ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2018, Vol. 55 ›› Issue (7): 1440-1450.doi: 10.7544/issn1000-1239.2018.20180087

所属专题: 2018物联网安全专题

• 信息安全 • 上一篇    下一篇

基于网络欺骗的家用无线路由器防护方法

刘奇旭1,2,徐辰晨1,2,刘井强1,胡恩泽1,2,靳泽1,2   

  1. 1(中国科学院信息工程研究所 北京 100093); 2(中国科学院大学网络空间安全学院 北京 100049) (liujingqiang@iie.ac.cn)
  • 出版日期: 2018-07-01
  • 基金资助: 
    国家重点研发计划项目(2016YFB0801604)

Home Wireless Router Protection Method Based on Cyber Deception

Liu Qixu1,2, Xu Chenchen1,2, Liu Jingqiang1, Hu Enze1,2, Jin Ze1,2   

  1. 1(Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093); 2(School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049)
  • Online: 2018-07-01

摘要: 随着移动智能终端、互联网、物联网等技术的高速发展,无线路由器已经成为家庭组网的首选.然而家用无线路由器安全问题众多,使得家用无线路由器自身以及接入无线路由器的智能终端面临极大的安全风险.在分析总结无线路由器硬件层面、固件层面、配置管理、通信协议等攻击面的基础上,提出一种基于网络欺骗的家用无线路由器防御方法,通过监测HTTP协议网络攻击行为,将疑似网络攻击流量牵引至影子服务器,进而降低无线路由器自身的安全风险,同时也为进一步的攻击取证分析以及攻击者追踪溯源提供数据支撑.设计实现基于OpenWrt的无线路由器防御框架原型系统OWCD,并部署于斐讯Phicomm K1无线路由器中进行测试,实验验证结果表明:OWCD能够有效对抗针对无线路由器的弱口令、CSRF、命令注入等攻击手段,是一种有效可行的防护方案.

关键词: 网络攻击, 网络欺骗, 流量牵引, 影子系统, 无线路由器安全

Abstract: With the rapid development of technologies on smart mobile devices, Internet and Internet of things, wireless routers have become the first choice for home networking. However, there are so many security issues on home wireless routers that the routers and the smart devices accessing them face great security risks. On the basis of the analysis and conclusions on the hardware, firmware, configuration management and communication protocols of wireless routers, a defense method for home wireless routers based on cyber deception is proposed, which can solve part of the security problems of wireless routers. Attacks can be misleaded by adding cyber deception method into the router system. On detecting attacks over HTTP, the suspected attack traffic is directed to the shadow server, which in turn reduces the security risk of the wireless router and provides data support for further works on attack forensic analysis and attacker traceability. OWCD, the wireless router defense framework prototype system, is designed and implemented based on OpenWrt and is deployed in Phicomm K1 wireless router for testing. The experimental results show that OWCD can effectively combat attacks on wireless routers such as weak password, CSRF, command injection, etc., and thus is an effective and feasible protection method.

Key words: network attack, network deception, traffic traction, shadow system, wireless router security

中图分类号: