关键词: 网络攻击, 网络欺骗, 流量牵引, 影子系统, 无线路由器安全

Abstract: With the rapid development of technologies on smart mobile devices, Internet and Internet of things, wireless routers have become the first choice for home networking. However, there are so many security issues on home wireless routers that the routers and the smart devices accessing them face great security risks. On the basis of the analysis and conclusions on the hardware, firmware, configuration management and communication protocols of wireless routers, a defense method for home wireless routers based on cyber deception is proposed, which can solve part of the security problems of wireless routers. Attacks can be misleaded by adding cyber deception method into the router system. On detecting attacks over HTTP, the suspected attack traffic is directed to the shadow server, which in turn reduces the security risk of the wireless router and provides data support for further works on attack forensic analysis and attacker traceability. OWCD, the wireless router defense framework prototype system, is designed and implemented based on OpenWrt and is deployed in Phicomm K1 wireless router for testing. The experimental results show that OWCD can effectively combat attacks on wireless routers such as weak password, CSRF, command injection, etc., and thus is an effective and feasible protection method.

Key words: network attack, network deception, traffic traction, shadow system, wireless router security