CN103684912B - Sensor network safety testing method and system - Google Patents
Sensor network safety testing method and system Download PDFInfo
- Publication number
- CN103684912B CN103684912B CN201310654199.5A CN201310654199A CN103684912B CN 103684912 B CN103684912 B CN 103684912B CN 201310654199 A CN201310654199 A CN 201310654199A CN 103684912 B CN103684912 B CN 103684912B
- Authority
- CN
- China
- Prior art keywords
- test
- equipment
- safety
- network
- command
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 20
- 238000009781 safety test method Methods 0.000 title abstract 2
- 238000012360 testing method Methods 0.000 claims abstract description 454
- 238000011076 safety test Methods 0.000 claims abstract description 66
- 230000004044 response Effects 0.000 claims abstract description 34
- 230000003993 interaction Effects 0.000 claims abstract description 7
- 238000004458 analytical method Methods 0.000 claims description 28
- 230000005540 biological transmission Effects 0.000 claims description 7
- 238000005265 energy consumption Methods 0.000 claims description 7
- 238000012790 confirmation Methods 0.000 claims description 5
- 230000008676 import Effects 0.000 claims description 5
- 238000004364 calculation method Methods 0.000 claims description 3
- 238000005259 measurement Methods 0.000 claims description 3
- 241000208340 Araliaceae Species 0.000 claims description 2
- 235000005035 Panax pseudoginseng ssp. pseudoginseng Nutrition 0.000 claims description 2
- 235000003140 Panax quinquefolius Nutrition 0.000 claims description 2
- 238000001514 detection method Methods 0.000 claims description 2
- 235000008434 ginseng Nutrition 0.000 claims description 2
- 230000009897 systematic effect Effects 0.000 claims description 2
- 238000009863 impact test Methods 0.000 claims 1
- 230000006870 function Effects 0.000 abstract description 38
- 230000008569 process Effects 0.000 abstract description 7
- 238000010998 test method Methods 0.000 abstract description 6
- 238000005516 engineering process Methods 0.000 description 6
- 230000006855 networking Effects 0.000 description 6
- 230000007246 mechanism Effects 0.000 description 3
- 230000016571 aggressive behavior Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 230000007123 defense Effects 0.000 description 2
- 238000012956 testing procedure Methods 0.000 description 2
- 206010001488 Aggression Diseases 0.000 description 1
- 241000196324 Embryophyta Species 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000015572 biosynthetic process Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000003745 diagnosis Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000003012 network analysis Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 238000007639 printing Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Abstract
The invention provides a sensor network security test method and a system, wherein standard test equipment stimulates tested equipment, and an attack node is simulated to send a message to attack a network; the response of the tested device is used as a judgment condition for judging whether the tested device has an expected safety function and whether the implementation mode is correct or not; the safety test server generates a test case set for safety test, test case information is imported, the test client serves as a man-machine interaction interface, a safety test entrance is provided for the system, and the test case set and the consistency test reference standard specification of the system are confirmed. The safety test method of the system comprises safety function and safety consistency test, provides a reliable test method for the safety of the sensor network, and is used for testing the safety functions of the sensor network, including key management, network access authentication, access control, data encryption and the like; and verifying whether the safety function implementation process of the sensor network meets the expected requirement.
Description
Technical field
The present invention relates to a kind of Sensor Network safety detecting method and system, belong to Sensor Network measuring technology and network information peace
Full interleaving techniques application field.
Background technology
With developing rapidly for sensor technology and radio network technique, sensor network is used as emerging next generation's sensing
Net, has broad application prospects, and is a very active at present field.Sensor Network is in number of nodes, node composition, networking
The aspects such as mode, application field are clearly distinguishable from the legacy network form such as internet, mobile ad hoc network, with salient feature,
Oneself turns into the hot fields that researcher and industrial circle are paid close attention at present.Sense study hotspot of the network technology as current information field
One of and the key technology of Internet of Things, in national defense and military, environmental monitoring, traffic administration, medical treatment & health, the field such as industry and commerce service
There is extensive development prospect.
With the extensive use of Sensor Network, its security also obtains very big concern, and network security performance determines application
Exploitativeness.Security service has immeasurable effect in Sensor Network, is one natural cover for defense of Sensor Network.Therefore, it is right
Whether Sensor Network deploys security service and anti-attack ability is tested, and whether the network equipment is entered with secure communication capabilities
Row is tested, and is the basis that Sensor Network realizes safety applications.According to relevant criterion, such as IEEE802.15.4, WIA-PA, ISA100,
The specifications such as the sensor network security universal standard, realize that step and implementation are carried out effectively to Sensor Network function with high safety
Ground uniformity test, is that the service of Sensor Network associated safety and safety applications can realize the basis that interoperates and interconnect.Cause
This, Patent design of the present invention a kind of Sensor Network method of testing and system, including security function and safety compliance test two kinds
Method of testing, realizes the safety test to Sensor Network, for its application implementation provides reliable safety guarantee.
The content of the invention
The present invention proposes a kind of Sensor Network peace for above mentioned problem present in prior art Sensor Network safety test technology
Full method of testing and system, the system are used to verify whether the security function of equipment under test to meet expected requirement and safe work(
Can realize whether step and mode are consistent with the testing standard of selection, so that it is determined that equipment under test realizes the correctness of security function
And integrality.
The present invention proposes a kind of Sensor Network safety test system, standard test equipment served as in test network telegon,
Router, terminal device role, standard test equipment enter row energization to equipment under test, transmitted test server test order and upper
Pass response message to testing service device;Protocol analyzer captures the packet in test network and is sent to host computer in real time, on
Position machine is analyzed to packet;The transmission message of simulated strike node not timing, for attacking network;Equipment under test
Perform test command and make respective response, whether the response of equipment under test has expected security function and realization as it
The whether correct decision condition of mode;Safety test server generates the test use cases of safety test, and imports corresponding survey
Example information on probation, test client, for system provides safety test entrance, confirms the test of system as the interface of man-machine interaction
Set of uses case and uniformity test normative reference specification.
Wherein, protocol analyzer detection one channel of 433MHz frequency ranges, 470MHz frequency ranges channel, a 780MHz frequently
The wireless data message of section 16 channels of 4 channels and 2.4GHz frequency ranges.The information and mark of server storage safety test use-case
Accurate test specification collection, and for test client provides inquiry and newly-increased test case interface, increase the scalability of system.If
Equipment under test is terminal device, then standard test equipment is configured to router;If equipment under test is router, standard testing sets
It is standby to be configured to telegon.Standard test equipment excites equipment under test, and carrying out test to the security function of equipment under test specifically includes:
After standard test equipment is connected to test command, the short address in order asks to short address equipment under test transmission test is distributed
Ask order;Equipment under test tectonic knot test function, parses test-request command, while test respond request function is constructed, to
Standard test equipment sends test respond request;After standard test equipment receives test respond request, safety test life is issued
Order, and reply equipment under test exact p-value order;After equipment under test receives confirmation order, the identifier of test command is analyzed, held
The corresponding security functional testing use-case of row identifier;The test response command that test equipment forwarding is received gives safety test service
Device.
The present invention also proposes a kind of Sensor Network safety detecting method, it is characterised in that:Standard test equipment sets according to tested
Into different roles, protocol analyzer captures the packet in test network and is sent to host computer standby type configuration in real time,
Host computer is analyzed to packet;The transmission message of simulated strike node not timing, for attacking network;It is tested to set
Standby to perform test command and make respective response, whether the response of equipment under test has expected security function and reality as it
The whether correct decision condition of existing mode;Safety test server generates the test use cases of safety test, and imports corresponding
Test case information, test client, for system provides safety test entrance, confirms the survey of system as the interface of man-machine interaction
Examination set of uses case and uniformity test normative reference specification.
If equipment under test is terminal device, standard test equipment is configured to router;If equipment under test is router,
Standard test equipment is configured to telegon.Equipment under test is excited by standard test equipment, the security function to equipment under test is entered
Row test is specifically included:After standard test equipment is connected to test command, the short address in order is to the distribution short address quilt
Measurement equipment sends test-request command;Equipment under test tectonic knot test function, parses test-request command, while constructing test
Respond request function, test respond request is sent to standard test equipment;After standard test equipment receives test respond request,
Safety test order is issued, and replys equipment under test exact p-value order;After equipment under test receives confirmation order, analysis test life
The identifier of order, performs the corresponding security functional testing use-case of identifier;The test response command that test equipment forwarding is received
Give safety test server.All channel safety analysis instrument captures the packet of network, obtains the under fire forward and backward inclusive of network
Energy parameter, distinguishes calculating network under fire front and rear performance parameter difference, according to formula:The performance of S=parameter differences/under fire preceding
Parameter, calculating parameter percentage S, if having two or more parameter percentages more than or equal to threshold value, mark network
Anti-attack ability is weak, and otherwise, network has stronger attack tolerant.Equipment under test has the security function to be tested, then give
Test equipment replys a positive response command;Equipment under test does not have the security function to be tested, will give test equipment one
Individual Negative Acknowledgment order.
The present invention has following advantage compared with prior art:
Whether can realize that security function is verified to Sensor Network equipment;Attack tolerant test can verify that system is attacked in difference
Security performance under hitting;Safety compliance test can verify that whether the application solutions of equipment meet normal process;Present system
Standard test equipment be configurable to different role, different test environments can be met;Present system can both carry out this
Ground logs in test, it is also possible to which Telnet is tested, with very big flexibility and versatility;The safety test clothes of present system
Business device provides multiple interfaces, and system has scalability.
Brief description of the drawings
Fig. 1 Sensor Network safety test system global structure figures of the present invention.
Fig. 2 Sensor Network safety test block schematic illustrations of the present invention.
Fig. 3 security functional testing method flow schematic diagrams.
The test structure figure of Fig. 4 uniformity tests situation 1
The test structure figure of Fig. 5 uniformity tests situation 2
The test structure figure of Fig. 6 uniformity tests situation 3
The test command collection of Fig. 7 uniformity tests forms flow chart
The organization chart of Fig. 8 safety test server storage test cases
Specific embodiment
In order to protrude system of the invention the advantage and safety detecting method that carry out remote testing and local test and
The real-time and versatility of safety compliance method of testing, are preferable to carry out case and the present invention are retouched in detail below in conjunction with accompanying drawing
State.
A kind of Sensor Network safety test system architecture is as shown in figure 1, system is by head end test network and back end test service
Platform is constituted.Head end test network includes safety test equipment, simulated strike node and equipment under test.Safety test equipment includes
Standard test equipment and all channel safety analysis instrument, equipment under test include tested telegon, tested route and measured terminal equipment.
Back end test service platform by test client, safety test server group into.
1) standard test equipment serves as telegon, router, terminal device role, specific role's distribution in test network
Determined according to equipment under test type;Standard test equipment enters row energization, transmitted test server test order to equipment under test
With upload response message to testing service device.
2) all channel safety analysis instrument is made up of all channel protocol analyzer and host computer, and protocol analyzer captures survey in real time
Try the packet in network and be sent to host computer, host computer is analyzed to packet.Protocol analyzer can detect 433MHz
16 channels of one channel of frequency range, a channel of 470MHz frequency ranges, 4 channels of 780MHz frequency ranges and 2.4GHz frequency ranges
Wireless data message.Safety analysis instrument can provide the functions such as protocol-decoding, Performance Evaluation, network analysis, fault diagnosis.
3) simulated strike node is used to attack network, analog network under fire environment.The class of simulated strike node
Type has Dos to attack, Replay Attack, Hello extensive aggressions etc..Under attack context, system utilizes all channel safety analysis instrument logarithm
It is acquired according to bag and network performance of the analysis system under with security function pattern, it is therefore an objective to the attack resistance of test network
Property.
4) equipment under test can be one of which including tested telegon, test router, measured terminal equipment etc.,
Can be several combinations, perform test command and make respective response.The response of equipment under test is expected as whether it has
The whether correct decision condition of the mode of security function and realization.
5) safety test server possesses the function of automatically analyzing data, automatically generates the test use cases of safety test,
And import corresponding test case information.The test information of server storage safety test use-case and the test specification collection of standard,
And for test client provides inquiry and newly-increased test case interface, increase the scalability of system.
6) test client, for system provides safety test entrance, confirms the test of system as the interface of man-machine interaction
Set of uses case and uniformity test normative reference specification.After the completion of system safety test, test result is inquired about from testing service device,
And generate test report, there is provided printing and preservation service.
The present invention also proposes a kind of Sensor Network safety detecting method, including security function and safety compliance test.Test
Framework is as shown in Fig. 2 security functional testing includes that networking authentication test, key management test, access control test, node differentiate
Test, data encryption test etc..Safety compliance test be detect security function realize step and mode whether with standard one
Cause.
Security functional testing method can be divided into following two situations,
1. equipment under test is excited by standard test equipment, to the security function of equipment under test(Networking certification, data add
It is close, access control, key management etc.)Tested, step is as shown in figure 3, specific features are as follows:
The test preparatory stage:
(1)System equipment is configured, and startup forms Sensor Network, after telegon is for router and node distribution short address,
Into state to be tested.Standard test equipment is according to the type configuration of equipment under test into different roles, if equipment under test is for eventually
End equipment, then standard test equipment be configured to router;If equipment under test is router, standard test equipment is configured to coordinate
Device.
(2)Test user selects safety test set of uses case, safety test server to receive and process by test client
Test use cases information.
Test starting and carry out the stage:
(1)Safety test server sends test command to standard test equipment, and test command form is as shown in table 1:
The test command form of table 1.
| Heading | Order length degree | Short address | Identifier |
| 2 byte | 1 byte | 2 byte | 1 byte |
Heading:2 bytes, for identifying the test command head.
Order length:1 byte, its value changes with order length change.
Short address:2 bytes, distinguish different equipment under tests.
Identifier:1 byte, the flag bit of test case, with uniqueness.
After standard test equipment is connected to test command, the short address in order is sent out to the short address equipment under test is distributed
Send test-request command;
(2)Equipment under test tectonic knot test function, parses test-request command, while constructing test respond request letter
Number, test respond request is sent to standard test equipment.Respond request includes equipment short address, it is therefore an objective to realize standard testing
Object-oriented between equipment and equipment under test is interacted;
(3)After standard test equipment receives test respond request, safety test order is issued, and it is true to reply equipment under test
Recognize test command;
(4)After equipment under test receives confirmation order, the identifier of test command is analyzed, perform the corresponding safe work(of identifier
Can test case.Equipment under test has the security function to be tested, then reply a positive response command to test equipment;It is tested
Equipment does not have the security function to be tested, will give one Negative Acknowledgment order of test equipment.The form of response command:
The response command format of table 2.
| Heading | Order length degree | Short address | Identifier | As a result flag bit |
| 2 byte | 1 byte | 2 byte | 1 byte | 1 byte |
Identifier:The identifier of test case response, it is different from test command identifier with uniqueness.
As a result flag bit:The decision condition of test result.01:Positive response;00:Negative Acknowledgment.
Perform the decision condition of test:
Key management:Can the key to equipment under test be read out, and update and set up.
Networking certification:The networking authentication code in equipment under test networking claim frame can be read.
Access control:Whether the accesses control list of equipment under test can be read.
Data encryption:Character string to random-length can be encrypted.
(5)The test response command that test equipment forwarding is received gives safety test server.
Response command is tested in the parsing of safety test server, and as a result flag bit is tested into for 01 test client shows
Work(, 00 display test crash.
Whether the security function for 2. being provided network by all channel safety analysis instrument and attack node has attack tolerant
Tested.Security function is tested the performance impact of system during system is realized, by all channel safety analysis instrument
The attack tolerant of Sensor Network is tested, the influence using the attack tolerant analysis security function of system to systematic function.In safe work(
The partial test can be carried out while partial test.All channel safety analysis instrument gathers network packet not under fire and sends
To host computer, host computer analytical calculation packet loss(Vpacket), energy consumption(Jenergy), propagation delay time(Tdelay)Taken with the network bandwidth
Rate(Bband)Performance parameter;In addition, the collection of all channel safety analysis instrument is subjected to the network packet after different type is attacked, analysis
Calculate packet loss(Vpacket′), energy consumption(Jenergy′), propagation delay time(TDelay′)With network bandwidth occupancy(Bband′)Performance is joined
Number;The packet that host computer analysis contrast is gathered twice determines whether system has attack tolerant.It is specific as follows:
The test preparatory stage:
Attack against each other beat time point and equipment under test is configured, and startup forms Sensor Network, into state to be tested.
Test starting and carry out the stage:
(1)Not actuated attack node:The packet of network, the letter in packet are captured with all channel safety analysis instrument
Mark frame, data frame, command frame and acknowledgement frame obtain the performance parameter of system:Packet loss(Vpacket), energy consumption(Jenergy), transmission when
Prolong(Tdelay)With network bandwidth occupancy(Bband).
For example:Packet loss(Vpacket):Lost data packets quantity and the ratio for sending packet sum in Sensor Network, typically
Not above 5%;Energy consumption(Jenergy):The consumption of Sensor Network plant capacity, maintenance equipment operation need to meet Jenergy>5%;During transmission
Prolong(Tdelay):Sensor Network slave unit service request(Tstart)Responded to respective service is sent(Tend)Time interval, Tdelay=
Tend-Tstart.Network bandwidth occupancy(Bband):Sensor Network network bandwidth utilization factor.
(2)Start and attack node:The packet of network is captured with all channel safety analysis instrument, after obtaining network under fire
Above-mentioned performance parameter:Packet loss(Vpacket′), energy consumption(Jenergy′), propagation delay time(TDelay′), network bandwidth occupancy
(Bband′).The difference of calculating network under fire front and rear performance parameter respectively,
V=Vpacket′-Vpacket
J=Jenergy′-Jenergy
T=TDelay′-Tdelay
B=Bband′-Bband
Test result and analysis phase:
| Parameter | State | Extensive aggression | Replay Attack | Dos is attacked |
| V | Rise | √ | ||
| J | Rise | √ | √ | |
| T | Rise | √ | √ | √ |
| B | Rise | √ | √ | √ |
√:Represent the existence attacked.For example:If V rises, then it represents that the attack type of appearance is Replay Attack.Most
Excellent attack threshold value can be 5%:
According to formula:The initial value of S=parameter differences/not actuated attack, calculating parameter percentage S
SV=V/Vpacket;SJ=J/Jenergy;ST=T/Tdelay;SB=B/Bband;
If SV, SJ, ST, SBIn have two or more performance parameter percentages more than or equal to threshold value, then identify network
Anti-attack ability it is weak, otherwise then represent network with stronger attack tolerant.
The method of the system invention safety compliance test is as follows:
The test preparatory stage:
The safety standard that tested mechanism's selection equipment under test meets, mechanism for testing according to standard configuration standard test equipment,
And in test client editor's test command collection and judgment basis, including test step command and test step judgment condition, startup sets
It is standby to enter state to be tested;
The test step is that each step that equipment under test security function is realized is tested, and verifies security function reality
Whether existing process is consistent with selected standard security implementation process.Each test step is rung by testing step command and test step
Should realize, be interdepended between test step, the execution of latter test step depends on the result of previous test step.
Test starting and carry out the stage:
Situation 1:When equipment under test is terminal node, starts standard test equipment 1,2 and equipment under test constitutes one simply
Sensor Network.Standard test equipment 1 is configured to telegon, and standard test equipment 2 is configured to router.As shown in figure 4, tested set
The standby node as router.Test user issues the test command collection for having editted, safety test clothes by test client
After business device reception processing order, router is directly forwarded to.After router realizes that object-oriented is interacted with node, start to perform survey
Try order.
Situation 2:As shown in figure 5, when equipment under test is router, standard test equipment 2 is configured to terminal device, used as road
By the node of device.Test user takes equipment is tested with the identical testing procedure of situation 1, but test step is different.
Situation 3:As shown in fig. 6, equipment under test is telegon, standard test equipment 1,2 is respectively configured as router and section
Point.Test user takes equipment is tested with the identical testing procedure of situation 1, but test step is different.
Test step is the main contents of safety compliance test, determines the data flow of test system, is uniformity test
Key.Formation flow chart such as Fig. 7 of test command collection:
The corresponding test case of different standards is different.When standard is identical, when equipment under test is different, test case is likely to
Difference, test client can provide different test cases according to the selection of test user.When test case determine, test step and
Test command collection also can mutually should determine that.Test step command format is as shown in table 3, similar with security functional testing command format, mark
Know symbol to be provided by client.
The response command format of table 3.
| Heading | Order length degree | Short address | Identifier | Additional character string |
| 2 byte | 1 byte | 2 byte | 1 byte | n byte |
Additional character string:N byte, is generated at random by client, for special case testing, such as data encryption, secrecy
Property etc. use-case test, other use-cases test do not need additional character string when, n is 0.
Judgment condition:According to the requirement of various criterion, to the application solutions step and the function of application solutions of equipment under test
Test one by one.Such as meet standard requirement, then return to test by response.Otherwise, test crash response is returned.
Test result and analysis phase:
If first test step court verdict is successfully, to proceed next test step, until selected use-case is surveyed
Examination terminates;If a judgement failure occurs in test step, the test case is immediately finished, and test result is sent to safety test
Server.Server is analyzed to test result, automatically generates a test report and is sent to test client, for user's ginseng
Examine.
Testing service device receives the test request of test user, needs test content generation ets (executive testing suite) to enter user
Row storage, and load and execution test related application, the survey for being connected backward appropriately processed to ets (executive testing suite) information
Examination equipment sends testing and control order.At the same time, testing service device has loaded data acquisition process, and test signal is carried out
Collection is tested remote testing object by network test equipment and is returned to test data, and testing service device is to these data
If carrying out dry-cure and being analyzed, by the storage of test execution result in testing service device, certain additional information generation is added
Test report.
Safety test case management mainly divides use-case to choose, use-case compiling, use case storage.It is according to Sensor Network that use-case is chosen
Safety test standard is provided by this test platform and refers to test case;Use-case compiling provides the user use-case compiling window, that is, use
Family is according to the information for oneself needing to write dependence test use-case;Use case storage is that security server chooses and use-case compiling use-case
Use-case information Store afterwards is to transfer test execution information after test starting.
The structure of security server storage test case is hierarchical structure, is divided into four levels:Test set, test group is surveyed
Example on probation, test step, as shown in Figure 8:
Test set:To one or more OSI(Open System Interconnection)Agreement carries out dynamic conformance
Test case full set needed for test, it may constitute the test group of nesting.
1)Test group;Corresponding to a test target of this agreement, can be comprising multiple test groups in a test set.
2)Test case:Corresponding to an a certain item function description for standard agreement, a test group is used by multiple test
Example composition.
3)Test step:One completion of test process needs to be initialized, transmitting-receiving message etc., and each action is exactly one
Individual test step, test step is the unit of minimum in test set, and a test case includes more than one test step.
Edit after test case, it is necessary to test case information is saved in server, so that next time calls.
After starting test, comprise the following steps that:
Step 1. mechanism for testing configuration standard test equipment and it is devices under, and startup optimization, equipment under test and standard
Test equipment forms a simple sensor network.
Step 2. test user registered into safety test webpage, and safety test system is logged in after registration.
After step 3. logs in safety test system, the executable abstract test suite of testing service device generation, in test use cases
Middle selection needs the security function of test.
Step 4. starts the safety test system testing page, issues security functional testing request command.Equipment under test is received
To after test-request command, safety test is performed, while capturing packet using Analysis of Security Protocols instrument, calculate every internetworking
Energy parameter, and result is uploaded to safety test server.
Step 5. safety test server is analyzed to test result and automatically generates test report, for test user carries
For referring to.
Claims (6)
1. a kind of Sensor Network safety test system, it is characterised in that:Standard test equipment serves as telegon, road in test network
By device, terminal device role, standard test equipment enters row energization to equipment under test, forwarding safety test server test order and
Upload response message to safety test server;Protocol analyzer detection one channel of 433MHz frequency ranges, 470MHz frequency ranges
One channel, the wireless data message of 16 channels of 4 channels of 780MHz frequency ranges and 2.4GHz frequency ranges, capture test network in real time
In data message and be sent to host computer, host computer is analyzed to data message;The not timing of simulated strike node sends report
Text, attacks network;Equipment under test performs test command and makes respective response, meanwhile, using Analysis of Security Protocols instrument
Crawl packet, calculates every network performance parameter, and result is uploaded into safety test server, and the response of equipment under test is made
For whether whether it has expected security function and the correct decision condition of implementation;Safety test server generation peace
Test use cases of full test, and import corresponding test case information, test client as man-machine interaction interface, to be
System provides safety test entrance, confirms the test use cases and uniformity test normative reference specification of system;If equipment under test is
Terminal device, then standard test equipment is configured to router, if equipment under test is router, standard test equipment is configured to association
Adjust device;Standard test equipment excites equipment under test, and carrying out test to the security function of equipment under test specifically includes:Standard testing sets
For after being connected to test command, the short address in order sends test-request command to the short address equipment under test is distributed;Quilt
Measurement equipment tectonic knot test function, parses test-request command, while constructing test respond request function, is set to standard testing
Preparation send test respond request;After standard test equipment receives test respond request, safety test order is issued, and reply quilt
Measurement equipment exact p-value order;After equipment under test receives confirmation order, the identifier of test command is analyzed, perform identifier correspondence
Security functional testing use-case;The test response command that test equipment forwarding is received gives safety test server;Safety test
Server to standard test equipment send test command, after standard test equipment is connected to test command, in order shortly
Location sends test-request command to the short address equipment under test is distributed, and equipment under test tectonic knot test function, parsing test is asked
Order is asked, while constructing test respond request function, test respond request is sent to standard test equipment, standard test equipment connects
After receiving test respond request, safety test order is issued, and reply equipment under test exact p-value order, equipment under test is received really
Accept one's fate after order, analyze the identifier of test command, perform the corresponding security functional testing use-case of identifier, test equipment forwarding connects
The test response command for receiving gives safety test server.
2. Sensor Network safety test system according to claim 1, it is characterised in that:Safety test server storage is surveyed safely
The test information of example on probation and the test specification collection of standard, and for test client provides inquiry and newly-increased test case interface.
3. a kind of Sensor Network safety detecting method, it is characterised in that:Standard test equipment according to the type configuration of equipment under test into
Different roles, protocol analyzer detects a channel, a channel of 470MHz frequency ranges, the 780MHz frequency ranges of 433MHz frequency ranges
The wireless data message of 16 channels of 4 channels and 2.4GHz frequency ranges, captures the packet in test network and is sent in real time
Host computer, host computer is analyzed to packet;The transmission message of simulated strike node not timing is attacked network;It is tested
Equipment performs test command and makes respective response, meanwhile, packet is captured using Analysis of Security Protocols instrument, calculate every network
Performance parameter, and result is uploaded to safety test server, whether the response of equipment under test has expected safety as it
Function and the whether correct decision condition of implementation, wherein, test is carried out to the security function of equipment under test and is specifically included:
After standard test equipment is connected to test command, the short address in test command sends survey to the short address equipment under test is distributed
Examination request command, equipment under test tectonic knot test function parses test-request command, while constructing test respond request letter
Number, test respond request is sent to standard test equipment, and respond request includes equipment short address, realize standard test equipment and
Object-oriented interaction between equipment under test;After standard test equipment receives test respond request, safety test order is issued,
And equipment under test exact p-value order is replied, and after equipment under test receives confirmation order, the identifier of test command is analyzed, perform mark
Know the corresponding security functional testing use-case of symbol, equipment under test has the security function to be tested, then reply one to test equipment
Individual positive response command;Equipment under test does not have the security function to be tested, will give one Negative Acknowledgment order of test equipment;Survey
The test response command that examination device forwards are received gives safety test server;Safety test server generates the survey of safety test
Examination set of uses case, and imports corresponding test case information, test client as man-machine interaction interface, for system is provided safely
Test access, confirms the test use cases and uniformity test normative reference specification of system;If equipment under test is terminal device,
Standard test equipment is configured to router;If equipment under test is router, standard test equipment is configured to telegon.
4. Sensor Network safety detecting method according to claim 3, it is characterised in that:Host computer is analyzed tool to packet
Body includes:All channel safety analysis instrument captures the packet of network, obtains the under fire forward and backward performance parameter of network, host computer
Calculating network under fire forward and backward performance parameter difference, according to formula:The performance parameter of S=parameter differences/under fire preceding, calculates ginseng
Number percentage, if having two or more parameter percentages more than or equal to threshold value, the anti-attack ability for identifying network is weak.
5. a kind of Sensor Network safety detecting method, it is characterised in that:Standard test equipment according to the type configuration of equipment under test into
Different roles, protocol analyzer detects a channel, a channel of 470MHz frequency ranges, the 780MHz frequency ranges of 433MHz frequency ranges
The wireless data message of 16 channels of 4 channels and 2.4GHz frequency ranges, captures the data message in test network and sends in real time
To host computer, host computer is analyzed to data message;The transmission message of simulated strike node not timing is attacked network;
Equipment under test performs test command and makes respective response, meanwhile, packet is captured using Analysis of Security Protocols instrument, calculate every
Network performance parameter, and result is uploaded into safety test server, it is expected whether the response of equipment under test has as it
Security function and the whether correct decision condition of implementation, wherein, the security function to equipment under test carries out testing specific
Including:Whether the security function that network is provided is surveyed with attack tolerant by all channel safety analysis instrument and attack node
Examination, the performance impact test to system, all channel safety analysis instrument tests the attack tolerant of Sensor Network, using the attack resistance of system
Property analysis influence of the security function to systematic function, all channel safety analysis instrument collection network packet not under fire simultaneously sends
To host computer, host computer analytical calculation packet loss, energy consumption, propagation delay timeWith network bandwidth occupancyPerformance parameter, in addition, the collection of all channel safety analysis instrument is subjected to the network packet after different type is attacked, analytical calculation
Packet loss, energy consumption, propagation delay timeWith network bandwidth occupancyPerformance parameter;Host computer is analyzed
The packet that contrast is gathered twice determines whether system has attack tolerant.
6. Sensor Network safety detecting method according to claim 5, it is characterised in that:In test client editor's test command
Collection and judgment basis include test step command and test step judgment condition, and each test step is by testing step command and test
Step response realizes, is interdepended between test step that the execution of latter test step depends on the result of previous test step.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310654199.5A CN103684912B (en) | 2013-12-06 | 2013-12-06 | Sensor network safety testing method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310654199.5A CN103684912B (en) | 2013-12-06 | 2013-12-06 | Sensor network safety testing method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103684912A CN103684912A (en) | 2014-03-26 |
| CN103684912B true CN103684912B (en) | 2017-05-24 |
Family
ID=50321291
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310654199.5A Active CN103684912B (en) | 2013-12-06 | 2013-12-06 | Sensor network safety testing method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103684912B (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104572458B (en) * | 2014-12-30 | 2017-05-24 | 北京工业大学 | Method for testing wireless sensor network system on basis of Wp (word processing) test case inductive sets |
| CN106154959A (en) * | 2015-04-02 | 2016-11-23 | 工业和信息化部计算机与微电子发展研究中心(中国软件评测中心) | A kind of method for detecting PLC Information Security in explosive production system |
| CN105162649B (en) * | 2015-08-04 | 2018-08-28 | 北京广利核系统工程有限公司 | For the test method and its system of npp safety grade network performance index |
| CN106936658A (en) * | 2015-12-30 | 2017-07-07 | 中兴通讯股份有限公司 | The method of testing and test platform of test case, simulation test equipment |
| CN107360061A (en) * | 2017-08-08 | 2017-11-17 | 上海斐讯数据通信技术有限公司 | A kind of attack test system and method for wireless router |
| CN107643979A (en) * | 2017-08-10 | 2018-01-30 | 浙江浙大列车智能化工程技术研究中心有限公司 | A kind of method for improving security of system |
| CN108111482A (en) * | 2017-11-24 | 2018-06-01 | 国网天津市电力公司电力科学研究院 | A kind of intelligent grid industrial control network safety test system and test method |
| CN108696713B (en) * | 2018-04-27 | 2021-08-24 | 苏州科达科技股份有限公司 | Code stream safety test method, device and test equipment |
| CN109284930A (en) * | 2018-09-28 | 2019-01-29 | 湖南省计量检测研究院 | A kind of assessment verifying system of high power electromechanical equipment data monitoring quality |
| CN115225552A (en) * | 2022-07-29 | 2022-10-21 | 重庆长安汽车股份有限公司 | Test method, device, equipment and medium for real-time publishing subscription protocol |
| CN115396348A (en) * | 2022-08-25 | 2022-11-25 | 北京智芯微电子科技有限公司 | Test system, method and computer readable storage medium for wireless sensor network |
| CN115514668A (en) * | 2022-09-20 | 2022-12-23 | 南京瀚联信息技术有限公司 | Application development testing device of edge gateway |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101808355A (en) * | 2009-12-28 | 2010-08-18 | 重庆邮电大学 | System and method for testing consistency of industrial wireless network protocol |
-
2013
- 2013-12-06 CN CN201310654199.5A patent/CN103684912B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101808355A (en) * | 2009-12-28 | 2010-08-18 | 重庆邮电大学 | System and method for testing consistency of industrial wireless network protocol |
Non-Patent Citations (2)
| Title |
|---|
| "低速无线传感器网络性能测试系统设计";向路,谢昊飞,肖华;《科技信息》;20130228(第5期);第129-130页 * |
| IDS评测方法及功能测试研究;翟羽佳;《中国优秀博硕士学位论文全文数据库 (硕士) 信息科技辑》;20061015(第10期);正文第11页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103684912A (en) | 2014-03-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103684912B (en) | Sensor network safety testing method and system | |
| Karagiannis et al. | Jamming attack detection in a pair of RF communicating vehicles using unsupervised machine learning | |
| CN111405470A (en) | System and method for tracking gathered people based on mobile phone positioning algorithm | |
| CN103701825A (en) | Security testing system oriented to mobile intelligent terminal IPv6 protocol and application of protocol | |
| CN102223267B (en) | IDS (intrusion detection system) detecting method and IDS detecting equipment | |
| CN103763695B (en) | Method for evaluating safety of internet of things | |
| CN108092854B (en) | Test method and device for train-level Ethernet equipment based on IEC61375 protocol | |
| Zhou et al. | Localized algorithm for precise boundary detection in 3D wireless networks | |
| CN103152341B (en) | The network security situation awareness emulation mode that a kind of actual situation combines and system | |
| CN103078769B (en) | A kind of system and method realizing equipment seamless access network simulator in kind | |
| CN104618919B (en) | Sensor network sensing node identifier resolution conformance test method | |
| CN110071829A (en) | DNS tunnel detection method, device and computer readable storage medium | |
| CN114374626B (en) | Router performance detection method under 5G network condition | |
| CN110267268A (en) | The recognition methods of pseudo-base station, apparatus and system | |
| CN106899978A (en) | A kind of wireless network attack localization method | |
| CN109428884A (en) | Communications protection device, control method and program | |
| CN106209837A (en) | ARP cheat detecting method and system | |
| CN104994109A (en) | Self-organizing network protocol security analysis method based on vulnerability attack | |
| CN101888296A (en) | Method, device, equipment and system for detecting shadow user | |
| Seth et al. | LDES: Detector design for version number attack detection using linear temporal logic based on discrete event system | |
| RU2472211C1 (en) | Method of protecting information computer networks from computer attacks | |
| CN110493254A (en) | Industrial Yunan County's overall evaluating method and device | |
| CN109040137A (en) | For detecting the method, apparatus and electronic equipment of man-in-the-middle attack | |
| Chen et al. | TSCD: a novel secure localization approach for wireless sensor networks | |
| CN109428862A (en) | A kind of method and apparatus detecting ARP attack in local area network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20190802 Address after: 400065 Chongwen Road, Nan'an District, Chongqing, No. 2 attached to No. 1 Patentee after: Wei Min Address before: 400065 Chongqing Nan'an District huangjuezhen pass Chongwen Road No. 2 Patentee before: Chongqing University of Posts and Telecommunications |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20191121 Address after: 4-4, No. 789, Jingwei Avenue, Yuzhong District, Chongqing Patentee after: Chongqing siaiwei intelligent IOT Technology Co.,Ltd. Address before: 400065 Chongwen Road, Nan'an District, Chongqing, No. 2 attached to No. 1 Patentee before: Wei Min |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200630 Address after: 4-3, No. 789 Jingwei Avenue, Yuzhong District, Chongqing, 400010 Patentee after: Chongqing Hollysys Intelligent Technology Co.,Ltd. Address before: 4-4, No. 789, Jingwei Avenue, Yuzhong District, Chongqing Patentee before: Chongqing siaiwei intelligent IOT Technology Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20210830 Address after: 400010 4-4, No. 789, Jingwei Avenue, Yuzhong District, Chongqing Patentee after: Chongqing siaiwei intelligent IOT Technology Co.,Ltd. Address before: 400010 4-3, No. 789, Jingwei Avenue, Yuzhong District, Chongqing Patentee before: Chongqing Hollysys Intelligent Technology Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220426 Address after: 400065 Chongwen Road, Nanshan Street, Nanan District, Chongqing Patentee after: CHONGQING University OF POSTS AND TELECOMMUNICATIONS Address before: 400010 4-4, No. 789, Jingwei Avenue, Yuzhong District, Chongqing Patentee before: Chongqing siaiwei intelligent IOT Technology Co.,Ltd. |
|
| TR01 | Transfer of patent right |