Search

CN-121994289-A - Sensor vulnerability detection method and device

CN121994289ACN 121994289 ACN121994289 ACN 121994289ACN-121994289-A

Abstract

The application discloses a sensor vulnerability detection method and device, which relate to the field of sensor hardware safety, and the method comprises the steps of generating a detection configuration file according to the type of a detected sensor and the out-of-band vulnerability detection type; and acquiring the reading of the detected sensor in real time, and determining the out-of-band vulnerability of the detected sensor according to the reading of the detected sensor when the detection signal is not transmitted and the reading of the detected sensor after the detection signal is transmitted. According to the method and the device, the detection configuration file is generated according to the type of the detected sensor and the out-of-band vulnerability detection type, the corresponding detection signals are transmitted, the out-of-band vulnerability is judged by comparing the sensor readings before and after detection, the accurate matching of the detection strategy and the detection object is realized, the accuracy and the reliability of the out-of-band vulnerability detection of the sensor are greatly improved, the detection flow is simplified, the detection cost is reduced, and a reliable basis is provided for the establishment of a sensor safety protection scheme.

Inventors

  • XU WENYUAN
  • JI XIAOYU
  • LIU XUESONG
  • YAN CHEN
  • ZHANG SHIQI
  • XIAO SHILIN
  • WANG PEIWANG
  • WANG FEI
  • GAO XIANG

Assignees

  • 浙江大学

Dates

Publication Date
20260508
Application Date
20260126

Claims (10)

  1. 1. A sensor vulnerability detection method, characterized in that the sensor vulnerability detection method comprises: Generating a detection configuration file according to the type of the detected sensor and the out-of-band vulnerability detection type; Transmitting a detection signal to a detected sensor according to the detection configuration file; And acquiring the reading of the detected sensor in real time, and determining the out-of-band vulnerability of the detected sensor according to the reading of the detected sensor when the detection signal is not transmitted and the reading of the detected sensor after the detection signal is transmitted.
  2. 2. The method of claim 1, wherein the out-of-band vulnerability detection type comprises acoustic wave resonance out-of-band vulnerability detection, acoustic wave injection out-of-band vulnerability detection, laser injection out-of-band vulnerability detection, and electromagnetic coupling out-of-band vulnerability detection.
  3. 3. The sensor vulnerability detection method of claim 2, wherein generating a detection profile according to the type of the sensor under test and the out-of-band vulnerability detection type comprises: if the out-of-band vulnerability detection type is the acoustic resonance out-of-band vulnerability detection, determining an acoustic signal type according to the type of a detected sensor, sweeping an acoustic signal of the detected sensor, determining an acoustic resonance frequency, setting an acoustic duration and an acoustic emission power, and writing the acoustic signal type, the acoustic resonance frequency, the acoustic duration and the acoustic emission power into a detection configuration file; If the out-of-band vulnerability detection type is that the sound wave is injected into the out-of-band vulnerability detection, determining a sound wave signal type according to the type of the detected sensor, sweeping the sound wave signal of the detected sensor, determining the sound wave frequency when the output signal of the detected sensor is abnormal, setting the sound wave duration and the sound wave emission power, and writing the sound wave signal type, the sound wave frequency when the output signal of the detected sensor is abnormal, the sound wave duration and the sound wave emission power into a detection configuration file; If the out-of-band vulnerability detection type is laser injection out-of-band vulnerability detection, determining laser frequency and laser duration according to the type of the detected sensor, and writing the laser frequency and the laser duration into a detection configuration file; If the out-of-band vulnerability detection type is electromagnetic coupling out-of-band vulnerability detection, carrying out electromagnetic wave signal sweep on a detected sensor, determining the electromagnetic wave frequency when the output signal of the detected sensor is abnormal, setting the electromagnetic wave duration and the electromagnetic wave transmitting power, and writing the electromagnetic wave frequency, the electromagnetic wave duration and the electromagnetic wave transmitting power when the output signal of the detected sensor is abnormal into a detection configuration file.
  4. 4. A method of detecting sensor vulnerability as claimed in claim 3 wherein sweeping the acoustic signal of the sensor under test to determine the acoustic resonance frequency comprises: Transmitting a sweep frequency sound wave signal to a sensor to be tested in a set sound wave signal sweep frequency range; and acquiring output signals of the detected sensor in real time, determining the amplitude of the output signals of the detected sensor under different acoustic frequencies, and taking the acoustic frequency corresponding to the maximum output signal amplitude as the acoustic resonance frequency.
  5. 5. A method of detecting sensor vulnerability as claimed in claim 3, wherein the step of sweeping the acoustic signal of the sensor to be detected to determine the acoustic frequency at which the output signal of the sensor to be detected is abnormal comprises: Transmitting a sweep frequency sound wave signal to a sensor to be tested in a set sound wave signal sweep frequency range; and acquiring output signals of the detected sensor in real time, and determining the sound wave frequency when the output signals of the detected sensor are abnormal.
  6. 6. A method for detecting vulnerability of sensor according to claim 3, wherein the step of sweeping the electromagnetic wave signal of the sensor to be detected to determine the electromagnetic wave frequency when the output signal of the sensor to be detected is abnormal comprises: Transmitting sweep electromagnetic wave signals to the tested sensor in a set sweep range of the electromagnetic wave signals; And acquiring output signals of the detected sensor in real time, and determining electromagnetic wave frequency when the output signals of the detected sensor are abnormal.
  7. 7. The method of claim 1, wherein determining the out-of-band vulnerability of the sensor to be tested based on the reading of the sensor to be tested when the detection signal is not transmitted and the reading of the sensor to be tested after the detection signal is transmitted, comprises: according to the reading of the detected sensor when the detection signal is not transmitted and the reading of the detected sensor after the detection signal is transmitted, calculating the vulnerability index value of the detected sensor; If the vulnerability index value of the detected sensor is larger than the set threshold value, judging that the detected sensor has out-of-band vulnerability, otherwise, judging that the detected sensor does not have out-of-band vulnerability.
  8. 8. The method for detecting the vulnerability of the sensor according to claim 7, wherein the vulnerability index value comprises a cosine similarity, a pearson correlation coefficient and a linearity, wherein the cosine similarity indicates whether the output mode of the sensor to be detected is shifted as a whole due to a detection signal, the pearson correlation coefficient indicates whether the sensor to be detected is damaged due to a detection signal, and the linearity indicates whether the sensor to be detected is distorted in a nonlinear manner due to the detection signal.
  9. 9. The sensor vulnerability detection device is characterized by being applied to the sensor vulnerability detection method according to any one of claims 1-8, and comprises an upper computer and a signal transmission module, wherein the upper computer is connected with a detected sensor; The upper computer is used for generating a detection configuration file according to the type of the detected sensor and the out-of-band vulnerability detection type, controlling the signal transmitting module to transmit detection signals to the detected sensor according to the detection configuration file, collecting the readings of the detected sensor in real time, and determining the out-of-band vulnerability of the detected sensor according to the readings of the detected sensor when the detection signals are not transmitted and the readings of the detected sensor after the detection signals are transmitted.
  10. 10. The sensor vulnerability detection device according to claim 9, wherein if the out-of-band vulnerability detection type is acoustic resonance out-of-band vulnerability detection or acoustic injection out-of-band vulnerability detection, the signal transmission module comprises a signal exchange module and an acoustic transmission module, wherein the signal exchange module is connected with the host computer through a network port, the acoustic transmission module is connected with the signal exchange module, and the acoustic transmission module is opposite to the sensor to be detected; If the out-of-band vulnerability detection type is laser injection out-of-band vulnerability detection, the signal transmitting module comprises a signal exchange module and a laser transmitting module, wherein the signal exchange module is connected with the upper computer through a network port, the laser transmitting module is connected with the signal exchange module, and the laser transmitting module is opposite to the detected sensor; If the out-of-band vulnerability detection type is electromagnetic coupling out-of-band vulnerability detection, the signal transmitting module comprises a universal software radio peripheral, a power amplifier and an antenna, wherein the universal software radio peripheral is connected with an upper computer through a USB interface, the power amplifier is connected with the universal software radio peripheral through an SMA transmission line, the antenna is connected with the power amplifier through the SMA transmission line, and the antenna is opposite to the tested sensor.

Description

Sensor vulnerability detection method and device Technical Field The application relates to the field of sensor hardware security, in particular to a method and a device for detecting vulnerability of a sensor. Background The sensor is a core component connecting the physical world and the virtual world, is a 'five sense organ' and reliably operated basic stone for the system to sense the state of the sensor and the environment, and is widely used in the personal consumer electronics, infrastructure and public service industries. Out-of-sensor-band vulnerability is an important factor in threatening sensor security. Ideally, the sensor converts the measured physical signal (in-band signal) within the functional design into an electrical signal or other form according to a specific transduction principle (e.g., electro-optical, piezoelectric, etc.), such as a microphone sensor converting an acoustic signal into an audio output. However, due to non-ideal hardware characteristics, such as non-linearity of an amplifier, non-perfect filtering of a filter, etc., there is a non-ideal working range of the sensor, and in this range, a non-functionally designed measured object signal (out-of-band signal) will affect the sensor and act on the sensor output, resulting in a measurement result of the sensor "across the physical field". For example, a laser out-of-band signal is injected into the microphone sensor to produce an audio measurement output in a silence state, and an ultrasonic out-of-band signal is injected into the acceleration sensor to output an erroneous acceleration measurement under a stationary condition. Since the sensor interface is typically exposed to the physical world to receive physical signals, sensor out-of-band vulnerabilities can be triggered either unintentionally or with serious security consequences by attacker exploits. Therefore, the out-of-band vulnerability detection, analysis and protection of the sensor are the basis and precondition for guaranteeing the safety of the sensor. Disclosure of Invention The application aims to provide a method and a device for detecting the vulnerability of a sensor, which can improve the accuracy and the reliability of out-of-band vulnerability detection of the sensor and provide a reliable basis for the establishment of a safety protection scheme of the sensor. In order to achieve the above object, the present application provides the following solutions: in a first aspect, the present application provides a method for detecting vulnerability of a sensor, comprising: Generating a detection configuration file according to the type of the detected sensor and the out-of-band vulnerability detection type; Transmitting a detection signal to a detected sensor according to the detection configuration file; And acquiring the reading of the detected sensor in real time, and determining the out-of-band vulnerability of the detected sensor according to the reading of the detected sensor when the detection signal is not transmitted and the reading of the detected sensor after the detection signal is transmitted. The application provides a sensor vulnerability detection device, which comprises an upper computer and a signal transmission module, wherein the upper computer is connected with a sensor to be detected; The upper computer is used for generating a detection configuration file according to the type of the detected sensor and the out-of-band vulnerability detection type, controlling the signal transmitting module to transmit detection signals to the detected sensor according to the detection configuration file, collecting the readings of the detected sensor in real time, and determining the out-of-band vulnerability of the detected sensor according to the readings of the detected sensor when the detection signals are not transmitted and the readings of the detected sensor after the detection signals are transmitted. According to the specific embodiment provided by the application, the detection configuration file is generated based on the type of the detected sensor and the out-of-band vulnerability detection type in a targeted manner, so that the defect of poor suitability of a general detection scheme is effectively avoided, and the accurate matching of a detection strategy and a detection object is realized. By transmitting corresponding detection signals to the detected sensor and comparing the sensor readings before and after transmitting the detection signals to determine out-of-band vulnerability, the sensor can directly capture the abnormal response characteristics of the sensor affected by out-of-band factors, greatly improves the accuracy and reliability of out-of-band vulnerability detection, and reduces the occurrence of misjudgment and missed judgment. Meanwhile, the method does not need to carry out complex refitting on the sensor, the detection flow is simple, convenient and efficient, data acquisition and vulnerability determination can be c