CN112866172A - Safety protection method and device, smart home system and computer readable medium - Google Patents
Safety protection method and device, smart home system and computer readable medium Download PDFInfo
- Publication number
- CN112866172A CN112866172A CN201911098579.9A CN201911098579A CN112866172A CN 112866172 A CN112866172 A CN 112866172A CN 201911098579 A CN201911098579 A CN 201911098579A CN 112866172 A CN112866172 A CN 112866172A
- Authority
- CN
- China
- Prior art keywords
- information
- home system
- smart home
- wireless
- wireless routing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2803—Home automation networks
- H04L12/2816—Controlling appliance services of a home automation network by calling their functionalities
- H04L12/2818—Controlling appliance services of a home automation network by calling their functionalities from a device located outside both the home and the home network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/24—Traffic characterised by specific attributes, e.g. priority or QoS
- H04L47/2483—Traffic characterised by specific attributes, e.g. priority or QoS involving identification of individual flows
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
Abstract
The present disclosure relates to smart home technologies, and in particular, to a security protection method and apparatus, a smart home system, and a computer readable medium. An intelligent home system includes: the wireless routing equipment is configured to acquire first network flow passing through the wireless routing equipment in the intelligent home system, extract first information aiming at the operation of controlled equipment in the intelligent home system and send the first information to wireless gateway equipment in the intelligent home system; a wireless gateway device configured to: receiving first information from each wireless routing device and determining a first operation aiming at a controlled device according to the first information; and judging whether the first operation conforms to the preset characteristics for describing the normal operation of the controlled equipment. Whether the controlled equipment is controlled maliciously or not is determined by comparing the operation of the controlled equipment in the intelligent home system with the normal operation, so that the aim of effective safety protection is fulfilled.
Description
Technical Field
The invention relates to the technical field of intelligent home, in particular to a safety protection method and device applied to an intelligent home system, the intelligent home system and a computer readable medium.
Background
Smart homes (Smart Home or Home Automation) are an application of pervasive computing, and integrate intelligence into homes to achieve energy conservation and obtain comfortable and safe Home experience. Meanwhile, the smart home provides context-aware automation or auxiliary services for the user in the forms of environmental intelligence, remote home control, home automation and the like.
However, with the development of smart home technology and the popularization of smart home systems, attacks and security threats to the smart home systems are increasing, which is particularly prominent in the aspects of medical care and security monitoring, and serious consequences even can endanger human lives.
Therefore, there is a need to provide an effective security protection scheme for smart home systems.
Disclosure of Invention
In view of this, embodiments of the present invention provide a safety protection method and apparatus applied to an intelligent home system, the intelligent home system, and a computer readable medium, so as to provide a safe and reliable protection scheme for the intelligent home system as a whole.
In a first aspect, an intelligent home system is provided, including: at least one wireless routing device, wherein each wireless routing device is configured to: obtaining first network traffic in the intelligent home system via the wireless routing device; extracting first information aiming at the operation of one controlled device in the intelligent home system from the first network flow; sending the first information to a wireless gateway device in the intelligent home system; the smart home system further comprises the wireless gateway device configured to: receiving the first information from each wireless routing device; determining first operation aiming at the controlled equipment according to the first information; and judging whether the first operation conforms to the characteristics described by first characteristic information, wherein the first characteristic information is preset and is used for describing the characteristics of normal operation of the controlled equipment.
In a second aspect, a security protection method applied to an intelligent home system is provided, in which each wireless routing device in the intelligent home system acquires a first network traffic of the intelligent home system via the wireless routing device; extracting first information aiming at the operation of one controlled device in the intelligent home system from the first network flow; sending the first information to a wireless gateway device in the intelligent home system; the wireless gateway equipment in the intelligent home system receives the first information from each wireless routing equipment respectively; determining first operation aiming at the controlled equipment according to the first information; and further judging whether the first operation conforms to the characteristics described by first characteristic information, wherein the first characteristic information is preset and is used for describing the characteristics of normal operation of the controlled equipment.
In a third aspect, a wireless routing device in a smart home system is provided, which includes a memory for storing computer readable codes; and a processor for invoking the computer readable code to perform the method performed by the wireless routing device of the second aspect.
