CN111193699B - Method and device for detecting security vulnerability of ZigBee device - Google Patents

Method and device for detecting security vulnerability of ZigBee device Download PDF

Info

Publication number
CN111193699B
CN111193699B CN201910784196.0A CN201910784196A CN111193699B CN 111193699 B CN111193699 B CN 111193699B CN 201910784196 A CN201910784196 A CN 201910784196A CN 111193699 B CN111193699 B CN 111193699B
Authority
CN
China
Prior art keywords
security vulnerability
detection
security
zigbee
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910784196.0A
Other languages
Chinese (zh)
Other versions
CN111193699A (en
Inventor
伍惠宇
李宇翔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201910784196.0A priority Critical patent/CN111193699B/en
Publication of CN111193699A publication Critical patent/CN111193699A/en
Application granted granted Critical
Publication of CN111193699B publication Critical patent/CN111193699B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud

Abstract

Methods, apparatuses, and computer-readable storage media for detecting ZigBee device security vulnerabilities are described herein. The method comprises the following steps: receiving relevant configuration of a detection project from a cloud server, wherein the relevant configuration of the detection project comprises the type of a security vulnerability to be detected; initializing each security vulnerability detection module corresponding to the type of the security vulnerability to be detected based on the related pairing of the detection items; receiving a detection instruction from a cloud server; and collecting and storing data corresponding to the type of the security vulnerability to be detected through each security vulnerability detection module based on the detection instruction. The method and the device can effectively discover various types of security holes and effectively improve the security of the ZigBee equipment.

