| Nowadays,smart devices have become an inseparable part of society and provide convenient services for people.As important components of smart devices,smart bracelets and smart home have tight connection with people’s health and daily life.The security of these devices have aroused the researchers’ attention.Most of the existing researches concentrate on single type of smart device,and require user collaboration and cooperation.These methods have many shortcomings when applied to a variety of Io T devices and non-collaborative situations.The reasons include: The need for users to collaborate on the matching authentication process of Io T devices,and the attacks are implemented on single type of smart devices.The data type is single.In response to the above problems,this paper proposes a non-cooperative attack method for the Internet of Things.Specifically,the innovations and main work of this paper are as follows:In this paper,a bluetooth remote wireless attack technology non-cooperative attack method for smart bracelets is proposed.We design and implement three different attacks for three different brands of smart bracelets.For No.1 smart bracelet,we carry out Android reverse attack and dig the APK vulnerability.Finally we obtain the key code to read or write data through the key code location technology.As for No.2 smart bracelet,we combine syslog attacks with Android decompilers,tracking key codes which are used to read and write data.For No.3 smart bracelet,we carry out Hook attack and combine with Android source code analysis to track key codes which are used to read and write data.Combining the different attack methods on the three smart bracelets,we develop the Wristband Attack Software of the pseudo-identity authentication application and implement data theft and tampering on the smart bracelet.The experiments shows that the attack result is accurate,and the performance overhead is reasonable and acceptable.Besides,we propose a Android spoofing non-cooperative attack method for smart home.In this paper,three different attack methods are designed and implemented for three different types of smart home devices.For bluetooth thermometer and hygrometer,we carry out Android reverse attack and dig the APK vulnerability.Then we track and locate the key code of reading and writing data.As for intelligent air conditioner,we perform Android debugging attack and analyze Android source code to locate the key code of writing and reading the data.For the bluetooth weight scale,we implement the bluetooth protocol communication data packet attack,and obtain the key code for reading and writing data through key code positioning technology.Combining the different attacks on the three smart homes,we develop the BLE Devices attack software for the pseudo-identity authentication application and implement data theft and tampering on the smart home.The experiments show that the attack result is accurate,and the performance overhead is reasonable and acceptable. |
PDF Full Text Request