Most of these devices are implemented on Intel's X86 architecture chips, and very few are implemented on self-developed chips ( For example, it is implemented on Huawei), which is expensive (over 4,000 yuan), and it is difficult to deploy in large quantities upstream of each IoT perception layer terminal
[0006]Unable to support high-power gateway power supply
[0007] There are a large number of ordinary gateways deployed at the edge layer of the Internet of Things, but none of them have the security defense function of ARP man-in-the-middle attack. Therefore, it is necessary to propose a terminal ARP man-in-the-middle at the perception layer Methods of attacking and carrying out corresponding protection and control

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below. Obviously, the described embodiments are part of the embodiments of the present invention, not all of them. the embodiment.

[0026] In the above description of the present invention, it should be noted that the usual orientation or positional relationship of the product of the invention in use is only for the convenience of describing the present invention and simplifying the description, rather than indicating or implying that the referred device or element must Having a particular orientation, being constructed and operating in a particular orientation, and therefore not to be construed as limiting the invention. In addition, the terms "first", "second", etc. are only used for distinguishing descriptions, and should not be construed as i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the field of computer terminal access security, in particular to an ARP man-in-the-middle attack protection design for an Internet of Thing sensing layer terminal. The design comprises the following two parts: 1, network data and ARP data messages, which are sent by the Internet of Things terminal, of the same network segment are enabled to pass through a Net filter module of a Linux kernel network subsystem, and ARP communication message data of the same IP network segment are captured; and 2, an ARP man-in-the-middle attack behavior judgment function is executed in a Net filter, and ARP man-in-the-middle attack behaviors are detected, and detection and security isolation of a kernel layer of ARP data of the same network segment are achieved by using an MTK SOC scheme based on an MIPS framework and modifying a kernel module of the Linux network subsystem, so ARP man-in-the-middle attack protection is achieved. Meanwhile, used MTK7621 system SOC chips, MTK7628 system SOC chips and MKT7620 system SOC chips are low in price and can be massively deployed on an edge layer of the Internet of Things.

Description

technical field [0001] The invention relates to the field of computer terminal access security, in particular to the design of ARP man-in-the-middle attack protection for terminals at the perception layer of the Internet of Things. Background technique [0002] With the development of computer networks, the growth of the Industrial Internet and the Internet of Things, the security of the network environment puts forward higher security requirements for devices in the network; The terminal equipment for collection and command execution is the end of the entire network environment. It will not be connected to downstream network equipment itself. It is often deployed in an unattended environment, such as smart cameras, highway monitoring, smart street lights, and electronic publicity screens in residential areas. equipment. [0003] Implementation methods currently on the market: [0004] 1. Through the three-layer switch, different network types and familiar devices are divi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/08H04L29/12
CPCH04L63/20H04L63/1416H04L61/103H04L67/12
Inventor 顾铠羟
Owner 北京辰信领创信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com