Description

Method and device for detecting security vulnerability of ZigBee device
Technical Field
The present invention generally relates to the technical field of security vulnerability detection, and in particular, to a method and an apparatus for detecting a security vulnerability of a ZigBee device.
Background
With the development of the internet of things, more and more intelligent devices begin to use the ZigBee wireless protocol for wireless communication. The security of ZigBee smart devices also faces a number of challenges. The security hole of the ZigBee protocol possibly causes a large number of ZigBee devices to be remotely controlled due to hacker attacks. The ZigBee alliance has made many improvements in the ZigBee version 3.0 protocol on the security of the ZigBee protocol. At present, many manufacturers still use the ZigBee protocol of a low version (i.e. the version before ZigBee 3.0), and some manufacturers develop the ZigBee protocol for the second time in order to reduce the development difficulty, so that some new security problems are introduced.
At present, security testing tools of related ZigBee devices in a security community mainly comprise an open source tool and free software, such as KillerBee, Attify ZigBee Framework, Smart Packet Sniffer and the like. The technical thresholds of the analysis tools are generally high, and professional researchers with certain safety technical bases can judge whether the ZigBee equipment has a security hole or not by manually analyzing the output data of the tools. In addition, the existing security vulnerability analysis tool has very limited security vulnerabilities that can be detected, and can only detect the universal key leakage. The existing security vulnerability analysis tool does not support the ZigBee 3.0 protocol.
Disclosure of Invention
It would be advantageous to provide a mechanism that can alleviate, reduce or even eliminate one or more of the above-mentioned problems.
According to a first aspect of the present disclosure, there is provided a method for detecting a security vulnerability of a ZigBee device, including: receiving relevant configuration of a detection project from a cloud server, wherein the relevant configuration of the detection project comprises the type of a security vulnerability to be detected; initializing each security vulnerability detection module corresponding to the type of the security vulnerability to be detected based on the relevant configuration of the detection project; receiving a detection instruction from a cloud server; and collecting and storing data corresponding to the type of the security vulnerability to be detected through each security vulnerability detection module based on the detection instruction.
According to some embodiments of the invention, the method further comprises: and uploading the collected and stored data to a cloud server for determining the existence of the security vulnerability.
According to some embodiments of the invention, the method further comprises: the collected and stored data is analyzed to determine the existence of a security breach.
According to some embodiments of the invention, the type of security breach to be detected comprises one or more of: a universal key security vulnerability, an insecure key storage security vulnerability, an insecure re-pairing security vulnerability, and an insecure key transmission security vulnerability.
According to some embodiments of the present invention, collecting and storing data corresponding to each security vulnerability type by each security vulnerability detection module based on the detection instruction comprises: data corresponding to one of various types of security breaches is collected and stored at predetermined intervals.
According to a second aspect of the present disclosure, there is provided a method for detecting a security vulnerability of a ZigBee device, comprising: receiving related configuration of a detection project, wherein the related configuration of the detection project comprises the type of the security vulnerability to be detected; sending detection project related configuration to the security vulnerability testing terminal equipment, wherein the detection project related configuration indicates the security vulnerability testing terminal equipment to initialize each security vulnerability detection module corresponding to the type of the security vulnerability to be detected; and sending an instruction for executing the preset detection while indicating the user to execute the preset action to the security vulnerability testing terminal equipment.
According to some embodiments of the invention, the method further comprises: and receiving security vulnerability data obtained by executing predetermined detection from the security vulnerability testing terminal equipment.
According to some embodiments of the invention, the method further comprises: the received security breach data is analyzed to determine the existence of the security breach.
According to some embodiments of the present invention, collecting and storing data corresponding to each security vulnerability type by each security vulnerability detection module based on the detection instruction comprises: data corresponding to one of various types of security breaches is collected and stored at predetermined intervals.
According to some embodiments of the invention, the predetermined action performed by the user comprises one or more of switching on and off the ZigBee device, pairing the ZigBee device and unbinding the ZigBee device.
According to some embodiments of the invention, the method further comprises: and sending the analyzed security vulnerability result.
According to a third aspect of the present disclosure, there is provided an apparatus for detecting a security hole of a ZigBee device, comprising: the system comprises a first receiving module, a second receiving module and a third receiving module, wherein the first receiving module is used for receiving related configuration of a detection project from a cloud server, and the related configuration of the detection project comprises the type of a security vulnerability to be detected; the initialization module is configured to initialize each security vulnerability detection module corresponding to the type of the security vulnerability to be detected based on the detection project related configuration; the second receiving module is configured to receive a detection instruction from the cloud server; and the security vulnerability detection module is configured for collecting and storing data corresponding to the type of the security vulnerability to be detected through each security vulnerability detection module based on the detection instruction.
According to some embodiments of the invention, the apparatus further comprises an upload module configured to upload the collected and stored data to a cloud server for use in determining the existence of a security breach.
According to some embodiments of the invention, the apparatus further comprises an analysis module configured to analyze the collected and stored data to determine the existence of a security breach.
According to a fourth aspect of the present disclosure, there is provided an apparatus for detecting a security hole of a ZigBee device, comprising: the receiving module is configured for receiving related configuration of a detection project, and the related configuration of the detection project comprises the type of the security vulnerability to be detected; the first sending module is configured to send detection project related configuration to the security vulnerability testing terminal equipment, and the detection project related configuration indicates the security vulnerability testing terminal equipment to initialize each security vulnerability detection module corresponding to the type of the security vulnerability to be detected; an instruction module configured to instruct a user to perform a predetermined action; and a second sending module configured to send an instruction for executing predetermined detection while instructing a user to execute a predetermined action to the security breach testing terminal device.
According to a fifth aspect of the present invention, there is provided a computer readable storage medium having stored thereon instructions which, when executed on a processor, cause the processor to perform any of the above methods.
The invention has the beneficial effects that: the embodiment of the invention provides a method and a device for detecting security vulnerabilities of ZigBee equipment. According to the method and the device, the test data of the ZigBee network received by the terminal hardware equipment are reported to the cloud server, and the cloud server analyzes the test data to determine the security vulnerability detection result of the ZigBee intelligent equipment. Therefore, the simple and visual semi-automatic ZigBee device security vulnerability detection method and device are provided, and manufacturers can be helped to discover and repair various common security vulnerabilities in the ZigBee device research and development and test stages. The security vulnerability types include, but are not limited to, a general key security vulnerability, an insecure key storage security vulnerability, an insecure re-pairing security vulnerability, an insecure key transport security vulnerability. The invention effectively improves the safety of the ZigBee intelligent device, effectively avoids the user from being attacked by hackers, and can support the newly released ZigBee version 3.0.
These and other advantages of the present disclosure will become apparent from and elucidated with reference to the embodiments described hereinafter.
Drawings
Further details, features and advantages of the invention are disclosed in the following description of exemplary embodiments with reference to the accompanying drawings, in which:
fig. 1 schematically illustrates an application scenario diagram of a security vulnerability detection method for a ZigBee device according to an embodiment of the present invention;
FIG. 2 schematically illustrates a security breach detection flow diagram according to an embodiment of the invention;
FIG. 3 schematically illustrates a system architecture for detecting a ZigBee device security vulnerability according to an embodiment of the present invention;
FIG. 4 schematically illustrates a method for detecting a ZigBee device security vulnerability according to one embodiment of the present invention;
FIG. 5 schematically illustrates a method for detecting a ZigBee device security vulnerability according to another embodiment of the present invention;
