CN110213196B - Device and method for preventing replay attack, electronic device and storage medium - Google Patents
Device and method for preventing replay attack, electronic device and storage medium Download PDFInfo
- Publication number
- CN110213196B CN110213196B CN201810166981.5A CN201810166981A CN110213196B CN 110213196 B CN110213196 B CN 110213196B CN 201810166981 A CN201810166981 A CN 201810166981A CN 110213196 B CN110213196 B CN 110213196B
- Authority
- CN
- China
- Prior art keywords
- control
- time
- control object
- instruction
- sending
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a device and a method for preventing replay attack, an electronic device and a storage medium thereof. The method comprises the following steps: after the equipment receives the control instruction, the identity information of a control object sending the control instruction and the time of sending the control instruction by the control object are confirmed; inquiring the time of the control object corresponding to the identity information for sending the control instruction last time in a historical record; and responding to the received control instruction if the acquired time for sending the control instruction by the control object is later than the time for sending the control instruction last time. The invention judges whether the control instruction is legal or not by comparing the latest time when the equipment receives the control instruction with the latest time recorded before when the equipment receives the control instruction, thereby preventing replay attack, avoiding the requirement that the equipment has a time system, reducing the requirement on the equipment and having universality.
Description
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a device, a method for preventing replay attack, an electronic device, and a storage medium.
Background
The number of IoT (Internet of Things) devices has increased dramatically in recent years, by now exceeding the billions of levels in total worldwide. With the development of intelligence, the number of IoT devices will continue to grow, and with this class of devices, security issues are important. One important item in securing IoT devices is preventing replay attacks.
Replay Attacks (Replay Attacks) refer to an attacker sending a packet that a destination host has received to achieve the purpose of deceiving a system. Replay attacks may be performed by the initiator or by an adversary that intercepts and retransmits the data. The attacker steals the authentication credentials by using network monitoring or other methods, and then retransmits the authentication credentials to the authentication server.
At present, when the embedded device is used to prevent replay attack, the embedded device is generally required to have a Time system, and the device must also perform Time calibration with a control end device, the Time is subject to NTP (Network Time Protocol), the device starts to count Time after receiving a control instruction sent by the control end device, and other control instructions sent again by the control end device within an effective Time range (for example, 120 seconds) are determined as being Time-illegal, and belong to replay attack.
The above-mentioned manner for preventing replay attack has a high requirement for embedded devices, needs to have a time system and perform time calibration, cannot be applied to some embedded devices without a time system, and cannot effectively prevent replay attack.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a device capable of preventing replay attack regardless of whether the device has a time system, a method for preventing replay attack thereof, an electronic device and a storage medium, in order to overcome the defect that the existing way for preventing replay attack requires that an embedded device has a time system and performs time calibration, so that replay attack cannot be prevented for the embedded device without the time system.
The invention solves the technical problems through the following technical scheme:
a method of a device to prevent replay attacks, the method comprising:
after the equipment receives the control instruction, confirming the identity information of a control object sending the control instruction and the time for sending the control instruction by the control object;
in the history record, inquiring the time when the control object corresponding to the identity information sends the control instruction last time;
and responding to the received control instruction if the acquired time for sending the control instruction by the control object is later than the time for sending the control instruction last time.
Preferably, the method further comprises:
and when the time for sending the control command by the acquired control object is later than the time for sending the control command at the last time, recording the time for sending the control command by the acquired control object.
Preferably, the history record is stored in a control information table, and the control information table stores identity information of a control object having a control authority for the device and a time when a control instruction was last sent.
Preferably, the MAC address (physical address) of the control object is used as the identity information of the control object;
confirming identity information of a control object sending a control command, comprising: and reading the MAC address of the control object for sending the control command from the command message.
Preferably, information converted from the MAC address of the control object is used as the identity information of the control object;
confirming identity information of a control object sending a control command, comprising: and reading the MAC address of the control object sending the control instruction from the instruction message, and correspondingly converting the MAC address to obtain the identity information of the control object.
Preferably, the information converted from the MAC address of the control object includes: a numerical value obtained by calculating the MAC address of the control object through a HASH (HASH) algorithm;
confirming identity information of a control object sending a control command, comprising: and acquiring the MAC address of the control object for sending the control instruction from the instruction message, and calculating the MAC address through an HASH algorithm to obtain the identity information of the control object.
Preferably, the time when the control object sends the control instruction is determined by a time stamp in the instruction message.
Preferably, the control instruction is transmitted encrypted.
Preferably, the method further comprises:
and if the time of sending the control instruction by the control object corresponding to the identity information last time is not inquired in the history record, responding to the received control instruction and recording the acquired time of sending the control instruction by the control object.
An apparatus for preventing replay attacks, the apparatus comprising:
an instruction receiving unit for receiving a control instruction;
the information acquisition unit is used for confirming the identity information of a control object sending the control instruction and the time for the control object to send the control instruction after the instruction receiving unit receives the control instruction;
the record query unit is used for querying the time of the control object corresponding to the identity information which sends the control instruction last time in a historical record;
and the judgment response unit is used for responding to the received control instruction when the acquired time for sending the control instruction by the control object is later than the time for sending the control instruction last time.
Preferably, the judgment responding unit is further configured to record the acquired time for the control object to send the control instruction when the acquired time for the control object to send the control instruction is later than the time for sending the control instruction last time.
Preferably, the history record is stored in a control information table, and the control information table stores identity information of a control object having a control authority for the device and a time when a control instruction was last sent.
Preferably, the MAC address of the control object is used as the identity information of the control object;
and the information acquisition unit confirms the identity information of the control object sending the control command by reading the MAC address of the control object sending the control command from the command message.
Preferably, information obtained by MAC address conversion of the control object is used as the identity information of the control object;
the information acquisition unit reads the MAC address of the control object sending the control instruction from the instruction message, and correspondingly converts the MAC address to obtain the identity information of the control object.
Preferably, the information converted from the MAC address of the control object includes: the MAC address of the control object is subjected to a numerical value obtained by HASH algorithm calculation;
the information acquisition unit acquires the MAC address of the control object sending the control instruction from the instruction message, and calculates the MAC address through a HASH algorithm to obtain the identity information of the control object.
Preferably, the information obtaining unit determines the time when the control object sends the control instruction according to a timestamp in the instruction message.
Preferably, the control instruction is transmitted encrypted.
Preferably, the judgment response unit is further configured to respond to the received control instruction and record the obtained time for the control object to send the control instruction when the time for the control object corresponding to the identity information to send the control instruction last time is not queried in the history record.
An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the aforementioned method of preventing replay attacks when executing the program.
A computer-readable storage medium, on which a computer program is stored, characterized in that said program, when being executed by a processor, carries out the steps of the aforementioned method of preventing replay attacks.
On the basis of the common knowledge in the field, the above preferred conditions can be combined randomly to obtain the preferred embodiments of the invention.
The positive progress effects of the invention are as follows: the invention judges whether the control instruction is legal or not by comparing the latest time when the equipment receives the control instruction with the latest time when the equipment receives the control instruction recorded before, thereby preventing replay attack.
Drawings
Fig. 1 is a flowchart of a method for preventing replay attack by a device according to embodiment 1 of the present invention.
Fig. 2 is a block diagram of an apparatus for preventing replay attack according to embodiment 2 of the present invention.
Fig. 3 is a schematic structural diagram of an electronic device according to embodiment 3 of the present invention.
Detailed Description
The invention is further illustrated by the following examples, which are not intended to limit the scope of the invention.
