关键词: 智能联网设备, 局域网控制器, 身份认证, 脆弱性识别, 认证方法

Abstract: With the popularity of intelligent networking device（IND）, its security issues have become increasingly prominent. Currently, there is an identity authentication risk between IND and its controller in LANs in general. Attackers can impersonate a controller and control IND to execute malicious instructions, which poses a serious threat to the security of IND. In this paper, we propose a recognition method for identity authentication vulnerabilities of IND. Taking the INDs of two vendors as examples, we recognize their identity authentication vulnerabilities with this method. Furthermore, a simple identity authentication method is proposed to protect IND from identity authentication risk effectively.

Key words: intelligent networking devices, controller in LANs, identity authentication, vulnerability identification, authentication method