In a fourth aspect, a wireless gateway device in an intelligent home system is provided, including: a memory for storing computer readable code; a processor for invoking the computer readable code to perform the method performed by the wireless gateway device of the second aspect.
In a fifth aspect, a computer storage medium is provided, having computer readable instructions stored thereon, which, when executed by a processor, cause the processor to perform the method performed by the wireless routing device or the wireless gateway device in the second aspect.
In the solution provided in any of the above aspects, whether the controlled device is maliciously controlled is determined by comparing the operation of the controlled device in the smart home system with the normal operation, that is, by determining whether the first operation of the controlled device meets the preset feature described by the first feature information for describing the normal operation of the controlled device, so as to achieve the purpose of effective security protection.
In any of the above aspects, the first characteristic information may be from a setting of the user terminal or may be obtained by learning from a behavior history of a user of the smart home system. Such as: the wireless gateway device receives the first feature information from a user terminal. Or, each wireless routing device acquires a second network traffic of the intelligent home system via the wireless routing device in the normal operation process of the intelligent home system, extracts second information for the operation of the controlled device from the second network traffic, and sends the second information to the wireless gateway device; and the wireless gateway device receives the second information from each wireless routing device, determines a second operation for the controlled device according to the second information, and further determines the first characteristic information according to the second operation. The normal operation of the controlled device can be flexibly defined through the setting of the user terminal, and when the use of the controlled device by the user is changed, the configuration can be timely and flexibly modified. In the latter mode, the wireless routing device in the smart home system collects network traffic, extracts operation information, such as state, behavior and the like, and forwards the information to the wireless gateway device, and the wireless gateway device analyzes the operation information and learns the feature information of normal operation from the operation information, so as to obtain the first feature information. By adopting the latter mode, the wireless routing equipment does not directly send the network flow to the wireless gateway equipment, but forwards the network flow after extracting the operation information, so that the influence of network flow transmission on the intelligent home system is reduced. In addition, the wireless gateway equipment learns the characteristic information of the normal operation, and can automatically acquire the characteristics of the normal operation, so that the scheme provided by the embodiment of the invention is more intelligent.
In an alternative implementation, the first feature information may be set in a combination of user configuration and learning of the wireless gateway device. Operations that do not conform to the user-configured normal operating characteristics and operations that do not conform to the learned normal operating characteristics of the wireless gateway device are identified and processed.
In any of the above aspects, the wireless routing device may further obtain third network traffic in the smart home system via the wireless routing device, and obtain third information from the third network traffic, where the third information includes information connected to the controlled device and/or information for accessing data in the controlled device, and further determine whether a network attack behavior for the controlled device exists according to the third information. Thus, the scheme provided by the embodiment of the invention not only can identify the behavior against normal operation, but also can identify the network attack behavior.
Drawings
Fig. 1 is a schematic structural diagram of an intelligent home system provided by an embodiment of the present invention.
Fig. 2 is a flowchart of a security protection method applied to an intelligent home system according to an embodiment of the present invention.
Fig. 3 is a schematic structural diagram of a wireless routing device in an intelligent home system according to an embodiment of the present invention.
Fig. 4 is a schematic structural diagram of a wireless gateway device in an intelligent home system according to an embodiment of the present invention.
List of reference numerals:
10: intelligent household system
20: user terminal
101: wireless routing device
102: wireless gateway device
103: controlled equipment
104: endpoint device
200: the safety protection method provided by the embodiment of the invention
S201 to S214: steps in the safety protection method 200 provided by the embodiment of the present invention
101 a: memory device
101 b: processor with a memory having a plurality of memory cells
101 c: communication module
102 a: memory device
102 b: processor with a memory having a plurality of memory cells
102 c: communication module
Detailed Description
As mentioned above, there is a need to provide an effective security protection scheme for smart home systems.
Although the smart home system forms a computer network, some security protection methods against network attacks also exist for the computer network, for example, some anti-attacks exist for replay attack (replay attack), battery exhaustion attack (battery exhaustion attack), and the like. However, these methods can only identify attacks on the network layer, and cannot identify and protect security against operations in a specific smart home system.