Example 1
Fig. 1 shows a flowchart of a method for preventing replay attacks by the device of the present embodiment. The device may be an embedded device, and may be, but is not limited to, an intelligent household device, such as an intelligent television, an intelligent air conditioner, an intelligent water heater, and the like. Of course the device is not limited to being an embedded device, and the method of the invention is equally applicable to other types of devices that are at risk of being subject to replay attacks.
In this embodiment, the device may correspond to one or more control objects, and the control object may be, but is not limited to, a mobile phone, a tablet computer, a smart wearable device, and the like. The control objects have control authority over the equipment and control the equipment by sending control instructions to the equipment, for example, for a smart television, the control instructions may be turning on/off a power supply, changing channels, adjusting volume, and the like; for an intelligent air conditioner, the control instruction can be to turn on/off a power supply, adjust the temperature, adjust the wind speed and the like; for the intelligent water heater, the control command may be to turn on/off the power supply, adjust the water temperature, etc., and the control implemented by the control command is not limited thereto, and may also implement other controls.
In order to verify whether a control instruction received by a device is sent by a real control object or an attacker, help the device judge whether the control instruction is legal or not, and prevent replay attack, the method comprises the following steps:
and 11, after the equipment receives the control instruction, confirming the identity information of the control object sending the control instruction and the time for sending the control instruction by the control object. Wherein the identity information is used for identifying the control objects, and the identity information of each control object is generally unique.
The identity information of the control object and the time for sending the control instruction can be obtained through the instruction message, the instruction message comprises the specific content of the control instruction, the identity information of the control object and the time stamp for sending the control instruction, and the identity information of the control object and the time for sending the control instruction can be determined by reading the identity information and the time stamp in the instruction message.
And step 12, inquiring the time of the control object corresponding to the identity information for sending the control instruction last time in the history record. The time of sending the control command last time refers to a time of sending the control command last time from the time of sending the control command this time by the same control object, namely, a time of sending the control command last time of sending the control command this time. The actual control content of the control instruction at this time is the same as the actual control content of the control instruction sent last time, because if the actual control content of the control instruction at two times is different, there is no possibility of replay attack, and when the actual control content of the control instruction at two times is the same, it is possible to be replay attack, and further judgment needs to be made in subsequent steps.
In this embodiment, the history is stored in the control information table, so as to facilitate recording and storing of the history. The control information table stores the identity information of the control object having the control authority for the device and the time of sending the control instruction last time. In step 12, the device may query each record in the control information table one by one, determine whether identity information identical to the identity information determined in step 11 exists in the control information table, if so, obtain a corresponding time of sending the control instruction last time, and then execute subsequent step 13, and if not, may determine that the control object sends the control instruction for the first time, and there is no possibility of a replay attack, so add the identity information of the control object and the time of sending the control instruction to the control information table and directly respond to the control instruction. In other embodiments, if the identity information of all the control objects having the control authority for the device is pre-stored in the control information table, and the identity information that is the same as the identity information determined in step 11 does not exist in the control information table, it may also be determined that the control object sending the control instruction does not have the control authority, and the device may not respond to the control instruction, and end the process.
And step 13, comparing whether the acquired time for sending the control command by the control object is later than the time for sending the control command last time, indicating that the control command is sent by the real control object, executing step 14, and if not, indicating that the control command is sent by an attacker, and ending the process.
And step 14, responding to the received control instruction.
Further, in this embodiment, the MAC address of the control object may be used as the identity information of the control object, and the control information table records the MAC address of each control object. The MAC address of the control object sending the control command is recorded in the command message, in step 11, the identity information of the control object can be determined by reading the MAC address of the control object sending the control command from the command message, and in step 12, the time of the corresponding last control command sending is queried by comparing whether the same MAC address exists in the control information table.
In this embodiment, information obtained by converting the MAC address of the control object may also be used as the identity information of the control object, and the control information table records information obtained by converting the MAC address of each control object. The MAC address of the control object sending the control command is recorded in the command message, when the identity information of the control object is confirmed in step 11, the MAC address of the control object sending the control command may be read from the command message, and then the MAC address is correspondingly converted to obtain the identity information of the control object, and step 12, the corresponding time of sending the control command at the latest time is queried by comparing whether the same information exists in the control information table.