FIG. 6 schematically illustrates an apparatus for detecting a ZigBee device security hole according to one embodiment of the present invention;
FIG. 7 schematically illustrates an apparatus for detecting a ZigBee device security hole according to another embodiment of the present invention; and
fig. 8 schematically illustrates an example system that includes an example computing device that represents one or more systems and/or devices that may implement the various techniques described herein.
Detailed Description
The security vulnerability detection method and device of the ZigBee intelligent device provided by the embodiment of the invention are used for improving the security of the ZigBee device in the ZigBee network and effectively analyzing and repairing various types of security vulnerabilities to avoid hacker attacks on users.
The preferred embodiments of the present invention will be described below with reference to the accompanying drawings of the specification, it being understood that the preferred embodiments described herein are merely for illustrating and explaining the present invention, and are not intended to limit the present invention, and features in the embodiments and examples of the present invention may be combined with each other without conflict.
For the convenience of understanding of the present invention, the technical terms involved in the present invention include:
1. ZigBee: a low-power consumption local area network protocol based on IEEE802.15.4 standard (2.4 GHz) is a two-way wireless communication technology with short distance, low complexity, low power consumption, low speed, low cost and strong self-healing capability, the maximum transmission rate of the two-way wireless communication technology is 250Kbps, and the transmission range is usually 10-100 meters. The ZigBee protocol is commonly used for controlling lights, air-conditioning, door locks, curtains, security and industrial equipment. The ZigBee device comprises a gateway, a node and a router. The security of ZigBee is mainly based on 128-bit aes (advanced Encryption standard) symmetric Encryption algorithm.
2. ZigBee 3.0: as the latest version of the ZigBee protocol, the ZigBee protocol has the main improvement that different application layer protocols are unified, and the problem of interconnection and intercommunication among different application layer protocols is solved. The discovery, addition and networking modes of the ZigBee devices adopting different application layer protocols are unified, so that the networking of the ZigBee devices is more convenient and unified.
2. Connection key: unicast communication between ZigBee devices is encrypted by two devices sharing a 128-bit connection key.
3. Network key: the ZigBee broadcast communication is encrypted by a network key of 128 bits shared by all devices in the network. Network keys are classified into two types, standard and high security. The network key type determines the distribution of the network and how the network frame counter is initialized.
4. Master key: a starting point for ZigBee to establish a connection key is provided. The master key may be configured in-band or out-of-band. The master key may be installed during production, or by a trust center, or may be based on data entered by the user (e.g., a personal identification number PIN or password).
5. Trust center link key: the encryption transmission method is generally preset in a ZigBee gateway and a node device, and is used for encrypting and transmitting a network key in the network access process of the device.
6. Universal key security vulnerabilities: some manufacturers use some encryption keys well known in the art during the development of ZigBee devices to be able to be compatible with ZigBee devices produced by different manufacturers. This easily causes communication data of the ZigBee device to be hacked or causes the device to be remotely controlled by a hacker.
7. Insecure key transmission security hole: if a plaintext transmission key is used in the pairing process of the ZigBee gateway and the node, the key is easy to be sniffed, and therefore the key can be leaked.
8. Insecure key storage security hole: if the key is stored in plain text in the ZigBee gateway and the node device, the key can be reversed and leaked.
9. Insecure reconfiguration security vulnerabilities: this security hole is mainly present in older versions of ZigBee than ZigBee 3.0. In an early version of ZigBee, to prevent an unexpected drop, a ZigBee device may send an unencrypted Rejoin (Rejoin) request to Rejoin a network again, and at this time, even if the ZigBee gateway has turned off the network access function, the ZigBee device may also initiate a pairing procedure and transmit a secret key. In this case, there is a possibility of key leakage.
The security testing tool technology threshold of the related ZigBee equipment of the security community is high at present, the security loopholes capable of being detected are very limited, and only the security loopholes of the general key can be detected. In order to solve the problem that simple, easy-to-operate, objective and comprehensive security vulnerability analysis cannot be provided for ZigBee intelligent equipment in the prior art, the embodiment of the invention provides a solution. Referring to fig. 1, an application scenario 100 includes a security vulnerability testing terminal 101 and a cloud server 102. The security vulnerability testing terminal device 101 is provided with the method for detecting the security vulnerability of the ZigBee device. The security vulnerability testing terminal device 101 is configured to test the ZigBee device 104 to be tested in the ZigBee network based on the detection item related configuration received from the cloud server 102, and send the collected data to the cloud server 102, where the detection item related configuration indicates the type of the security vulnerability to be tested. The cloud server 102 is configured to determine a security vulnerability detection result of the ZigBee device according to the received detection data. It should be noted that the security vulnerability testing terminal device 101 and the cloud server 102 are connected through a communication network 103. The communication network 103 may be a local area network, a wide area network, or the like. The security vulnerability testing terminal device 101 may be a portable device (e.g., a mobile phone, a tablet, a notebook computer, etc.) or a personal computer PC. Cloud server 102 may be any device capable of providing internet services.
The ZigBee intelligent device detection method provided by the invention has the another application scenario that the security vulnerability test terminal device is used for testing the ZigBee device and analyzing the ZigBee device according to the collected data to obtain the security vulnerability detection result.
Fig. 2 schematically illustrates a security breach detection flow diagram 200 according to an embodiment of the invention. First, in step 201, a user desiring to perform security vulnerability detection on a ZigBee device first binds a hardware detection device for sniffing, a security vulnerability testing terminal device, and a cloud server. The hardware detecting means refers to a hardware device for sniffing ZigBee packets and transmitting ZigBee packets (e.g., CC2531 USB DONGLE manufactured by texas instruments TI, RZ USB STICK manufactured by ATMEL, etc.). The security vulnerability testing terminal device refers to a small computer for deploying a software code operating environment. In one embodiment, the user first interfaces the hardware detection device with the security vulnerability testing terminal device, and then inputs a hardware detection device fuselage serial number for sniffing in a new user registration interface of the cloud platform (e.g., in a browser of a computer having access to the cloud platform) to bind the hardware detection device to the security vulnerability testing terminal device and the cloud server. In another embodiment, the user first connects the hardware detection device and the security vulnerability testing terminal device through an interface, and then directly inputs the serial number of the hardware detection device on the security vulnerability testing terminal device so as to bind the hardware detection device to the security vulnerability testing terminal device; the security vulnerability testing terminal equipment is further connected with the cloud server through the Internet, so that the hardware detection device is bound to the security vulnerability testing terminal equipment and the cloud server. Typically, the interface connection here is a USB interface connection. As understood by those skilled in the art, the interface connection here can be other interfaces, such as mini USB interface, Type-C interface, etc. In step 202, a user configures detection options by accessing a cloud server configuration interface in a browser. The configured detection items may include the type of security breach that needs to be detected. For example, the user may configure the type of security hole to be detected, such as whether to detect a ZigBee universal key security hole, whether to detect an insecure key storage security hole, whether to detect an insecure re-pairing security hole, whether to detect an insecure key transmission security hole, and the like. In one embodiment, the user may also be configured as to whether only a single ZigBee channel is detected. Generally, one ZigBee channel exists in one ZigBee network. However, one ZigBee channel may be used in a plurality of ZigBee networks. In another embodiment, the user may configure whether to upload the ZigBee device firmware. In yet another embodiment, the user may also configure whether to collect ZigBee network information. The user can also configure whether to save the sniffed ZigBee data packets and logs. In step 203, after the user configuration is completed, the cloud server automatically issues the configuration file to the security vulnerability testing terminal device. And after receiving the configuration file, the security vulnerability testing terminal equipment starts to initialize based on the configuration script. In step 204, the security breach testing terminal device starts to perform semi-automated detection. The semi-automatic detection means that when a user finishes specified operation within preset time according to prompts on a cloud server interface, the specified user executes corresponding security vulnerability detection while performing various operations, and stores detected data. Operations performed by a given user may include, but are not limited to: the method comprises the steps of starting the ZigBee gateway and the ZigBee node equipment, pairing the ZigBee gateway and the ZigBee node equipment, sending an instruction for controlling the ZigBee node equipment, unbinding the node equipment and the like. In step 205, the cloud server platform outputs a report of the detection result. And after finishing all detection items, the security vulnerability testing terminal equipment automatically uploads detection data and logs to the cloud platform. And the cloud server platform analyzes the detection data and the log to obtain a complete security vulnerability detection report and a repair suggestion, and outputs the complete security vulnerability detection report and the repair suggestion to the user.
Fig. 3 schematically illustrates a system architecture 300 for detecting ZigBee device security vulnerabilities according to an embodiment of the present invention. The technical scheme of the invention is realized by two parts, namely software codes and hardware equipment. The system architecture 300 mainly includes a security vulnerability testing terminal device 31 and a cloud server 32, and the cloud server 32 and the security vulnerability testing terminal device 31 communicate through the internet. The software code includes a local detection tool in the security vulnerability testing terminal device 31 and an analysis platform in the cloud system 32. The hardware device part comprises a small computer in the security vulnerability testing terminal device 31 for deploying a software code operating environment, and a hardware device for sniffing the ZigBee data packet and sending the ZigBee data packet (for example, CC2531 USB DONGLE manufactured by Texas instruments TI company, RZ USB STICK manufactured by ATMEL company, and the like).
When the cloud platform 32 and the security vulnerability testing terminal device 31 are connected for the first time through the internet, a user who expects to perform security vulnerability detection on the ZigBee device can utilize the user registration and binding module 321 to bind a hardware detection device (not shown) for sniffing, the security vulnerability testing terminal device 31 and the cloud server 32 according to the hardware tag serial number identifier. The hardware detecting means refers to a hardware device for sniffing ZigBee packets and transmitting ZigBee packets (e.g., CC2531 USB DONGLE manufactured by texas instruments TI, RZ USB STICK manufactured by ATMEL, etc.). The security vulnerability testing terminal device refers to a small computer for deploying a software code operating environment. In one embodiment, the user first interfaces the hardware detection device with the security vulnerability testing terminal device, and then inputs a hardware detection device fuselage serial number for sniffing in a new user registration interface of the cloud platform (e.g., in a browser of a computer having access to the cloud platform) to bind the hardware detection device to the security vulnerability testing terminal device and the cloud server. In another embodiment, the user first connects the hardware detection device and the security vulnerability testing terminal device through an interface, and then directly inputs the serial number of the hardware detection device on the security vulnerability testing terminal device so as to bind the hardware detection device to the security vulnerability testing terminal device; the security vulnerability testing terminal equipment is further connected with the cloud server through the Internet, so that the hardware detection device is bound to the security vulnerability testing terminal equipment and the cloud server. Typically, the interface connection here is a USB interface connection.
The user then configures the project to be inspected using inspection project configuration module 322 in cloud system 32. The configuration of the detection item may include the type of security breach to be detected. The types of security breaches to be detected may include one or more of the following: a universal key security vulnerability, an insecure key storage security vulnerability, an insecure re-pairing security vulnerability, and an insecure key transmission security vulnerability. The configuration of the detection items may also include configurations for one or more of the following items: whether the ZigBee device only detects a single ZigBee channel is appointed, whether the ZigBee device firmware is uploaded, whether the ZigBee network information is collected, whether the sniffed ZigBee data packet and log are stored and the like. Cloud platform 32 then remotely issues the configuration of the detection item input by the user to configuration initialization module 317 in the hardware platform. The configuration initialization module 317 automatically sequentially launches security vulnerability detection modules (e.g., one or more of the universal key security vulnerability detection module 312, the insecure key transmission detection module 313, the insecure re-pairing detection module 314, and the insecure key storage detection module 315) corresponding to the type of security vulnerability specified in the configuration of the detection project based on the received configuration of the detection project.
The security vulnerability detection module is developed by using Python script codes. Specifically, the security vulnerability detection module may first collect and analyze ZigBee wireless data packets captured by a USB sniffing device connected to a security vulnerability testing terminal device (e.g., a small computer), and obtain a channel and an encryption mode of currently detected ZigBee device communication. And then the security vulnerability detection module calls respective core detection codes to carry out specific vulnerability item detection. In one embodiment, the universal key vulnerability detection module may attempt to perform network entry operations using some publicly known communication key. If the network access is successful, the universal key vulnerability exists. The unsafe key transmission detection module prompts a user to operate the equipment according to a specific sequence, and meanwhile, whether a plaintext character string with the length of 16 bits exists in a network layer data packet in the network access process is analyzed and captured, and if yes, the existence of an unsafe transmission vulnerability is indicated. The unsafe re-pairing detection module can actively send a re-networking data packet through the USB module after requiring a user to press a specific operation device, and detect whether the gateway retransmits the network key, if so, indicating that an unsafe re-pairing vulnerability exists. The unsafe key storage detection module only operates after the user uploads the device firmware, automatically scans all 16-bit-length character strings in the firmware, tries to access the network or decrypt a data packet as a network access key or a network key, and if the operation is successful, indicates that a storage bug of the unsafe key exists.
Next, the user performs a corresponding operation at predetermined intervals (for example, 30 seconds or 60 seconds) according to an instruction on the user operation direction module, under the direction of the user operation direction module 323. The user operation guidance module 323 in the cloud platform 32 may update the indicated operation required by the user at predetermined time intervals (e.g., 30 seconds or 60 seconds). The indicated operations required by the user may include, but are not limited to, switching on and off, pairing, unbinding, etc. of the ZigBee device. Each security vulnerability detection module in the security vulnerability testing terminal device 31 will synchronously call the ZigBee data packet transceiver module 311 to complete data collection and storage of one security vulnerability type every predetermined time (for example, 30 seconds or 60 seconds).
After all security vulnerabilities corresponding to the security vulnerability types specified in the configuration of the detection project are detected, the task management and data storage module 316 automatically ends the security vulnerability detection process of the hardware platform and uploads the stored data to the cloud platform 32 through the data upload module 318. In one embodiment, the stored data is first compressed before being uploaded to cloud platform 32. Subsequently, the security vulnerability analysis engine 324 in the cloud platform 32 automatically analyzes the data uploaded by the security vulnerability testing terminal device 31, analyzes the existing security vulnerability risk points, and generates a security vulnerability detection report by using the detection report generation module 325.
Fig. 4 schematically illustrates a method 400 for detecting a ZigBee device security vulnerability according to one embodiment of the present invention. The method 400 is performed by a security breach testing terminal device. In step 401, the test terminal device receives a configuration related to a detection item from the cloud server. The detection item related configuration may include a type of security breach to be detected, such as one or more of a general key security breach, an insecure key storage security breach, an insecure re-pairing security breach, and an insecure key transmission security breach. Detecting the item related configuration may also include detecting only a single ZigBee channel. Generally, one ZigBee channel exists in one ZigBee network. However, one ZigBee channel may be used in a plurality of ZigBee networks. In another embodiment, the user may configure whether to upload the ZigBee device firmware. In yet another embodiment, the user may also configure whether to collect ZigBee network information. The user can also configure whether to save the sniffed ZigBee data packets and logs. In step 402, the test terminal device initializes each security vulnerability detection module based on the detection item configuration. The initialization operation causes each security vulnerability detection module corresponding to the type of security vulnerability to be detected in the configuration to perform the relevant initialization according to the configuration related to the detected item. In step 403, the test terminal device receives a detection instruction from the cloud server. In particular, the detection instructions may instruct that the relevant detection for one type of security breach be performed every predetermined time (e.g., every 30 seconds or 60 seconds). In step 404, the test terminal device collects and stores data corresponding to each security vulnerability type through each security detection module based on the received detection instruction. In one embodiment, based on the received detection instruction, collecting and storing detection data for the common security breach in the first 30 seconds; collecting and storing detection data for the insecure key storage security breach for a second 30 seconds; detection data for insecure re-pairing security breaches are collected and stored for the third 30 seconds and detection data for insecure key transfer security breaches are collected and stored for the fourth 30 seconds, respectively. In one embodiment, the collected and stored data is uploaded to a cloud server for use by the cloud server in determining the existence of a security breach, as in step 405. In another embodiment, the security vulnerability testing terminal device can also directly analyze the security vulnerability by utilizing the computing capability of the security vulnerability testing terminal device. The collected and stored data is analyzed, as in step 406, to determine the existence of a security breach.