Such as: when a user is not at home, but high-power intelligent appliances such as a water heater and an air conditioner in an intelligent home system are hijacked and utilized maliciously, and the start and stop of a large number of high-power intelligent appliances are controlled, so that the instability and even breakdown of a power grid can be caused, and the loss of the user and even the society can be caused. The existing method for preventing network attacks cannot identify and protect malicious operations aiming at the controlled equipment in the intelligent home system.
According to the scheme provided by the embodiment of the invention, whether the controlled equipment is controlled maliciously is determined by comparing the operation of the controlled equipment in the intelligent home system with the normal operation, so that the aim of effective safety protection is fulfilled.
Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
Fig. 1 shows an intelligent home system 10 provided by an embodiment of the present invention. As shown in fig. 1, the smart home system 10 includes:
a wireless gateway device 102;
at least one wireless routing device 101;
at least one endpoint device 104;
at least one controlled device 103.
The wireless gateway device 102 is used for implementing interconnection between the smart home system 10 and other networks, and may also provide a user interface for interacting with a user terminal. In the smart home system 10, it is connected to each wireless routing device 101, and implements security protection based on operation behavior. Taking the smart home system 10 implemented by the Zigbee protocol as an example, the wireless gateway device 102 may be an intelligent gateway or a network coordinator node (network coordinator node), and since it is connected to each wireless routing device 101 in the smart home system 10, it can obtain complete security information of the entire smart home system 10, so that security protection can be performed on the entire smart home system 10, including but not limited to device identification and monitoring, anomaly detection, network attack detection, security audit (security audit), and the like.
Each wireless routing device 101 collects network traffic. Such as: in the smart home system 10 implemented by using the Zigbee protocol, the Zigbee routing node operates in a network layer (NWK layer) of the Zigbee protocol stack, and can capture network traffic of the Zigbee network layer. Each wireless routing device 101 acquires information about the operation of each controlled device 103 in the smart home system 10 from the network traffic and transmits the information to the wireless gateway device 102, and the wireless gateway device 102 determines whether there is a security threat in the operation. Wherein, the wireless routing device 101 can generate a security log based on the acquired information for the operation of the controlled device 103 and transmit the security log to the wireless gateway device 102.
Here, in consideration of the fact that most of the smart home systems 10 are limited in network transmission bandwidth, in order to reduce transmission of network traffic and reduce bandwidth occupation, in the embodiment of the present invention, the wireless routing device 101 processes the collected network traffic and then sends the extracted information to the wireless gateway device 102, instead of directly sending the collected network traffic to the wireless gateway device 102. Also, the wireless gateway device 102 typically has a relatively rich processing resource that enables sophisticated decisions to be made to determine whether a security threat exists.
In addition to the wireless gateway device 102 determining whether the operation of the controlled device 103 is abnormal in the embodiment of the present invention, the wireless routing device 101 may also determine whether there is a network attack and an abnormal communication behavior based on the acquired network traffic.
The endpoint device 104(endpoint) typically has a sensor plus controller structure, and collects data from the controlled device 103 on the one hand, such as: status information for monitoring the status of the controlled device 103; and on the other hand, the control instruction is issued to the controlled device 103 to control the operation of the controlled device 103. As shown in fig. 1, the controlled device 103 may be various electrical devices in the smart home system 10, including lighting devices, washing machines, televisions, air conditioners, refrigerators, water heaters, and the like, and may further include door entry, cameras, medical devices, and the like. One exemplary control flow includes: the user operates on the user terminal 20 to control the heating of the water heater. The wireless gateway device 102 receives an operation instruction from the user terminal 20, where the operation instruction carries identification information, a network address, and the like of the controlled device 103, that is, the water heater, and the wireless gateway device 102 sends the operation instruction to the endpoint device 104 controlling the water heater through the wireless routing device 101, and the endpoint device 104 controls the water heater to heat.
One possible problem is that the smart home system 10 may be subject to network attacks. Such as: an attacker sends a data packet carrying a control instruction at the smart home system 10, and the control instruction is used for controlling the entrance guard to unlock. Because the data packet conforms to the network protocol, the data packet cannot be determined to be malicious only from the network layer, and carries the control instruction of the attack.
