【作者】 李景；

【导师】 崔宝江；

【作者基本信息】 北京邮电大学 ， 信息安全， 2013， 硕士

【摘要】 随着信息技术,尤其是计算机和互联网的发展,基于传感技术的物联网应运而生。而ZigBee办议由于其低功耗、低成小以及高安全等优点,成为当前生产、生活中应用最为广泛的物联网协议。因此,该协议是否具有较高的安全性、能否抵抗恶意攻击,值的进行深入的探索研究。但目前不管国内还是国外方面,针对该协议的安全研究还比较少。本文在深入研究了ZigBee协议MAC层安全机制和数据帧结构的基础上,对随机Fuzzing测试技术进行了算法改进,融合边界测试、结构Fuzzing和节点克隆的测试思想和攻击方法,提出了一种有效的针对ZigBee协议MAC层安全的综合检测算法。经过理论推导分析得知,使用该检测算法不仅能够有效地减少随机化测试中产生的测试用例数量,还能够提高测试用J例的可用比例。通过等价类划分的测试思想,本文对这一综合检测算法的测试用例路径覆盖度进行了覆盖度评估,发现相对于使用单一测试思想进行Fuzzing测试,使用该测试算法不仅能够大幅度提高Fuzzing测试效率,在路径覆盖度上,更比结构Fuzzing提高了50%。本文以该算法为基础,设计研发了针对ZigBee协议MAC层的Fuzzing测试工具,并对基于CC2430设备搭建的ZigBee网络进行动态安全检测。测试过程中,触发了ZigBee协议MAC层一个新的安全漏洞。利用该漏洞可造成主协调器停止工作,终端节点与主协调器断开连接,进而造成无线网络的崩溃,这个结果也间接证明了该综合检测算法的有效性。本文的最后在总结了当前阶段工作取得的一系列成果的同时,还分析了目前工作中的不足之处,并为后期工作的开展制定了较为详细的计划。更多还原

【Abstract】 With the development of information technology, especially in computers and the Internet technology, the Internet of Things based on sensing technology network came into being. Due to low power consumption and cost and high level security, ZigBee protocol is widely adopted in production and living environment. Therefore, it is worth to conduct deeper researches about whether the protocol has high-security and its ability to resist malicious attacks. However, researches in the security of ZigBee protocol are still blank for both domestic and foreign institution.In this thesis, the security of the mechanism and data frame structure on the layer of MAC is deeply investigated. Based on the random fuzzing test, a kind of comprehensive detection algorithm is put forward. This comprehensively improved detection algorithm integrates the core idea of BVA, node replication test and structure fuzzing. With the assistance of theoretical analysis, it is known that the comprehensively improved detection algorithm is not only able to reduce the number of test cases generated in randomization testing effectively, but also improving the proportion of available test cases. In order to estimate the coverage of testing path that detection algorithm covers, the testing idea of equivalence partitioning is used. According to the analysis of results, we can conclude that this comprehensive detection algorithm would largely enhance the efficiency of Fuzzing Test by using less but reliable test cases as well as make a more comprehensive Fuzzing detection.Based on the comprehensive detection algorithm, a Fuzzing test tool aiming for the MAC layer of ZigBee protocol was designed and developed. Then we performed a dynamic safety test on ZigBee networks based on CC2430devices. In the testing process, a new vulnerability of MAC layer was triggered. By exploiting this vulnerability, the PAN coordinator would stop working, lost connection with terminal devices and cause the collapse of the wireless network at last. This result indirectly proves the validity of our comprehensive detection algorithm in exploiting vulnerabilities of ZigBee protocol.In the end, we summarized the achievements made in the current stage of research, and analyzed the inadequacies in the current research. Then a detailed plan for the latter part of research is carried out.更多还原