| dc.description.abstract |
In this era of increasingly popular Internet of things, we are facing the problem of security which is no longer limited to personal computers, on the contrary home TVs, refrigerators and so forth may also be the objects of hacker attacks. When the enterprises deployed sensors on their own product out of the controllable range, how does the enterprises make sure that the deployment of the sensor is not invaded? If the messages captured by the sensor were ready to be sent to the server in the enterprise, the attacker could probably able to penetrate into the enterprise further.
Under normal circumstances, the sensor will send a specific packet format (beacon) during a fixed period of time, to tell the server that the sensor is still online. Because the sensor is not within the defense range of the enterprise, the attacker may be able to grab the entity of the machine. If the attacker loaded all the contents of the physical memory and reproduced the source code through the disassembly techniques, the behaviors within the sensor would be able to be imitated by the attacker completely.
In order to prevent a particular format of packets from being imitated, this article proposes an alternative method to ensure that the program executed by the client is secure by using the One Time Password mechanism, sending executable files and verifying of the random numbers. In the fourth chapter, the transmission and detection of the one-time passwords will be introduced. | en_US |