In the embodiment of the present invention, the wireless routing device 101 acquires the network traffic forwarded through the wireless routing device, extracts information about the operation of the access control from the network traffic, and the wireless routing device 101 sends the information to the wireless gateway device 102. From this, the wireless gateway device 102 determines an operation for the door entry, such as: and (6) unlocking. Further, the wireless gateway device 102 determines whether the operation of unlocking is a normal operation. Alternatively, the wireless gateway device 102 may determine whether the unlocking operation is a normal operation according to the preset feature of the normal operation for the entrance guard.
One possible implementation is: the feature for the normal operation of the gate is set by the user through the user terminal 20. Such as: the entrance guard can be unlocked at 6 to 23 points of each day set by a user, and the entrance guard can not be unlocked at other time intervals. The information of the feature is transmitted to the wireless gateway device 102 through the user terminal 20 and is stored by the wireless gateway device 102. When receiving the information of the operation for the access control, the wireless gateway device 102 acquires timestamp information (used for indicating the occurrence time of the operation) carried in the information, and if the time indicated by the timestamp information is within the range from 6 to 23, determines that the operation for the access control is normal; otherwise, determining that the operation of the access control is abnormal. Further, a warning message may be sent to the user terminal 20 indicating that there is an abnormal operation for the door access. Alternatively, the user may determine whether the operation is normal through the user terminal 20. If the operation is determined to be normal, the user terminal 20 may send a message for determining that the operation is normal to the wireless gateway device 102, and the wireless gateway device 102 may further send an unlocking instruction to the door access to control the door access to unlock.
Another possible implementation is for the wireless gateway device 102 to learn features for normal operation for the access gate. Optionally, each wireless gateway device 102 may obtain network traffic passing through the wireless gateway device 102 during normal operation of the smart home system 10, and extract information of unlocking for door entry from the network traffic, such as: and (4) unlocking time. The wireless routing device 101 sends the acquired information to the wireless gateway device 102, the wireless gateway device 102 performs statistical learning to determine the unlocking rule of the entrance guard, and further characteristic information of the entrance guard is formed. Similarly, whether the current operation aiming at the entrance guard is normal or not can be determined according to the characteristic information.
In addition to the wireless gateway device 102 determining the abnormal operation, in the embodiment of the present invention, each wireless routing device 101 may also determine whether a network attack behavior exists in the smart home system 10. The wireless routing device 101 may obtain network traffic transmitted through the wireless routing device, obtain information for connecting to one controlled device 103 from the network traffic or information for accessing data in the controlled device 103, and determine whether a network attack behavior for one controlled device 103 exists according to the obtained information.
In the embodiment of the present invention, the smart home system 10 may be implemented based on wireless network protocols such as Zigbee, WiFi, bluetooth, Zwave, or the like.
Next, with reference to fig. 2, a flow of a security protection method 200 provided in an embodiment of the present invention is described. As shown in fig. 2, the process may include the following steps:
s201: each wireless routing device 101 in the smart home system 10 acquires the network traffic of the smart home system 10 via the wireless routing device 101 during the normal operation of the smart home system 10, and in order to distinguish the network traffic acquired during the subsequent process, the network traffic acquired during this step is recorded as "second network traffic".
Such as: in the process of initializing the smart home system 10, that is, initially installing and using, it may be assumed that the smart home system 10 is capable of normally operating, and there are no abnormal devices, no network attacks, and no behaviors of abnormal operating devices. In the operation process of the smart home system 10, the current firmware, configuration, operation process, etc. of each device in the system may be compared with the initial or security configuration provided by the device manufacturer, and it is determined that the firmware, configuration, operation process have not been tampered with maliciously, and it is determined that the smart home system 10 is operating normally.
Network traffic consists of packets conforming to a network protocol, such as: data packets of the Zigbee protocol.
S202: each wireless routing device 101 extracts second information for an operation (e.g., unlocking) of a controlled device 103 (e.g., door access) from the second network traffic. The second information may include identification information of the controlled device 103, network protocol address information of the controlled device 103, and operation instruction information of the controlled device 103.
One possible implementation manner is that the network traffic acquired by each wireless routing device 101 includes a plurality of data packets operating for a plurality of controlled devices 103, and the wireless routing device 101 may acquire various pieces of information preset therein from each data packet and transmit the information to the wireless gateway device 102, without selecting information for a specific one of the controlled devices 103.
S203: each wireless routing device 101 transmits the second information to the wireless gateway device 102.
S204: the wireless gateway device 102, after receiving the second information from each wireless routing device 101, determines a second operation for the controlled device 103 according to the second information, such as: the operation of unblanking to entrance guard.
S205: after collecting a large amount of second information, the wireless gateway device 102 may determine feature information of unlocking for the access control in the smart home system 10 by using a statistical analysis method, which is denoted as "first feature information", for example: the time quantum that entrance guard unblanked the emergence.
The step S201 to the step S205 describe that the characteristic information for the operation of one controlled device 103 is counted by the wireless gateway device 102. Further, the feature information may also be obtained by way of user setting in step S206, where the user terminal 20 receives an instruction of the user to set the first feature information and transmits the first feature information to the wireless gateway apparatus 102. Whether the setting is performed by statistical learning or by a user, the wireless gateway device 102 receives and stores the first characteristic information, so as to determine whether there is an abnormal operation for the controlled device 103 according to the first characteristic information.
Steps S207 to S211 describe how the wireless gateway device 102 determines whether there is an abnormal operation for the controlled device 103. In this process, the implementation of the operation of the wireless routing device 101 for acquiring network traffic and extracting information, and the determination of the operation of the controlled device 103 by the wireless gateway device 102 is the same as that in steps S201 to S204, and details are not described here.
S207: each of the wireless routing devices 101 acquires the network traffic passing through the wireless routing device 101 in the smart home system 10, and records the network traffic as "first network traffic".
S208: each wireless routing device 101 extracts information about the operation of one controlled device 103 in the smart home system 10 from the first network traffic, and records the information as "first information".
S209: each wireless routing device 101 sends the first information to one wireless gateway device 102 in the smart home system 10.
S210: after receiving the first information from each wireless routing device 101, the wireless gateway device 102 determines an operation for the controlled device 103 according to each first information, which is referred to as "first operation" here.
S211: the wireless gateway device 102 determines whether the first operation conforms to the characteristics described in the first characteristic information, that is, the characteristics for the normal operation of the controlled device 103. Such as: the time period for describing the unlocking of the access control in the first characteristic information is 8: 00-9: 00 and 18: 00-19: 00, and the time of the first operation is 1:00, the wireless gateway device 102 can determine that the unlocking operation of the access control does not accord with the first characteristic information, and abnormal operation behaviors exist.
Step S212 to step S213 describe a process in which the wireless routing device 101 determines whether there is a network attack.
S212: each wireless routing device 101 acquires the network traffic passing through the wireless routing device 101 in the smart home system 10, and records the network traffic as "third network traffic".
S213: the wireless routing device 101 obtains third information from the third network traffic, where the third information includes information for connecting with the controlled device 103 and/or information for accessing data in the controlled device 103. Such as: in the smart home system 10 implemented based on Zigbee, the wireless routing device 101 obtains Zigbee connection traffic, for example: beacons (beacons), Association requests (Association requests), Transport keys (Transport keys), Device announcements (Device announcements), Report data (Report Attributes), and the like. The third information obtained by the wireless routing device 101 from the obtained Zigbee connection traffic may include: device connection time, device MAC address, device name, device key parameters (such as battery option), etc.
S214: the wireless routing device 101 determines whether there is a network attack behavior for the controlled device 103 according to the third information.
The wireless routing device 101 may identify known attack behaviors, such as replay attack (replay attack) and battery exhaustion attack (battery exhaustion attack), based on an intrusion detection technology of attack features. In addition, the wireless routing device 101 may also extract a normal network behavior model from the network traffic by using a white list technology, and identify a network attack behavior according to the normal network behavior model.
In either step S211 or step S214, once it is determined that there is an abnormal behavior in the smart home system 10, the user may be notified. Such as: the anomaly indication message is sent to the user terminal 20 through the wireless gateway device 102, and after the user sees the anomaly indication message on the user terminal 20, the user can further determine whether an anomaly really exists. Such as: if the behavior of the door access unlocking is possibly normal behavior of the user, the user further confirms through the user terminal 20, the user terminal 20 replies a confirmation message of the wireless gateway device 102, and the wireless gateway device 102 controls the operation of the controlled device 103 according to the confirmation message.
Fig. 3 and 4 show the hardware structures of the wireless gateway device 102 and the wireless routing device 101.
Referring to fig. 3, the wireless routing device 101 may include:
a memory 101a for storing computer readable code;
a processor 101b for invoking computer readable code to perform the operations performed by the wireless routing device 101 as previously described.
The memory 101a and the processor 101b may be connected via a bus, and the wireless routing device 101 may further include a communication module 101c for communicating with other devices in the smart home system 10. The communication module 101c may also communicate with the memory 101a and the processor 101b via a bus.
Referring to fig. 4, the wireless gateway device 102 may include:
a memory 102a for storing computer readable code;
a processor 102b for invoking the computer readable code to perform the operations performed by the wireless gateway device 102 as previously described.
The memory 102a and the processor 102b may be connected via a bus, and the wireless routing device 102 may further include a communication module 102c for communicating with other devices in the smart home system 10. The communication module 102c may also communicate with the memory 102a and the processor 102b via a bus.
Furthermore, an embodiment of the present invention also provides a computer-readable medium, which has computer-readable instructions stored thereon, and when executed by a processor, causes the processor to perform the operations performed by the wireless gateway device 102 or the wireless routing device 101 in fig. 2. Examples of the computer-readable medium include floppy disks, hard disks, magneto-optical disks, optical disks (e.g., CD-ROMs, CD-R, CD-RWs, DVD-ROMs, DVD-RAMs, DVD-RWs, DVD + RWs), magnetic tapes, nonvolatile memory cards, and ROMs. Alternatively, the computer readable instructions may be downloaded from a server computer or from a cloud over a communications network.
To sum up, the embodiment of the invention provides a safety protection method and device applied to an intelligent home system, the intelligent home system and a computer readable medium. Abnormal operation of the controlled device can be detected, which cannot be solved by the traditional method for resisting network attack. The simple and reliable safety protection method is provided for safety-related intelligent household applications such as medical care, family safety and the like. The embodiment of the invention considers the characteristics of the intelligent home system, and the wireless routing equipment and the wireless gateway equipment respectively carry out the acquisition of the network flow and the judgment of the abnormal operation, thereby not only obtaining the network flow without omission, but also adopting the uniform wireless gateway equipment to judge the abnormal operation and providing a feasible safety protection scheme for the intelligent home system.
It should be noted that not all steps and modules in the above flows and system structure diagrams are necessary, and some steps or modules may be omitted according to actual needs. The execution order of the steps is not fixed and can be adjusted as required. The system structure described in the above embodiments may be a physical structure or a logical structure, that is, some modules may be implemented by the same physical entity, or some modules may be implemented by a plurality of physical entities, or some components in a plurality of independent devices may be implemented together.
Claims (11)
1. Smart home system (10), comprising: it is characterized by comprising:
-at least one wireless routing device (101), wherein each wireless routing device (101) is configured to:
-obtaining first network traffic in the smart home system (10) via the wireless routing device (101);
-extracting first information for the operation of one controlled device (103) in the smart home system (10) from the first network traffic;
-sending the first information to a wireless gateway device (102) in the smart home system (10);
-the wireless gateway device (102) configured to:
-receiving the first information from each of the wireless routing devices (101), respectively;
-determining a first operation for the controlled device (103) from the respective first information;
-determining whether the first operation complies with a characteristic described by first characteristic information, wherein the first characteristic information is preset and is used for describing a characteristic of a normal operation for the controlled device (103).
2. The smart home system (10) of claim 1, wherein the wireless gateway device (102) is further configured to:
-receiving the first characteristic information from a user terminal (20).
3. The smart home system (10) of claim 1,
-each of the wireless routing devices (101) further configured to:
-acquiring a second network traffic in the smart home system (10) via the wireless routing device (101) during normal operation of the smart home system (10);
-extracting second information for the operation of the controlled device (103) from the second network traffic;
-sending the second information to the wireless gateway device (102);
-the wireless gateway device (102) further configured to:
-receiving said second information from each of said wireless routing devices (101);
-determining a second operation for the controlled device (103) from the second information;
-determining said first characteristic information from said second operation.
4. The smart home system (10) of claim 1, wherein each of the wireless routing devices (101) is further configured to:
-obtaining third network traffic in the smart home system (10) via the wireless routing device (101);
-obtaining third information from the third network traffic, wherein the third information comprises information on a connection with the controlled device (103) and/or information on access to data in the controlled device (103);
-determining from the third information whether there is a network attack behaviour for the controlled device (103).
5. Safety protection method applied to an intelligent home system (10), which is characterized by comprising the following steps:
-each wireless routing device (101) in the smart home system (10) acquiring first network traffic in the smart home system (10) via the wireless routing device (101);
-extracting first information for the operation of one controlled device (103) in the smart home system (10) from the first network traffic;
-sending the first information to a wireless gateway device (102) in the smart home system (10);
-a wireless gateway device (102) in the smart home system (10) receiving the first information from each of the wireless routing devices (101), respectively;
-determining a first operation for the controlled device (103) from the respective first information;
-determining whether the first operation complies with a characteristic described by first characteristic information, wherein the first characteristic information is preset and is used for describing a characteristic of a normal operation for the controlled device (103).
6. The method of claim 5, further comprising: the wireless gateway device (102) receives the first feature information from a user terminal (20).
7. The method of claim 5, further comprising:
-each wireless routing device (101) acquires a second network traffic in the smart home system (10) via the wireless routing device (101) during normal operation of the smart home system (10);
-extracting second information for the operation of the controlled device (103) from the second network traffic;
-sending the second information to the wireless gateway device (102);
-the wireless gateway device (102) receiving the second information from the respective wireless routing device (101);
-determining a second operation for the controlled device (103) from the second information;
-determining said first characteristic information from said second operation.
8. The method of claim 5, further comprising:
-each of the wireless routing devices (101) obtaining third network traffic in the smart home system (10) via the wireless gateway device (102);
-obtaining third information from the first network traffic, wherein the third information comprises information on a connection with the controlled device (103) and/or information on access to data in the controlled device (103);
-determining from the third information whether there is a network attack behaviour for the controlled device (103).
9. A wireless routing device (101) in an intelligent home system (10), comprising:
a memory (101a) for storing computer readable code;
a processor (101b) for invoking computer readable code to perform a method as claimed in any one of claims 5 to 8 performed by a wireless routing device (101).
10. A wireless gateway device (102) in a smart home system (10), comprising:
a memory (102a) for storing computer readable code;
a processor (102b) for invoking computer readable code to perform a method as claimed in any one of claims 5 to 8 performed by a wireless gateway device (102).
11. A computer readable medium having computer readable instructions stored thereon, which, when executed by a processor, cause the processor to perform the method performed by the wireless routing device (101) or the wireless gateway device (102) of any of claims 5-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911098579.9A CN112866172A (en) | 2019-11-12 | 2019-11-12 | Safety protection method and device, smart home system and computer readable medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911098579.9A CN112866172A (en) | 2019-11-12 | 2019-11-12 | Safety protection method and device, smart home system and computer readable medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112866172A true CN112866172A (en) | 2021-05-28 |
Family
ID=75984251
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911098579.9A Pending CN112866172A (en) | 2019-11-12 | 2019-11-12 | Safety protection method and device, smart home system and computer readable medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112866172A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114019810A (en) * | 2021-11-04 | 2022-02-08 | 安天科技集团股份有限公司 | Intelligent home routing anti-intrusion method, intelligent control terminal and intelligent home equipment |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104580233A (en) * | 2015-01-16 | 2015-04-29 | 重庆邮电大学 | Internet of Things smart home security gateway system |
| US20160043827A1 (en) * | 2014-08-06 | 2016-02-11 | Google Inc. | Systems and methods for detecting wireless communication jamming in a network |
| US20160127315A1 (en) * | 2014-11-04 | 2016-05-05 | Samsung Electronics Co., Ltd. | Firewall based prevention of the malicious information flows in smart home |
| CN107070756A (en) * | 2017-02-27 | 2017-08-18 | 宁夏宁信信息科技有限公司 | Decentralization is verified in smart home home gateway access method and system |
| US20180069879A1 (en) * | 2016-09-05 | 2018-03-08 | Cisco Technology, Inc. | Smart home security system |
| CN108683681A (en) * | 2018-06-01 | 2018-10-19 | 杭州安恒信息技术股份有限公司 | A kind of smart home intrusion detection method and device based on traffic policy |
| CN108809970A (en) * | 2018-05-29 | 2018-11-13 | 华南理工大学 | A kind of safety protecting method of smart home security gateway |
-
2019
- 2019-11-12 CN CN201911098579.9A patent/CN112866172A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160043827A1 (en) * | 2014-08-06 | 2016-02-11 | Google Inc. | Systems and methods for detecting wireless communication jamming in a network |
| US20160127315A1 (en) * | 2014-11-04 | 2016-05-05 | Samsung Electronics Co., Ltd. | Firewall based prevention of the malicious information flows in smart home |
| CN104580233A (en) * | 2015-01-16 | 2015-04-29 | 重庆邮电大学 | Internet of Things smart home security gateway system |
| US20180069879A1 (en) * | 2016-09-05 | 2018-03-08 | Cisco Technology, Inc. | Smart home security system |
| CN107070756A (en) * | 2017-02-27 | 2017-08-18 | 宁夏宁信信息科技有限公司 | Decentralization is verified in smart home home gateway access method and system |
| CN108809970A (en) * | 2018-05-29 | 2018-11-13 | 华南理工大学 | A kind of safety protecting method of smart home security gateway |
| CN108683681A (en) * | 2018-06-01 | 2018-10-19 | 杭州安恒信息技术股份有限公司 | A kind of smart home intrusion detection method and device based on traffic policy |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114019810A (en) * | 2021-11-04 | 2022-02-08 | 安天科技集团股份有限公司 | Intelligent home routing anti-intrusion method, intelligent control terminal and intelligent home equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101977731B1 (en) | Apparatus and method for detecting anomaly in a controller system | |
| Pan et al. | Context aware intrusion detection for building automation systems | |
| US9699204B2 (en) | Abnormal traffic detection apparatus and method based on modbus communication pattern learning | |
| US10097572B1 (en) | Security for network computing environment based on power consumption of network devices | |
| CN110351385B (en) | Home gateway system and data forwarding method | |
| EP3002645B1 (en) | Systems and methods for advanced confirmation of control operations | |
| Wendzel et al. | Cyber security of smart buildings | |
| KR101391729B1 (en) | Security system and method for internet of things | |
| CN101917431A (en) | Method and device for preventing illegal invasion of internal network of intelligent home | |
| KR102376433B1 (en) | A method of secure monitoring for multi network devices | |
| CN106685775A (en) | Self-inspection type invasion prevention method and system for intelligent household electrical appliance | |
| EP2169484A1 (en) | Control of concept zones | |
| Möllers et al. | Short paper: Extrapolation and prediction of user behaviour from wireless home automation communication | |
| KR101969815B1 (en) | IoT Gateway | |
| EP2916616A2 (en) | M2m gateway device and applying method thereof | |
| CN110708357A (en) | Data management method, storage medium and system based on NB-IOT | |
| CN112866172A (en) | Safety protection method and device, smart home system and computer readable medium | |
| Graveto et al. | A network intrusion detection system for building automation and control systems | |
| Desamsetti | Internet of Things (IoT) Technology for Use as Part of the Development of Smart Home Systems | |
| CN112152895A (en) | Intelligent household equipment control method, device, equipment and computer readable medium | |
| CN111935085A (en) | Method and system for detecting and protecting abnormal network behaviors of industrial control network | |
| CN107800715B (en) | portal authentication method and access equipment | |
| EP3018878B1 (en) | Firewall based prevention of the malicious information flows in smart home | |
| KR102145421B1 (en) | Digital substation with smart gateway | |
| KR20150119598A (en) | Security system and method for internet of things |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |