CN114173344A - Method and device for processing communication data, electronic equipment and storage medium - Google Patents
Method and device for processing communication data, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN114173344A CN114173344A CN202111494321.8A CN202111494321A CN114173344A CN 114173344 A CN114173344 A CN 114173344A CN 202111494321 A CN202111494321 A CN 202111494321A CN 114173344 A CN114173344 A CN 114173344A
- Authority
- CN
- China
- Prior art keywords
- communication data
- role
- target
- monitoring
- processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004891 communication Methods 0.000 title claims abstract description 223
- 238000012545 processing Methods 0.000 title claims abstract description 81
- 238000000034 method Methods 0.000 title claims abstract description 64
- 238000012544 monitoring process Methods 0.000 claims abstract description 55
- 230000035772 mutation Effects 0.000 claims abstract description 31
- 230000002159 abnormal effect Effects 0.000 claims description 28
- 230000008569 process Effects 0.000 claims description 18
- 238000004590 computer program Methods 0.000 claims description 11
- 238000001914 filtration Methods 0.000 claims description 6
- 238000012546 transfer Methods 0.000 claims 2
- 238000012360 testing method Methods 0.000 description 12
- 230000005540 biological transmission Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 5
- 238000010998 test method Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 230000001960 triggered effect Effects 0.000 description 4
- 238000004458 analytical method Methods 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 238000007429 general method Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000004083 survival effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/121—Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The disclosure provides a method and a device for processing communication data, electronic equipment and a storage medium, and relates to the technical field of communication, in particular to the field of network security. The specific implementation scheme is as follows: acquiring original communication data, wherein the original communication data adopts a target communication protocol, the target communication protocol is used for simplifying the security configuration of a wireless local area network, and an authenticator role and a registrar role are defined in the target communication protocol; carrying out mutation processing on original communication data to obtain mutated communication data; transmitting variant communication data to the registrar role by simulating the authenticator role; and monitoring the running state of the registrant role during processing the variant communication data.
Description
Technical Field
The present disclosure relates to the field of communications technologies, and further relates to the field of network security, and in particular, to a method and an apparatus for processing communication data, an electronic device, and a storage medium.
Background
The Wi-Fi Protected Setup (WPS) protocol is a protocol for simplifying wireless network configuration installation and security configuration, and can effectively simplify the security Setup operation of a wireless network.
The WPS protocol includes three logical roles, namely an authenticator (enter), a Registrar (registry), and an Access Point (AP). In a related scheme, when a wireless manufacturer realizes the registry role in the WPS protocol, some security holes are inevitably introduced, and the security of a wireless network is seriously affected by the security holes.
Disclosure of Invention
The present disclosure provides a method, an apparatus, an electronic device, and a storage medium for processing communication data to efficiently and comprehensively identify security vulnerabilities of a registrant role.
According to an aspect of the present disclosure, there is provided a method of processing communication data, including: acquiring original communication data, wherein the original communication data adopts a target communication protocol, the target communication protocol is used for simplifying the security configuration of a wireless local area network, and an authenticator role and a registrar role are defined in the target communication protocol; carrying out mutation processing on original communication data to obtain mutated communication data; transmitting variant communication data to the registrar role by simulating the authenticator role; and monitoring the running state of the registrant role during processing the variant communication data.
According to yet another aspect of the present disclosure, there is provided an apparatus for processing communication data, including: the system comprises an acquisition module, a registration module and a communication module, wherein the acquisition module is used for acquiring original communication data, the original communication data adopts a target communication protocol, the target communication protocol is used for simplifying the security configuration of a wireless local area network, and an authenticator role and a registrar role are defined in the target communication protocol; the variation module is used for performing variation processing on the original communication data to obtain varied communication data; the sending module is used for sending the variant communication data to the role of the registrant by simulating the role of the authenticator; and the monitoring module is used for monitoring the running state of the registrant when the role processes the variant communication data.
According to still another aspect of the present disclosure, there is provided an electronic device including: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of processing communication data set forth in the present disclosure.
According to yet another aspect of the present disclosure, there is provided a non-transitory computer readable storage medium having stored thereon computer instructions for causing a computer to perform the method of processing communication data set forth in the present disclosure.
According to yet another aspect of the disclosure, a computer program product is provided, comprising a computer program which, when executed by a processor, performs the method of processing communication data as set forth in the disclosure.
According to the method, original communication data are obtained, a target communication protocol is adopted for the original communication data, the target communication protocol is used for simplifying security configuration of a wireless local area network, an authenticator role and a registrar role are defined in the target communication protocol, then mutation processing is carried out on the original communication data, variant communication data are obtained, then the variant communication data are sent to the registrar role through simulating the authenticator role, finally, the running state of the registrar role during processing of the variant communication data is monitored, the purpose of carrying out fuzzy test on the registrar role through the variant communication data is achieved, and therefore security vulnerabilities of the registrar role can be identified efficiently and comprehensively.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present disclosure, nor do they limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.
Drawings
The drawings are included to provide a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:
fig. 1 is a block diagram of a hardware structure of a computer terminal (or mobile device) for implementing a method of processing communication data according to an embodiment of the present disclosure;
FIG. 2 is a flow chart of a method of processing communication data according to an embodiment of the present disclosure;
FIG. 3 is a flow chart of yet another method of processing communication data according to an embodiment of the present disclosure;
fig. 4 is a block diagram of an apparatus for processing communication data according to an embodiment of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure are described below with reference to the accompanying drawings, in which various details of the embodiments of the disclosure are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
It should be noted that the terms "first," "second," and the like in the description and claims of the present disclosure and in the above-described drawings are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the disclosure described herein are capable of operation in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
First, some terms or terms appearing in the process described in the embodiments of the present disclosure are applicable to the following explanations:
and (3) fuzzy testing: automatic or semi-automatic generation of random data is entered into a program and program exceptions, such as crashes, are monitored for assertion failures to discover possible program errors, such as memory leaks. Fuzz testing may be used to detect a security breach of a software or computer system.
The WPS protocol can effectively simplify the security setting operation of the wireless network, and after the WPS protocol is applied in communication, a user can safely access the wireless local area network only by inputting the personal information code.
The WPS protocol is a communication protocol based on tags, lengths, and contents (Tag, Length, Value, TLV), and mainly includes three logical roles, namely, enter, registry, and AP, where the enter can obtain the security configuration information of the AP by means of the registry.
In the related scheme, when a wireless manufacturer realizes a registry role in a WPS protocol, some security holes, such as memory corruption holes, are inevitably introduced by analyzing a TLV in a data packet sent by an enter role, and the security of a wireless network is seriously affected by the holes. However, at present, there is no automatic fuzzy test method and tool specially for the registry role in the WPS protocol, and the universal wireless protocol fuzzy test method is difficult to comprehensively mine the bugs existing in the registry role.
Specifically, in the general wireless protocol fuzzy test method, a wireless network data packet is captured first, and then the captured wireless network data packet is subjected to random variation and then sent to a test target, so as to monitor whether the test target is abnormal or crashed. Random variation is adopted in the test method, and the data packet is not analyzed and understood, so that a large amount of invalid variation is caused; in addition, the Registrar role supports a large number of TLV attributes, and the general method can only carry out variation based on the captured data packet, so that the coverage of the variation attributes is not comprehensive enough; finally, the registry roles have different states, part of bugs can be triggered only when the registry roles are in a specific state, and the bugs are difficult to discover by a general method.
Therefore, the universal wireless protocol fuzzy test method is difficult to comprehensively mine the vulnerability existing in the Registrar role.
In accordance with an embodiment of the present disclosure, there is provided a method of processing communication data, it being noted that the steps illustrated in the flowchart of the figure may be performed in a computer system such as a set of computer-executable instructions and that, although a logical order is illustrated in the flowchart, in some cases, the steps illustrated or described may be performed in an order different than here.
The method embodiments provided by the embodiments of the present disclosure may be executed in a mobile terminal, a computer terminal or similar electronic devices. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the disclosure described and/or claimed herein. Fig. 1 shows a hardware configuration block diagram of a computer terminal (or mobile device) for implementing a method of processing communication data.
As shown in fig. 1, the computer terminal 100 includes a computing unit 101 that can perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM)102 or a computer program loaded from a storage unit 108 into a Random Access Memory (RAM) 103. In the RAM 103, various programs and data necessary for the operation of the computer terminal 100 can also be stored. The computing unit 101, the ROM 102, and the RAM 103 are connected to each other via a bus 104. An input/output (I/O) interface 105 is also connected to bus 104.
A number of components in the computer terminal 100 are connected to the I/O interface 105, including: an input unit 106 such as a keyboard, a mouse, and the like; an output unit 107 such as various types of displays, speakers, and the like; a storage unit 108, such as a magnetic disk, optical disk, or the like; and a communication unit 109 such as a network card, modem, wireless communication transceiver, etc. The communication unit 109 allows the computer terminal 100 to exchange information/data with other devices through a computer network such as the internet and/or various telecommunication networks.
Various implementations of the systems and techniques described here can be implemented in digital electronic circuitry, integrated circuitry, Field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
It should be noted here that in some alternative embodiments, the electronic device shown in fig. 1 may include hardware elements (including circuitry), software elements (including computer code stored on a computer-readable medium), or a combination of both hardware and software elements. It should be noted that fig. 1 is only one example of a particular specific example and is intended to illustrate the types of components that may be present in the electronic device described above.
In the operating environment described above, the present disclosure provides a method of processing communication data as shown in fig. 2, which may be performed by a computer terminal or similar electronic device as shown in fig. 1. Fig. 2 is a flowchart of a method for processing communication data according to an embodiment of the disclosure. As shown in fig. 2, the method may include the steps of:
step S21, acquiring original communication data, wherein the original communication data adopts a target communication protocol, the target communication protocol is used for simplifying the security configuration of the wireless local area network, and an authenticator role and a registrar role are defined in the target communication protocol;
the target communication protocol is a communication protocol implemented based on a target data transmission protocol, and a tag field, a length field and a content field are defined in the target data transmission protocol.
For example, the target communication protocol is a WPS protocol, and by analyzing the WPS protocol and actually performing packet capture analysis on WPS data packets of various wireless manufacturers, a relatively complete attribute set can be obtained, so that a larger test range can be covered.
The original communication data can be obtained by capturing a communication data packet of the WPS protocol, wherein the communication data packet of the WPS protocol is sent from the enter role to the registry role. The target data transmission protocol is a TLV protocol, the label field is a Tag field, the label field consists of one or more bytes and is used for representing the data type, and the label field can be used for describing the type of the message when the TLV is nested; the Length field is a Length field and is used for indicating the Length of a data value, and the encoding format is divided into a fixed Length mode (Definite Form) and an Indefinite Length mode (Indexinite Form); the content field is a Value field for indicating a Data Value, wherein the Data Value may be a Primitive Data type (primative Data) or a TLV structure (structured Data).
Step S22, carrying out variation processing on the original communication data to obtain variation communication data;
specifically, the implementation process of performing mutation processing on the original communication data to obtain the mutated communication data may refer to further description of the embodiments of the present disclosure, and is not repeated herein.
Step S23, transmitting variant communication data to the registrar role by simulating the authenticator role;
for example, the WPS wrapper is used to simulate the role of Enrollee and send variant communication data to the Registrar role. The WPS wrapper can completely realize the role of the Enrollee of the WPS protocol stack, interacts with the registry role and enables the registry role to enter any state.
Step S24 is to monitor the operation state of the registrar role when processing the variant communication data.
Specifically, the implementation process of monitoring the operation state when the registrar role processes the variant communication data may refer to further description of the embodiment of the present disclosure, and is not described in detail.
According to the above steps S21 to S24 of the present disclosure, the original communication data is obtained, the original communication data adopts a target communication protocol, the target communication protocol is used for simplifying security configuration of the wireless local area network, an authenticator role and a registrar role are defined in the target communication protocol, then the original communication data is mutated to obtain mutated communication data, then the mutated communication data is sent to the registrar role by simulating the authenticator role, and finally the operating state of the registrar role during processing the mutated communication data is monitored, so that the purpose of performing a fuzzy test on the registrar role by using the mutated communication data is achieved, and thus security vulnerabilities of the registrar role can be efficiently and comprehensively identified.
The method of processing communication data of the above-described embodiment is further described below.
As an alternative implementation, in step S22, performing mutation processing on the original communication data, and obtaining mutated communication data includes: and carrying out mutation processing on the length field contained in the original communication data to obtain the mutation communication data.
Specifically, the original communication data is analyzed, and the Length field contained in the original communication data is subjected to mutation processing to obtain the mutation communication data, so that invalid mutation can be effectively reduced, and the generation efficiency of the mutation communication data is improved. For example, the Value field in the original communication data is only mutated to obtain mutated communication data, and the Registrar role may not have an abnormal operating state when analyzing the mutated communication data, so that the mutation processing only performed on the Value field in the original communication data is invalid.
For example, a Length field included in the original communication data is mutated to obtain mutated communication data. The Length field in the original communication data has a Value of Value field, and performing mutation processing on the Length field included in the original communication data may include: the Value of the Length field in the original communication data is changed to an abnormal Value different from the Length of the Value field, such as increasing the Value of the Length field or decreasing the Value of the Length field. For example, the Value of the Length field in the original communication data is changed to 0, and the actual Value of the Length field is the Length of the Value field, and the actual Value is not 0.
The variable communication data is obtained by performing variation processing on the length field contained in the original communication data, and the registry role can be triggered to perform some conventional memory corruption vulnerabilities in the TLV analysis process, so that identification of the memory corruption vulnerabilities in the registry role is realized. For example, a too short Length field may cause an out-of-bounds read or an integer overflow, and a too long Length field may cause problems such as out-of-bounds writes.
As an alternative implementation, in step S22, performing mutation processing on the original communication data, and obtaining mutated communication data includes: and carrying out mutation processing on a data block contained in the original communication data to obtain the mutated communication data, wherein the structure of the data block is configured according to a tag field, a length field and a content field.
For example, TLV blocks included in the original communication data are randomly added or deleted to obtain variant communication data, where each TLV block includes Tag, Length, and Value.
The variant communication data is obtained by carrying out variant processing on the data block contained in the original communication data, the logic bugs related to memory corruption in the TLV analysis process of the Registrar role can be triggered, and the identification of the logic bugs related to memory corruption in the Registrar role is realized. For example, memory corruption related logical vulnerabilities may include Double-Free (Double-Free), Use-After-release-Free (Use-After-Free), and the like.
As an alternative implementation, in step S24, the monitoring the operation status of the registrar role in processing the variant communication data includes: and monitoring whether the running state is abnormal or not when the role of the registrant processes the variant communication data by adopting a target monitoring mode.
The target monitoring mode can be realized through a Crash (Crash) monitoring module, and the Crash monitoring module can be used for monitoring whether the running state of the Registrar role is abnormal when the Crash monitoring module processes the variant communication data.
Specifically, the implementation process of monitoring whether the running state is abnormal or not when the role of the registrar handles the variant communication data by using the target monitoring mode may refer to further description of the following embodiments, which is not repeated herein.
By adopting a target monitoring mode, whether the running state is abnormal or not when the registrant role processes the variant communication data is monitored, the fuzzy test on the registrant role can be quickly realized, and an accurate and reliable test result is obtained.
As an optional implementation manner, a target monitoring manner is adopted, and monitoring whether an abnormal operation state occurs includes: and determining whether the running state is abnormal or not by filtering keywords contained in a preset log in a log monitoring mode.
The preset log is a serial port log, and whether the running state is abnormal or not is determined by monitoring the serial port log and filtering keywords contained in the serial port log. When the running state is abnormal, the keywords included in the serial log may include Crash (Crash), Error (Error), stack trace (StackTrace), and the like.
By monitoring and filtering the keywords in the preset log, the abnormal operation state can be accurately detected when the operation state of the registry role is abnormal, so that the security vulnerability causing the abnormal operation state is identified, and the fuzzy test on the registry role is efficiently realized.
As an optional implementation manner, a target monitoring manner is adopted, and monitoring whether an abnormal operation state occurs includes: and detecting whether the running state is abnormal or not by adopting a command monitoring mode through a preset command.
The preset command may be a Packet Internet Groper (Ping) command, which can be used to measure a network connection amount. For example, the Ping command can determine the survival state of the Registrar role, and further determine whether the running state of the Registrar role in processing abnormal communication data is broken down.
A method of processing communication data as described in the disclosed embodiment is described below in conjunction with fig. 3.
Fig. 3 is a flowchart of yet another method of processing communication data according to an embodiment of the disclosure, as shown in fig. 3, the method including the steps of:
step S31, acquiring original communication data;
the original communication data adopts a target communication protocol, the target communication protocol is used for simplifying the security configuration of the wireless local area network, and an authenticator role and a registrar role are defined in the target communication protocol.
Step S32, carrying out variation processing on the original communication data to obtain variation communication data;
step S33, utilizing WPS wrapper to send variant communication data to registrant role;
specifically, the WPS packet sender is responsible for sending the WPS packet, and the WPS packet includes variant communication data. For example, the WPS packetizer can transmit M1, M3, M5, M7 packets, and can parse and process received M2, M4, M6, M8 packets. Accordingly, the registratibar role has states of receiving M1(RECV _ M), transmitting M2(SEND _ M2), receiving M3(RECV _ M3), transmitting M4(SEND _ M4), receiving M5(RECV _ M5), transmitting M6(SEND _ M6), receiving M7(RECV _ M7), transmitting M8(SEND _ M8), receiving completion (RECV _ DONE), transmitting M2D file (SEND _ M2D), receiving acknowledgement character (RECV _ M2D _ ACK) of M2D file, and the like in sequence, wherein a part of the security hole can be triggered only in a specific state. The WPS wrapper can completely realize the role of the Enrollee of the WPS protocol stack, can interact with the role of the registry by simulating the role of the Enrollee, and enables the registry to enter any state.
And step S34, monitoring the running state of the registrant role when processing the variant communication data by using a Crash monitoring module.
Based on the steps S31 to S34, the security holes possibly existing in the Registrar role can be efficiently and comprehensively excavated, and accurate and reliable fuzzy test results can be obtained. For example, when the method for processing communication data described in the above embodiment is applied to a wireless network mesh fuzz testing (MeshFuzzer) tool, a WiFi chip is fuzz tested, and multiple high-risk security Vulnerabilities can be discovered, and multiple Common vulnerability disclosures (CVEs) can be obtained.
In the technical scheme of the disclosure, the collection, storage, use, processing, transmission, provision, disclosure and other processing of the personal information of the related user are all in accordance with the regulations of related laws and regulations and do not violate the good customs of the public order.
Through the above description of the embodiments, those skilled in the art can clearly understand that the method according to the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the present disclosure may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions to enable a terminal device (which may be a mobile phone, a computer, a server, or a network device) to execute the methods according to the embodiments of the present disclosure.
The present disclosure also provides a device for processing communication data, which is used to implement the foregoing embodiments and preferred embodiments, and the description of the device that has been already made is omitted. As used below, the term "module" may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
Fig. 4 is a block diagram of an apparatus for processing communication data according to an embodiment of the present disclosure, and as shown in fig. 4, an apparatus 400 for processing communication data includes:
an obtaining module 401, configured to obtain original communication data, where the original communication data uses a target communication protocol, the target communication protocol is used to simplify security configuration of a wireless local area network, and an authenticator role and a registrar role are defined in the target communication protocol;
a mutation module 402, configured to perform mutation processing on the original communication data to obtain mutated communication data;
a sending module 403, configured to send variant communication data to the registrar role by simulating the authenticator role;
and a monitoring module 404, configured to monitor an operating state of the registrar role when processing the variant communication data.
Optionally, the target communication protocol is a communication protocol implemented based on a target data transmission protocol, and the target data transmission protocol has a tag field, a length field, and a content field defined therein.
Optionally, the mutation module 402 is further configured to: and carrying out mutation processing on the length field contained in the original communication data to obtain the mutation communication data.
Optionally, the mutation module 402 is further configured to: and carrying out mutation processing on a data block contained in the original communication data to obtain the mutated communication data, wherein the structure of the data block is configured according to a tag field, a length field and a content field.
Optionally, the monitoring module 404 is further configured to: and monitoring whether the running state is abnormal or not when the role of the registrant processes the variant communication data by adopting a target monitoring mode.
Optionally, the monitoring module 404 is further configured to: and determining whether the running state is abnormal or not by filtering keywords contained in a preset log in a log monitoring mode.
Optionally, the monitoring module 404 is further configured to: and detecting whether the running state is abnormal or not by adopting a command monitoring mode through a preset command.
It should be noted that, the above modules may be implemented by software or hardware, and for the latter, the following may be implemented, but not limited to: the modules are all positioned in the same processor; alternatively, the modules are respectively located in different processors in any combination.
According to an embodiment of the present disclosure, the present disclosure also provides an electronic device including a memory and at least one processor, the memory having stored therein computer instructions, the processor being configured to execute the computer instructions to perform the steps in the above method embodiments.
Optionally, the electronic device may further include a transmission device and an input/output device, wherein the transmission device is connected to the processor, and the input/output device is connected to the processor.
Alternatively, in the present disclosure, the processor may be configured to execute the following steps by a computer program:
s1, acquiring original communication data, wherein the original communication data adopts a target communication protocol, the target communication protocol is used for simplifying the security configuration of the wireless local area network, and an authenticator role and a registrar role are defined in the target communication protocol;
s2, carrying out mutation processing on the original communication data to obtain mutated communication data;
s3, sending variant communication data to the registrar role by simulating the authenticator role;
s4, monitoring the operation status of the registrar role when processing the variant communication data.
Optionally, the specific examples in this embodiment may refer to the examples described in the above embodiments and optional implementation manners, and this embodiment is not described herein again.
According to an embodiment of the present disclosure, there is also provided a non-transitory computer readable storage medium having stored therein computer instructions, wherein the computer instructions are arranged to perform the steps in the above method embodiment when executed.
Alternatively, in the present embodiment, the above-mentioned non-transitory computer-readable storage medium may be configured to store a computer program for executing the steps of:
s1, acquiring original communication data, wherein the original communication data adopts a target communication protocol, the target communication protocol is used for simplifying the security configuration of the wireless local area network, and an authenticator role and a registrar role are defined in the target communication protocol;
s2, carrying out mutation processing on the original communication data to obtain mutated communication data;
s3, sending variant communication data to the registrar role by simulating the authenticator role;
s4, monitoring the operation status of the registrar role when processing the variant communication data.
Alternatively, in the present embodiment, the non-transitory computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The present disclosure also provides a computer program product according to an embodiment of the present disclosure. Program code for implementing the audio processing methods of the present disclosure may be written in any combination of one or more programming languages. These program codes may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the program codes, when executed by the processor or controller, cause the functions/operations specified in the flowchart and/or block diagram to be performed. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the above embodiments of the present disclosure, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present disclosure, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units may be a logical division, and in actual implementation, there may be another division, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present disclosure may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present disclosure may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present disclosure. And the aforementioned storage medium includes: various media capable of storing program codes, such as a U disk, a Read Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk.
The foregoing is merely a preferred embodiment of the present disclosure, and it should be noted that modifications and embellishments could be made by those skilled in the art without departing from the principle of the present disclosure, and these should also be considered as the protection scope of the present disclosure.
Claims (17)
1. A method of processing communication data, comprising:
acquiring original communication data, wherein the original communication data adopts a target communication protocol, the target communication protocol is used for simplifying the security configuration of a wireless local area network, and an authenticator role and a registrar role are defined in the target communication protocol;
carrying out mutation processing on the original communication data to obtain mutated communication data;
transmitting the variant communication data to the registrar role by emulating the authenticator role;
and monitoring the running state of the registrant role during processing the variant communication data.
2. The method of claim 1, wherein the target communication protocol is a communication protocol implemented based on a target data transfer protocol in which a tag field, a length field, and a content field are defined.
3. The method of claim 2, wherein mutating the raw communication data to obtain the mutated communication data comprises:
and carrying out mutation processing on the length field contained in the original communication data to obtain the mutated communication data.
4. The method of claim 2, wherein mutating the raw communication data to obtain the mutated communication data comprises:
and carrying out mutation processing on a data block contained in the original communication data to obtain the mutated communication data, wherein the structure of the data block is configured according to the label field, the length field and the content field.
5. The method of claim 1, wherein monitoring the operational status of the registrar role in processing the variant communication data comprises:
and monitoring whether the running state is abnormal or not when the registrant role processes the variant communication data by adopting a target monitoring mode.
6. The method of claim 5, wherein monitoring whether the operating state is abnormal in the target monitoring manner comprises:
and determining whether the running state is abnormal or not by filtering keywords contained in a preset log in a log monitoring mode.
7. The method of claim 5, wherein monitoring whether the operating state is abnormal in the target monitoring manner comprises:
and detecting whether the running state is abnormal or not by adopting a command monitoring mode and a preset command.
8. An apparatus for processing communication data, comprising:
an obtaining module, configured to obtain original communication data, where the original communication data employs a target communication protocol, the target communication protocol is used to simplify security configuration of a wireless local area network, and an authenticator role and a registrar role are defined in the target communication protocol;
the variation module is used for performing variation processing on the original communication data to obtain varied communication data;
a sending module for sending the variant communication data to the registrar role by simulating the authenticator role;
and the monitoring module is used for monitoring the running state of the registrant role during processing the variant communication data.
9. The apparatus of claim 8, wherein the target communication protocol is a communication protocol implemented based on a target data transfer protocol in which a tag field, a length field, and a content field are defined.
10. The apparatus of claim 9, wherein the mutation module is further to:
and carrying out mutation processing on the length field contained in the original communication data to obtain the mutated communication data.
11. The apparatus of claim 9, wherein the mutation module is further to:
and carrying out mutation processing on a data block contained in the original communication data to obtain the mutated communication data, wherein the structure of the data block is configured according to the label field, the length field and the content field.
12. The apparatus of claim 8, wherein the monitoring module is further configured to:
and monitoring whether the running state is abnormal or not when the registrant role processes the variant communication data by adopting a target monitoring mode.
13. The apparatus of claim 12, wherein the monitoring module is further configured to:
and determining whether the running state is abnormal or not by filtering keywords contained in a preset log in a log monitoring mode.
14. The apparatus of claim 12, wherein the monitoring module is further configured to:
and detecting whether the running state is abnormal or not by adopting a command monitoring mode and a preset command.
15. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-7.
16. A non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to perform the method of any one of claims 1-7.
17. A computer program product comprising a computer program which, when executed by a processor, implements the method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111494321.8A CN114173344A (en) | 2021-12-08 | 2021-12-08 | Method and device for processing communication data, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111494321.8A CN114173344A (en) | 2021-12-08 | 2021-12-08 | Method and device for processing communication data, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114173344A true CN114173344A (en) | 2022-03-11 |
Family
ID=80484589
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111494321.8A Pending CN114173344A (en) | 2021-12-08 | 2021-12-08 | Method and device for processing communication data, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114173344A (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130096943A1 (en) * | 2011-10-17 | 2013-04-18 | Intertrust Technologies Corporation | Systems and methods for protecting and governing genomic and other information |
| CN104684004A (en) * | 2015-02-28 | 2015-06-03 | 浙江省通信产业服务有限公司 | Complex wireless communication network operation quality evaluation method based on fuzzy analysis |
| CN105763392A (en) * | 2016-02-19 | 2016-07-13 | 中国人民解放军理工大学 | Industrial control protocol fuzzing test method based on protocol state |
| US20170048218A1 (en) * | 2014-05-02 | 2017-02-16 | Nok Nok Labs, Inc. | Enhanced security for registration of authentication devices |
| CN110348216A (en) * | 2019-05-24 | 2019-10-18 | 中国科学院信息工程研究所 | A kind of fuzz testing method and system for cloud computing system virtual unit |
| CN111123888A (en) * | 2019-12-19 | 2020-05-08 | 江苏中天科技软件技术有限公司 | Industrial control protocol testing method and system, electronic equipment and storage medium |
| CN113507436A (en) * | 2021-06-02 | 2021-10-15 | 中国人民解放军63880部队 | Power grid embedded terminal fuzzy test method aiming at GOOSE protocol |
-
2021
- 2021-12-08 CN CN202111494321.8A patent/CN114173344A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130096943A1 (en) * | 2011-10-17 | 2013-04-18 | Intertrust Technologies Corporation | Systems and methods for protecting and governing genomic and other information |
| US20170048218A1 (en) * | 2014-05-02 | 2017-02-16 | Nok Nok Labs, Inc. | Enhanced security for registration of authentication devices |
| CN104684004A (en) * | 2015-02-28 | 2015-06-03 | 浙江省通信产业服务有限公司 | Complex wireless communication network operation quality evaluation method based on fuzzy analysis |
| CN105763392A (en) * | 2016-02-19 | 2016-07-13 | 中国人民解放军理工大学 | Industrial control protocol fuzzing test method based on protocol state |
| CN110348216A (en) * | 2019-05-24 | 2019-10-18 | 中国科学院信息工程研究所 | A kind of fuzz testing method and system for cloud computing system virtual unit |
| CN111123888A (en) * | 2019-12-19 | 2020-05-08 | 江苏中天科技软件技术有限公司 | Industrial control protocol testing method and system, electronic equipment and storage medium |
| CN113507436A (en) * | 2021-06-02 | 2021-10-15 | 中国人民解放军63880部队 | Power grid embedded terminal fuzzy test method aiming at GOOSE protocol |
Non-Patent Citations (1)
| Title |
|---|
| 赵鑫;巫忠跃;易冬阳;付枭;: "基于网络协议的模糊测试工具设计", 通信技术, no. 11 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102946616B (en) | Internet of things middleware performance testing system and testing method | |
| CN114024884B (en) | Test method, test device, electronic equipment and storage medium | |
| CN109683997B (en) | Method for accessing application program interface through sandbox, sandbox and sandbox equipment | |
| CN111176202A (en) | Safety management method, device, terminal equipment and medium for industrial control network | |
| US10296746B2 (en) | Information processing device, filtering system, and filtering method | |
| CN113572726A (en) | Multi-mode network control-data plane consistency verification method and device | |
| US9654491B2 (en) | Network filtering apparatus and filtering method | |
| CN109408309A (en) | The test method and device of multiple terminals | |
| CN110572296A (en) | Internet of things terminal equipment communication protocol consistency safety detection method | |
| CN114070752B (en) | Test method, test device, electronic equipment and computer readable storage medium | |
| CN104780123B (en) | A kind of network pack receiving and transmitting processing unit and its design method | |
| CN112506795A (en) | Method, system, terminal and storage medium for testing security vulnerability of industrial control equipment | |
| CN114173344A (en) | Method and device for processing communication data, electronic equipment and storage medium | |
| CN110753363A (en) | Intelligent device wireless debugging system and method | |
| WO2016202085A1 (en) | Method and device for drawing planisphere of optical module, and virtual vector analyzer | |
| CN114244686B (en) | Communication fault detection method, device and system | |
| CN103297480A (en) | System and method for automatically detecting application service | |
| CN113535578B (en) | CTS test method, CTS test device and CTS test equipment | |
| US11502928B2 (en) | Fuzz testing apparatus and fuzz testing method | |
| CN114218011A (en) | Test simulation method and device, terminal equipment and storage medium | |
| CN109981394B (en) | Communication method and device based on enhanced CAN bus protocol analyzer | |
| CN111597062A (en) | Electric energy meter communication reliability testing method and device | |
| CN112468358B (en) | Protocol detection method, system, equipment and computer readable storage medium | |
| CN109613423A (en) | High-voltage circuitbreaker on-line monitoring and trouble analysis system based on vibration signal | |
| CN116708001B (en) | Industrial control system private protocol vulnerability detection method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |