Institutional Repository of Coll Comp & Commun
Security assessment and improvement of building ethernet KNXnet/IP protocol | |
Feng, Tao; Zhang, Bugang; Liu, Chunyan; Zheng, Lu | |
2024-03-23 | |
发表期刊 | DISCOVER APPLIED SCIENCES |
卷号 | 6期号:4 |
摘要 | KNXnet/IP is a KNX-building automation protocol that communicates through an IP network. It is mainly used in the field of smart home and building automation control, allowing remote access to KNX devices through an IP network, so that building functions can be managed and controlled anywhere through an Internet connection. However, with the development of smart homes and building automation, such physical devices based on IP communication are more and more frequently in contact with the Internet, resulting in more and more security issues for home devices and buildings exposed to the Internet. This paper uses the formal analysis method-colored Petri net (CPN) combined with the CPN Tools to model the KNXnet/IP protocol and analyze the protocol interaction process. Based on the Dolev-Yao attacker model, the security of the KNXnet/IP protocol is evaluated and tested, and it is verified whether there are three types of attackable vulnerabilities in the protocol: replay, tampering, and spoofing. After CPN modeling analysis and verification, it is found that tampering and replay vulnerabilities in the original protocol. Therefore, we introduce timestamp and hash to strengthen the security mechanism of the protocol, which ensures the integrity, confidentiality, and freshness of the security mechanism of the protocol. After the final analysis and verification, the improvement scheme proposed in this paper can effectively improve the security performance of the protocol. |
关键词 | KNXnet/IP protocol Security assessment Formal analysis Dolev-Yao Coloured petri nets |
DOI | 10.1007/s42452-024-05707-6 |
收录类别 | ESCI ; EI |
语种 | 英语 |
资助项目 | National Natural Science Foundation of China |
WOS研究方向 | Science & Technology - Other Topics |
WOS类目 | Multidisciplinary Sciences |
WOS记录号 | WOS:001189583700004 |
出版者 | SPRINGER |
EI入藏号 | 20241315802176 |
EI主题词 | Automation |
EI分类号 | 402 Buildings and Towers ; 722.3 Data Communication, Equipment and Techniques ; 723 Computer Software, Data Handling and Applications ; 723.5 Computer Applications ; 731 Automatic Control Principles and Applications ; 731.1 Control Systems ; 921.4 Combinatorial Mathematics, Includes Graph Theory, Set Theory |
原始文献类型 | Article |
EISSN | 3004-9261 |
引用统计 | 无
|
文献类型 | 期刊论文 |
条目标识符 | https://ir.lut.edu.cn/handle/2XXMBERH/170189 |
专题 | 计算机与通信学院 |
通讯作者 | Feng, Tao |
作者单位 | Lanzhou Univ Technol, Sch Comp & Commun, Lanzhou, Peoples R China |
第一作者单位 | 兰州理工大学 |
通讯作者单位 | 兰州理工大学 |
第一作者的第一单位 | 兰州理工大学 |
推荐引用方式 GB/T 7714 | Feng, Tao,Zhang, Bugang,Liu, Chunyan,et al. Security assessment and improvement of building ethernet KNXnet/IP protocol[J]. DISCOVER APPLIED SCIENCES,2024,6(4). |
APA | Feng, Tao,Zhang, Bugang,Liu, Chunyan,&Zheng, Lu.(2024).Security assessment and improvement of building ethernet KNXnet/IP protocol.DISCOVER APPLIED SCIENCES,6(4). |
MLA | Feng, Tao,et al."Security assessment and improvement of building ethernet KNXnet/IP protocol".DISCOVER APPLIED SCIENCES 6.4(2024). |
条目包含的文件 | 条目无相关文件。 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论