The following gives in particular a way of converting MAC addresses: and converting through the HASH algorithm, namely, calculating the MAC address of the control object through the HASH algorithm to obtain a numerical value. At this time, when the identity information of the control object sending the control instruction is confirmed, the MAC address of the control object sending the control instruction may be obtained from the instruction packet, and then the identity information of the control object is obtained by calculating the MAC address through the HASH algorithm. Although the invention is not limited in this respect, other algorithms may be used to convert MAC addresses.
The identity information converted by the MAC address is integer (int) data, the occupied memory is small, the timestamp is integer data, the occupied content is also small, taking the integer data with 32 bits of identity information and the integer data with 64 bits of timestamp as an example, the identity information only occupies 4Byte memory, the timestamp only occupies 8Byte memory, the memory occupied by the information of one control object is only 4+8=12byte, even if the device can be controlled by 64 control objects, the total occupied memory is only 64 × 12=768byte, and the space is greatly saved.
Further, in order to prevent the next replay attack, it is ensured that the time of sending the control command last time recorded in the history record is real-time and latest, after the time of sending the control command last time by the obtained control object is later than the time of sending the control command last time, the time of sending the control command by the obtained control object may also be recorded, and when the control command sent by the same control object is received next time, the time recorded this time is the time of sending the control command last time. In order to save the memory space occupied by the control information table, the control information table may only store the time when each control object has sent the control instruction last time. Alternatively, in order to count or query the control habits of the same control object, the control information table may store the time when the control object has sent the control command each time within the latest time period, or the time when the control object has sent the control command N times last, or the time when the control object has sent the control command each time, and so on.
Further, in order to ensure network security, the control command may be transmitted through encryption, and the device needs to decrypt the control command.
The method for preventing replay attack of the device of the embodiment judges whether the object sending the control command is a real control object or an attacker by using the timestamp in the command message and the time recorded in the history record, does not need the device to be provided with a time system any more, effectively prevents replay attack, reduces the requirement on the device, is suitable for various devices, and ensures network security.
Example 2
Fig. 2 shows a block diagram of the apparatus for preventing replay attack of the present embodiment. The device 30 may be an embedded device, and may be, but is not limited to, an intelligent household device, such as an intelligent television, an intelligent air conditioner, an intelligent water heater, and the like. Of course, the device 30 is not limited to being an embedded device, and the device 30 may also be other types of devices that are at risk of being subjected to replay attacks.
The apparatus 30 comprises: an instruction receiving unit 21, an information acquiring unit 22, a record inquiring unit 23, and a judgment responding unit 24.
The instruction receiving unit 21 is configured to receive a control instruction.
The information obtaining unit 22 is configured to, after the instruction receiving unit 21 receives the control instruction, confirm the identity information of the control object that sends the control instruction and the time when the control object sends the control instruction. Wherein the identity information is used for identifying the control objects, and the identity information of each control object is usually unique. The identity information of the control object and the time for sending the control instruction may be obtained through an instruction packet, where the instruction packet includes specific content of the control instruction, the identity information of the control object, and a timestamp for sending the control instruction, and the information obtaining unit 22 may determine the identity information of the control object and the time for sending the control instruction according to the identity information and the timestamp in the instruction packet.
The record querying unit 23 is configured to query, in the history, a time when the control object corresponding to the identity information last sent the control instruction. The time of sending the control command last time refers to the time of sending the control command once when the same control object is closest to the time of sending the control command this time. In this embodiment, the history is stored in a control information table, and the control information table stores the identity information of the control object having the control authority for the device and the time of sending the control instruction last time.
The judgment responding unit 24 is configured to respond to the received control instruction when the acquired time for sending the control instruction by the control object is later than the time for sending the control instruction last time.
In addition, if the history does not find out the time when the control object corresponding to the identity information sent the control command last time, the determination responding unit 24 also responds to the received control command and records the time when the acquired control object sent the control command.
Further, in this embodiment, the MAC address of the control object may be used as the identity information of the control object, and the control information table records the MAC address of each control object. The MAC address of the control object that sends the control instruction is recorded in the instruction message, the information obtaining unit 22 may determine the identity information of the control object by reading the MAC address of the control object that sends the control instruction from the instruction message, and the record querying unit 23 may query the time of the corresponding control instruction that was sent the last time by comparing whether the same MAC address exists in the control information table.
In this embodiment, information obtained by converting the MAC address of the control object may also be used as the identity information of the control object, and the control information table records information obtained by converting the MAC address of each control object. The MAC address of the control object sending the control instruction is recorded in the instruction message, when the information obtaining unit 22 confirms the identity information of the control object, the MAC address of the control object sending the control instruction may be read from the instruction message, and then the MAC address is converted correspondingly to obtain the identity information of the control object, and the record querying unit 23 may query the time of the corresponding last control instruction sending by comparing whether the same information exists in the control information table.
Specifically, the information converted from the MAC address of the control object may include: and calculating the MAC address of the control object by a HASH algorithm to obtain a numerical value. The information obtaining unit 22 may obtain the MAC address of the control object sending the control instruction from the instruction packet, and calculate the MAC address through the HASH algorithm to obtain the identity information of the control object. Although the invention is not limited in this respect and other algorithms may be used to convert MAC addresses.
Further, in order to prevent the next replay attack, it is ensured that the time of the last control command transmission recorded in the history is real-time and latest, after the time of the control command transmission by the control object is later than the time of the control command transmission by the last time, the judgment responding unit 24 may further record the time of the control command transmission by the control object, and when the control command transmitted by the same control object is received next time, the time recorded this time is the time of the control command transmission by the last time. In order to save the memory space occupied by the control information table, the control information table may only store the time when each control object has sent the control instruction last time. Alternatively, in order to count or query the control habits of the same control object, the control information table may store the time when the control object has sent the control command each time within the latest time period, or the time when the control object has sent the control command N times last, or the time when the control object has sent the control command each time, and so on.
Further, in order to ensure network security, the judgment response unit 24 is further configured to record the acquired time when the control object sends the control command when the acquired time when the control object sends the control command is later than the time when the control command is sent last time.
The device of the embodiment judges whether the object sending the control instruction is a real control object or an attacker by using the timestamp in the instruction message and the time recorded in the history record, does not need to have a time system any more, effectively prevents replay attack, reduces the requirements on the device, is suitable for various devices, and ensures network security.
Example 3
Fig. 3 shows a schematic structural diagram of an electronic device. The electronic device comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor executes the program to realize the replay attack prevention method of embodiment 1. The electronic device 30 shown in fig. 3 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiment of the present invention.
As shown in fig. 3, the electronic device 30 may be embodied in the form of a general purpose computing device, which may be, for example, a server device. The components of the electronic device 30 may include, but are not limited to: the at least one processor 31, the at least one memory 32, and a bus 33 connecting the various system components (including the memory 32 and the processor 31).
The bus 33 includes a data bus, an address bus, and a control bus.
The memory 32 may include volatile memory, such as Random Access Memory (RAM) 321 and/or cache memory 322, and may further include Read Only Memory (ROM) 323.
The processor 31 executes various functional applications and data processing, such as a method for preventing replay attack provided in embodiment 1 of the present invention, by running the computer program stored in the memory 32.
The electronic device 30 may also communicate with one or more external devices 34 (e.g., a keyboard, a pointing device, etc.). Such communication may be through input/output (I/O) interfaces 35. Also, model-generating device 30 may also communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet) via network adapter 36. As shown, network adapter 36 communicates with the other modules of model-generating device 30 via bus 33. It should be understood that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the model-generating device 30, including but not limited to: microcode, device drivers, redundant processors, external disk drive arrays, RAID (disk array) systems, tape drives, and data backup storage systems, etc.
It should be noted that although in the above detailed description several units/modules or sub-units/modules of the electronic device are mentioned, such a division is merely exemplary and not mandatory. Indeed, the features and functionality of two or more of the units/modules described above may be embodied in one unit/module according to embodiments of the invention. Conversely, the features and functions of one unit/module described above may be further divided into embodiments by a plurality of units/modules.
Example 4
The present embodiment provides a computer-readable storage medium on which a computer program is stored, the program implementing the steps of the method for preventing replay attack by an apparatus provided in embodiment 1 when executed by a processor.
More specific examples, among others, that the readable storage medium may employ may include, but are not limited to: a portable disk, a hard disk, random access memory, read only memory, erasable programmable read only memory, optical storage device, magnetic storage device, or any suitable combination of the foregoing.
In a possible implementation form, the invention can also be implemented in the form of a program product comprising program code for causing a terminal device to perform the steps of a method of implementing a device protection against replay attacks as described in embodiment 1, when said program product is run on said terminal device.
Where program code for carrying out the invention is written in any combination of one or more programming languages, the program code may be executed entirely on the user device, partly on the user device, as a stand-alone software package, partly on the user device and partly on a remote device or entirely on the remote device.
While specific embodiments of the invention have been described above, it will be appreciated by those skilled in the art that these are by way of example only, and that the scope of the invention is defined by the appended claims. Various changes and modifications to these embodiments may be made by those skilled in the art without departing from the spirit and scope of the invention, and these changes and modifications are within the scope of the invention.
Claims (20)
1. A method of a device for preventing replay attacks, the method comprising:
after the equipment receives the control instruction, confirming the identity information of a control object sending the control instruction and the time for sending the control instruction by the control object;
in the history record, inquiring the time when the control object corresponding to the identity information sends the control instruction last time;
and responding to the received control instruction if the obtained actual control content of the control instruction sent by the control object is the same as the actual control content of the control instruction sent last time and the obtained time for the control object to send the control instruction is later than the time for sending the control instruction last time.
2. The method of preventing replay attacks by a device of claim 1, wherein the method further comprises:
and when the time for sending the control command by the acquired control object is later than the time for sending the control command at the last time, recording the time for sending the control command by the acquired control object.
3. The method for preventing replay attacks of a device according to claim 1, wherein the history is stored in a control information table in which identity information of a control object having a control authority over the device and a time at which a control command was last transmitted are stored.
4. The method for preventing replay attack of a device according to claim 1 or 3, wherein a MAC address of the control object is adopted as the identity information of the control object;
confirming identity information of a control object sending a control command, comprising: and reading the MAC address of the control object for sending the control command from the command message.
5. The method for preventing replay attack of an apparatus according to claim 1 or 3, wherein information converted from the MAC address of the control object is used as the identity information of the control object;
confirming identity information of a control object sending a control command, comprising: and reading the MAC address of the control object sending the control instruction from the instruction message, and correspondingly converting the MAC address to obtain the identity information of the control object.
6. The method of claim 5, wherein the information translated from the MAC address of the control object comprises: the MAC address of the control object is subjected to a numerical value obtained by HASH algorithm calculation;
confirming identity information of a control object sending a control command, comprising: and acquiring the MAC address of the control object for sending the control instruction from the instruction message, and calculating the MAC address through a HASH algorithm to obtain the identity information of the control object.
7. The method of claim 1, wherein the time at which the control object sends the control command is determined by a timestamp in a command message.
8. The method of claim 1, wherein the control instructions are transmitted encrypted.
9. The method of preventing replay attacks by a device of claim 1, wherein the method further comprises:
and if the time for the control object corresponding to the identity information to send the control instruction last time is not inquired in the history record, responding to the received control instruction and recording the acquired time for the control object to send the control instruction.
10. An apparatus for preventing replay attacks, the apparatus comprising:
an instruction receiving unit for receiving a control instruction;
the information acquisition unit is used for confirming the identity information of a control object sending the control instruction and the time for the control object to send the control instruction after the instruction receiving unit receives the control instruction;
the record inquiry unit is used for inquiring the time when the control object corresponding to the identity information sends the control instruction last time in the historical record;
and the judgment response unit is used for responding to the received control instruction when the acquired actual control content of the control instruction sent by the control object is the same as the actual control content of the control instruction sent last time and the acquired time of the control instruction sent by the control object is later than the time of the control instruction sent last time.
11. The apparatus according to claim 10, wherein the determination responding unit is further configured to record the acquired time when the control object transmits the control command when the acquired time when the control object transmits the control command is later than the time when the control command was transmitted last time.
12. The apparatus of claim 10, wherein the history is stored in a control information table in which identity information of a control object having a control authority for the apparatus and a time at which a control command was last transmitted are stored.
13. The apparatus according to claim 10 or 12, wherein a MAC address of the control object is employed as the identity information of the control object;
and the information acquisition unit confirms the identity information of the control object sending the control command by reading the MAC address of the control object sending the control command from the command message.
14. The apparatus according to claim 10 or 12, characterized in that information converted from the MAC address of the control object is employed as the identity information of the control object;
the information acquisition unit reads the MAC address of the control object sending the control instruction from the instruction message, and correspondingly converts the MAC address to obtain the identity information of the control object.
15. The method of claim 14, wherein the information translated from the MAC address of the control object comprises: the MAC address of the control object is calculated by a HASH algorithm to obtain a numerical value;
the information acquisition unit acquires the MAC address of the control object sending the control instruction from the instruction message, and calculates the MAC address through a HASH algorithm to obtain the identity information of the control object.
16. The apparatus according to claim 10, wherein the information acquisition unit determines a time at which the control object transmits the control instruction by a time stamp in the instruction message.
17. The apparatus of claim 10, wherein the control instructions are transmitted encrypted.
18. The device according to claim 10, wherein the determination responding unit is further configured to respond to the received control instruction and record the acquired time for the control object to send the control instruction when the time for the control object corresponding to the identity information to send the control instruction last time is not queried in the history.
19. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of preventing replay attacks of any one of claims 1 to 9 when executing the program.
20. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of preventing replay attacks of any one of claims 1 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810166981.5A CN110213196B (en) | 2018-02-28 | 2018-02-28 | Device and method for preventing replay attack, electronic device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810166981.5A CN110213196B (en) | 2018-02-28 | 2018-02-28 | Device and method for preventing replay attack, electronic device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110213196A CN110213196A (en) | 2019-09-06 |
| CN110213196B true CN110213196B (en) | 2022-12-27 |
Family
ID=67778901
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810166981.5A Active CN110213196B (en) | 2018-02-28 | 2018-02-28 | Device and method for preventing replay attack, electronic device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110213196B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113660253A (en) * | 2021-08-12 | 2021-11-16 | 上海酷栈科技有限公司 | Terminal controller, method and system based on remote desktop protocol |
| CN115150176B (en) * | 2022-07-07 | 2023-10-17 | 北京达佳互联信息技术有限公司 | Replay attack prevention method and device, electronic equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101060405A (en) * | 2006-04-19 | 2007-10-24 | 华为技术有限公司 | A method and system for preventing the replay attack |
| CN101800989A (en) * | 2010-01-19 | 2010-08-11 | 重庆邮电大学 | Anti-replay-attack system for industrial wireless network |
| CN103763073A (en) * | 2014-01-09 | 2014-04-30 | 深圳市迪威视讯股份有限公司 | Method for retransmission of lost data packet and terminal |
| CN103856489A (en) * | 2014-03-13 | 2014-06-11 | 杭州华三通信技术有限公司 | Achieving method and device for preventing replay attack |
| WO2017024977A1 (en) * | 2015-08-13 | 2017-02-16 | 阿里巴巴集团控股有限公司 | Network attack prevention method, apparatus and system |
| CN110446177A (en) * | 2019-08-20 | 2019-11-12 | 杭州安恒信息技术股份有限公司 | Communication means, the apparatus and system of Internet of Things gauge table |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101048510B1 (en) * | 2009-05-06 | 2011-07-11 | 부산대학교 산학협력단 | Method and apparatus for enhancing security in Zigbee wireless communication protocol |
-
2018
- 2018-02-28 CN CN201810166981.5A patent/CN110213196B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101060405A (en) * | 2006-04-19 | 2007-10-24 | 华为技术有限公司 | A method and system for preventing the replay attack |
| CN101800989A (en) * | 2010-01-19 | 2010-08-11 | 重庆邮电大学 | Anti-replay-attack system for industrial wireless network |
| CN103763073A (en) * | 2014-01-09 | 2014-04-30 | 深圳市迪威视讯股份有限公司 | Method for retransmission of lost data packet and terminal |
| CN103856489A (en) * | 2014-03-13 | 2014-06-11 | 杭州华三通信技术有限公司 | Achieving method and device for preventing replay attack |
| WO2017024977A1 (en) * | 2015-08-13 | 2017-02-16 | 阿里巴巴集团控股有限公司 | Network attack prevention method, apparatus and system |
| CN110446177A (en) * | 2019-08-20 | 2019-11-12 | 杭州安恒信息技术股份有限公司 | Communication means, the apparatus and system of Internet of Things gauge table |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110213196A (en) | 2019-09-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9882912B2 (en) | System and method for providing authentication service for internet of things security | |
| CN102982141B (en) | A kind of method and device realizing distributed data base agency | |
| WO2019179543A3 (en) | Retrieving public data for blockchain networks using trusted execution environments | |
| EP3371930B1 (en) | Method and apparatus for secure aggregated event reporting | |
| CN110995513B (en) | Data sending and receiving method in Internet of things system, internet of things equipment and platform | |
| WO2016006520A1 (en) | Detection device, detection method and detection program | |
| US10341367B1 (en) | System and method for inquiring IOC information by P2P protocol | |
| US10353830B2 (en) | Method and memory module for security-protected write processes and/or read processes on the memory module | |
| WO2021120975A1 (en) | Monitoring method and apparatus | |
| CN110213196B (en) | Device and method for preventing replay attack, electronic device and storage medium | |
| CN103685213A (en) | Device, system and method for reducing attacks on DNS | |
| CN113890730A (en) | Data transmission method and system | |
| CN107872315B (en) | Data processing method and intelligent terminal | |
| CN112286911B (en) | Database management method and device, equipment and storage medium | |
| CN113672912A (en) | Network security monitoring system based on computer hardware indication and behavior analysis | |
| US8225013B2 (en) | Generation of a formatted unique device identifier from an AT attachment serial number | |
| JP2018073182A (en) | Data acquisition system, terminal equipment, data acquisition apparatus, and data acquisition method and program | |
| CN107395772B (en) | Management method and management system for repeated data | |
| CN114189515B (en) | SGX-based server cluster log acquisition method and device | |
| JP5162686B2 (en) | Method for retrieving object from DM client and device management system related thereto | |
| US20170228555A1 (en) | Non-volatile storage of management data | |
| KR101699955B1 (en) | System and method for automatic detection of DRAM data forgery | |
| CN115865862B (en) | Data access method, system, device, electronic equipment and storage medium | |
| CN115632879B (en) | Log management method, system, electronic device and storage medium | |
| CN116614536A (en) | Equipment control method, system, electronic device and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |