CN110908357B - Security vulnerability detection method and device, storage medium and intelligent device - Google Patents

Security vulnerability detection method and device, storage medium and intelligent device Download PDF

Info

Publication number
CN110908357B
CN110908357B CN201911011295.1A CN201911011295A CN110908357B CN 110908357 B CN110908357 B CN 110908357B CN 201911011295 A CN201911011295 A CN 201911011295A CN 110908357 B CN110908357 B CN 110908357B
Authority
CN
China
Prior art keywords
control unit
electronic control
ecu
target electronic
unit ecu
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911011295.1A
Other languages
Chinese (zh)
Other versions
CN110908357A (en
Inventor
万振华
张海春
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Open Source Network Security Internet Of Things Technology Wuhan Co ltd
Shenzhen Kaiyuan Internet Security Technology Co Ltd
Original Assignee
Open Source Network Security Internet Of Things Technology Wuhan Co ltd
Shenzhen Kaiyuan Internet Security Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Open Source Network Security Internet Of Things Technology Wuhan Co ltd, Shenzhen Kaiyuan Internet Security Technology Co Ltd filed Critical Open Source Network Security Internet Of Things Technology Wuhan Co ltd
Priority to CN201911011295.1A priority Critical patent/CN110908357B/en
Publication of CN110908357A publication Critical patent/CN110908357A/en
Application granted granted Critical
Publication of CN110908357B publication Critical patent/CN110908357B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B23/00Testing or monitoring of control systems or parts thereof
    • G05B23/02Electric testing or monitoring
    • G05B23/0205Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults
    • G05B23/0208Electric testing or monitoring by means of a monitoring system capable of detecting and responding to faults characterized by the configuration of the monitoring system
    • G05B23/0213Modular or universal configuration of the monitoring system, e.g. monitoring system having modules that may be combined to build monitoring program; monitoring system that can be applied to legacy systems; adaptable monitoring system; using different communication protocols

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Automation & Control Theory (AREA)
  • Small-Scale Networks (AREA)

Abstract

The application is suitable for the technical field of security detection, and provides a security vulnerability detection method, a security vulnerability detection device, a storage medium and intelligent equipment, wherein the security vulnerability detection method comprises the following steps: acquiring identity information of a target Electronic Control Unit (ECU) in a Controller Area Network (CAN); sending a frame data request instruction to the target electronic control unit ECU according to the identity information of the target electronic control unit ECU; receiving frame data fed back by the target electronic control unit ECU based on the frame data request instruction; performing key calculation based on the frame data and a preset key calculation algorithm to obtain a key; and authenticating the target electronic control unit ECU by using the secret key, and determining whether the target electronic control unit ECU has security holes according to an authentication result fed back by the target electronic control unit ECU. The method and the device can be used for effectively detecting the security hole of the electronic control unit ECU so as to evaluate the security of the electronic control unit ECU, and the security of the vehicle ECU is improved.

Description

Security vulnerability detection method and device, storage medium and intelligent device
Technical Field
The application belongs to the technical field of security detection, and particularly relates to a security vulnerability detection method, a security vulnerability detection device, a storage medium and intelligent equipment.
Background
Modern vehicles contain more software and offer more advanced functions and connections than before, which also means an increasingly large attack surface. That is, vehicles are becoming targets of network security attacks, and therefore, it is imperative to find and fix security vulnerabilities before vehicles are released to the market.
In recent years, aiming at frequent information security events of automobiles, a CAN bus is the most widely used one of various vehicle-mounted buses, and hackers CAN permeate the CAN bus in the automobile through various external interfaces of the automobile. In many cars, diagnostic communication takes place over the CAN bus on the OBD-II port, which must be provided for every car mandated by the european union since 2004. However, since the electronic control unit ECU cannot distinguish whether the diagnosis message is a message from the diagnosis client or from an attacker, there is a high risk that the ECU is vulnerable and attacked.
Disclosure of Invention
The embodiment of the application provides a security hole detection method and device, a storage medium and intelligent equipment, which can be used for carrying out security hole detection on an Electronic Control Unit (ECU) so as to evaluate the security of the ECU and improve the security of the ECU of a vehicle.
In a first aspect, an embodiment of the present application provides a security vulnerability detection method, including:
acquiring identity information of a target Electronic Control Unit (ECU) in a Controller Area Network (CAN);
sending a frame data request instruction to the target electronic control unit ECU according to the identity information of the target electronic control unit ECU;
receiving frame data fed back by the target electronic control unit ECU based on the frame data request instruction;
performing key calculation based on the frame data and a preset key calculation algorithm to obtain a key;
and authenticating the target electronic control unit ECU by using the secret key, and determining whether the target electronic control unit ECU has security holes according to an authentication result fed back by the target electronic control unit ECU.
In a possible implementation manner of the first aspect, the step of obtaining the identity information of the target electronic control unit ECU in the CAN network includes:
sending an ECU searching instruction in the CAN network, wherein the ECU searching instruction is used for searching a target electronic control unit ECU with a safety authentication identifier in the CAN network;
and receiving search response information fed back by the target electronic control unit ECU, and acquiring the identity information of the target electronic control unit ECU according to the search response information.
In a possible implementation manner of the first aspect, when the target electronic control unit ECU feeds back a prompt that a request response cannot be performed in a current session mode, before the step of sending a frame data request instruction to the target electronic control unit ECU according to the identity information of the target electronic control unit ECU, the method includes:
sending a conversation mode switching request instruction to the target electronic control unit ECU according to the identity information of the target electronic control unit ECU, wherein the conversation mode switching request instruction is used for changing an ECU communication conversation mode;
and if receiving the session mode response information of the target electronic control unit ECU, switching the current session mode to the target session mode according to the session mode response information, and sending a frame data request instruction to the target electronic control unit ECU in the target session mode.
Optionally, the security vulnerability detection method further includes:
and if the session mode response information of the target electronic control unit ECU based on the session mode switching request is not received within the set time, updating the session mode switching request instruction, and sending the updated session mode switching request instruction to the target electronic control unit ECU.
In a possible implementation manner of the first aspect, the step of performing key calculation based on the frame data and a preset key calculation algorithm to obtain a key includes:
acquiring a vehicle type corresponding to the target electronic control unit ECU;
searching a key calculation algorithm corresponding to the vehicle type;
and calculating a key according to the key calculation algorithm corresponding to the frame data and the vehicle type.
In a possible implementation manner of the first aspect, the step of authenticating the target electronic control unit ECU by using the secret key and determining whether the target electronic control unit ECU has a security vulnerability according to an authentication result fed back by the target electronic control unit ECU specifically includes:
authenticating the target electronic control unit ECU by using the secret key;
if the authentication passing information fed back by the target electronic control unit ECU is received, determining that the target electronic control unit ECU has a security hole;
and if the authentication passing information fed back by the target electronic control unit ECU is not received within the preset time, determining that the target electronic control unit ECU passes the security hole detection.
In a second aspect, an embodiment of the present application provides a security hole detection apparatus, including:
the identity information acquisition unit is used for acquiring identity information of a target Electronic Control Unit (ECU) in the CAN network;
the frame data request unit is used for sending a frame data request instruction to the target electronic control unit ECU according to the identity information of the target electronic control unit ECU;
a frame data receiving unit, configured to receive frame data fed back by the target electronic control unit ECU based on the frame data request instruction;
the key calculation unit is used for performing key calculation based on the frame data and a preset key calculation algorithm to obtain a key;
and the security hole detection unit is used for authenticating the target electronic control unit ECU by using the secret key and determining whether the target electronic control unit ECU has a security hole according to an authentication result fed back by the target electronic control unit ECU.
In a third aspect, an embodiment of the present application provides an intelligent device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor, when executing the computer program, implements the security vulnerability detection method according to the first aspect.
In a fourth aspect, an embodiment of the present application provides a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the method for detecting a security vulnerability according to the first aspect is implemented.
In a fifth aspect, an embodiment of the present application provides a computer program product, which, when running on a smart device, causes the smart device to execute the security vulnerability detection method according to the first aspect.
In the embodiment of the application, through acquiring the identity information of a target Electronic Control Unit (ECU) in a CAN network, sending a frame data request instruction to the target ECU according to the identity information of the target ECU, receiving frame data fed back by the target ECU based on the frame data request instruction, and then performing key calculation based on the frame data and a preset key calculation algorithm to obtain a key, authenticating the target ECU by using the key, and determining whether the target ECU has security holes according to an authentication result fed back by the target ECU, the Electronic Control Unit (ECU) is effectively subjected to security hole detection to evaluate the security, so that the security of the vehicle ECU is improved.
It is understood that the beneficial effects of the second aspect to the fifth aspect can be referred to the related description of the first aspect, and are not described herein again.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise.
Fig. 1 is a flowchart of an implementation of a security vulnerability detection method provided in an embodiment of the present application;
fig. 2 is a flowchart of a specific implementation of step S101 of the security vulnerability detection method provided in the embodiment of the present application;
FIG. 3 is a flowchart of an implementation of session mode switching provided by an embodiment of the present application;
fig. 4 is a flowchart of a specific implementation of step S104 of the security vulnerability detection method provided in the embodiment of the present application;
fig. 5 is a block diagram of a security hole detection apparatus according to an embodiment of the present application;
fig. 6 is a schematic diagram of an intelligent device provided in an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to" determining "or" in response to detecting ". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted contextually to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".
Furthermore, in the description of the present application and the appended claims, the terms "first," "second," "third," and the like are used for distinguishing between descriptions and not necessarily for describing or implying relative importance.
Reference throughout this specification to "one embodiment" or "some embodiments," or the like, means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the present application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," or the like, in various places throughout this specification are not necessarily all referring to the same embodiment, but rather "one or more but not all embodiments" unless specifically stated otherwise. The terms "comprising," "including," "having," and variations thereof mean "including, but not limited to," unless expressly specified otherwise.
The security vulnerability detection method provided by the embodiment of the application can be applied to intelligent devices such as vehicle-mounted devices, notebook computers, ultra-mobile personal computers (UMPCs), netbooks and Personal Digital Assistants (PDAs), and the embodiment of the application does not limit the specific types of the intelligent devices at all.
Fig. 1 shows an implementation process of a security vulnerability detection method provided in an embodiment of the present application, where the method includes steps S101 to S105. The specific realization principle of each step is as follows:
s101: and acquiring the identity information of the target electronic control unit ECU in the CAN network.
The execution subject in the embodiment of the application is a client for security vulnerability detection. Specifically, the CAN network is a communication network in which Electronic Control Units (ECUs) communicate with each other, and the target ECU (hereinafter, simply referred to as a target ECU) is an ECU to be subjected to security vulnerability detection. The identification information of the target electronic control unit ECU refers to a user identifier ID assigned to the ECU by the vehicle manufacturer for uniquely identifying the ECU.
Since there are many ECUs communicating in the CAN network, as an embodiment of the present application, an ECU with a security authentication service is determined as a target ECU, and fig. 2 shows a specific implementation flow of step S101 of the security vulnerability detection method provided in the embodiment of the present application, which is detailed as follows:
a1: and sending an ECU searching instruction in the CAN network, wherein the ECU searching instruction is used for searching a target electronic control unit ECU with a safety certification identifier in the CAN network. The client broadcasts an ECU search instruction, and determines the ECU that feeds back the response information including the security authentication identifier as a target ECU, that is, the ECU that needs to perform security vulnerability detection in this embodiment.
A2: and receiving search response information fed back by the target electronic control unit ECU, and acquiring the identity information of the target electronic control unit ECU according to the search response information. The search response information is that the ECU feeds back an ECU search instruction sent by the client and contains a safety certification identifier of the ECU. And acquiring the identity information of the target ECU by analyzing the search response information fed back by the target ECU.
In the embodiment of the application, an ECU searching instruction is sent in the CAN network to search a target ECU with a security authentication identifier in the CAN network, and the identity information of the target ECU to be subjected to security vulnerability detection is acquired according to searching response information fed back by the target ECU. Illustratively, a CAN frame requesting a security authentication service is sent to all ECUs in the CAN network, and the response of the ECUs is received, a target ECU having the security authentication service is judged according to the response content, and the ID of the target ECU is acquired. Further, if all the ECUs respond to the negative response, that is, no security authentication service exists, it can be determined that the vehicle does not have a security access mechanism, any content in the ECUs can be freely accessed from the outside, and there is a security threat of information leakage.
S102: and sending a frame data request instruction to the target electronic control unit ECU according to the identity information of the target electronic control unit ECU.
Specifically, the frame data request is used to acquire frame data to the target ECU, the frame data being used to calculate a key of the target ECU. For example, the frame data may be a cryptographic function.
Optionally, as an embodiment of the present application, when the target ECU feeds back a prompt that the current session mode cannot be requested to respond, as shown in fig. 3, before step S102, the method further includes:
b1: and sending a session mode switching request instruction to the target electronic control unit ECU according to the identity information of the target electronic control unit ECU, wherein the session mode switching request instruction is used for changing an ECU communication session mode. When the search response information fed back by the target ECU in step S101 indicates that the security authentication service is to be performed in the irregular session mode, a session mode switching request instruction is sent to the target ECU according to the identity information of the target ECU. In particular, the session modes include, but are not limited to, a default session mode, a programming session mode, and an extended diagnostic session mode.
B2: and if receiving the session mode response information of the target electronic control unit ECU, switching the current session mode to the target session mode according to the session mode response information, and sending a frame data request instruction to the target electronic control unit ECU in the target session mode. Specifically, the available functions in each session mode are set by the manufacturer, and in this embodiment, a frame data request instruction needs to be sent to the target ECU in a specific session mode, so when the target ECU feeds back a prompt that the current session mode cannot perform a request response, the current session mode is switched to the target session mode. The target session mode refers to a session mode that the target ECU sets available for responding to the frame data request instruction, such as a programming session mode or an extended diagnostic session mode.
Illustratively, the client sends a session mode switching request instruction to the target ECU with ID 730, where the session mode switching request instruction includes can frame data: 7300210030000000000, respectively; the target ECU with the ID of 730 receives the session mode switching request instruction, and feeds back session mode response information including an affirmative response frame, where the format of the affirmative response frame is: 7300250030000000000. 02 is the number of valid bytes and 50 is the positive response code, the can frame indicates that the switch session mode was successful. After the session mode switching is successful, the client sends a frame data request instruction to the vehicle, wherein the frame data request instruction comprises can frame data: 7300227010000000000.
optionally, the security vulnerability detection method further includes:
b3: and if the session mode response information of the target electronic control unit ECU based on the session mode switching request is not received within the set time, updating the session mode switching request instruction, and sending the updated session mode switching request instruction to the target electronic control unit ECU.
The ECU typically performs a secure authentication service in a specific session mode. The UDS (a diagnostic service agreement specifying rules to be followed in diagnosing vehicles) standard defines several diagnostic sessions: in the default session, the ECU performs its normal functions in the internal vehicle network. The client can change the active session to a programming session or an extended diagnostic session using the diagnosticsissioncontrol service (0x10), but the functions available in these sessions are at the discretion of the manufacturer. The service ID of the diagnostic sessioncontrol service is 0x10, and different diagnostic session modes have different sub-function IDs. The UDS specifies that the sub-function IDs of the default session, the programming session and the extension session are 0x01, 0x02, 0x03, respectively. Illustratively, the following is two frames of data that is the process of establishing an extended session:
a client: 0x7e 00210030000000000;
ECU:0x7e8 06 50 03 00 32 01 F4 00;
if the ECU does not support the extended session, the ECU will respond with the following data:
ECU:0x7e8 06 7F 50 11 00 00 00 00。
s103: and receiving frame data fed back by the target electronic control unit ECU based on the frame data request instruction.
As a possible implementation manner of the present application, the frame data is a random number that is randomly generated by the target ECU based on the frame data request instruction sent by the client. Specifically, the target ECU arbitrarily generates a random number according to a random number generation algorithm, which can be dynamically generated from the vehicle speed, time of the vehicle, and the ID of the ECU.
S104: and carrying out key calculation based on the frame data and a preset key calculation algorithm to obtain a key.
Specifically, the preset key calculation algorithm may be a brute force algorithm. And carrying out key calculation through random numbers randomly generated by the target ECU and a brute force cracking algorithm to obtain a key.
Illustratively, the client sends can frame data to the vehicle: 7300227010000000000 is a request seed can frame, after receiving the seed, it will calculate the key and send it to the ECU, the algorithm has 24 unknown numbers, so at most 2^24 brute force cracking will be done.
As a possible implementation manner of the present application, fig. 4 shows a specific implementation flow of step S104 of the security vulnerability detection method provided in the embodiment of the present application, which is detailed as follows:
c1: and acquiring the vehicle type corresponding to the target electronic control unit ECU. The vehicle type refers to a model of a certain vehicle brand.
C2: and searching a key calculation algorithm corresponding to the vehicle type. Specifically, the algorithms for generating keys for different vehicle types may be different, and the fields for the keys for different vehicle types may be different. And searching a key calculation algorithm corresponding to the vehicle type by establishing a corresponding relation between the vehicle type and the key calculation algorithm. It should be noted that more than one key calculation algorithm may be used for the same vehicle type.
C3: and calculating a key according to the key calculation algorithm corresponding to the frame data and the vehicle type. And the key calculation algorithm corresponding to the vehicle type calculates the key by using a brute force cracking algorithm according to the field of the key corresponding to the vehicle type.
In the embodiment of the application, the key calculation algorithm corresponding to the target ECU is quickly searched by searching the vehicle type, so that the key calculation speed can be further increased, and the cracking efficiency is further improved.
S105: and authenticating the target electronic control unit ECU by using the secret key, and determining whether the target electronic control unit ECU has security holes according to an authentication result fed back by the target electronic control unit ECU.
In the embodiment of the application, the target ECU is authenticated by calculating the key, and whether the target ECU has a security hole is verified by authenticating the authenticity of the key. Specifically, the step S105 specifically includes:
d1: and authenticating the target electronic control unit ECU by using the key. The calculated secret key is sent to the target ECU, and the target ECU authenticates the authenticity of the secret key.
D2: and if the authentication passing information fed back by the target electronic control unit ECU is received, determining that the target electronic control unit ECU has a security hole. Specifically, if the target ECU authenticates that the secret key is true, authentication passing information is fed back to the client, in other words, if the target ECU authenticates that the secret key is true, it indicates that the secret key passing the target ECU security authentication can be obtained according to a random number and a brute force cracking algorithm, and the security authentication service of the target ECU has a leak. The client side which is safely authenticated by the target ECU can carry out diagnosis data reading and writing, firmware reading and program burning on the target ECU.
D3: and if the authentication passing information fed back by the target electronic control unit ECU is not received within the preset time, determining that the target electronic control unit ECU passes the security hole detection. Specifically, a certain time is required for the target ECU to verify the authenticity of the secret key, and when the client does not receive the authentication passing information fed back by the target ECU for a long time, the target ECU is determined to verify that the secret key is false, and the target ECU passes the security hole detection. Illustratively, once key sending, the client side waits for response receiving for 3 seconds, and if no response exists within 3 seconds, the sending is determined to fail, and the same key is continuously sent. If the response is not received for many times, the ECU can be judged to have triggered a security protection mechanism because the invalid key is received for many times, and all external access attempts are refused.
Optionally, the step S105 further includes:
d4: if the authentication passing information fed back by the target electronic control unit ECU is not received within the preset time, or the key error prompt information fed back by the target electronic control unit ECU is received, recalculating the key to obtain a new key, and authenticating the target electronic control unit ECU by using the new key. Specifically, a new key calculation algorithm, i.e., a new brute force cracking algorithm, is obtained, and a new key is obtained by re-key calculation according to the new key calculation algorithm. And when the key obtained through multiple times of key calculation cannot obtain the authentication passing information fed back by the target ECU, the target ECU can be determined to pass the security vulnerability detection temporarily.
Optionally, in this embodiment of the present application, after the target ECU receives the wrong key, the target ECU will be triggered to enter a delayed response, for example, about 10 seconds, during which the target ECU does not respond to the external request, so as to greatly prolong the time required for brute force cracking through the delayed response, and further, increase the key length, so that the brute force cracking means is no longer practical.
In the embodiment of the application, through acquiring the identity information of a target Electronic Control Unit (ECU) in a CAN network, sending a frame data request instruction to the target ECU according to the identity information of the target ECU, receiving frame data fed back by the target ECU based on the frame data request instruction, and then performing key calculation based on the frame data and a preset key calculation algorithm to obtain a key, authenticating the target ECU by using the key, and determining whether the target ECU has security holes according to an authentication result fed back by the target ECU, the Electronic Control Unit (ECU) is effectively subjected to security hole detection to evaluate the security, so that the security of the vehicle ECU is improved.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application.
Corresponding to the security vulnerability detection method described in the foregoing embodiment, fig. 5 shows a structural block diagram of the security vulnerability detection apparatus provided in the embodiment of the present application, and for convenience of description, only the relevant portions of the embodiment of the present application are shown.
Referring to fig. 5, the security vulnerability detection apparatus includes: identity information acquisition unit 51, frame data request unit 52, frame data receiving unit 53, key calculation unit 54, security hole detection unit 55, wherein:
an identity information obtaining unit 51, configured to obtain identity information of a target electronic control unit ECU in the CAN network;
a frame data request unit 52, configured to send a frame data request instruction to the target electronic control unit ECU according to the identity information of the target electronic control unit ECU;
a frame data receiving unit 53, configured to receive frame data fed back by the target electronic control unit ECU based on the frame data request instruction;
a key calculation unit 54, configured to perform key calculation based on the frame data and a preset key calculation algorithm to obtain a key;
and the security hole detection unit 55 is configured to authenticate the target electronic control unit ECU by using the secret key, and determine whether the target electronic control unit ECU has a security hole according to an authentication result fed back by the target electronic control unit ECU.
Optionally, the identity information obtaining unit 51 includes:
the target electronic control unit ECU searching module is used for sending an ECU searching instruction in the CAN network, and the ECU searching instruction is used for searching a target electronic control unit ECU with a safety certification identifier in the CAN network;
and the identity information acquisition module is used for receiving the search response information fed back by the target electronic control unit ECU and acquiring the identity information of the target electronic control unit ECU according to the search response information.
Optionally, when the target electronic control unit ECU feeds back a prompt that the current session mode cannot be requested to respond, the security vulnerability detection apparatus further includes:
the first mode switching request unit is used for sending a session mode switching request instruction to the target electronic control unit ECU according to the identity information of the target electronic control unit ECU, wherein the session mode switching request instruction is used for changing an ECU communication session mode;
and the mode switching unit is used for switching the current session mode to the target session mode according to the session mode response information if the session mode response information of the target electronic control unit ECU is received, and sending a frame data request instruction to the target electronic control unit ECU in the target session mode.
Optionally, the security hole detection apparatus further includes:
and the second mode switching request unit is used for updating the session mode switching request instruction and sending the updated session mode switching request instruction to the target electronic control unit ECU if session mode response information of the target electronic control unit ECU based on the session mode switching request is not received within set time.
Optionally, the key calculation unit 54 includes:
the vehicle type acquisition module is used for acquiring the vehicle type corresponding to the target electronic control unit ECU;
the key algorithm determining module is used for searching a key calculation algorithm corresponding to the vehicle type;
and the key calculation module is used for calculating a key according to the key calculation algorithm corresponding to the frame data and the vehicle type.
Optionally, the security breach detecting unit 55 includes:
the key verification module is used for authenticating the target electronic control unit ECU by using the key;
the first detection module is used for determining that the target electronic control unit ECU has a security hole if authentication passing information fed back by the target electronic control unit ECU is received;
and the second detection module is used for determining that the target electronic control unit ECU passes the security vulnerability detection if the authentication passing information fed back by the target electronic control unit ECU is not received within the preset time.
Optionally, the security breach detecting unit 55 further includes:
and the third detection module is used for recalculating the secret key to obtain a new secret key if the authentication passing information fed back by the target electronic control unit ECU is not received within the preset time or the secret key error prompt information fed back by the target electronic control unit ECU is received, and authenticating the target electronic control unit ECU by using the new secret key.
In the embodiment of the application, through acquiring the identity information of a target Electronic Control Unit (ECU) in a CAN network, sending a frame data request instruction to the target ECU according to the identity information of the target ECU, receiving frame data fed back by the target ECU based on the frame data request instruction, and then performing key calculation based on the frame data and a preset key calculation algorithm to obtain a key, authenticating the target ECU by using the key, and determining whether the target ECU has security holes according to an authentication result fed back by the target ECU, the Electronic Control Unit (ECU) is effectively subjected to security hole detection to evaluate the security, so that the security of the vehicle ECU is improved.
It should be noted that, for the information interaction, execution process, and other contents between the above-mentioned devices/units, the specific functions and technical effects thereof are based on the same concept as those of the embodiment of the method of the present application, and specific reference may be made to the part of the embodiment of the method, which is not described herein again.
The embodiments of the present application further provide a computer-readable storage medium, where computer-readable instructions are stored, and when executed by a processor, the computer-readable instructions implement steps that can implement the above-mentioned method embodiments.
The embodiment of the present application provides a computer-readable instruction product, which when executed on a mobile terminal, enables the mobile terminal to implement the steps in the above method embodiments.
An embodiment of the present application further provides a computer-readable storage medium, where computer-readable instructions are stored, and when executed by a processor, the computer-readable instructions implement the steps of any one of the security vulnerability detection methods shown in fig. 1 to 4.
An embodiment of the present application further provides an intelligent device, which includes a memory, a processor, and computer readable instructions stored in the memory and executable on the processor, where the processor, when executing the computer readable instructions, implements the steps of any one of the security vulnerability detection methods shown in fig. 1 to 4.
An embodiment of the present application further provides a computer program product, which, when running on an intelligent device, causes the intelligent device to execute steps implementing any one of the security vulnerability detection methods shown in fig. 1 to 4.
Fig. 6 is a schematic diagram of an intelligent device provided in an embodiment of the present application. As shown in fig. 6, the smart device 6 of this embodiment includes: a processor 60, a memory 61, and computer readable instructions 62 stored in the memory 61 and executable on the processor 60. The processor 60, when executing the computer readable instructions 62, implements the steps in the above-described embodiments of the security breach detection method, such as the steps S101 to S105 shown in fig. 1. Alternatively, the processor 60, when executing the computer readable instructions 62, implements the functions of the modules/units in the above-described device embodiments, such as the functions of the units 51 to 55 shown in fig. 5.
Illustratively, the computer readable instructions 62 may be partitioned into one or more modules/units that are stored in the memory 61 and executed by the processor 60 to accomplish the present application. The one or more modules/units may be a series of computer-readable instruction segments capable of performing specific functions, which are used to describe the execution of the computer-readable instructions 62 in the smart device 6.
The intelligent device 6 may be a vehicle-mounted terminal, a vehicle-mounted device, or other computing device. The smart device 6 may include, but is not limited to, a processor 60, a memory 61. Those skilled in the art will appreciate that fig. 6 is merely an example of a smart device 6 and does not constitute a limitation of the smart device 6 and may include more or less components than those shown, or combine certain components, or different components, for example, the smart device 6 may also include input-output devices, network access devices, buses, etc.
The Processor 60 may be a CentraL Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an AppLication Specific Integrated Circuit (ASIC), an off-the-shelf ProgrammabLe Gate Array (FPGA) or other ProgrammabLe logic device, discrete Gate or transistor logic device, discrete hardware component, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 61 may be an internal storage unit of the intelligent device 6, such as a hard disk or a memory of the intelligent device 6. The memory 61 may also be an external storage device of the intelligent device 6, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure DigitaL (SD) Card, a FLash memory Card (FLash Card), and the like, which are provided on the intelligent device 6. Further, the memory 61 may also include both an internal storage unit and an external storage device of the smart device 6. The memory 61 is used to store the computer readable instructions and other programs and data required by the smart device. The memory 61 may also be used to temporarily store data that has been output or is to be output.
It should be noted that, for the information interaction, execution process, and other contents between the above-mentioned devices/units, the specific functions and technical effects thereof are based on the same concept as those of the embodiment of the method of the present application, and specific reference may be made to the part of the embodiment of the method, which is not described herein again.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-mentioned functions. Each functional unit and module in the embodiments may be integrated in one processing unit, or each unit may exist alone physically, or two or more units are integrated in one unit, and the integrated unit may be implemented in a form of hardware, or in a form of software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working processes of the units and modules in the system may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, all or part of the processes in the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium and can implement the steps of the embodiments of the methods described above when the computer program is executed by a processor. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer readable medium may include at least: any entity or device capable of carrying computer program code to a photographing apparatus/terminal apparatus, a recording medium, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), an electrical carrier signal, a telecommunications signal, and a software distribution medium. Such as a usb-disk, a removable hard disk, a magnetic or optical disk, etc. In certain jurisdictions, computer-readable media may not be an electrical carrier signal or a telecommunications signal in accordance with legislative and patent practice.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present application and are intended to be included within the scope of the present application.

Claims (10)

1. A security vulnerability detection method is characterized by comprising the following steps:
a client side for detecting the security vulnerability acquires identity information of a target Electronic Control Unit (ECU) in a CAN network, wherein the identity information refers to a user Identifier (ID) which is distributed to the ECU by a vehicle manufacturer and is used for uniquely identifying the ECU, and the target Electronic Control Unit (ECU) refers to the ECU to be subjected to the security vulnerability detection;
sending a frame data request instruction to the target electronic control unit ECU according to the identity information of the target electronic control unit ECU;
receiving frame data fed back by the target electronic control unit ECU based on the frame data request instruction;
performing key calculation based on the frame data and a preset key calculation algorithm to obtain a key;
and authenticating the target electronic control unit ECU by using the secret key, and determining whether the target electronic control unit ECU has security holes according to an authentication result fed back by the target electronic control unit ECU.
2. The security vulnerability detection method of claim 1, wherein the step of obtaining identity information of a target Electronic Control Unit (ECU) in the CAN network comprises:
sending an ECU searching instruction in the CAN network, wherein the ECU searching instruction is used for searching a target electronic control unit ECU with a safety authentication identifier in the CAN network;
and receiving search response information fed back by the target electronic control unit ECU, and acquiring the identity information of the target electronic control unit ECU according to the search response information.
3. The method for detecting the security vulnerability according to claim 1, wherein when the target electronic control unit ECU feeds back a prompt that the current session mode cannot be requested to respond, before the step of sending a frame data request instruction to the target electronic control unit ECU according to the identity information of the target electronic control unit ECU, the method comprises:
sending a conversation mode switching request instruction to the target electronic control unit ECU according to the identity information of the target electronic control unit ECU, wherein the conversation mode switching request instruction is used for changing an ECU communication conversation mode;
and if receiving the session mode response information of the target electronic control unit ECU, switching the current session mode to the target session mode according to the session mode response information, and sending a frame data request instruction to the target electronic control unit ECU in the target session mode.
4. The security vulnerability detection method of claim 3, further comprising:
and if the session mode response information of the target electronic control unit ECU based on the session mode switching request is not received within the set time, updating the session mode switching request instruction, and sending the updated session mode switching request instruction to the target electronic control unit ECU.
5. The method for detecting the security vulnerability of claim 1, wherein the step of performing the key calculation based on the frame data and a preset key calculation algorithm to obtain the key comprises:
acquiring a vehicle type corresponding to the target electronic control unit ECU;
searching a key calculation algorithm corresponding to the vehicle type;
and calculating a key according to the key calculation algorithm corresponding to the frame data and the vehicle type.
6. The method for detecting a security vulnerability according to claim 1, wherein the step of authenticating the target electronic control unit ECU by using the secret key and determining whether the target electronic control unit ECU has a security vulnerability according to an authentication result fed back by the target electronic control unit ECU specifically comprises:
authenticating the target electronic control unit ECU by using the secret key;
if the authentication passing information fed back by the target electronic control unit ECU is received, determining that the target electronic control unit ECU has a security hole;
and if the authentication passing information fed back by the target electronic control unit ECU is not received within the preset time, determining that the target electronic control unit ECU passes the security hole detection.
7. A security hole detection apparatus, comprising:
the system comprises an identity information acquisition unit, a security vulnerability detection unit and a security vulnerability detection unit, wherein the identity information acquisition unit is used for acquiring identity information of a target Electronic Control Unit (ECU) in a CAN network through a client for security vulnerability detection, the identity information refers to a user Identifier (ID) which is distributed to the ECU by a vehicle manufacturer and is used for uniquely identifying the ECU, and the target Electronic Control Unit (ECU) refers to the ECU to be subjected to security vulnerability detection;
the frame data request unit is used for sending a frame data request instruction to the target electronic control unit ECU according to the identity information of the target electronic control unit ECU;
a frame data receiving unit, configured to receive frame data fed back by the target electronic control unit ECU based on the frame data request instruction;
the key calculation unit is used for performing key calculation based on the frame data and a preset key calculation algorithm to obtain a key;
and the security hole detection unit is used for authenticating the target electronic control unit ECU by using the secret key and determining whether the target electronic control unit ECU has a security hole according to an authentication result fed back by the target electronic control unit ECU.
8. The security breach detection apparatus of claim 7, wherein the security breach detection unit comprises:
the key verification module is used for authenticating the target electronic control unit ECU by using the key;
the first detection module is used for determining that the target electronic control unit ECU has a security hole if authentication passing information fed back by the target electronic control unit ECU is received;
and the second detection module is used for determining that the target electronic control unit ECU passes the security vulnerability detection if the authentication passing information fed back by the target electronic control unit ECU is not received within the preset time.
9. A smart device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the security breach detection method of any of claims 1 to 6 when executing the computer program.
10. A computer-readable storage medium, in which a computer program is stored, which, when being executed by a processor, implements the security breach detection method according to any one of claims 1 to 6.
CN201911011295.1A 2019-10-23 2019-10-23 Security vulnerability detection method and device, storage medium and intelligent device Active CN110908357B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911011295.1A CN110908357B (en) 2019-10-23 2019-10-23 Security vulnerability detection method and device, storage medium and intelligent device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911011295.1A CN110908357B (en) 2019-10-23 2019-10-23 Security vulnerability detection method and device, storage medium and intelligent device

Publications (2)

Publication Number Publication Date
CN110908357A CN110908357A (en) 2020-03-24
CN110908357B true CN110908357B (en) 2020-12-15

Family

ID=69814707

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911011295.1A Active CN110908357B (en) 2019-10-23 2019-10-23 Security vulnerability detection method and device, storage medium and intelligent device

Country Status (1)

Country Link
CN (1) CN110908357B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022059206A1 (en) * 2020-09-18 2022-03-24 日本電信電話株式会社 Network topology inference device, network topology inference method, and program
CN112306040A (en) * 2020-10-29 2021-02-02 深圳市元征科技股份有限公司 Vehicle detection method, device, equipment and server
CN113612804B (en) * 2021-10-08 2021-12-14 江铃汽车股份有限公司 Vehicle configuration upgrading method and system, storage medium and intelligent gateway
CN115001863B (en) * 2022-07-26 2022-11-22 浙江涂鸦智能电子有限公司 Network security vulnerability detection method, device, medium and electronic equipment

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103457992A (en) * 2012-05-31 2013-12-18 罗伯特·博世有限公司 Method and device of enabling software-based function in electronic control unit of vehicle
CN104890623A (en) * 2015-05-21 2015-09-09 深圳市德艾卡科技有限公司 Vehicle-mounted intelligent terminal control system and control method
CN106603483A (en) * 2015-10-19 2017-04-26 丰田自动车株式会社 Vehicle system and authentication method
KR101740957B1 (en) * 2016-01-15 2017-05-30 고려대학교 산학협력단 Data certification and acquisition method for vehicle
CN106909846A (en) * 2017-01-16 2017-06-30 安徽开源互联网安全技术有限公司 One kind is based on empty quasi-analytic leak detection method and its device
CN107925568A (en) * 2015-08-05 2018-04-17 Kddi株式会社 Managing device, management system, key generating device, key generation system, key management system, vehicle, management method, key generation method and computer program
CN109286500A (en) * 2018-09-30 2019-01-29 百度在线网络技术(北京)有限公司 Vehicle Electronic Control Unit ECU authentication method, device and equipment
CN109714171A (en) * 2018-12-27 2019-05-03 百度在线网络技术(北京)有限公司 Safety protecting method, device, equipment and medium

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103457992A (en) * 2012-05-31 2013-12-18 罗伯特·博世有限公司 Method and device of enabling software-based function in electronic control unit of vehicle
CN104890623A (en) * 2015-05-21 2015-09-09 深圳市德艾卡科技有限公司 Vehicle-mounted intelligent terminal control system and control method
CN107925568A (en) * 2015-08-05 2018-04-17 Kddi株式会社 Managing device, management system, key generating device, key generation system, key management system, vehicle, management method, key generation method and computer program
CN106603483A (en) * 2015-10-19 2017-04-26 丰田自动车株式会社 Vehicle system and authentication method
KR101740957B1 (en) * 2016-01-15 2017-05-30 고려대학교 산학협력단 Data certification and acquisition method for vehicle
CN106909846A (en) * 2017-01-16 2017-06-30 安徽开源互联网安全技术有限公司 One kind is based on empty quasi-analytic leak detection method and its device
CN109286500A (en) * 2018-09-30 2019-01-29 百度在线网络技术(北京)有限公司 Vehicle Electronic Control Unit ECU authentication method, device and equipment
CN109714171A (en) * 2018-12-27 2019-05-03 百度在线网络技术(北京)有限公司 Safety protecting method, device, equipment and medium

Also Published As

Publication number Publication date
CN110908357A (en) 2020-03-24

Similar Documents

Publication Publication Date Title
CN110908357B (en) Security vulnerability detection method and device, storage medium and intelligent device
JP4774235B2 (en) Certificate revocation list distribution management method
CN113709123B (en) Security control method and device and computer equipment
US20180091525A1 (en) On-vehicle communication system
US7197637B2 (en) Authorization process using a certificate
CN107770159B (en) Vehicle accident data recording method and related device and readable storage medium
US20190097805A1 (en) Security device for providing security function for image, camera device including the same, and system on chip for controlling the camera device
CN109190362B (en) Secure communication method and related equipment
CN111181928A (en) Vehicle diagnosis method, server, and computer-readable storage medium
CN111508110B (en) Method and device for realizing remote locking of vehicle
CN112487408B (en) Safe access method and system for in-vehicle ECU and storage medium
CN112950201B (en) Node management method and related device applied to block chain system
CN111142500A (en) Permission setting method and device for vehicle diagnosis data and vehicle-mounted gateway controller
CN115442064A (en) Vehicle controller diagnosis method, device, equipment and medium
CN112153638A (en) Safety authentication method and equipment for vehicle-mounted mobile terminal
CN112565251B (en) Access authentication method, device and system for vehicle-mounted application
CN107332862A (en) A kind of identity identifying method, front end processor and identity authorization system
CN115499199B (en) Safety communication method and device for vehicle, vehicle and storage medium
CN110971609A (en) Anti-cloning method of DRM client certificate, storage medium and electronic equipment
CN114338073A (en) Protection method, system, storage medium and equipment for vehicle-mounted network
CN114710362A (en) Identity authentication method and device based on block chain and electronic equipment
CN115499170B (en) Access method, access device, vehicle, and computer-readable storage medium
WO2024098429A1 (en) Method for accessing service and related products
CN113799734B (en) Anti-theft matching method, device, server and medium for vehicle anti-theft system
CN109347816B (en) Binding method and system for port and access equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant