CN108449339B - Wired network access security protection system and method based on device physical fingerprint characteristics - Google Patents
Wired network access security protection system and method based on device physical fingerprint characteristics Download PDFInfo
- Publication number
- CN108449339B CN108449339B CN201810223027.5A CN201810223027A CN108449339B CN 108449339 B CN108449339 B CN 108449339B CN 201810223027 A CN201810223027 A CN 201810223027A CN 108449339 B CN108449339 B CN 108449339B
- Authority
- CN
- China
- Prior art keywords
- wired
- network interface
- physical fingerprint
- link layer
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a wired network access safety protection system and method based on device physical fingerprint characteristics. The wired equipment physical fingerprint extraction unit extracts the physical fingerprint of the equipment from the wired signal, reports the physical fingerprint to the safety rule matching unit and simultaneously transmits the wired signal to the wired network interface unit; the wired network interface unit and the internal network interface unit respectively transmit the received link layer data packet to the safety rule matching unit; and the safety rule matching unit is used for matching the received data according to the safety rule, discarding the data packet if the matching is unsuccessful, and otherwise, forwarding the data packet as it is. The invention does not change the original wired network access system architecture, carries out identity authentication on wired equipment accessed to an internal network, enhances the security of the network system, and is suitable for related technologies based on physical layer security and related technologies of traditional network security.
Description
Technical Field
The invention relates to the field of information security, in particular to a wired network access security protection system and method based on equipment physical fingerprint characteristics.
Background
Any electronic component is nonlinear, so that a large number of nonlinear sources exist inside the transmitter of the wired equipment to be identified, signals sent by the equipment are greatly differentiated, and special nonlinear characteristics can be generated due to uncontrollable factors of production equipment even for products of the same manufacturer and the same batch. The extraction of this feature forms the device physical fingerprint extraction technique. Compared with the traditional equipment identity authentication method, the physical fingerprint extraction technology can effectively resist forging, tampering and other attacks, and has the characteristic of physical unclonable.
On the other hand, the current network security system widely adopts a white list and a black list method to authenticate the link layer identity of the wired access device. However, the identity of the device is easily forged, which makes the protection against identity alone vulnerable. The drawback of this network security system is usually overcome by using additional network layer and above end-to-end equipment authentication, however, the end-to-end equipment authentication must modify the cable equipment and the access end equipment of the original cable network system at the same time, and any modification outside the original factory is not practically feasible for industrial products.
Therefore, the invention provides that a set of system is added at the access end, the physical fingerprint characteristics in the wired signal are extracted, the traditional security rule based on the link layer identity is improved into the security rule containing the physical fingerprint-identity binary group, the random counterfeiting of the link layer identity is avoided, the transformation of the original system is also avoided, and the security of the wired network access system is improved.
Disclosure of Invention
The purpose of the invention is as follows: in order to solve the problems in the prior art, particularly aiming at the condition of arbitrarily forging link layer identity marks or modifying the original system, the invention can carry out identity authentication on wired equipment and improve the security of a wired network access system.
The invention also aims to provide a wired network access security protection method based on the physical fingerprint characteristics of the equipment.
The technical scheme is as follows: a wired network access safety protection system based on equipment physical fingerprint characteristics comprises a wired equipment physical fingerprint extraction unit, a wired network interface unit, an internal network interface unit and a safety rule matching unit; the wired equipment physical fingerprint extraction unit, the wired network interface unit and the safety rule matching unit are connected, and the signal transmission direction is from the wired equipment physical fingerprint extraction unit to the wired network interface unit and from the wired equipment physical fingerprint extraction unit to the safety rule matching unit; the wired network interface unit and the internal network interface unit are connected with the safety rule matching unit, and signals between the wired network interface unit and the safety rule matching unit and between the internal network interface unit and the safety rule matching unit are transmitted in two directions;
the wired device physical fingerprint extraction unit comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, and the processor realizes the following steps when executing the program: extracting physical fingerprint characteristics of wired equipment from wired signals on a network connecting line;
the safety rule matching unit comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, and the processor executes the program to realize that: and storing and matching security rules, wherein the security rules comprise the binding relationship between the link layer identity, the network layer address, the port number of the transmission layer and the application layer identity and the physical fingerprint of the wired equipment.
Preferably, the security rule matching unit is configured to determine, according to the stored security rule, the validity of the data input from the wired network interface unit from the wired device physical fingerprint input from the wired device physical fingerprint extraction unit and the link layer id in the link layer packet input from the wired network interface unit.
Preferably, the method further comprises judging the validity of the data input from the wired network interface unit according to the stored security rules, wherein the network layer address, the transport layer port and the application layer identity identifier are contained in the link layer data payload input from the wired network interface unit.
Preferably, the security rule matching unit is configured to determine validity of data input from the internal network interface unit, that is, data to be forwarded to the wired network interface unit, according to a binding relationship between the link layer identifier, the network layer address, the port number of the transport layer, the application layer identifier, and the physical fingerprint of the wired device in the security rule.
A wired network access security protection method based on device physical fingerprint characteristics comprises the following steps:
the method comprises the following steps: the method comprises the steps that safety rules are input into a safety rule matching unit in advance, wherein the safety rules comprise link layer identity marks, network layer addresses, transmission layer port numbers and binding relations between application layer identity marks and physical fingerprints of wired equipment;
step two: the method comprises the steps that wired signals on a current network connecting line are received, a wired equipment physical fingerprint extraction unit scans physical characteristics of the wired signals, extracts physical fingerprints of wired equipment from the wired signals, reports physical fingerprint information to a safety rule matching unit, and simultaneously transmits the wired signals to a wired network interface unit;
step three: the wired signal is converted into a link layer data packet through the physical layer protocol analysis of the wired network interface unit and transmitted to the safety rule matching unit;
meanwhile, the internal network interface unit transmits a link layer data packet sent by the internal network to the safety rule matching unit;
step four: the safety rule matching unit identifies the wired equipment currently connected through the network connecting line according to the physical fingerprint information extracted by the wired equipment physical fingerprint extraction unit, and records the physical fingerprint characteristics of the currently connected equipment;
the security rule matching unit checks the physical fingerprint of the wired equipment reported by the physical fingerprint extraction unit of the wired equipment and the link layer identity of the wired equipment in the link layer data packet reported by the wired network interface, binds the physical fingerprint identity, and then matches the data packet bound with the physical fingerprint characteristics with the security rule prestored in the step one, so as to judge whether the link layer identity of the link layer data packet from the wired network interface is matched with the physical fingerprint of the equipment input in advance in the security rule, and if not, discards the link layer data packet; if the link layer data packets are matched with the internal network interface, the link layer data packets transmitted by the wired network interface unit are forwarded to the internal network interface;
the security rule matching unit stores the physical fingerprint characteristics of the wired equipment reported by the physical fingerprint extraction unit of the wired equipment, and marks the physical fingerprint characteristics as the physical fingerprint of the currently connected wired equipment; and finally, the security rule matching unit judges whether the physical fingerprint of the legal device bound by the link layer data packet is matched with the physical fingerprint of the currently connected device, if not, the link layer data packet is discarded, otherwise, the link layer data packet transmitted by the internal network interface unit is transmitted to the existing network interface unit.
Preferably, the determination in the fourth step further includes whether the network layer address, the transport layer port and the application layer identifier included in the link layer data payload from the wired network interface and the internal network interface match the device physical fingerprint previously entered in the security rule.
Has the advantages that: the system and the method can add a set of system at the access end on the basis of not changing the structure of the original wired network access system, extract the physical fingerprint characteristics in wired signals, and improve the traditional security rule based on link layer identification into the security rule containing two tuples of physical fingerprint-link layer identification, even containing a plurality of tuples of physical fingerprint-link layer identification, network layer address, transmission layer port and application layer identification, thereby not only avoiding the random counterfeiting of the link layer identification, but also avoiding the reconstruction of the original system, the wired network access unit and the internal network access unit can completely use the equipment in the existing network without reconstruction, and the physical fingerprint characteristics and the identification information of the wired equipment are utilized to carry out the identity authentication on the wired equipment accessed into the internal network, therefore, the security of the network system is enhanced, and the method is suitable for the related technology based on physical layer security and the related technology of traditional network security.
Drawings
FIG. 1 is a system diagram of a wired network access security system based on device physical fingerprint characteristics;
FIG. 2 is a process flow diagram of a method for securing wired network access based on physical fingerprint characteristics of a device;
FIG. 3 is a flow chart of physical fingerprint feature extraction and device identity resolution of a wired network access security protection method based on device physical fingerprint features;
FIG. 4 is a flow chart of security rule matching from a wired network to an internal network of a wired network access security protection method based on device physical fingerprint characteristics;
fig. 5 is a flow chart of security rule matching from an internal network to a wired network of a wired network access security protection method based on device physical fingerprint characteristics.
Detailed Description
The invention is further described with reference to the following figures and specific examples.
As shown in fig. 1, the wired network access security protection system based on the device physical fingerprint features includes a wired device physical fingerprint extraction unit, a wired network interface unit, an internal network interface unit, and a security rule matching unit; the wired equipment physical fingerprint extraction unit, the wired network interface unit and the safety rule matching unit are connected, and the signal transmission direction is from the wired equipment physical fingerprint extraction unit to the wired network interface unit and from the wired equipment physical fingerprint extraction unit to the safety rule matching unit; the wired network interface unit and the internal network interface unit are connected with the safety rule matching unit, and signals between the wired network interface unit and the safety rule matching unit and between the internal network interface unit and the safety rule matching unit are transmitted in two directions;
the wired device physical fingerprint extraction unit comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, and the processor realizes the following steps when executing the program: extracting physical fingerprint characteristics of wired equipment from wired signals on a network connecting line;
the safety rule matching unit comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, and the processor executes the program to realize that: and storing and matching security rules, wherein the security rules comprise the binding relationship between the link layer identity, the network layer address, the port number of the transmission layer and the application layer identity and the physical fingerprint of the wired equipment.
As shown in fig. 2, the wired network access security protection method based on the device physical fingerprint features specifically includes the following steps:
the method comprises the steps that safety rules are input into a safety rule matching unit in advance, wherein the safety rules comprise link layer identity marks, network layer addresses, transmission layer port numbers and binding relations between application layer identity marks and physical fingerprints of wired equipment; the method comprises the steps that wired signals on a current network connecting line are received, a wired equipment physical fingerprint extraction unit scans physical characteristics of the wired signals on the current network connecting line, extracts physical fingerprints of wired equipment from the wired signals, reports physical fingerprint information to a safety rule matching unit, and simultaneously transmits the wired signals to a wired network interface unit; the wired network interface unit processes the wired signal generated by the sending equipment according to a general mode and transmits the received link layer data packet to the safety rule matching unit; the internal network interface unit processes the internal network data according to a general mode and reports the received link layer data packet to the security rule matching unit; the safety rule matching unit carries out rule matching of the physical fingerprints, the link layer identity identifiers, the network layer addresses, the transmission layer ports and the application layer identity identifiers on the data reported by the wired equipment physical fingerprint extraction unit, the wired network interface unit and the internal network interface unit according to preset rules, if data conflicting with the rules are found, the link layer data packets are discarded, and otherwise, the data packets between the internal network interface unit and the wired network interface unit are forwarded directly.
Hereinafter, a detailed description will be made of a physical fingerprint feature extraction flow, a security rule matching flow from a wired network to an internal network, and a security rule matching flow from an internal network to a wired network, respectively.
1. Physical fingerprint feature extraction process
The physical fingerprint feature extraction and device identity resolution process of the wired network access security protection method based on the device physical fingerprint features is shown in fig. 3. When the physical fingerprint extraction unit of the wired equipment extracts signals, effective physical characteristics of the signals transmitted on the network connecting line are firstly scanned, then the influence of the network connecting line channel is removed, the physical fingerprint characteristics of the transmitting equipment are extracted, finally the security rule matching unit is reported, and meanwhile, the wired signals are transmitted to the wired network interface unit.
2. Security rule matching flow from wired network to internal network
The security rule matching process from the wired network to the internal network of the wired network access security protection method based on the physical fingerprint features of the device is shown in fig. 4. Firstly, the physical fingerprint extraction unit of the wired equipment extracts the physical fingerprint characteristics of the equipment and transmits the wired signal to the wired network interface unit. The wired network interface analyzes and receives wired signals according to a general program and forwards received link layer data packets to the security rule matching module. Then, the security rule matching unit checks the physical fingerprint of the wired device reported by the physical fingerprint extraction unit of the wired device and the identification of the link layer of the wired device in the link layer packet reported by the wired network interface, binding is carried out, then the data packet bound with the fingerprint characteristics is matched with the pre-stored safety rules, thereby determining whether the link layer identification of the link layer packet from the wired network interface (including the network layer address, transport layer port and application layer id included in the link layer data payload if the link layer (and network layer, transport layer, application layer) data payload is not encrypted or can be decrypted by the system) matches the device physical fingerprint previously entered in the security rules, if not, the link layer data packet is discarded, otherwise, the link layer data packet is forwarded to the internal network interface.
3. Security rule matching process from internal network to wired network
The security rule matching process from the internal network to the wired network of the wired network access security protection method based on the physical fingerprint features of the device is shown in fig. 5. Firstly, the physical fingerprint extraction unit of the wired equipment extracts the physical fingerprint characteristics of the equipment and transmits the physical fingerprint characteristics to the security rule matching unit. Synchronously, the internal network interface receives the link layer data packet according to a common program and forwards the link layer data packet to the security rule matching module. And then, the security rule matching unit stores the physical fingerprint characteristics of the wired equipment reported by the physical fingerprint extraction unit of the wired equipment, and marks the physical fingerprint characteristics as the physical fingerprint of the currently connected wired equipment. Synchronously, the security rule matching unit matches the link layer data packet reported by the internal network interface unit with the pre-stored security rule (including the legal link layer identity, the network layer address, the transport layer port and the application layer identity identifier), so as to obtain the physical fingerprint characteristics of the legal wired device pre-stored in the security rule, and bind with the link layer data packet reported by the internal network interface unit. And finally, the security rule matching unit judges whether the physical fingerprints of the legal equipment bound by the link layer data packet are matched with the physical fingerprints of the equipment connected currently, if not, the link layer data packet is discarded, otherwise, the link layer data packet is forwarded to a network interface.
The above description is only of the preferred embodiments of the present invention, and it should be noted that: it will be apparent to those skilled in the art that modifications and refinements may be made without departing from the principles of the present invention, and in particular, the selection of the specific technique used for extracting the physical fingerprint features (e.g., the selection of different physical fingerprint features and the extraction means for changing the physical fingerprint for different network connection line materials such as twisted pair, coaxial cable, optical fiber, etc.) and the adaptation of the specific wired network communication protocol and version (including but not limited to 802.3 protocol, 802.4 protocol, 802.5 protocol, RS232 protocol, RS485 protocol, CAN bus protocol, etc.) may be made without affecting the overall architecture of the present invention, and thus, such changes, modifications and refinements should be considered as the scope of the present invention.
Claims (6)
1. A wired network access safety protection system based on equipment physical fingerprint characteristics is characterized by comprising a wired equipment physical fingerprint extraction unit, a wired network interface unit, an internal network interface unit and a safety rule matching unit; the wired equipment physical fingerprint extraction unit, the wired network interface unit and the safety rule matching unit are connected, and the signal transmission direction is from the wired equipment physical fingerprint extraction unit to the wired network interface unit and from the wired equipment physical fingerprint extraction unit to the safety rule matching unit; the wired network interface unit and the internal network interface unit are connected with the safety rule matching unit, and signals between the wired network interface unit and the safety rule matching unit and between the internal network interface unit and the safety rule matching unit are transmitted in two directions;
the wired device physical fingerprint extraction unit comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, and the processor realizes the following steps when executing the program: extracting physical fingerprint characteristics of wired equipment from wired signals on a network connecting line;
the safety rule matching unit comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, and the processor executes the program to realize that: storing and matching security rules, wherein the security rules comprise link layer identity marks, network layer addresses, port numbers of a transmission layer and binding relations between application layer identity marks and physical fingerprints of the wired equipment; the safety rule matching unit is used for checking and binding the physical fingerprint of the wired equipment reported by the physical fingerprint extraction unit of the wired equipment and the link layer identity of the wired equipment in the link layer data packet reported by the wired network interface, and then matching the data packet bound with the physical fingerprint characteristics with the safety rule prestored by the safety rule matching unit so as to judge whether the link layer identity of the link layer data packet from the wired network interface is matched with the equipment physical fingerprint input in advance in the safety rule or not, and if not, discarding the link layer data packet; if the link layer data packets are matched with the internal network interface, the link layer data packets transmitted by the wired network interface unit are forwarded to the internal network interface; storing the physical fingerprint characteristics of the wired equipment reported by the physical fingerprint extraction unit of the wired equipment, and marking the physical fingerprint characteristics as the physical fingerprint of the currently connected wired equipment; and finally, the security rule matching unit judges whether the physical fingerprint of the legal device bound by the link layer packet is matched with the physical fingerprint of the currently connected device, if not, the link layer packet is discarded, otherwise, the link layer packet transmitted by the internal network interface unit is forwarded to the wired network interface unit.
2. The wired network access security system based on the device physical fingerprint characteristics of claim 1, wherein the security rule matching unit is configured to determine the validity of the data input from the wired network interface unit according to the stored security rule, the wired device physical fingerprint input from the wired device physical fingerprint extraction unit, and the link layer id in the link layer packet input from the wired network interface unit.
3. The system of claim 2, further comprising a network layer address, a transport layer port and an application layer id included in a link layer data payload inputted from the wired network interface unit according to the stored security rules to determine the validity of the data inputted from the wired network interface unit.
4. The wired network access security protection system based on the device physical fingerprint characteristics according to any one of claims 1 to 3, wherein the security rule matching unit is configured to determine validity of data input from the internal network interface unit, that is, data to be forwarded to the wired network interface unit, according to a binding relationship between a link layer identifier, a network layer address, a transport layer port number, and an application layer identifier in the security rule and the wired device physical fingerprint.
5. A wired network access security protection method based on device physical fingerprint characteristics is characterized by comprising the following steps:
the method comprises the following steps: the method comprises the steps that safety rules are input into a safety rule matching unit in advance, wherein the safety rules comprise link layer identity marks, network layer addresses, transmission layer port numbers and binding relations between application layer identity marks and physical fingerprints of wired equipment;
step two: the method comprises the steps that wired signals on a current network connecting line are received, a wired equipment physical fingerprint extraction unit scans physical characteristics of the wired signals, extracts physical fingerprints of wired equipment from the wired signals, reports physical fingerprint information to a safety rule matching unit, and simultaneously transmits the wired signals to a wired network interface unit;
step three: the wired signal is converted into a link layer data packet through the physical layer protocol analysis of the wired network interface unit and transmitted to the safety rule matching unit;
meanwhile, the internal network interface unit transmits a link layer data packet sent by the internal network to the safety rule matching unit;
step four: the safety rule matching unit identifies the wired equipment currently connected through the network connecting line according to the physical fingerprint information extracted by the wired equipment physical fingerprint extraction unit, and records the physical fingerprint characteristics of the currently connected equipment;
the security rule matching unit checks the physical fingerprint of the wired equipment reported by the physical fingerprint extraction unit of the wired equipment and the link layer identity of the wired equipment in the link layer data packet reported by the wired network interface, binds the physical fingerprint identity, and then matches the data packet bound with the physical fingerprint characteristics with the security rule prestored in the step one, so as to judge whether the link layer identity of the link layer data packet from the wired network interface is matched with the physical fingerprint of the equipment input in advance in the security rule, and if not, discards the link layer data packet; if the link layer data packets are matched with the internal network interface, the link layer data packets transmitted by the wired network interface unit are forwarded to the internal network interface;
the security rule matching unit stores the physical fingerprint characteristics of the wired equipment reported by the physical fingerprint extraction unit of the wired equipment, and marks the physical fingerprint characteristics as the physical fingerprint of the currently connected wired equipment; and finally, the security rule matching unit judges whether the physical fingerprint of the legal device bound by the link layer data packet is matched with the physical fingerprint of the currently connected device, if not, the link layer data packet is discarded, otherwise, the link layer data packet transmitted by the internal network interface unit is transmitted to the wired network interface unit.
6. The method for securing wired network access based on device physical fingerprint characteristics according to claim 5, wherein the determination in step three further comprises determining whether the network layer address, the transport layer port and the application layer id contained in the link layer data payload from the wired network interface and the internal network interface match the device physical fingerprint previously entered in the security rules.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810223027.5A CN108449339B (en) | 2018-03-16 | 2018-03-16 | Wired network access security protection system and method based on device physical fingerprint characteristics |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810223027.5A CN108449339B (en) | 2018-03-16 | 2018-03-16 | Wired network access security protection system and method based on device physical fingerprint characteristics |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108449339A CN108449339A (en) | 2018-08-24 |
| CN108449339B true CN108449339B (en) | 2020-07-31 |
Family
ID=63194989
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810223027.5A Active CN108449339B (en) | 2018-03-16 | 2018-03-16 | Wired network access security protection system and method based on device physical fingerprint characteristics |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108449339B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109257378A (en) * | 2018-11-05 | 2019-01-22 | 杭州安恒信息技术股份有限公司 | A kind of quick identification environment of internet of things illegally accesses the method and system of assets |
| CN109889487B (en) * | 2018-12-29 | 2021-11-12 | 奇安信科技集团股份有限公司 | Processing method and device for external equipment access terminal |
| CN112055358A (en) * | 2020-09-10 | 2020-12-08 | 国网江苏省电力有限公司信息通信分公司 | WIFI network security access method based on radio frequency fingerprint |
| CN112953928A (en) * | 2020-12-30 | 2021-06-11 | 山东鲁能软件技术有限公司 | Network security protection system and method for video monitoring front-end equipment |
| CN112910917B (en) * | 2021-02-25 | 2023-04-07 | 深信服科技股份有限公司 | Network isolation method, device, equipment and readable storage medium |
| CN114826327B (en) * | 2022-03-28 | 2023-09-22 | 南京东科优信网络安全技术研究院有限公司 | Ethernet terminal equipment signal separation method based on twisted pair characteristics |
| CN115081628B (en) * | 2022-08-15 | 2022-12-09 | 浙江大华技术股份有限公司 | Method and device for determining adaptation degree of deep learning model |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104392161A (en) * | 2014-09-25 | 2015-03-04 | 电子科技大学 | Equipment certification based on audio physical fingerprint under variable pitch condition |
| EP2865159A1 (en) * | 2012-10-04 | 2015-04-29 | Siemens Aktiengesellschaft | Apparatus and method for transmitting data |
| CN107070949A (en) * | 2017-05-24 | 2017-08-18 | 江苏大学 | A kind of vehicle-mounted net Lightweight Identify Authentication Protocol Design Method based on device-fingerprint |
| CN107368732A (en) * | 2017-07-14 | 2017-11-21 | 南京安璞信息技术有限公司 | A kind of object recognition and detection system and method based on equipment physical fingerprint feature |
| CN107612949A (en) * | 2017-11-13 | 2018-01-19 | 电子科技大学 | A kind of intelligent wireless terminal access authentication method and system based on radio-frequency fingerprint |
-
2018
- 2018-03-16 CN CN201810223027.5A patent/CN108449339B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2865159A1 (en) * | 2012-10-04 | 2015-04-29 | Siemens Aktiengesellschaft | Apparatus and method for transmitting data |
| CN104392161A (en) * | 2014-09-25 | 2015-03-04 | 电子科技大学 | Equipment certification based on audio physical fingerprint under variable pitch condition |
| CN107070949A (en) * | 2017-05-24 | 2017-08-18 | 江苏大学 | A kind of vehicle-mounted net Lightweight Identify Authentication Protocol Design Method based on device-fingerprint |
| CN107368732A (en) * | 2017-07-14 | 2017-11-21 | 南京安璞信息技术有限公司 | A kind of object recognition and detection system and method based on equipment physical fingerprint feature |
| CN107612949A (en) * | 2017-11-13 | 2018-01-19 | 电子科技大学 | A kind of intelligent wireless terminal access authentication method and system based on radio-frequency fingerprint |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108449339A (en) | 2018-08-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108449339B (en) | Wired network access security protection system and method based on device physical fingerprint characteristics | |
| CN108551674B (en) | Wireless network access safety protection system and method based on device physical fingerprint characteristics | |
| KR101095447B1 (en) | Apparatus and method for preventing distributed denial of service attack | |
| CN110661680B (en) | Method and system for detecting data stream white list based on regular expression | |
| US10691631B2 (en) | Broadcast bus frame filter | |
| WO2007017878A4 (en) | Extended one-time password method and apparatus | |
| CN111431927A (en) | Network device and network system | |
| KR101907770B1 (en) | Communication protocol testing method, and tested device and testing platform thereof | |
| CN107979615B (en) | Message encryption sending and authentication method, device, client and firewall | |
| NO316150B1 (en) | Method, apparatus and device for encrypting message between interconnected networks | |
| US11063908B2 (en) | On-vehicle communication device, communication control method, and communication control program | |
| CN116471109B (en) | Data transmission method, system, first end and control equipment | |
| CN106327637A (en) | Bluetooth door opening system based on community management and method | |
| CN103281189A (en) | Light weight class safe protocol certification system and method for radio frequency identification equipment | |
| Choi et al. | An enhanced method for reverse engineering CAN data payload | |
| CN111614731B (en) | Method and system for accessing block chain to Internet of things equipment, aggregation gateway and storage medium | |
| CN109936566B (en) | Data transmission method, system and device and computer readable storage medium | |
| CN111756716A (en) | Flow detection method and device and computer readable storage medium | |
| RU2307392C1 (en) | Method (variants) for protecting computer networks | |
| US9241048B2 (en) | Mechanism for processing network event protocol messages | |
| CN103108316A (en) | Authentication method, device and system for aerial card writing | |
| US11671437B2 (en) | Network traffic analysis | |
| Mokhadder et al. | Evaluation of vehicle system performance of an SAE J1939-91C network security implementation | |
| CN101162995B (en) | Communication system and communication method of chaos safety information internet transmission | |
| AU2021221217A1 (en) | Improved packet transfer |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |