Internet Of Things Device Vulnerability Detection System Based On Protocol Fuzzy Test

The IoT protocol is the basis of the Internet of things,which provides support for various functions and application scenarios of the Internet of things,and makes the world of the IoT more colorful.However,in the application of Internet of things protocol,there may be security vulnerabilities with different degrees of risk in the application,and these vulnerabilities are also the main attack targets of illegal intruders.Therefore,it is of great significance to test the security of IoT protocol applications and explore security vulnerabilities for the maintenance of the security of IoT.This paper proposes a design scheme of IoT device vulnerability detection system based on protocol fuzzy test,which can automatically analyze the corresponding IoT protocol characteristics according to the traffic in the IoT system,so as to construct fuzzy test cases,improve the efficiency of fuzzy test,and expand the support for unknown protocol fuzzy test.The system is mainly divided into packet acquisition module,protocol analysis and identification module,protocol fuzzy test module.The packet acquisition module captures packets based on the Netfilter framework custom hook function.In the protocol analysis and identification module,for the known protocols,the load-based protocol identification technology is used to identify the corresponding protocols,so as to determine the protocol characteristics according to the protocol specification.For unknown protocols,protocol features are extracted by protocol reverse technology based on network trace.The two protocol feature analysis methods provide the basis for fuzzy testing of IoT protocol applications.In the protocol fuzzy test module,test cases are constructed according to the results of the protocol analysis and identification module,and the corresponding Internet of things protocol applications are fuzzy tested.Build the experimental environment to test the specific application of HTTP protocol,mqtt protocol,IEC104 protocol and Modbus protocol.Among them,IEC104 protocol and Modbus protocol extract protocol features through protocol reverse analysis to construct test cases.Finally,three security vulnerabilities are successfully mined,which shows that there are security vulnerabilities in the specific application of the corresponding protocol.At the same time,the corresponding functions and feasibility of the vulnerability detection system of Internet of things devices based on protocol fuzzy test are verified.