Z-Wave Protocol Vulnerability Mining Method Based On Deep Learning

Z-Wave is a private wireless communication protocol for the home automation market.There are now more than 100 million interoperable Z-Wave devices around the world.As the protocol is widely cited,its security vulnerabilities continue to grow.Since the data unit specification of the Z-Wave protocol is not disclosed,the research on the vulnerability mining of the Z-Wave protocol is restricted.The existing fuzzingbased Z-Wave protocol test case generation strategy is based on mutation,and relies on manual analysis of the specified Z-Wave device development documents,and generates test cases by random mutation of special fields and exploits device vulnerabilities.However,for the vast majority of devices using the Z-Wave protocol,the data unit is not disclosed,and testers cannot obtain protocol specifications for analysis.This method of generating test cases has limitations and lacks specificity to the protocolrelated fields.During testing,the test cases generated by the random mutation strategy cannot represent the protocol format,and too many invalid packets are generated,which makes the reception rate of the device under test low,and it is more difficult to find device vulnerabilities.Therefore,this paper improves the generation strategy of Z-Wave protocol test cases,and designs a Z-Wave vulnerability mining tool.Considering the non-disclosure of Z-wave protocol data unit specifications and the dependence between fields,using the characteristics of the neural network of the Bi-directional Long-Short Term Memory(Bi-LSTM)+Attention mechanism,a deep learning-based Z-Wave protocol vulnerability mining method is proposed.The main research work is divided into three parts.section.(1)Due to the non-disclosure of the Z-wave protocol data unit and the dependence between the protocol fields,this paper uses the Bi-LSTM network to process the bidirectional characteristics of time series,and the Attention mechanism quickly captures the characteristics of the impact of key features on the output.Design a neural network model to learn the semantic rules of the Z-wave protocol,and then master the message format and protocol rules,form a complete protocol specification,and generate a large number of test cases through the model.For the undisclosed part of the protocol specification,it overcomes the limitations and blindness of the current Z-Wave protocol test case generation method.(2)In order to increase the possibility of finding vulnerabilities,this paper proposes a minimum test subset selection strategy based on maximum entropy.The data values that frequently appear in the Z-Wave protocol command field and configuration parameter field represent that the command has been executed multiple times and the possibility of discovering new vulnerabilities is extremely low;while the data value that rarely appears in the command field and configuration parameter field means that the command field and configuration parameter field are rarely executed.Command,with better vulnerability mining capabilities.In the test case set generated by the deep learning model,this paper selects the test subset with the largest total entropy value based on the maximum entropy strategy.Among them,the test case is more uncertain and has better vulnerability mining capabilities.In this way,the possibility of triggering device vulnerabilities is increased while reducing the input scale.At the same time,when the protocol is unknown,in order to determine whether the generated test cases have discovered vulnerabilities,this paper designs a vulnerability detection method to discover device vulnerabilities.(3)In order to generate efficient test cases for the vulnerability mining of the Zwave protocol,a Z-wave protocol vulnerability mining tool is designed.Including traffic collection module,test case generation module,test case sending module,vulnerability mining module.It focuses on the construction and learning of the neural network model in the test case generation module,the process of generating test cases,and the implementation process of the vulnerability detection method designed according to this article in the vulnerability mining module.Based on the above work,experiments are conducted on Z-wave equipment through the designed Z-wave protocol vulnerability mining tool.The results show that the equipment acceptance rate of the Z-wave protocol vulnerability mining tool is good and can quickly detect the vulnerabilities of the Z-Wave protocol.It overcomes the limitations and blindness of the current Z-wave protocol vulnerability mining method based on fuzzing testing in constructing test cases for data units with unknown protocols,resulting in low device reception rates and low vulnerability mining capabilities.