Research And Implementation Of Internet Of Things Security Situation Awareness System

With the development of Internet of things industry,the application of Internet of things technology is more and more widely.In the general trend of industry 4.0,equipment access to the network provides many practical solutions for the improvement of industrial production efficiency.At the same time,equipment access to the network also provides many conveniences for people's life.While Internet of things technology provides convenience for people's production and life,it also brings many problems.Many attack cases against Internet of things devices make people see the great harm caused by unsafe Internet of things devices.The use of error codes and incorrect configuration in the development of IOT devices give attackers an opportunity.Successful identification of Internet of things devices in the network and security testing can help users find potential security problems in the network in time and reduce the possibility of network being broken.To evaluate the security situation of an Internet of things system,we need to analyze it from two aspects:perceive the IOT devices deployed in the IOT system,and determine the product attributes of IOT devices;find the security loopholes existing in the Internet of things devices,and determine the harm of the security loopholes of the Internet of things devices to the system.In order to realize the security situation assessment under the environment of IOT,this paper studies from three aspects:network asset scanning,IOT identification and IOT vulnerability,designs and implements the relevant technical framework.The specific work is summarized as follows:(1)In the aspect of network asset scanning,this paper studies the internet protocol and industrial control protocol which are widely used in the Internet of things,analyzes the protocol stack and communication mechanism of 23 kinds of network protocols,and designs and implements the network asset scanning framework combined with active testing technology.(2)In the aspect of IOT device identification,this paper first completes the automatic construction of IOT device information database according to the product attributes of IOT devices and the engine based rule generation algorithm,then collects and analyzes a large number of application layer protocol data packets,and formulates the extraction rules of IOT device information in application scenarios.Finally,combined with the search based IOT device identification technology,this paper proposes a new method to extract IOT device information,Design and implement the device identification framework of Internet of things.(3)In terms of the vulnerability of Internet of things devices,this paper starts with the vulnerability report of Internet of things devices,combines with the product attributes of Internet of things devices,formulates the vulnerability hazard classification rules of Internet of things devices,realizes the automatic construction of vulnerability information database of Internet of things devices according to the vulnerability report of Internet of things devices,and studies the vulnerability scanning technology based on fingerprint,penetration testing process and encryption misuse defects,Design and implement the framework of vulnerability scanning and verification for IOT devices.This paper integrates the above research results,designs and implements the Internet of things security situation awareness system.The system uses Vue+spring boot before and after separation architecture to achieve various functional modules of the system,including device detection,vulnerability scanning,result query and other functional modules,and uses message middleware to achieve information interaction of each functional module and cluster deployment of scanning nodes.Using this system to scan part of the network segment,we can find the Internet of things devices in the network segment and the security vulnerabilities of the Internet of things devices,and realize the evaluation of the security situation in the Internet of things environment.