Research And Implementation On IoT Device Identification And Vulnerability Detection Scheme

The continuous popularization of 5G networks has promoted the realization of many IoT technologies and business scenarios.IoT devices are vulnerable to cyber attacks due to their heterogeneity,vulnerability and design flaws.While large-scale IoT devices are connected to the network,the security problems brought about by it have become increasingly prominent.Therefore,identifying IoT devices and discovering vulnerabilities in a timely manner have great significance in grasping the situation of cyberspace.However,the current identification technology of the Internet of Things has problems such as large identification granularity and the need for prior knowledge,and there is a lack of research that combines actual scenarios to further explore its application in the field of vulnerability discovery.Based on the above problems,the thesis studies a scheme for identification and vulnerability detection of Internet of Things devices.Specifically including:(1)The thesis proposes a coarse-grained identification method of Internet of things devices based on DNS traffic,and designs the identification framework.The method does not need prior knowledge.Firstly,it can automatically query and generate device tags by analyzing the text information in DNS packets.Secondly,by using the text characteristics and regular k-means algorithm,the Internet of things can be clustering initially,and then the text of different categories can be sent to the classifier to achieve coarse-grained recognition.(2)The thesis proposes a management based on Web pages of fine-grained IoT device identification method,and designs the identification framework.Firstly,the method determines the seed priority through the established crawler strategy,and uses a weak password to simulate login to obtain the login page of the surviving device under the current network.Secondly,the DOM tree is automatically generated through page analysis and the key information of the device is extracted using association rules,so that it can achieve fine-grained recognition.(3)Combining the Internet of Things identification method and actual application scenarios,thesis applies the Internet of Things device identification technology to the field of vulnerability discovery,and develops an Internet of Things device identification and vulnerability discovery platform.The platform not only uses crawler technology to collect and sort out public vulnerability information,establishes a proprietary vulnerability database for IoT devices,but also calculates the risk coefficient of identified devices and reports vulnerabilities,which provides an effective reference for grasping the vulnerability of equipment.