Fig. 5 schematically illustrates a method 500 for detecting a ZigBee device security vulnerability according to another embodiment of the present invention. The method 500 is performed by a cloud server. In step 501, the cloud server first receives a security-related configuration of a detection project, which is input by a user on a cloud platform. The detection item related configuration may include a type of security breach to be detected, such as one or more of a general key security breach, an insecure key storage security breach, an insecure re-pairing security breach, and an insecure key transmission security breach. Detecting the item related configuration may also include detecting only a single ZigBee channel. Generally, one ZigBee channel exists in one ZigBee network. However, one ZigBee channel may be used in a plurality of ZigBee networks. In another embodiment, the user may configure whether to upload the ZigBee device firmware. In yet another embodiment, the user may also configure whether to collect ZigBee network information. The user can also configure whether to save the sniffed ZigBee data packets and logs. In step 502, the cloud server sends the relevant configuration of the detection item to the security vulnerability testing terminal device, and the relevant configuration of the detection item indicates the security vulnerability testing terminal device to execute the detection related to the type of the security vulnerability to be detected. In step 503, the cloud server instructs the user to perform a predetermined action, which may include, but is not limited to, one or more of switching on and off the ZigBee device, pairing the ZigBee device, and unbinding the ZigBee device. In step 504, the cloud server sends an instruction for executing predetermined detection to the security vulnerability testing terminal device while instructing the user to execute a predetermined action. In particular, the instructions may instruct that the relevant detection for one type of security breach be performed every predetermined time (e.g., every 30 seconds or 60 seconds). In step 505, the security vulnerability testing terminal device receives security vulnerability data obtained by performing predetermined detection from the cloud server, and in step 506, performs a memorial analysis on the received data to determine the existing security vulnerability. In some embodiments, the cloud server may also generate security vulnerability detection reports and repair recommendations corresponding to the security vulnerabilities based on the determined existence of the security vulnerabilities.
Fig. 6 schematically illustrates an apparatus 600 for detecting a ZigBee device security vulnerability according to one embodiment of the present invention. The apparatus 600 includes a first receiving module 601, an initialization module 602, a second receiving module 603, and a security vulnerability detecting module. The first receiving module 601 is configured to receive, from the cloud server, a detection item-related configuration including a type of a security vulnerability to be detected, such as one or more of a general key security vulnerability, an insecure key storage security vulnerability, an insecure re-pairing security vulnerability, and an insecure key transmission security vulnerability. Detecting the item related configuration may also include detecting only a single ZigBee channel. Generally, one ZigBee channel exists in one ZigBee network. However, one ZigBee channel may be used in a plurality of ZigBee networks. In another embodiment, the user may configure whether to upload the ZigBee device firmware. In yet another embodiment, the user may also configure whether to collect ZigBee network information. The user can also configure whether to save the sniffed ZigBee data packets and logs. The initialization module 602 is configured to initialize each security vulnerability detection module corresponding to the type of the security vulnerability to be detected based on the detection project related configuration. The second receiving module 603 is configured to receive detection instructions from the cloud server, and the security breach detection module 604 is configured to collect and store data corresponding to each security breach type based on the detection instructions. In one embodiment, the apparatus 600 further comprises an upload module configured to upload the collected and stored data to a cloud server for use in determining the existence of a security breach. In one embodiment, the apparatus 600 further comprises an analysis module configured to analyze the collected and stored data to determine the existence of a security breach.
Fig. 7 schematically illustrates an apparatus 700 for detecting a ZigBee device security vulnerability according to another embodiment of the present invention. The apparatus 700 comprises a receiving module 701, a first transmitting module 702, an indicating module 703 and a second transmitting module 704. The receiving module 701 is configured to receive a detection project-related configuration including a type of security vulnerability to be detected, such as one or more of a general key security vulnerability, an insecure key storage security vulnerability, an insecure re-pairing security vulnerability, and an insecure key transmission security vulnerability. Detecting the item related configuration may also include detecting only a single ZigBee channel. Generally, one ZigBee channel exists in one ZigBee network. However, one ZigBee channel may be used in a plurality of ZigBee networks. In another embodiment, the user may configure whether to upload the ZigBee device firmware. In yet another embodiment, the user may also configure whether to collect ZigBee network information. The user can also configure whether to save the sniffed ZigBee data packets and logs. The first sending module 702 is configured to send the detection item related configuration to the security vulnerability testing terminal device, where the detection item related configuration instructs the security vulnerability testing terminal device to perform detection on the type of the security vulnerability to be detected. The instructing module 703 is configured for instructing a user to perform a predetermined action. The second sending module 704 is configured to send an instruction to perform a predetermined detection to the security breach testing terminal device while instructing the user to perform a predetermined action.
In one embodiment, a ZigBee device manufacturer is developing and testing a ZigBee wireless communication protocol-based intelligent device, and it is necessary to perform vulnerability detection on the security of the device to avoid the threat on user privacy and personal security caused by hacking during the use of the user after the device is on the market. A manufacturer can use the detection device to perform rapid vulnerability detection, only needs to configure detected vulnerability types in the cloud platform after the device is started, operates the ZigBee gateway and the node device to be detected according to page prompt, and can complete detection and obtain vulnerability reports and repair suggestions within about ten minutes. The scheme has the advantages of simple environment construction, low hardware cost, feasibility and effectiveness, and better detection effect than other existing schemes.
Fig. 8 illustrates an example system 800 that includes an example computing device 810 that represents one or more systems and/or devices that can implement the various techniques described herein. Computing device 810 may be, for example, a server of a service provider, a device associated with a client (e.g., a client device), a system on a chip, and/or any other suitable computing device or computing system. The apparatus 600 or 700 for detecting ZigBee device security vulnerabilities described above with respect to fig. 6 or 7 may take the form of a computing device 810. Alternatively, the apparatus 600 or 700 for detecting ZigBee device security vulnerabilities may be implemented as a computer program in the form of a ZigBee device security vulnerability detection application 816.
The example computing device 810 as illustrated includes a processing system 811, one or more computer-readable media 812, and one or more I/O interfaces 813 communicatively coupled to each other. Although not shown, computing device 810 may also include a system bus or other data and command transfer system that couples the various components to one another. A system bus can include any one or combination of different bus structures, such as a memory bus or memory controller, a peripheral bus, a universal serial bus, and/or a processor or local bus that utilizes any of a variety of bus architectures. Various other examples are also contemplated, such as control and data lines.
The processing system 811 represents functionality to perform one or more operations using hardware. Thus, the processing system 811 is illustrated as including hardware elements 814 that may be configured as processors, functional blocks, and so forth. This may include implementation in hardware as an application specific integrated circuit or other logic device formed using one or more semiconductors. The hardware elements 814 are not limited by the materials from which they are formed or the processing mechanisms employed therein. For example, a processor may be comprised of semiconductor(s) and/or transistors (e.g., electronic Integrated Circuits (ICs)). In such a context, processor-executable instructions may be electronically-executable instructions.
The computer-readable medium 812 is illustrated as including memory/storage 815. Memory/storage 815 represents memory/storage capacity associated with one or more computer-readable media. The memory/storage 815 may include volatile media (such as Random Access Memory (RAM)) and/or nonvolatile media (such as Read Only Memory (ROM), flash memory, optical disks, magnetic disks, and so forth). The memory/storage 815 may include fixed media (e.g., RAM, ROM, a fixed hard drive, etc.) as well as removable media (e.g., flash memory, a removable hard drive, an optical disk, and so forth). The computer-readable medium 812 may be configured in various other ways as further described below.
One or more I/O interfaces 813 represent functionality that allows a user to enter commands and information to computing device 810, and optionally also allows information to be presented to the user and/or other components or devices using various input/output devices. Examples of input devices include a keyboard, a cursor control device (e.g., a mouse), a microphone (e.g., for voice input), a scanner, touch functionality (e.g., capacitive or other sensors configured to detect physical touch), a camera (e.g., motion that may not involve touch may be detected as gestures using visible or invisible wavelengths such as infrared frequencies), and so forth. Examples of output devices include a display device (e.g., a monitor or projector), speakers, a printer, a network card, a haptic response device, and so forth. Accordingly, the computing device 810 may be configured in various ways to support user interaction, as described further below.
Computing device 810 also includes ZigBee device security vulnerability detection application 816. The ZigBee device security vulnerability detection application 816 may be, for example, a software instance with respect to the apparatus 600 or 700 of fig. 6 or 7 for detecting ZigBee device security vulnerabilities, and implement the techniques described herein in combination with other elements in the computing device 810.
Various techniques may be described herein in the general context of software hardware elements or program modules. Generally, these modules include routines, programs, objects, elements, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The terms "module," "functionality," and "component" as used herein generally represent software, firmware, hardware, or a combination thereof. The features of the techniques described herein are platform-independent, meaning that the techniques may be implemented on a variety of computing platforms having a variety of processors.
An implementation of the described modules and techniques may be stored on or transmitted across some form of computer readable media. Computer readable media can include a variety of media that can be accessed by computing device 810. By way of example, and not limitation, computer-readable media may comprise "computer-readable storage media" and "computer-readable signal media".
"computer-readable storage medium" refers to a medium and/or device, and/or a tangible storage apparatus, capable of persistently storing information, as opposed to mere signal transmission, carrier wave, or signal per se. Accordingly, computer-readable storage media refers to non-signal bearing media. Computer-readable storage media include hardware such as volatile and nonvolatile, removable and non-removable media and/or storage devices implemented in a method or technology suitable for storage of information such as computer-readable instructions, data structures, program modules, logic elements/circuits or other data. Examples of computer readable storage media may include, but are not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, Digital Versatile Disks (DVD) or other optical storage, hard disks, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or other storage devices, tangible media, or an article of manufacture suitable for storing the desired information and accessible by a computer.
"computer-readable signal medium" refers to a signal-bearing medium configured to transmit instructions to hardware of computing device 810, such as via a network. Signal media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave, data signal or other transport mechanism. Signal media also includes any information delivery media. The term "modulated data signal" means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared and other wireless media.
As previously described, the hardware element 814 and the computer-readable medium 812 represent instructions, modules, programmable device logic, and/or fixed device logic implemented in hardware form that may be used in some embodiments to implement at least some aspects of the techniques described herein. The hardware elements may include integrated circuits or systems-on-chips, Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs), Complex Programmable Logic Devices (CPLDs), and other implementations in silicon or components of other hardware devices. In this context, a hardware element may serve as a processing device that performs program tasks defined by instructions, modules, and/or logic embodied by the hardware element, as well as a hardware device for storing instructions for execution, such as the computer-readable storage medium described previously.
Combinations of the foregoing may also be used to implement the various techniques and modules described herein. Thus, software, hardware, or program modules and other program modules may be implemented as one or more instructions and/or logic embodied on some form of computer-readable storage medium and/or by one or more hardware elements 814. Computing device 810 may be configured to implement particular instructions and/or functions corresponding to software and/or hardware modules. Thus, implementing modules as modules executable by computing device 810 as software may be implemented at least partially in hardware, for example, using computer-readable storage media of a processing system and/or hardware elements 814. The instructions and/or functions may be executable/operable by one or more articles of manufacture (e.g., one or more computing devices 810 and/or processing systems 811) to implement the techniques, modules, and examples described herein.
In various implementations, computing device 810 may assume a variety of different configurations. For example, computing device 810 may be implemented as a computer-like device including a personal computer, desktop computer, multi-screen computer, laptop computer, netbook, and so forth. The computing device 810 may also be implemented as a mobile device-like device including mobile devices such as mobile telephones, portable music players, portable gaming devices, tablet computers, multi-screen computers, and the like. Computing device 810 may also be implemented as a television-like device that includes devices with or connected to a generally larger screen in a casual viewing environment. These devices include televisions, set-top boxes, game consoles, and the like.
The techniques described herein may be supported by these various configurations of computing device 810 and are not limited to specific examples of the techniques described herein. Functionality may also be implemented in whole or in part on the "cloud" 820 through the use of a distributed system, such as through a platform 822 as described below.
Cloud 820 includes and/or is representative of a platform 822 for resources 824. The platform 822 abstracts underlying functionality of hardware (e.g., servers) and software resources of the cloud 820. Resources 824 may include applications and/or data that may be used when computer processing is performed on a server remote from computing device 810. Resources 824 may also include services provided over the internet and/or over a subscriber network such as a cellular or Wi-Fi network.
The platform 822 may abstract resources and functions to connect the computing device 810 with other computing devices. The platform 822 may also serve to abstract the hierarchy of resources to provide a corresponding level of hierarchy encountered for the requirements of the resources 824 implemented via the platform 822. Thus, in interconnected device embodiments, implementation of functions described herein may be distributed throughout the system 800. For example, the functionality may be implemented in part on the computing device 810 and through the platform 822 that abstracts the functionality of the cloud 820.
It should be understood that embodiments of the disclosure have been described with reference to different functional blocks for clarity. However, it will be apparent that the functionality of each functional module may be implemented in a single module, in multiple modules, or as part of other functional modules without departing from the disclosure. For example, functionality illustrated to be performed by a single module may be performed by multiple different modules. Thus, references to specific functional blocks are only to be seen as references to suitable blocks for providing the described functionality rather than indicative of a strict logical or physical structure or organization. Thus, the present disclosure may be implemented in a single module or may be physically and functionally distributed between different modules and circuits.
It will be understood that, although the terms first, second, third, etc. may be used herein to describe various devices, elements, or components, these devices, elements, or components should not be limited by these terms. These terms are only used to distinguish one device, element, or component from another device, element, or component.
Although the present disclosure has been described in connection with some embodiments, it is not intended to be limited to the specific form set forth herein. Rather, the scope of the present disclosure is limited only by the accompanying claims. Additionally, although individual features may be included in different claims, these may possibly advantageously be combined, and the inclusion in different claims does not imply that a combination of features is not feasible and/or advantageous. The order of features in the claims does not imply any specific order in which the features must be worked. Furthermore, in the claims, the word "comprising" does not exclude other elements, and the indefinite article "a" or "an" does not exclude a plurality. Reference signs in the claims are provided merely as a clarifying example and shall not be construed as limiting the scope of the claims in any way.

Claims (14)

1. A method for detecting a ZigBee device security vulnerability, the method being executed by a security vulnerability testing terminal device, comprising:
receiving related configuration of a detection project from a cloud server, wherein the related configuration of the detection project comprises the type of a security vulnerability to be detected;
initializing each security vulnerability detection module corresponding to the type of the security vulnerability to be detected based on the relevant configuration of the detection project;
receiving a detection instruction from the cloud server; and
and performing predetermined detection by the various security vulnerability detection modules while instructing a user to perform a predetermined action based on the detection instruction to collect and store data corresponding to one of various security vulnerability types at predetermined time intervals.
2. The method of claim 1, further comprising:
uploading the collected and stored data to the cloud server for determining the existence of the security breach.
3. The method of claim 1, further comprising:
the collected and stored data is analyzed to determine the existence of a security breach.
4. The method according to any one of claims 1-3, wherein the type of security breach to be detected comprises one or more of:
a universal key security vulnerability;
an insecure key stores a security vulnerability;
insecure reconfiguration security vulnerabilities; and
the insecure key transmits a security hole.
5. A method for detecting a security vulnerability of a ZigBee device comprises the following steps:
receiving related configuration of a detection project, wherein the related configuration of the detection project comprises the type of a security vulnerability to be detected;
sending the detection project related configuration to security vulnerability testing terminal equipment, wherein the detection project related configuration indicates the security vulnerability testing terminal equipment to initialize each security vulnerability detection module corresponding to the type of the security vulnerability to be detected;
instructing the user to perform a predetermined action; and
and sending an instruction for executing preset detection while indicating the user to execute a preset action to the security vulnerability testing terminal equipment.
6. The method of claim 5, further comprising:
and receiving security vulnerability data obtained by executing the preset detection from the security vulnerability testing terminal equipment.
7. The method of claim 6, further comprising:
and analyzing the received security vulnerability data to determine the existing security vulnerability.
8. The method according to any one of claims 5-7, wherein the type of security breach to be detected comprises one or more of:
a universal key security vulnerability;
an insecure key stores a security vulnerability;
insecure reconfiguration security vulnerabilities; and
the insecure key transmits a security hole.
9. The method of any of claims 5-7, wherein the predetermined action performed by a user comprises one or more of switching on and off a ZigBee device, pairing a ZigBee device, and unbinding a ZigBee device.
10. The method of claim 7, further comprising:
and sending the analyzed security vulnerability result.
11. An apparatus for detecting a ZigBee device security hole, comprising:
the system comprises a first receiving module, a second receiving module and a third receiving module, wherein the first receiving module is used for receiving related configuration of a detection project from a cloud server, and the related configuration of the detection project comprises the type of a security vulnerability to be detected;
the initialization module is configured to initialize each security vulnerability detection module corresponding to the type of the security vulnerability to be detected based on the detection project related configuration;
a second receiving module configured to receive a detection instruction from the cloud server; and
a security vulnerability detection module configured to perform predetermined detection by the respective security vulnerability detection modules while instructing a user to perform a predetermined action based on the detection instruction to collect and store data corresponding to one of the various security vulnerability types at predetermined time intervals.
12. The apparatus of claim 11, further comprising:
an upload module configured to upload the collected and stored data to the cloud server for determining an existing security breach.
13. An apparatus for detecting a ZigBee device security hole, comprising:
the system comprises a receiving module, a detecting module and a processing module, wherein the receiving module is configured to receive related configuration of a detection project, and the related configuration of the detection project comprises the type of a security vulnerability to be detected;
the first sending module is configured to send the detection project related configuration to the security vulnerability testing terminal equipment, wherein the detection project related configuration indicates the security vulnerability testing terminal equipment to initialize each security vulnerability detection module corresponding to the type of the security vulnerability to be detected;
an instruction module configured to instruct a user to perform a predetermined action; and
a second sending module configured to send, to the security vulnerability testing terminal device, an instruction for executing predetermined detection while instructing the user to execute a predetermined action.
14. A computer-readable storage medium having stored thereon instructions that, when executed on a processor, cause the processor to perform the method of any one of claims 1-10.
CN201910784196.0A 2019-08-23 2019-08-23 Method and device for detecting security vulnerability of ZigBee device Active CN111193699B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910784196.0A CN111193699B (en) 2019-08-23 2019-08-23 Method and device for detecting security vulnerability of ZigBee device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910784196.0A CN111193699B (en) 2019-08-23 2019-08-23 Method and device for detecting security vulnerability of ZigBee device

Publications (2)

Publication Number Publication Date
CN111193699A CN111193699A (en) 2020-05-22
CN111193699B true CN111193699B (en) 2021-12-03

Family

ID=70710727

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910784196.0A Active CN111193699B (en) 2019-08-23 2019-08-23 Method and device for detecting security vulnerability of ZigBee device

Country Status (1)

Country Link
CN (1) CN111193699B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115001863B (en) * 2022-07-26 2022-11-22 浙江涂鸦智能电子有限公司 Network security vulnerability detection method, device, medium and electronic equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103856277A (en) * 2014-03-24 2014-06-11 武汉威士讯信息技术有限公司 Automatic testing system and method for measuring ZigBee radio frequency performance
CN104219067A (en) * 2013-05-29 2014-12-17 中国电信股份有限公司 Method, user terminal and system for achieving quick configuration for terminal of Internet of Things
CN107506303A (en) * 2017-08-24 2017-12-22 航天中认软件测评科技(北京)有限责任公司 Method, apparatus and system for automatic test
CN109828905A (en) * 2018-12-15 2019-05-31 中国平安人寿保险股份有限公司 Automated testing method, device, computer installation and storage medium
CN109906586A (en) * 2016-12-30 2019-06-18 谷歌有限责任公司 The system and method for configuration verification across secure network boundary
US10375071B1 (en) * 2015-12-16 2019-08-06 Jpmorgan Chase Bank, N.A. Access control system and method

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9208676B2 (en) * 2013-03-14 2015-12-08 Google Inc. Devices, methods, and associated information processing for security in a smart-sensored home
WO2014152486A1 (en) * 2013-03-15 2014-09-25 Adt Us Holdings, Inc. Security system installation
CN107239702A (en) * 2016-03-29 2017-10-10 腾讯科技(深圳)有限公司 The method and device of a kind of security breaches detection

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104219067A (en) * 2013-05-29 2014-12-17 中国电信股份有限公司 Method, user terminal and system for achieving quick configuration for terminal of Internet of Things
CN103856277A (en) * 2014-03-24 2014-06-11 武汉威士讯信息技术有限公司 Automatic testing system and method for measuring ZigBee radio frequency performance
US10375071B1 (en) * 2015-12-16 2019-08-06 Jpmorgan Chase Bank, N.A. Access control system and method
CN109906586A (en) * 2016-12-30 2019-06-18 谷歌有限责任公司 The system and method for configuration verification across secure network boundary
CN107506303A (en) * 2017-08-24 2017-12-22 航天中认软件测评科技(北京)有限责任公司 Method, apparatus and system for automatic test
CN109828905A (en) * 2018-12-15 2019-05-31 中国平安人寿保险股份有限公司 Automated testing method, device, computer installation and storage medium

Also Published As

Publication number Publication date
CN111193699A (en) 2020-05-22

Similar Documents

Publication Publication Date Title
US10614222B2 (en) Validation of security monitoring through automated attack testing
US10642715B1 (en) Dynamic authorization of requested actions using adaptive context-based matching
KR102057159B1 (en) Authentication of client devices based on entropy from the server or other device
US9900162B2 (en) System and method for wireless network management
EP2907289B1 (en) Providing virtualized private network tunnels
EP2767058B1 (en) Method and apparatus for managing access for trusted and untrusted applications
US20160301666A9 (en) Providing Virtualized Private Network Tunnels
US20140109175A1 (en) Providing Virtualized Private Network Tunnels
Costa et al. Vulnerabilities in IoT devices for smart home environment
US10244392B2 (en) Over-the-air personalization of network devices
CN104363226A (en) Method, device and system for logging in operating system
US10103948B1 (en) Computing devices for sending and receiving configuration information
US20150341216A1 (en) Automatic and secure activation of a universal plug and play device management device
TW201401897A (en) Wireless network client-authentication system and wireless network connection method thereof
Ray et al. Bluetooth low energy devices security testing framework
US20150371032A1 (en) Method to Securely Authenticate Management Server Over Un-Encrypted Remote Console Connection
CN111193699B (en) Method and device for detecting security vulnerability of ZigBee device
CN111567076A (en) User terminal device, electronic device, system including the same, and control method
CN111614476A (en) Equipment configuration method, system and device
CN111245800B (en) Network security test method and device, storage medium and electronic device
CN106537962B (en) Wireless network configuration, access and access method, device and equipment
US11218297B1 (en) Onboarding access to remote security control tools
US20230336983A1 (en) Establishing a backup connectivity between a sensor and a management system
Peng et al. A novel vulnerability detection method for ZigBee MAC layer
US20230344715A1 (en) Secure and adaptive mechanism to provision zero-touch network devices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant