[go: up one dir, main page]

WO2018076356A1 - Communication method, network device, and terminal - Google Patents

Communication method, network device, and terminal Download PDF

Info

Publication number
WO2018076356A1
WO2018076356A1 PCT/CN2016/104090 CN2016104090W WO2018076356A1 WO 2018076356 A1 WO2018076356 A1 WO 2018076356A1 CN 2016104090 W CN2016104090 W CN 2016104090W WO 2018076356 A1 WO2018076356 A1 WO 2018076356A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
wake
frame
protection mode
message
Prior art date
Application number
PCT/CN2016/104090
Other languages
French (fr)
Chinese (zh)
Inventor
韩云博
方平
丁志明
李小仙
杨云松
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to PCT/CN2016/104090 priority Critical patent/WO2018076356A1/en
Priority to CN201711052385.6A priority patent/CN108012315B/en
Publication of WO2018076356A1 publication Critical patent/WO2018076356A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. Transmission Power Control [TPC] or power classes
    • H04W52/02Power saving arrangements
    • H04W52/0209Power saving arrangements in terminal devices
    • H04W52/0225Power saving arrangements in terminal devices using monitoring of external events, e.g. the presence of a signal
    • H04W52/0229Power saving arrangements in terminal devices using monitoring of external events, e.g. the presence of a signal where the received signal is a wanted signal
    • H04W52/0235Power saving arrangements in terminal devices using monitoring of external events, e.g. the presence of a signal where the received signal is a wanted signal where the received signal is a power saving command
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. Transmission Power Control [TPC] or power classes
    • H04W52/02Power saving arrangements
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Definitions

  • the embodiments of the present invention relate to the field of communications, and in particular, to a communication method, a network device, and a terminal.
  • WiFi Wireless Fidelity
  • terminals such as workstations
  • LP-WUR Low Power Wake Up Radio
  • WUR Low Power Wake Up Radio
  • the prior art communication method for reducing the power consumption of the terminal is to use the low power WUR instead of the wireless transceiver to listen to the channel when the medium is idle.
  • the wireless transceiver of the terminal enters deep sleep, the low power WUR wakes up and starts working.
  • the AP needs to communicate with the terminal with the WUR and the wireless transceiver, the AP sends a Wake Up Packet (WUP) to the WUR of the terminal, and the WUR that receives the WUP sets the WUR ID in the WUP (ie, the WUR identification information, In the identification of WUR), it is compared with the WUR ID that it is assigned.
  • WUP Wake Up Packet
  • WUR thinks that the WUP is sent to itself, then WUR wakes up the wireless transceiver of the terminal, WUR goes to sleep again, and AP wakes up.
  • the wireless transceiver communicates. After the terminal's wireless transceiver communicates with the AP, it will go to sleep. At the same time, the WUR wakes up and starts to listen to whether there is a WUP sent to itself to wake up the wireless transceiver again.
  • Wake-up receiver WUR in order to achieve low power consumption, its circuit structure, frame structure design (such as WUP), etc. Need to be relatively simple, and low complexity and other factors, vulnerable to attack. Therefore, in order to prevent being attacked, a simplified Frame Authentication Code (FAC) message is added to the WUP to authenticate whether the frame is sent by the AP associated with the terminal.
  • FAC Frame Authentication Code
  • the FAC is part of the WUR ID (ie, the WUR's identification information) and is used by the WUR to identify whether the WUP is sent to itself.
  • the FAC is a verification message that helps the WUR determine whether the WUP is a legitimate message.
  • the general term used in this specification is to treat the FAC as part of the WUR ID.
  • the FAC is updated every time the WUR wakes up the wireless transceiver successfully, that is, the WUR ID is updated each time the wireless transceiver is successfully woken up, which brings additional signaling overhead, out-of-step risk and power consumption.
  • the out-of-synchronization refers to the phenomenon that the AP and the terminal do not update the WUR ID of the WUR (for example, the terminal updates the FAC to the WUR, but the AP side has not been updated).
  • the embodiment of the present invention provides a communication method, a network device, and a terminal.
  • the method effectively reduces the waste of the listening channel when the terminal is idle, and ensures the communication security of the terminal.
  • a communication method comprising: a first device (a network device, such as an access point) receiving a wake-up acknowledgement frame sent by a wireless transceiver (such as an 802.11 transceiver module) of a second device (terminal),
  • the wakeup acknowledgement frame can be a control frame, a data frame, or a management frame.
  • the wakeup confirmation frame includes wakeup indication information, where the wakeup indication information is used to indicate that the wireless transceiver of the second device is awake by the wakeup receiver of the second device after receiving the wakeup frame, and the wakeup frame includes the first identification information of the wakeup receiver,
  • the first identification information is identification information currently used by the wake-up receiver, wherein the first identification information may be complete WUR identification information or part of WUR identification information, such as a complete Medium Access Control (MAC) address or can distinguish Partial address of the MAC address.
  • MAC Medium Access Control
  • a message to be sent to the second device has been determined, the first message being a data frame to enable communication between the first device and the second device.
  • the first device determines the preset time according to the wakeup indication information
  • the first device sends a second message to the second device, where the second message may be a data frame, a control frame, or a management frame, and the second message includes a wake-up receiver.
  • the indication information of the second identifier information or the second identifier information is used by the second device to update the identifier information currently used by the wake-up receiver according to the indication information of the second identifier information or the second identifier information, so as to ensure communication security of the terminal.
  • the first device when the first device needs to transmit other information (such as data) in addition to the second identifier information, the first device first sends a second message including the second identifier information to the second device, and then Transfer subsequent messages.
  • the second device In order to ensure that the transmission of the subsequent message is in the awake state of the wireless transceiver of the second device, and the second message carrying the second identification information has been received, to avoid the first device and the first device caused by the wireless transceiver of the second device entering the sleep state The second device does not synchronize the WUR identification information, and the resulting out-of-step situation.
  • the first device before the first device sends the second message to the second device, the first device encrypts the second message to ensure that the updated second identifier information is not obtained by other devices (attackers). .
  • the first device after the first device sends the second message to the second device, the first device receives, by the second device, the identifier that is currently used by the wake-up receiver according to the indication information of the second identifier information or the second identifier information.
  • the confirmation message of the second message sent after the information, the confirmation message includes the identity verification information of the second device.
  • the first device determines the attribute information of the second device according to the identity verification information; the first device communicates with the second device according to the attribute information of the second device, so that the first device further confirms that the second device has been woken up.
  • the wake-up acknowledgement frame further includes attribute information of the second device, such as address information of the terminal.
  • the first device After the first device receives the wakeup acknowledgement frame sent by the wireless transceiver of the second device, the first device determines the current protection mode of the second device according to the attribute information of the second device, that is, determines that the second device is currently working on the first device. Which protection mode is provided. The first device identifies the duration of the second device working in the current protection mode, and determines whether the current protection mode is based on the recognition result. Switching is performed so that the first device updates the WUR ID of the WUR while avoiding attacks by the attacker, thereby reducing signaling overhead and reducing additional power consumption.
  • the first device identifies the duration of the second device working in the current protection mode, and specifically includes: after the first device determines that the current protection mode of the second device is the first protection mode, the first The protection mode is that each time the wireless transceiver of the second device is woken up by the wakeup receiver of the second device, the first device updates the mode of waking up the identification information of the receiver.
  • the first device identifies whether the second device is attacked within the first duration of the first protection mode. The second device is attacked, that is, the first device receives the wakeup acknowledgement message sent by the second device, but the first device does not send the wakeup frame to the second device within a preset time period.
  • the first device After the first device determines that the awake frame is sent to the second device in the preset time period, the first device switches the current protection mode of the second device according to the recognition result, which includes: when When the first device recognizes that the second device works in the first protection mode for more than the first duration, and the second device is not attacked within the first duration, the first device changes the current protection mode of the second device from The first protection mode is switched to the second protection mode.
  • the method avoids the second device being in the first protection mode with large overhead for a long time, and can flexibly place the second device under different security protection strengths according to actual situations.
  • the first device identifies the duration of the second device working in the current protection mode, and specifically includes: after the first device determines that the current protection mode of the second device is the second protection mode, the second The protection mode is that the first device receives the wake-up acknowledgement frame sent by the wireless transceiver of the second device, and determines that the second device is updated when the first device does not send the wake-up frame to the wake-up receiver of the second device within the preset time period. The mode of waking up the receiver's identification information.
  • the first device identifies the second duration and the number of attacks of the second device operating in the second protection mode.
  • the second device is attacked, that is, the first device receives the wakeup acknowledgement message sent by the second device, but the first device does not send the wakeup frame to the second device within the preset time period.
  • the first device switches the current protection mode of the second device according to the recognition result, which includes: Device identifies the second set The first device switches the current protection mode of the second device from the second protection mode to the first time when the second device is not in the second protection mode and the second device is attacked by the attacker. Protection mode.
  • the method avoids the continuous attack of the second device in the multiple rounds of communication, and can flexibly place the second device under different security protection strengths according to actual situations.
  • another communication method comprising: the wake-up receiver of the second device wakes up the wireless transceiver of the second device after receiving the wake-up frame, and the wake-up frame includes the first identification information of the wake-up receiver, The first identification information is identification information currently used by the wake-up receiver.
  • the first identifier information may be complete WUR identifier information or part of WUR identifier information, such as a complete MAC address or a partial address that can distinguish the MAC address.
  • the wireless transceiver of the second device After being awake, the wireless transceiver of the second device sends a wakeup acknowledgement frame to the first device, and the wakeup acknowledgement frame may be a control frame, a data frame, or a management frame.
  • the wakeup acknowledgement frame includes wakeup indication information, and the wakeup indication information is used to indicate that the wireless transceiver of the second device is woken up by the wakeup receiver of the second device after receiving the wakeup frame.
  • the second device receives the first message sent by the first device, where the first message is that after the first device receives the awake indication information, it is determined that the first device sends the awake frame to the second device after the preset time period, and the first device sends the first message.
  • the message is that the first device has determined to send a message to the second device when sending the wake-up frame, and the first message may be a data frame to implement communication between the first device and the second device. or,
  • the second device receives the second message sent by the first device, and the second message is that after the first device receives the wake-up indication information, the first device determines that the first device does not send the wake-up frame to the second device after the preset time period, the first device sends the second message.
  • the second message may be a data frame, a control frame or a management frame, and the second message includes indication information of the second identifier information or the second identifier information of the wake-up receiver, and the wake-up reception is updated according to the second identifier information or the second identifier information indication information.
  • the identifier information currently used by the device is used by the second device to update the identifier information currently used by the wake-up receiver according to the second identifier information or the indication information of the second identifier information, so as to ensure communication security of the terminal.
  • the second device when the first device has other information besides the second identification information, the second device sequentially receives the second message that is sent by the first device, including the second identifier information, and the subsequent message. In order to ensure that the wireless transceiver of the second device is in the awake state, the subsequent message is received to prevent the first device and the second device from updating the WUR identification information due to the wireless device of the second device entering the sleep state. Step situation.
  • the second message is sent after the first device is encrypted, to ensure that the new second identification information is not obtained by other devices (attackers).
  • the second device updates the identifier information currently used by the wakeup receiver according to the second identifier information or the second identifier information indication information
  • the second device sends a confirmation message of the second message to the first device, where the confirmation message includes the identity verification information of the second device, so that the first device determines the attribute information of the second device according to the identity verification information, and then performs the Communication.
  • the attribute information may be identity information of the terminal or identifier information of the wake-up receiver of the terminal.
  • the wake-up acknowledgement frame further includes the attribute information of the second device, so that the first device determines, according to the attribute information, the current protection mode of the second device, and the duration of the second device working in the current protection mode. Identifying, and switching, according to the recognition result, the current protection mode between the at least two protection modes, where the at least two protection modes include a first protection mode and a second protection mode; wherein the first protection mode is second each time After the wireless transceiver of the device is woken up by the wakeup receiver of the second device, the first device updates the mode of waking up the identifier information of the receiver; the second protection mode is the wakeup sent by the wireless transceiver of the second device receiving the second device.
  • the frame is confirmed, and a mode of updating the identification information of the wake-up receiver when the first device does not send the wake-up frame to the wake-up receiver of the second device within the preset time period is determined.
  • the method avoids the continuous attack of the second device in the multiple rounds of communication, and can flexibly place the second device under different security protection strengths according to actual situations.
  • a network device having a function of implementing the behavior of the network device in the actual method.
  • This function can be implemented in hardware or in hardware by executing the corresponding software.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • a terminal having a function of realizing terminal behavior in the actual method.
  • This function can be implemented in hardware or in hardware by executing the corresponding software.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • another network device may include: a receiver, a transmitter, and a processor.
  • the receiver is configured to receive a wake-up acknowledgement frame sent by the wireless transceiver of the terminal, and the wake-up acknowledgement frame includes wake-up indication information, where the wake-up indication information is used to indicate that the wireless transceiver of the terminal is wake-up by the wake-up receiver of the terminal, wake up after receiving the wake-up frame, and wake up
  • the frame includes first identification information of the wake-up receiver, and the first identification information is identifier information currently used by the wake-up receiver.
  • the processor is configured to determine, according to the wakeup indication information, that the wakeup frame has been sent to the terminal within a preset time period.
  • the transmitter is configured to: when the processor determines that the wake-up frame has been sent to the terminal within the preset time period, send the first message to the terminal, where the first message is a message that the network device has determined to send to the terminal when sending the wake-up frame.
  • the processor is further configured to determine, according to the wakeup indication information, that the wakeup frame is not sent to the terminal within a preset time period.
  • the transmitter is further configured to: when the processor determines that the wakeup frame is not sent to the terminal within the preset time period, send the second message to the terminal, where the second message includes the second identifier information of the wakeup receiver or the indication information of the second identifier information. And updating, by the terminal, the identifier information currently used by the wakeup receiver according to the indication information of the second identifier information or the second identifier information.
  • the network device can also include a memory for storing program instructions and data necessary for the network device.
  • the processor before the transmitter sends the second message to the terminal, the processor is further configured to perform encryption processing on the second message.
  • the receiver is further configured to receive an acknowledgement message sent by the terminal for the second message, where the acknowledgement message of the second message is the terminal according to the second identifier.
  • the information or the indication information of the second identification information is sent after the identifier information currently used by the wake-up receiver is updated, and the confirmation message of the second message includes the identity verification information of the terminal.
  • the processor is further configured to determine the attribute information of the terminal according to the identity verification information of the terminal, and communicate with the terminal according to the attribute information of the terminal.
  • the attribute information may be identity information of the terminal, or terminal Wake up the identification information of the receiver.
  • the wakeup acknowledgement frame further includes the attribute information of the terminal; after receiving the wakeup acknowledgement frame sent by the wireless transceiver of the terminal, the processor is further configured to determine the current protection mode of the terminal according to the attribute information of the terminal. Identifying the duration of the terminal working in the current protection mode, and switching the current protection mode between at least two protection modes according to the recognition result, where the at least two protection modes include the first protection mode And the second protection mode.
  • the processor determines that the current protection mode of the terminal is the first protection mode
  • the first protection mode is that each time the wireless transceiver of the terminal is woken up by the wakeup receiver of the terminal
  • the processor updates the terminal.
  • the processor is specifically configured to identify the first duration in which the terminal operates in the first protection mode.
  • the attack means that the receiver receives the wakeup acknowledgement message sent by the terminal, but the sender does not send the wakeup frame to the terminal within a preset time period.
  • the processor determines, according to the waking indication information, that the awake frame has been sent to the terminal within the preset time period, when the processor recognizes that the terminal works in the first protection mode for more than the first duration, and the terminal is in the first duration
  • the processor switches the current protection mode of the terminal from the first protection mode to the second protection mode.
  • the second protection mode is a wake-up acknowledgement frame sent by the wireless transceiver of the receiver receiving terminal, and determines the preset time.
  • the intra-segment transmitter does not transmit a wake-up frame to the wake-up receiver of the terminal
  • the mode of the terminal's wake-up receiver identification information is updated.
  • the processor is specifically configured to identify the second duration and the number of attacks in which the terminal works in the second protection mode.
  • the attack of the terminal means that the receiver receives the wakeup acknowledgement message sent by the terminal, but the receiver does not send the wakeup frame to the terminal within a preset time period.
  • the processor After the processor determines, according to the wakeup indication information, that the wakeup frame is not sent to the terminal within a preset time period, when the processor recognizes that the terminal works in the second protection mode, the time does not exceed the second duration, and the terminal When the number of attacks is not less than the attack threshold, the processor switches the current protection mode of the terminal from the second protection mode to the first protection mode.
  • a computer storage medium for storage for the network device
  • Computer software instructions comprising programs designed to perform the above aspects.
  • another terminal comprising: a wake-up receiver, a processor and a wireless transceiver.
  • the wake-up receiver is used to receive the wake-up frame.
  • the processor is configured to wake up the wireless transceiver of the terminal after receiving the wake-up frame, where the wake-up frame includes the first identifier information of the wake-up receiver, where the first identifier information is identifier information currently used by the wake-up receiver.
  • the wireless transceiver is configured to send a wake-up acknowledgement frame to the network device, where the wake-up acknowledgement frame includes wake-up indication information, and the wake-up indication information is used to indicate that the wireless transceiver is the wake-up receiver wakes up after receiving the wake-up frame.
  • the wireless transceiver is configured to receive the first message sent by the network device, where the first message is that after the network device receives the wake-up indication information, the network device determines that the network device sends the wake-up frame to the wake-up receiver after the preset time period, and the first message is The network device has determined the message to be sent to the wireless transceiver when transmitting the wake-up frame.
  • the wireless transceiver is further configured to receive a second message sent by the network device, where the second message is that after the network device receives the wake-up indication information, the network device determines that the network device does not send the wake-up frame to the wake-up receiver after the preset time period,
  • the second message includes indication information of the second identification information or the second identification information of the wake-up receiver, the second identification information or the indication information of the second identification information.
  • the processor updates the identifier currently used by the wake-up receiver according to the second identification information or the second identification information indication information.
  • the terminal can also include a memory for storing program instructions and data necessary for the terminal.
  • the second message is sent after the network device is encrypted.
  • the processor updates the identifier information currently used by the wakeup receiver according to the second identifier information or the indication information of the second identifier information
  • the wireless transceiver sends an acknowledgement message of the second message to the network device, where the acknowledgement message includes the identity verification information of the terminal, so that the network device determines the identity information of the terminal according to the identity verification information, and then communicates with the network device.
  • the wake-up acknowledgement frame further includes attribute information of the terminal, so that the network device determines, according to the attribute information, that the current protection mode of the terminal identifies the duration of the terminal working in the current protection mode, and according to the recognition result,
  • the current protection mode is between at least two protection modes The switching is performed, and the at least two protection modes include a first protection mode and a second protection mode.
  • the first protection mode is that after the wireless transceiver is woken up by the wake-up receiver, the network device updates the mode of waking up the identifier information of the receiver; and the second protection mode is that the network device receives the wake-up acknowledgement frame sent by the wireless transceiver. And determining a mode for updating the identifier information of the wake-up receiver when the network device does not send the wake-up frame to the wake-up receiver within the preset time period.
  • a computer storage medium for storing computer software instructions for use with the network device described above, including a program designed to perform the above aspects.
  • FIG. 1 is a schematic structural diagram of a WLAN system according to an embodiment of the present disclosure
  • FIG. 2 is a schematic structural diagram of an AP and a terminal shown in FIG. 1;
  • FIG. 3 is a signaling interaction diagram of a communication method according to an embodiment of the present invention.
  • FIG. 4 is a frame structure of a wake-up acknowledgement frame according to an embodiment of the present invention.
  • FIG. 5 is a frame structure of a wake-up acknowledgement frame in the prior art
  • FIG. 6 is a frame structure of another wake-up acknowledgement frame according to an embodiment of the present invention.
  • FIG. 7 is a schematic diagram of a frame structure of another wake-up acknowledgement frame according to an embodiment of the present invention.
  • FIG. 8 is a schematic diagram of a frame structure of another wake-up acknowledgement frame according to an embodiment of the present invention.
  • FIG. 9 is a schematic diagram of a frame structure of another wake-up acknowledgement frame according to an embodiment of the present invention.
  • FIG. 10 is a flowchart of a communication method according to an embodiment of the present invention.
  • FIG. 11 is a flowchart of a state switching of a protection mode according to an embodiment of the present invention.
  • FIG. 12 is a flowchart of another communication method according to an embodiment of the present invention.
  • FIG. 13 is a schematic structural diagram of a network device according to an embodiment of the present disclosure.
  • FIG. 14 is a schematic structural diagram of a terminal according to an embodiment of the present disclosure.
  • FIG. 15 is a schematic structural diagram of another network device according to an embodiment of the present disclosure.
  • FIG. 16 is a schematic structural diagram of another terminal according to an embodiment of the present invention.
  • the communication method provided by the present invention can be applied to a WLAN system, which can include a terminal and an AP.
  • the WLAN system may include an AP (first device), a terminal (second device) associated with the AP, and an attacker AP1 (third device).
  • AP first device
  • second device terminal
  • attacker AP1 third device
  • the terminal may be referred to as a user equipment (UE), a mobile station (MS), a mobile terminal, a computer, a microcomputer, or the like, or may be a 5G terminal.
  • the terminal may be a mobile phone (or "cellular" phone), a mobile computer, a computer with a mobile terminal, a smart watch, etc., for example, the terminal may also be portable, pocket-sized, handheld, built-in or on-board Mobile devices that exchange voice and/or data with wireless access devices.
  • the terminal further includes a terminal with wired access with multiple bearer features.
  • the terminal may include a wireless transceiver (such as an 802.11 primary transceiver module, also referred to as a WiFi transceiver) and a WUR, which is used to receive a wake-up frame to wake up the wireless transceiver.
  • the AP includes at least a wireless transceiver (such as an 802.11 primary transceiver module).
  • the WLAN system involves communication between the AP and the WUR in the terminal, communication between the wireless transceiver of the terminal and the wireless transceiver of the AP, communication from the attacker AP1 to the WUR in the terminal, and the attacker AP1 to AP communication.
  • the communication between the attacker AP1 and the WUR of the terminal may include: the attacker AP1 sends the wakeup frame WUP containing the WUR identification information to the WUR of the terminal by acquiring the WUR identification information (WUR ID) in the terminal, in an attempt to wake up the terminal. Communication of the wireless transceiver.
  • the communication from the attacker AP1 to the AP may include: the attacker AP1 sends a message to the AP through the wireless transceiver masquerading as the terminal, and causes the AP to update the communication of the identification information to the WUR of the terminal.
  • the WUR identification information can be updated, that is, all can be changed, or can be
  • the WUR identification information may include a single user (SU) ID, a multi-user (MU) ID, and a broadcast ID of the WUR, and any one of the WUR IDs may wake up the wireless transceiver of the terminal. .
  • the WUR identification information can be updated in its entirety or partially.
  • the identification information of the WUR may also include a simplified frame verification code (FAC), that is, the identification information of the WUR is updated by the change of the FAC.
  • FAC frame verification code
  • the AP may perform protection mode setting on the at least one terminal, thereby facilitating updating the WUR ID of the WUR in the terminal to avoid attack by the attacker AP1.
  • the second device wakes up the protection of the receiver, thereby reducing signaling overhead, reducing additional power consumption, and improving the working flexibility of the WUR in the terminal for different situations.
  • the AP may provide protection for at least one terminal by including one or more protection modes, and the AP may provide the following protection modes:
  • the AP can set a strict protection mode for the terminal (recorded as the first protection mode), or set a loose protection mode for the terminal (referred to as the second protection mode).
  • the first protection mode refers to a mode in which the AP updates the identification information of the WUR after the wireless transceiver of the terminal is successfully awake by its WUR.
  • the method for the AP to update the WUR identification information may be any of the following two methods:
  • the AP sends a frame authentication code (FAC) message or a new WUR used for the next communication of the WUR of the terminal to the wireless transceiver of the terminal.
  • FAC frame authentication code
  • the AP does not directly send the FAC information used by the WUR of the terminal to the wireless transceiver of the terminal, but when the AP is associated with the terminal, or when the current protection mode of the terminal is switched to the first protection mode,
  • the AP sends a key to the wireless transceiver of the terminal, and the AP and the terminal Use the same algorithm separately, and use the key and some current information (such as the FAC used by the WUR of the terminal at the time of communication) to calculate the new FAC information (ie, the new identifier) used by the WUR for the next communication between the AP and the terminal.
  • Information after the communication between the AP and the wireless transceiver of the terminal ends, the AP updates the FAC information of the WUR synchronously with the WUR of the terminal, and does not require additional message interaction.
  • the second protection mode is that when the AP receives the wakeup acknowledgement frame sent by the terminal, and determines that the AP does not send the WUP to the WUR of the terminal within the preset time period, the identifier information of the WUR may be updated, and the terminal receives the terminal at the AP.
  • the sent wakeup confirmation frame determines the mode of not updating the WUR identification information when the AP has sent the WUP to the WUR of the terminal within the preset time period.
  • the wake-up acknowledgement frame WUP is sent by the wireless transceiver of the terminal to the AP after the wireless transceiver of the terminal is successfully woken up by the WUR, and the wireless transceiver of the portable terminal has been woken up by the WUR.
  • the AP may set the first duration, the second duration, and the first integer (attack threshold).
  • the first duration of the first protection mode is to maintain the duration of the WUR of the terminal that is not awake or attacked by the terminal.
  • the AP determines whether the current protection mode of the terminal needs to be switched from the first protection mode to the second protection mode.
  • the false wake-up refers to the behavior of the wireless transceiver that wakes up the terminal after receiving the WUR error of the terminal and receiving the wake-up frame of the WUR in the other terminal (the WUR of the terminal mistakenly believes that the AP sends the wake-up frame to the AP). It should be noted that the probability that the terminal is erroneously awake in a short time is very low.
  • the WUR of the terminal is attacked, which refers to the behavior of the wireless transceiver that wakes up the terminal after the WUR of the terminal receives the wake-up frame sent by the attacker AP1. It should be noted that if there is an attacker AP1, the terminal will be continuously attacked in a short time, thereby continuously waking up the wireless transceiver.
  • the AP receives the wake-up acknowledgement frame sent by the wireless transceiver of the terminal. If the wake-up frame is not sent to the WUR of the terminal within the preset time period, the AP considers that the terminal is falsely awake or attacked. At this time, the AP determines whether the time that the terminal continues to be erroneously awake or attacked exceeds the first duration. If the first duration is exceeded, the AP switches the current protection mode of the terminal from the first protection mode to the second protection mode. After a period of time, the AP updates the identification information of the WUR and sets the first duration again.
  • the AP judges that the terminal is continuously awake or attacked by the AP: It is assumed that the wake-up frame is not sent to the WUR of the terminal within the time period, but when the wake-up acknowledgement frame sent by the wireless transceiver of the terminal is continuously received, the AP considers that the terminal continues to be awake or attacked by mistake (in the present specification, "wrong wake-up or The expression “by attack” is unified as “attacked”).
  • the second duration and the first integer act in the second protection mode.
  • the second duration is the duration of whether the WUR of the AP records the first integer attack, and is used to determine whether the current protection mode of the terminal needs to be switched from the second protection mode to the first protection mode to determine whether the WUR of the terminal is sustained.
  • the first integer is the threshold of the number of times the WUR of the terminal is continuously attacked. When the number of attacks by the terminal in the second time is not less than the first integer number, the AP considers that the WUR of the terminal is much more likely to be attacked than the false wakeup. If it is less than the first integer number, the AP considers that the WUR of the terminal has a certain probability of being awakened by mistake.
  • the terminal works in the first duration of the first protection mode. After the wireless transceiver of the terminal is successfully awake by the WUR, the AP updates the identification information of the WUR; the terminal works in the first protection mode, and after the first duration, The terminal has not been attacked for the first time period, and the AP switches the current protection mode of the terminal from the first protection mode to the second protection mode.
  • the AP receives the wake-up acknowledgement frame, and determines that the AP does not send the WUP to the WUR of the terminal within the preset time period, and if the terminal is attacked by at least the first integer, the AP will be the terminal.
  • the current protection mode is switched from the second protection mode to the first protection mode to update the WUR identification information. If the terminal is less than the first integer attack, the AP may not update the WUR identification information according to the actual situation.
  • the AP receives the wake-up acknowledgement frame, and determines that the AP does not send the WUP to the WUR of the terminal within the preset time period, the AP interacts with the terminal to complete the current round of communication normally.
  • the AP may further include a first timer, a second timer, and a third timer.
  • the first timer is used to time the first protection mode to determine if it has operated for a sufficient amount of time due to additional overhead and risk.
  • the second timer is used to time the second protection mode to determine whether the WUR is subjected to a persistent attack to avoid false wake-up of the terminal.
  • the third timer is used to set a preset time period to determine whether the terminal is attacked.
  • the AP In the first protection mode, when the working state of the first timer is the timing state, each time the wireless transceiver of the terminal is successfully woken up by the WUR, the AP updates the identification information of the WUR; When the state changes to the stop state, the AP switches the current protection mode of the terminal from the first protection mode to the second protection mode.
  • the AP receives the wake-up acknowledgement frame, and determines that the AP does not send the WUP to the WUR of the terminal within the preset time period, and the working state of the second timer is the timed state, and the AP considers that the terminal is continuously attacked.
  • the AP switches the current protection mode of the terminal from the second protection mode to the first protection mode to update the WUR identification information.
  • the AP receives the wakeup acknowledgement frame, it determines that the AP does not send the WUP to the WUR of the terminal within the preset time period.
  • the working state of the second timer is a stop state, and the AP interacts with the terminal to complete the current round of communication normally.
  • the AP performs the same protection mode setting on at least one terminal, or performs the same protection mode setting on at least two terminals.
  • the protection mode setting of the three terminals by the AP is taken as an example, and the setting result of the AP to the terminal protection mode may be as shown in the terminal protection mode table 1.
  • terminal 1 is set to operate in a first protection mode (current protection mode)
  • terminal 2 is set to operate in a second protection mode
  • terminal 3 is set to operate in a first protection mode.
  • the AP can query the current protection mode of the terminal through the attribute information of the terminal.
  • the attribute information of the terminal may be the identity information of the terminal or the wake-up receiver of the terminal. Identification information, and so on.
  • the AP may set the duration of the timing state of the second timer to be shorter than the duration of the timing state of the first timer, and if the duration of the timing state of the second timer may be set to 1 hour, The duration of the timing state of the first timer can be set to 6 hours to prevent the wireless transceiver of the terminal from sleeping prematurely, and the AP and the terminal are not synchronized to update the WUR ID, that is, out of synchronization.
  • the AP can reasonably switch the current protection mode of the terminal between the first protection mode and the second protection mode.
  • the functions of the first timer and the second timer can be implemented by a software program.
  • the attacker AP1 obtains the first identification information of the WUR in the terminal and sends the WUP to the WUR of the terminal; the AP associates a terminal as an example, and details the communication method between the AP and the terminal.
  • FIG. 3 is a signaling interaction diagram of a communication method according to an embodiment of the present invention. As shown in FIG. 3, the method may include:
  • Step 310 The AP receives a wake-up acknowledgement frame sent by the wireless transceiver of the terminal, where the wake-up acknowledgement frame may include first indication information (wake-up indication information), where the first indication information is used to indicate that the wireless transceiver of the terminal is awakened by the terminal.
  • the receiver wakes up after receiving the wake-up frame.
  • the wakeup acknowledgement frame can be a control frame, a data frame, or a management frame.
  • the first indication information may be identified by at least one bit in each of the foregoing frame structures.
  • step 308 is performed, and the AP or the attacker AP1 may send a wake-up frame to the terminal to wake up the terminal.
  • the wake-up frame WUP may include first identification information (original identification information) of the wake-up receiver, and the first identification information may be complete WUR identification information or partial WUR identification information, such as complete Medium Access Control (MAC). Address, or energy zone Partial address of the MAC address.
  • first identification information original identification information
  • MAC Medium Access Control
  • the attacker AP1 monitors the first identification information of the terminal, the attacker AP1 sends a wake-up frame to the WUR of the terminal to wake up the wireless transceiver of the terminal, that is, the terminal is attacked by the attacker AP1.
  • Step 309 after receiving the wake-up frame, the WUR of the terminal sends a first trigger signal to the wireless transceiver of the terminal for waking up the wireless transceiver of the terminal. After waking up the wireless transceiver of the terminal, the WUR of the terminal goes to sleep.
  • step 310 further, if the AP receives the wake-up acknowledgement frame sent by the wireless transceiver of the terminal within the preset time period, the AP considers that the wireless transceiver of the terminal is successfully awake. If the AP does not receive the wake-up acknowledgement frame sent by the wireless transceiver of the terminal, the AP considers that the wireless transceiver of the terminal is attacked.
  • the manner in which the AP sets the preset time period may include, but is not limited to, a manner of setting a preset time period by using a third timer, for example, the AP may set the preset time period of the third timer from 50 ms to zero. Or increase from zero to 50 ms; or, by recording the time A of transmitting the wake-up frame and the time B of receiving the wake-up acknowledgement frame sent by the terminal, the manner of whether the difference between the time A and the time B is within the preset time period is obtained. It can be understood that the AP sends a wake-up frame to the terminal. If the AP does not receive the wake-up acknowledgement frame sent by the wireless transceiver of the terminal within the preset time period, the AP does not successfully wake up the wireless transceiver of the terminal.
  • the preset time period is set by using the third timer as an example. According to the actual design requirements of the user or the operator, different or the same preset time periods may be set for different terminals associated with the AP. If the AP wants to delay the wireless transceiver of the terminal after delaying for a period of time (such as delay of 300ms), the AP may set the preset time period of the third timer for the terminal to the remaining 30-0ms of the third timer (eg, from 300ms). The countdown starts from +50ms, the first 300ms is the delay time), or the third timer is between 300-350ms (positive counting from 0ms, the first 300ms is the delayed time). It can be understood that the AP can simultaneously wake up multiple terminals associated with the AP by setting a delay time for the preset time period.
  • the wakeup acknowledgement frame when the wakeup acknowledgement frame is a control frame, the wakeup acknowledgement frame may be an improved PS-Poll frame or a new control frame.
  • the control frame includes a frame control (FC) field, an ID field of an ID value assigned by the AP for the wireless transceiver of the AP, a receive address (RA) field, and a transmit address (transmit address).
  • FC frame control
  • RA receive address
  • Tx transmit address
  • TA TA domain
  • WUR identification information may be WUR ID Index
  • FCS frame check sequence
  • the WUR identification information field is added in the PS-Poll frame, and the WUR identification information field is used to carry the second indication information.
  • the second indication information may indicate complete or partial first identification information (such as a single user ID, multi-user ID or broadcast ID of the WUR) in the wake-up frame WUP, or location information indicating the first identification information in the wake-up frame WUP .
  • the WUR identification information field can contain 2 bits, different first identification information can be configured with different address information. For example, address 01 assigns a single user ID of WUR; address 10, assigns a first multi-user ID of WUR (one of multi-user IDs); address 11, assigns a first broadcast ID of WUR (one of multi-broadcast IDs).
  • At least one indicator bit may be reserved in the FC domain to identify the first indication information.
  • the type type subfield in the FC domain indicates that the frame is a control frame (that is, the type subfield value is set to B3B2 is 01)
  • four sub-indicators are reserved in the subtype subtype subfield (0000). -0011), but in the 802.11ax standard, one of the four indicator bits reserved by the subtype subfield needs to be occupied by an indication bit, so that one of the remaining three indicator bits can be used in the subtype subfield to identify the An indication message.
  • B2-B7 represents the bit
  • control frame extension control frame extension
  • the type subfield in the FC domain is indicated as a control frame (ie, a type subfield value) When set to 01), and the subtype subfield is 0110, the B11-B8 bits of the FC domain are control frame extension fields, and seven indicator bits (0000, 0001, 1011-1111) are reserved in the control frame extension field.
  • the first indication information can be identified by one of seven indicator bits in the control frame extension field.
  • the frame type is a control frame, and the subtype field value is not 0110 (ie, there is no control frame extension field), the protocol version field is used to indicate the protocol of the frame; the type field and the subtype are (subtype) field, used to jointly indicate the type of the frame;
  • To DS field indicating that the frame is a basic service set (BSS) sent to the routing server (DS); the From DS field indicates that the frame is The frame sent by the DS to the BSS; the more frag field is used to indicate whether the long frame is segmented, whether there are other frames, and the retry field is used for frame retransmission, and the receiving terminal utilizes
  • the domain eliminates the retransmission frame; the power management domain, 1 indicates that the STA is in the power saving mode; 0 indicates that it is in the non-power saving mode; and the More Data field: 1 indicates that at least one data frame
  • Protected frame Indicates whether the frame body part contains data processed by the key set; the order field: 1 indicates whether the long frame segment transmission is strictly numbered.
  • Left six indicator positions (B8-B11, B14-B15) It is an idle bit (the six indicator bits are set to zero by default), that is, there is no special meaning, so the first indication information can be identified by one of the six indication bits in B8-B11, B14-B15.
  • the wakeup acknowledgement frame when the wakeup acknowledgement frame is a data frame, the wakeup acknowledgement frame may be a new null data packet (NDP) frame.
  • NDP null data packet
  • the NDP frame is similar to the PS-Poll frame to inform the terminal that it has awake, but structurally, the frame length of the NDP frame is shorter than the frame length of the PS-Poll frame, which can save transmission time, such as the 802.11ah protocol.
  • the length of the NDP frame (NDP_1M PS-Poll) with the PS-Poll frame function of 1 MHz is 25 bits
  • the length of the NDP_2M PS-Poll with the bandwidth of 2 MHz is 37 bits
  • the traditional PS-Poll frame is 160 bits
  • the bandwidth is 20 MHz.
  • the data frame may include an NDP Frame Control (NDP FC Control) field, a short receiving address RA field, a short sending address TA field, and a WUR identification information field carrying indication information.
  • NDP FC Control NDP Frame Control
  • the NDP frame control field can be used to indicate the frame type of the WUR wakeup acknowledgement frame.
  • the indication information in the WUR identification information field may indicate that the terminal is awake, wake up the complete or short first identification information in the frame WUP (such as the single user ID of the WUR, the first multi-user ID or the first broadcast ID), or indicate wake-up Location information of the first identification information in the frame WUP.
  • the wakeup acknowledgement frame when the wakeup acknowledgement frame is a management frame, for example, the wakeup acknowledgement frame may be a function frame, and the function frame is a management subtype frame for requesting the AP to take necessary actions, such as a channel switch announcement.
  • the management frame may include an FC domain, a Duration field, a Receive Address field (Address1), a Send Address (Address2) field, a Receiver Address (Address3) field, and a Sequence Control (Sequence Control) field.
  • HT Control HT Control
  • FCS Frame Body field
  • the Duration field is used to schedule the time occupied by the channel.
  • the Address3 field can be the receiving address of the final recipient after the transmitted message is forwarded multiple times over Ethernet.
  • the Sequence Control field is used to reassemble frame fragments or discard duplicate frames.
  • the Frame Body field is used to carry specific types and interpretation information of some frames, such as channel switching announcements.
  • the HT Control field is used to indicate some control information. It should be noted that the frame format of the management frame is independent of the subtype of the frame, and the address field field does not change with the subtype of the frame. When the subtype of the frame changes, only the Frame Body field changes.
  • the Frame Body field includes at least two parts, a Category field and a WUR ID Index field.
  • the Category field is used to indicate that the management frame is a wake-up acknowledgement frame.
  • the WUR ID index field is used to carry the second indication information, where the second indication information may indicate complete or partial first identification information (such as a single user ID, multi-user ID or broadcast ID of the WUR) in the wake-up frame WUP, or The location information of the first identification information in the wakeup frame WUP.
  • the frame length of the WUR ID Index field in the wakeup acknowledgement frame can be 0 bits, where the AP can The WUR wakeup confirmation frame is judged to have a WUR ID Index field by the received WUR wakeup confirmation frame length.
  • the first indication information in the Category field may be used to determine whether the management frame has a WUR ID Index field.
  • Step 320 The AP sends the first message or the second message to the terminal according to the first indication information.
  • the first message is a data frame
  • the second message may be a data frame, a control frame, or a management frame.
  • the AP determines, according to the first indication information, whether the awake frame is sent to the terminal within a preset time period.
  • the AP determines, according to the first indication information, that the awake frame has been sent to the terminal within the preset time period, that is, the wireless transceiver of the terminal is normally awake by the AP, the AP sends a first message to the terminal, where the first message may include The first data information is used to implement normal communication between the terminal and the AP.
  • the AP determines, according to the first indication information, that the awake frame is not sent to the terminal within the preset time period, that is, the wireless transceiver of the terminal is awake by mistake or the WUR is attacked by the attacker AP1, and the AP sends and receives the awake to the terminal.
  • the second message may include the second identifier information of the wake-up receiver, where the second identifier information is obtained by the AP by updating the first identifier information, so as to prevent the WUR of the terminal from being continuously attacked and continuously waking up the terminal.
  • the wireless transceiver causes the energy of the terminal to be quickly consumed, and achieves normal communication between the terminal and the AP.
  • the AP encryption method may include:
  • the AP adopts a process similar to updating the Group Temporal Key (GTK) in 802.11.
  • GTK Group Temporal Key
  • the AP sends an improved message of the Extensible Authentication Protocol over LAN (EAPOL) key to the terminal.
  • EAPOL Extensible Authentication Protocol over LAN
  • the message may include an encrypted data portion (ie, second identification information) and Message Integrity Code (MIC) information for verifying the identity of the sender (eg, AP).
  • MIC Message Integrity Code
  • the AP defines a new encrypted management frame that is similar to a functional frame.
  • the management frame carrier can carry MIC and some other encrypted information (such as second identification information).
  • the AP uses the encrypted data frame, and the data part carries the second identification information.
  • the second message may further include indication information, such as a key, for waking up the second identifier information of the receiver, to indicate that the terminal uses the same algorithm to calculate the AP and the terminal by using the key and the first identifier information.
  • indication information such as a key
  • the AP needs to transmit other information (such as a data frame carrying the first data information) in addition to the second identifier information
  • the AP sends the second message including the second identifier information to the terminal, and then transmits the subsequent message. (such as data frames).
  • the transmission of the subsequent message ensures that the wireless transceiver of the terminal is awake and has received the second message carrying the second identification information, so as to prevent the AP and the terminal from updating the WUR identification information due to the wireless transceiver of the terminal entering the sleep state. , that is, the second identification information.
  • Step 330 The terminal sends an acknowledgement message to the AP.
  • the terminal sends a first acknowledgement message (a confirmation message for the first message) to the AP. If the wireless transceiver of the terminal receives the second message, the terminal sends a second acknowledgement message (a confirmation message for the second message) to the AP.
  • the first acknowledgement message and the second acknowledgement message may be a control frame (such as ACK), a data frame (such as data+ACK, etc.), or a management frame.
  • a control frame such as ACK
  • a data frame such as data+ACK, etc.
  • a management frame such as a management frame.
  • first confirmation message and the second confirmation message may be the same or different.
  • the first acknowledgement message is used to instruct the terminal to receive the first data information.
  • the wireless transceiver of the terminal can wait for a period of time (for example, 100 ms) to enter the sleep state. During this time, the terminal can wait for the third acknowledgement message sent by the AP, the third acknowledgement message. It is used to indicate that the AP receives the foregoing first acknowledgement message sent by the terminal.
  • the wireless transceiver of the terminal is going to sleep, the wireless transceiver sends a second trigger signal to the WUR for waking up the WUR. This round of communication is completed.
  • the second acknowledgement message may include the terminal.
  • the authentication information (such as MIC) enables the AP to determine the attribute information of the terminal, such as the identity information of the terminal, according to the authentication information, so that the AP communicates with the terminal.
  • the second acknowledgement message may be the improved EAPOL_key response frame.
  • the second confirmation message may include MIC information of the terminal.
  • the second acknowledgement message may also be a frame of the improved Action frame, and the frame body may carry the MIC information.
  • the wireless transceiver of the terminal can wait for a period of time (for example, 100 ms) to enter the sleep state. During this time, the terminal can wait for the third acknowledgement message sent by the AP, the third acknowledgement message. It is used to indicate that the AP receives the foregoing acknowledgement message sent by the terminal.
  • the terminal and the AP can confirm each other to obtain the second identification information, thereby reducing the risk of losing synchronization.
  • the wireless transceiver of the terminal When the wireless transceiver of the terminal is going to sleep, the wireless transceiver sends a second trigger signal to the WUR for waking up the WUR, and the AP and the terminal also update the corresponding WUR identification information. This round of communication is completed.
  • the first acknowledgement message and the second acknowledgement message may further include the second data information.
  • Each step in the foregoing method implements the first indication information that the wireless receiver carrying the terminal in the wakeup acknowledgement frame sent by the WUR wakes up to the AP after the wireless receiver of the terminal is awake by the WUR is WUX awake, so that the AP sends the WUP according to whether the WUP has been sent before. It is determined whether the WUR is attacked, and whether to update the WUR ID, thereby effectively reducing the waste of the listening channel when the terminal is idle, and ensuring the communication security of the terminal by updating the WUR ID.
  • the wakeup acknowledgement frame may include attribute information of the terminal, such as address information of the terminal.
  • the AP may obtain the current protection mode of the terminal from the protection mode table of the terminal according to the address information of the terminal, that is, the current terminal works in the first protection mode or in the second protection mode.
  • the AP identifies the length of time that the terminal has been active in the current protection mode and the number of times the attack was attacked within that duration. That is, the AP identifies whether the duration of the WUR that has not been attacked exceeds the first duration for the terminal operating in the first protection mode; or, the AP operates the terminal in the second protection mode, and the WUR is in the Whether the number of attacks received within two hours exceeds the first integer for identification.
  • the AP switches the current protection mode of the terminal between the at least two protection modes according to the identification result, and the at least two protection modes include a first protection mode and a second protection mode.
  • the AP switches the current protection mode of the terminal from the first protection mode to the second protection mode to avoid being in the first time for a long time. Protect the mode with more overhead and risk. Subsequent communications will operate in the first protection mode. This round of communication ends when all message interactions are completed.
  • the AP updates the WUR in the terminal after receiving the wake-up acknowledgement frame, that is, after the terminal is woken up.
  • An identification information This round of communication ends when all message interactions are completed.
  • the process of updating the first identifier information by the AP may be performed when the AP associates with the terminal, and the AP sends a key to the wireless transceiver of the terminal, and the AP and the terminal use the same algorithm to pass the key and the current information (such as the current communication).
  • the FAC or FCS used by the WUR calculates the new FAC information used by the AP and the WUR for the next communication. After the communication between the AP and the wireless transceiver is successfully completed, the AP and the terminal synchronize the FAC information in the WUR.
  • the AP can also take steps. The manner in which the encrypted second message is sent to the terminal in 320.
  • the AP When the terminal is in the second protection mode, and the number of times the WUR of the terminal is attacked in the second time period reaches at least the first integer, the AP replaces the first identification information of the WUR, and switches the current protection mode of the terminal from the second protection mode to The first protection mode. That is to say, the communication after the terminal will operate in the first protection mode.
  • the AP In the first protection mode, each time the WUR successfully wakes up the wireless transceiver of the terminal, the AP updates the identification information of the WUR. End this round of communication and wait for the next round of communication. It should be noted that the probability of a false wake-up occurring continuously or repeatedly in the second time period is extremely small.
  • the wireless transceiver of the terminal is used by the terminal WUR.
  • the AP considers that the WUR of the terminal is subjected to a persistent attack, and the AP switches the current protection mode of the terminal from the second protection mode to the first protection mode.
  • the AP determines that the wake-up frame is not sent to the terminal within the preset time, and the number of times the WUR of the terminal is attacked within the second time period does not reach the first integer, the AP determines that the WUR of the terminal is attacked. Update the WUR identification information without changing the protection mode of the terminal.
  • the first integer here is a positive integer.
  • the AP determines that the current protection mode of the terminal is not immediately switched from the second protection mode to the first protection mode after the WUR is attacked, in order to avoid false wake-up caused by a small probability. That is to say, if the terminal is occasionally woken up by mistake for a period of time (the criterion is that the wireless transceiver of the terminal is attacked less than the first integer number within the second time period), the AP does not switch the protection mode to avoid false wake-up.
  • the AP When the terminal is in the second protection mode, and the AP determines that the awake frame is sent to the WUR of the terminal within the preset time, the AP sends a first message to the terminal, where the first message may include the first data information to implement the connection between the terminal and the AP. Normal communication.
  • the AP identifies the operating state of the timer in the current protected mode. That is, the AP identifies the working state of the first timer in the first protection mode; or, the AP identifies the working state of the second timer in the second protection mode.
  • the AP switches the current protection mode of the terminal according to the recognition result of the timer state.
  • the AP switches the current protection mode of the terminal from the first protection mode to the second protection mode to avoid being in the first protection mode for a long time. It creates more overhead and risk. Subsequent communications will operate in the first protection mode. This round of communication ends when all message interactions are completed.
  • the AP updates the WUR of the terminal every time the AP receives the wakeup acknowledgement frame, that is, after the wireless transceiver of the terminal is woken up.
  • An identification information This round of communication ends when all message interactions are completed.
  • the process of updating the first identifier information may be performed when the AP associates with the terminal, and the AP sends a key to the terminal.
  • the wireless transceiver, the AP and the terminal use the same algorithm to calculate the new FAC information used by the AP and the WUR for the next communication by the key and the current information (such as the FAC or FCS used in the communication WUR).
  • the AP synchronizes with the terminal to update the FAC information in the WUR.
  • the method of sending the encrypted second message to the terminal in step 320 may also be adopted.
  • the AP When the terminal is in the second protection mode, and the AP determines that the wake-up frame is not sent to the terminal within the preset time, and the working state of the second timer is the timed state, the AP switches the current protection mode of the terminal from the second protection mode to the first A protection mode, that is, the AP turns off the second timer, starts the first timer, and sets the duration of the timing state. That is to say, the subsequent communication will operate in the first protection mode. Before the first timer expires, the AP updates the WUR identification information each time the WUR successfully wakes up the wireless transceiver. End this round of communication and wait for the next round of communication.
  • the probability of a false wake-up occurring continuously or repeatedly in the timed state of the second timer is extremely small, so that the AP does not transmit the WUP again during the time period, but the wireless transceiver of the terminal is the WUR of the terminal.
  • the AP considers that the terminal is subjected to a persistent attack, and the AP switches the current protection mode of the terminal to the first protection mode.
  • the first timer can set a longer timing state duration, so that the attacker AP1 is allowed to leave in the timing state of the first timer, and avoid switching the current protection mode of the terminal back to the second protection mode in a short time.
  • the AP determines that the wake-up frame is not sent to the terminal within the preset time, and when the working state of the second timer is the stop state, the AP starts the second timer and sets the duration of the timed state. Complete communication of all messages and wait for the next round of communication.
  • the AP determines that the current protection mode of the terminal is not immediately switched to the first protection mode after the WUR is attacked, in order to avoid false triggering caused by a small probability. That is to say, if the terminal is attacked for the first time (the criterion is that there is no second timer being counted), the AP does not switch the current protection mode of the terminal to avoid false triggering.
  • the AP When the terminal is in the second protection mode, and the AP determines that the awake frame is sent to the terminal within the preset time, the AP sends a first message to the terminal, where the first message may include the first data information, so as to implement normal communication between the terminal and the AP. .
  • FIG. 10 is a flowchart of a communication method according to an embodiment of the present invention. As shown in FIG. 10, the method includes:
  • Step 1001 The AP or the attacker AP1 sends a wake-up frame to the terminal to successfully wake up the terminal.
  • the AP or the attacker AP1 sends a wake-up frame to the WUR of the terminal, and successfully wakes up the wireless transceiver of the terminal.
  • Step 1002 The AP receives a wakeup acknowledgement frame sent by the terminal.
  • the AP receives the wake-up acknowledgement frame sent by the wireless transceiver of the terminal.
  • Step 1003 The AP determines a current protection mode of the terminal according to the wakeup acknowledgement frame.
  • step 1004 is performed;
  • step 1006 is performed.
  • Step 1004 The current protection mode of the terminal is the first protection mode, and the AP updates the identifier information of the terminal WUR, and then step 1005 is performed.
  • step 1004 data transmission may be performed between the AP and the terminal.
  • Step 1005 End the current round communication, and wait for the next AP or the attacker AP1 to send a wake-up frame to the WUR of the terminal and successfully wake up the terminal, and return to step 1001.
  • Step 1006 The current protection mode of the terminal is a second protection mode, and the AP determines whether the WUR of the terminal is attacked.
  • step 1008 is performed;
  • step 1007 is performed.
  • Step 1007 The AP and the terminal transmit data, and then step 1005 is performed.
  • Step 1008 The AP updates the identifier information of the terminal WUR, and then performs step 1005.
  • data transmission may be performed between the AP and the terminal.
  • FIG. 11 is a flowchart of state switching of a protection mode according to an embodiment of the present invention. As shown in FIG. 11, the method includes:
  • Step 1101 The terminal is in the first protection mode.
  • Step 1102 When the duration of the terminal that is not erroneously awake or not attacked exceeds the first duration, the AP switches the current protection mode of the terminal from the first protection mode to the second protection mode, and proceeds to step 1103.
  • Step 1103 The terminal is in the second protection mode.
  • Step 1104 When the terminal is subjected to at least a first integer attack or a false wake-up within the second duration, the AP switches the current protection mode of the terminal from the second protection mode to the first protection mode, and proceeds to step 1101.
  • FIG. 12 is a flowchart of another communication method according to an embodiment of the present invention. As shown in FIG. 12, the method includes:
  • Step 1201 The AP or the attacker AP1 sends a wake-up frame to the WUR of the terminal.
  • Step 1202 The AP receives a wake-up acknowledgement frame sent by the terminal wireless transceiver, and determines a current protection mode of the terminal.
  • Step 1203 When the current protection mode of the terminal is the first protection mode, the AP determines the working state of the first timer at this time.
  • Step 1204 If the first timer is in the stop state, after the AP switches the current protection mode of the terminal from the first protection mode to the second protection mode, step 1205 is performed.
  • Step 1205 End the current round communication, and the AP waits to receive the wakeup acknowledgement frame sent by the terminal again. After receiving the new wakeup acknowledgement frame, the process returns to step 1201.
  • Step 1206 After the first timer is in the timed state, the AP updates the identifier information of the WUR, and then performs step 1205.
  • Step 1207 When the current protection mode of the terminal is the second protection mode, the AP determines whether the terminal is attacked at this time.
  • Step 1208 If the AP determines that the terminal is not awake by mistake or is not attacked, the AP performs step 1205.
  • Step 1209 After the AP determines that the terminal is attacked, the AP updates the WUR identification information, and then performs step 1010.
  • Step 1210 The AP determines the working state of the second timer at this time.
  • Step 1211 If the second timer is in the stop state, after the AP restarts the second timer, step 1205 is performed.
  • Step 1212 If the second timer is in the counting state, after the AP switches the current protection mode of the terminal from the second protection mode to the first protection mode, step 1205 is performed.
  • the AP receives the wake-up acknowledgement frame that is sent by the terminal and includes the first indication information, to indicate that the terminal is woken up by the wake-up receiver of the terminal.
  • the AP determines, according to the first indication information, that the awake frame is not sent to the terminal within the preset time, the AP sends a second message, that is, the updated identifier information, that includes the second identifier information of the waking receiver to the terminal.
  • the AP receives the second confirmation message that is sent by the terminal, including the identity verification information of the terminal, and then the AP determines the attribute information of the terminal according to the identity verification information; the AP communicates with the terminal according to the attribute information of the terminal.
  • the current protection mode is switched. To avoid persistent attacks by the attacker AP1.
  • This method improves the AP's flexible switching policy in different protection modes to reduce the additional power consumption of the terminal and reduce the signaling overhead when the WUR is not attacked in the terminal.
  • an embodiment of the present invention provides a network device.
  • FIG. 13 is a network device according to an embodiment of the present invention.
  • the network device such as an access point AP, may include: a receiving unit 1301, a sending unit 1302, and a processing unit 1303.
  • the receiving unit 1301 is configured to receive a wake-up acknowledgement frame sent by the wireless transceiver unit of the terminal, where the wake-up acknowledgement frame includes wake-up indication information, where the wake-up indication information is used to indicate that the wireless transceiver unit of the terminal is after receiving the wake-up frame by the wake-up receiving unit of the terminal
  • the wake-up frame includes the first identifier information of the wake-up receiving unit, where the first identifier information is identifier information currently used by the wake-up receiving unit.
  • the processing unit 1303 is configured to determine, according to the wakeup indication information, that the wakeup frame has been sent to the terminal within a preset time period.
  • the sending unit 1302 is configured to: when the processing unit 1303 determines that the terminal has been sent within the preset time period When the frame is awakened, the first message is sent to the terminal, where the first message is a message that the access point has determined to send to the terminal when sending the wake-up frame, such as data information, for communicating with the terminal; or
  • the processing unit 1303 is further configured to determine, according to the wakeup indication information, that the wakeup frame is not sent to the terminal within the preset time period.
  • the sending unit 1302 is further configured to: when the processing unit 1303 determines that the wake-up frame is not sent to the terminal within the preset time period, send the second message to the terminal.
  • the second message includes the second identification information of the awake receiving unit of the terminal or the indication information of the second identification information, for the terminal to update the identifier information currently used by the awake receiving unit according to the indication information of the second identification information or the second identification information.
  • the processing unit 1303 is further configured to perform encryption processing on the second message.
  • the sending unit 1302 sends the second message to the terminal.
  • the receiving unit 1301 is further configured to receive an acknowledgment message sent by the terminal for the second message, where the acknowledgment message of the second message is that the terminal updates the identifier currently used by the awake receiving unit according to the indication information of the second identifier information or the second identifier information.
  • the confirmation message of the second message includes the identity verification information of the terminal.
  • the processing unit 1303 is further configured to determine, according to the identity verification information of the terminal, attribute information of the terminal, and communicate with the AP according to the attribute information of the terminal.
  • the wakeup acknowledgement frame may further include attribute information of the terminal
  • the receiving unit 1301 After the receiving unit 1301 receives the wake-up acknowledgement frame sent by the wireless transceiver unit of the terminal,
  • the processing unit 1303 is further configured to determine a current protection mode of the terminal according to the attribute information of the terminal.
  • the current protection mode of the terminal may be the first protection mode or the second protection mode.
  • the processing unit 1303 is specifically configured to identify the first duration in which the terminal works in the first protection mode. Alternatively, the second duration and the number of attacks in which the terminal works in the second protection mode are identified.
  • the attacking of the terminal means that the receiving unit 1301 receives the wakeup acknowledgement message sent by the access point, but the sending unit does not send the wakeup frame to the access point within a preset time period.
  • processing unit 1303 determines, according to the wakeup indication information, that the wakeup frame has been sent to the terminal within the preset time period
  • the processing unit 1303 When the processing unit 1303 recognizes that the time when the terminal works in the first protection mode exceeds the first duration, and the second device is not attacked within the first duration, the processing unit 1303 sets the current protection mode of the terminal from Switching the first protection mode to the second protection mode; or,
  • the processing unit 1303 When the processing unit 1303 recognizes that the time when the terminal works in the second protection mode does not exceed the second duration, and the number of times the terminal is attacked is not less than the attack threshold, the processing unit 1303 switches the current protection mode of the terminal from the second protection mode. Go to the first protection mode.
  • an embodiment of the present invention provides a terminal.
  • FIG. 14 is a terminal according to an embodiment of the present invention. As shown in FIG. 14, the terminal may include: a wake-up receiving unit 1401, a processing unit 1402, and a wireless transceiver unit 1403.
  • the wakeup receiving unit 1401 is configured to receive a wakeup frame.
  • the processing unit 1402 is configured to wake up the wireless transceiver unit 1403 after receiving the wake-up frame, where the wake-up frame includes the first identifier information of the wake-up receiving unit 1401, where the first identifier information is identifier information currently used by the wake-up receiving unit 1401.
  • the wireless transceiver unit 1403 is configured to send a wake-up acknowledgement frame to the AP, where the wake-up acknowledgement frame includes wake-up indication information, and the wake-up indication information is used to indicate that the wireless transceiver unit 1403 is wake-up by the wake-up receiving unit 1401 of the terminal after receiving the wake-up frame.
  • the wireless transceiver unit 1403 is further configured to receive the first message sent by the AP, where the first message is that the AP determines, after receiving the awake indication information, that the AP sends the awake receiving unit 1401 within a preset time period. After the wake-up frame is sent, the first message is a message that the AP has determined to send to the wireless transceiver unit 1403 when the wake-up frame is sent. or,
  • the second message After the AP receives the awake indication information, determining that the AP does not send the awake frame to the awake receiving unit 1401 within a preset time period, where the second message includes the awake receiving unit 1401. Two indication information or indication information of the second identification information.
  • the processing unit 1402 is further configured to update the identifier currently used by the awake receiving unit 1401 according to the second identification information or the indication information of the second identification information.
  • the second message is sent by the AP after being encrypted.
  • the processing unit 1402 updates the identifier information currently used by the wake receiving unit 1401 according to the second identifier information or the indication information of the second identifier information,
  • the wireless transceiver unit 1403 is further configured to send an acknowledgement message of the second message to the AP, where the acknowledgement message includes the identity verification information of the terminal, so that the AP determines the attribute information of the terminal according to the identity verification information, and then communicates with the AP.
  • the wake-up acknowledgement frame further includes attribute information of the terminal, so that the AP determines the current protection mode of the terminal according to the attribute information of the terminal, and identifies the duration of the terminal working in the current protection mode, and according to the recognition result, the current The protection mode switches between at least two protection modes, the at least two protection modes including a first protection mode and a second protection mode.
  • the wireless transceiver unit 1403 can include a receiving unit and a transmitting unit.
  • the embodiment of the present invention further provides another network device.
  • FIG. 15 is another network device according to an embodiment of the present invention.
  • the network device such as an access point, may include a wireless transceiver 1510 (such as an 802.11 primary transceiver module), a processor 1520, a memory 1530, and Transceiver antenna 1540, wireless transceiver 1510 has a receiver and a transmitter The function.
  • Transceiver antenna 1540 can also be considered as part of wireless transceiver 1510, in which case transceiver antenna 1540 may not be depicted in FIG.
  • the processor 1520 stores the instruction message and the data message to be sent through the wireless transceiver 1510 in the memory 1530, and after the processor 1520 prepares the instruction or data to be transmitted, sends a notification to the wireless transceiver 1510 to indicate that it is ready
  • the transmitted data finally the wireless transceiver 1510 retrieves the command or data to be transmitted from the memory 1530 and transmits it through the transceiver antenna 1540.
  • the wireless transceiver 1510 needs to modulate the content of the message to be sent into an electrical signal to be transmitted from the transceiver antenna 1540 in the form of electromagnetic waves, and the wireless transceiver 1510 needs to receive the electromagnetic wave signal through the transmitting and receiving antenna 1540 and analyze the other signals therefrom.
  • the processor 1520 can be a central processing unit (CPU), or a combination of a CPU and a hardware chip.
  • the hardware chip may be an application-specific integrated circuit (ASIC), a programmable logic device (PLD), or a combination thereof.
  • the PLD may be a complex programmable logic device (CPLD), a field-programmable gate array (FPGA), a general array logic (GAL), or any combination thereof.
  • the memory 1530 may include a volatile memory such as a random-access memory (RAM); the memory 1530 may also include a non-volatile memory such as a read-only memory (read) -only memory, ROM), flash memory, hard disk drive (HDD) or solid-state drive (SSD).
  • RAM random-access memory
  • ROM read-only memory
  • HDD hard disk drive
  • SSD solid-state drive
  • the memory 1530 may also include a combination of the above types of memories.
  • the working process of each functional device of the access point may include:
  • the wireless transceiver 1510 (which can implement the functions of the receiver and the transmitter described above) is configured to receive a wake-up acknowledgement frame sent by the wireless transceiver of the terminal, and the wake-up acknowledgement frame includes wake-up indication information.
  • the wakeup indication information is used to indicate that the wireless transceiver of the terminal is awake by the wakeup receiver of the terminal after receiving the wakeup frame, and the wakeup frame includes the first identifier information of the wakeup receiver, and the first identifier information is the identifier currently used by the wakeup receiver. information.
  • the processor 1520 is configured to determine, according to the wakeup indication information, that the wakeup frame has been sent to the terminal within a preset time period.
  • the wireless transceiver 1510 is further configured to: when the processor determines that the wake-up frame has been sent to the terminal within the preset time period, send the first message to the terminal, where the first message is that the network device determines to send to the terminal when sending the wake-up frame Message.
  • the processor 1520 is further configured to determine, according to the wakeup indication information, that the wakeup frame is not sent to the terminal within the preset time period.
  • the wireless transceiver 1510 is further configured to: when the processor 1520 determines that the wakeup frame is not sent to the terminal within the preset time period, send the second message to the terminal, where the second message includes the second identifier information or the second identifier of the wakeup receiver.
  • the indication information of the information is used by the terminal to update the identifier information currently used by the wake-up receiver according to the indication information of the second identifier information or the second identifier information.
  • the access point may also include a transmitter WUR 1550 (not shown in Figure 15) dedicated to transmitting the WUP.
  • the WUR 1550 is triggered to transmit a WUP by the wireless transceiver 1510 or the processor 1520 when there is data transmission.
  • the WUP is transmitted by the transceiver antenna 1540.
  • the wireless transceiver 1510 and the WUR 1550 can operate in the same frequency band, and the transceiver antenna 1540 can include the same antenna.
  • the wireless transceiver 1510 and the WUR 1550 can also operate in a non-band, and the transceiver antenna 1540 includes multiple antennas suitable for different frequency bands, that is, the antennas used by the wireless transceiver 1510 and the WUR 1550 are different.
  • FIG. 16 is another terminal according to an embodiment of the present invention. As shown in FIG. 16, the terminal includes at least a wake-up receiver 1610, a processor 1620, and a wireless transceiver 1630 (such as an 802.11 main transceiver module). Memory 1640 and transceiver antenna 1650.
  • the wireless transceiver 1630 retrieves an instruction message or data message received by the wireless transceiver 1630 from the memory 1640 and processes it to obtain an instruction or data.
  • the wake-up receiver 1610 receives the wake-up frame sent by the other device through the transceiver antenna 1650. When the wake-up receiver 1610 receives the wake-up frame sent to itself, it sends a trigger signal to the processor 1620 to cause the processor 1620 to trigger the wireless transceiver 1630. To wake up the wireless transceiver 1630.
  • the wireless transceiver 1630 needs to modulate the content of the message to be sent into an electrical signal to be transmitted from the transmitting and receiving antenna 1650 in the form of electromagnetic waves, and the wireless transceiver 1630 needs to receive the electromagnetic wave signal through the transmitting and receiving antenna 1650 and parse out the other signal.
  • the message that the device sends to itself needs to modulate the content of the message to be sent into an electrical signal to be transmitted from the transmitting and receiving antenna 1650 in the form of electromagnetic waves, and the wireless transceiver 1630 needs to receive the electromagnetic wave signal through the transmitting and receiving antenna 1650 and parse out the other signal.
  • the message that the device sends to itself is not be modulate the content of the message to be sent into an electrical signal to be transmitted from the transmitting and receiving antenna 1650 in the form of electromagnetic waves, and the wireless transceiver 1630 needs to receive the electromagnetic wave signal through the transmitting and receiving antenna 1650 and parse out the other signal. The message that the device sends to itself.
  • the processor 1620 can be a CPU, or a combination of a CPU and a hardware chip.
  • the above hardware chip may be an ASIC, a PLD, or a combination thereof.
  • the above PLD may be a CPLD, an FPGA, a GAL, or any combination thereof.
  • Memory 1640 can include volatile memory, such as random access memory; memory 1640 can also include non-volatile memory, such as read only memory, flash memory, hard disk or solid state hard disk. The memory 1640 may also include a combination of the above types of memories.
  • each functional device of the terminal may include:
  • the receiver 1610 is woken up for receiving a wake-up frame.
  • the processor 1620 is configured to wake up the wireless transceiver 1630 of the terminal after receiving the wake-up frame, where the wake-up frame includes first identifier information of the wake-up receiver, where the first identifier information is identifier information currently used by the wake-up receiver.
  • the wireless transceiver 1630 is configured to send a wakeup acknowledgement frame to the AP, where the wakeup acknowledgement frame includes wakeup indication information, and the wakeup indication information is used to indicate that the wireless transceiver 1630 is the wakeup receiver 1610 to wake up after receiving the wakeup frame.
  • the wireless transceiver 1630 is further configured to receive the first message sent by the AP, where the first message is that the AP determines that the AP sends the wakeup to the wakeup receiver 1610 within a preset time period after receiving the wakeup indication information. After the frame is sent, the first message is a message that the AP has determined to send to the wireless transceiver 1630 when sending the wake-up frame; or
  • the wireless transceiver 1630 is further configured to receive a second message sent by the AP, where the second message is that after the AP receives the wake-up indication information, the AP determines that the AP does not send the wake-up frame to the wake-up receiver 1610 after the preset time period, and the second message is sent.
  • the message includes indication information of the second identification information or the second identification information of the wake-up receiver 1610, and the indication information of the second identification information or the second identification information;
  • the processor 1620 updates the identifier currently used by the wake receiver 1610 according to the second identification information or the second identification information indication information.
  • the wireless transceiver 1630 and the wake-up receiver 1610 can operate in the same frequency band, and the transceiver antenna 1650 includes one antenna.
  • the wireless transceiver 1630 and the wake-up receiver 1610 can also operate in different frequency bands.
  • the transceiver antenna 1650 can include multiple antennas suitable for different frequency bands, and the antennas used by the wireless transceiver 1630 and the wake-up receiver 1610 are different.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Provided in embodiments of the present invention are a communication method, a network device, and a terminal. The communication method provided in the embodiments of the present invention may comprise: a first device (a network device, such as an access point) receives a wakeup confirmation frame transmitted by a second device (a terminal), the wakeup confirmation frame comprising indication information for indicating that the terminal is woken up by a wakeup receiver of the terminal; and when the first device determines, on the basis of the indication information, that no wakeup frame is transmitted to a second device within a preset time period, the first device transmits to the second device a message carrying updated identification information for use in communication with the second device. The method, by updating identification information, prevents the terminal from coming under attack by an attacker, thus reducing additional power consumption for the terminal, and reducing signaling overhead in the terminal when a WUR is not under attack.

Description

通信方法、网络设备和终端Communication method, network device and terminal 技术领域Technical field
本发明实施例涉及通信领域,尤其涉及一种通信方法、网络设备和终端。The embodiments of the present invention relate to the field of communications, and in particular, to a communication method, a network device, and a terminal.
背景技术Background technique
随着WLAN(Wireless Local Area Network,无线局域网)标准的演进,在无线保真(Wireless Fidelity,WiFi)网络中,终端(如工作站)在没有消息收发时(如No data阶段),会有很大一部分能量浪费在无接收信号时的空闲时侦听信道中。IEEE(Institute of Electrical and Electronic Engineers,电气和电子工程师协会)802.11工作组正在筹备以低功耗唤醒接收机(Low Power Wake Up Radio,LP-WUR)(以下简称WUR)为核心技术来降低WiFi功耗。由此可见,在WiFi网络的中的网络设备,如无线接入点(Access Point,AP)与终端的通信过程中,需要一种降低终端功耗的通信方法。With the evolution of the WLAN (Wireless Local Area Network) standard, in a Wireless Fidelity (WiFi) network, terminals (such as workstations) may have a large number of messages (such as the No data phase). A portion of the energy is wasted in the listening channel when there is no reception signal. IEEE (Institute of Electrical and Electronic Engineers) 802.11 working group is preparing to reduce WiFi power by using Low Power Wake Up Radio (LP-WUR) (hereinafter referred to as WUR) as the core technology. Consumption. It can be seen that in the communication process between the network device in the WiFi network, such as a wireless access point (AP) and the terminal, a communication method for reducing the power consumption of the terminal is needed.
现有技术对于降低终端功耗的通信方法是通过终端采用低功耗的WUR代替无线收发器在媒介空闲时侦听信道。当终端的无线收发器进入深度休眠后,低功耗的WUR苏醒开始工作。当AP需要与带有WUR和无线收发器的终端通信时,AP向终端的WUR发送唤醒帧(Wake Up Packet,WUP),收到WUP的WUR将WUP中的WUR ID(即WUR标识信息,用于识别WUR)与自己被分配的WUR ID进行比对,如果比对结果一致则WUR认为该WUP是发给自己的,然后WUR唤醒终端的无线收发器,WUR再转入休眠,AP则与苏醒的无线收发器进行通信。终端的无线收发器与AP通信完成后会进入休眠,同时WUR苏醒又开始侦听是否有发送给自己的WUP,以便再次唤醒无线收发器。The prior art communication method for reducing the power consumption of the terminal is to use the low power WUR instead of the wireless transceiver to listen to the channel when the medium is idle. When the wireless transceiver of the terminal enters deep sleep, the low power WUR wakes up and starts working. When the AP needs to communicate with the terminal with the WUR and the wireless transceiver, the AP sends a Wake Up Packet (WUP) to the WUR of the terminal, and the WUR that receives the WUP sets the WUR ID in the WUP (ie, the WUR identification information, In the identification of WUR), it is compared with the WUR ID that it is assigned. If the comparison result is consistent, WUR thinks that the WUP is sent to itself, then WUR wakes up the wireless transceiver of the terminal, WUR goes to sleep again, and AP wakes up. The wireless transceiver communicates. After the terminal's wireless transceiver communicates with the AP, it will go to sleep. At the same time, the WUR wakes up and starts to listen to whether there is a WUP sent to itself to wake up the wireless transceiver again.
唤醒接收机WUR为了实现低功耗,其电路构造、帧结构设计(如WUP)等 需要较为简单、以及低复杂度等因素,容易受到攻击。因此为了防止被攻击,WUP中加入简化的帧验证码(Frame Authentication Code,FAC)信息,用于认证该帧是否是由关联该终端的AP发送。广义上讲,FAC属于WUR ID(即WUR的标识信息)的一部分,用于WUR识别WUP是否是发送给自己的。狭义上讲,FAC是一种校验信息,帮助WUR判断WUP是否为合法的消息。本说明书中采用的是广义说法,将FAC看做WUR ID的一部分。Wake-up receiver WUR in order to achieve low power consumption, its circuit structure, frame structure design (such as WUP), etc. Need to be relatively simple, and low complexity and other factors, vulnerable to attack. Therefore, in order to prevent being attacked, a simplified Frame Authentication Code (FAC) message is added to the WUP to authenticate whether the frame is sent by the AP associated with the terminal. Broadly speaking, the FAC is part of the WUR ID (ie, the WUR's identification information) and is used by the WUR to identify whether the WUP is sent to itself. In a narrow sense, the FAC is a verification message that helps the WUR determine whether the WUP is a legitimate message. The general term used in this specification is to treat the FAC as part of the WUR ID.
FAC在WUR每次成功唤醒无线收发器后都会被更新,即每次成功唤醒无线收发器后都会更新WUR ID,这样带来了额外的信令开销、失步风险和能耗。其中,失步是指AP与终端未同步更新WUR的WUR ID的现象(如终端给WUR更新了FAC,但AP侧尚未更新)。The FAC is updated every time the WUR wakes up the wireless transceiver successfully, that is, the WUR ID is updated each time the wireless transceiver is successfully woken up, which brings additional signaling overhead, out-of-step risk and power consumption. The out-of-synchronization refers to the phenomenon that the AP and the terminal do not update the WUR ID of the WUR (for example, the terminal updates the FAC to the WUR, but the AP side has not been updated).
发明内容Summary of the invention
本申请实施例提供了一种通信方法、网络设备和终端,该方法有效的降低终端空闲时侦听信道的能量浪费,同时保证了终端的通信安全。The embodiment of the present invention provides a communication method, a network device, and a terminal. The method effectively reduces the waste of the listening channel when the terminal is idle, and ensures the communication security of the terminal.
第一方面,提供了一种通信方法,该方法包括:第一设备(网络设备,如接入点)接收第二设备(终端)的无线收发器(如802.11收发模块)发送的唤醒确认帧,该唤醒确认帧可以是控制帧、数据帧或管理帧。唤醒确认帧包括唤醒指示信息,唤醒指示信息用于指示第二设备的无线收发器是被第二设备的唤醒接收机在接收到唤醒帧后唤醒,唤醒帧包含唤醒接收机的第一标识信息,第一标识信息为唤醒接收机当前使用的标识信息,其中第一标识信息可以是完整的WUR标识信息或部分的WUR标识信息,如完整的媒体介入控制(Medium Access Control,MAC)地址或能区分MAC地址的部分地址。当第一设备根据唤醒指示信息,确定在预设时间段内已向第二设备发送唤醒帧时,第一设备向第二设备发送第一消息,第一消息为第一设备在发送唤醒帧时已确定要向第二设备发送的消息,该第一消息可以是数据帧,以实现第一设备与第二设备间的通信。当第一设备根据唤醒指示信息,确定在预设时间 段内未向第二设备发送唤醒帧时,第一设备向所述第二设备发送第二消息,该第二消息可以是数据帧、控制帧或管理帧,第二消息包括唤醒接收机的第二标识信息或第二标识信息的指示信息,以用于第二设备根据第二标识信息或第二标识信息的指示信息,更新唤醒接收机当前使用的标识信息,以保证终端的通信安全。In a first aspect, a communication method is provided, the method comprising: a first device (a network device, such as an access point) receiving a wake-up acknowledgement frame sent by a wireless transceiver (such as an 802.11 transceiver module) of a second device (terminal), The wakeup acknowledgement frame can be a control frame, a data frame, or a management frame. The wakeup confirmation frame includes wakeup indication information, where the wakeup indication information is used to indicate that the wireless transceiver of the second device is awake by the wakeup receiver of the second device after receiving the wakeup frame, and the wakeup frame includes the first identification information of the wakeup receiver, The first identification information is identification information currently used by the wake-up receiver, wherein the first identification information may be complete WUR identification information or part of WUR identification information, such as a complete Medium Access Control (MAC) address or can distinguish Partial address of the MAC address. When the first device determines that the awake frame has been sent to the second device in the preset time period, the first device sends the first message to the second device, where the first message is when the first device sends the awake frame. A message to be sent to the second device has been determined, the first message being a data frame to enable communication between the first device and the second device. When the first device determines the preset time according to the wakeup indication information When the awake frame is not sent to the second device in the segment, the first device sends a second message to the second device, where the second message may be a data frame, a control frame, or a management frame, and the second message includes a wake-up receiver. The indication information of the second identifier information or the second identifier information is used by the second device to update the identifier information currently used by the wake-up receiver according to the indication information of the second identifier information or the second identifier information, so as to ensure communication security of the terminal.
在一个可选的实现中,第一设备除了第二标识信息外,还有其他信息(如数据)需要传输时,第一设备先向第二设备发送包括第二标识信息的第二消息,再传输后续消息。以保证后续消息的传输在第二设备的无线收发器处于唤醒状态,并且已收到携带第二标识信息的第二消息,避免因第二设备的无线收发器进入休眠而导致第一设备与第二设备未同步更新WUR的标识信息,而产生的失步情况。In an optional implementation, when the first device needs to transmit other information (such as data) in addition to the second identifier information, the first device first sends a second message including the second identifier information to the second device, and then Transfer subsequent messages. In order to ensure that the transmission of the subsequent message is in the awake state of the wireless transceiver of the second device, and the second message carrying the second identification information has been received, to avoid the first device and the first device caused by the wireless transceiver of the second device entering the sleep state The second device does not synchronize the WUR identification information, and the resulting out-of-step situation.
在一个可选的实现中,第一设备向第二设备发送第二消息之前,第一设备对第二消息进行加密处理,以确保更新后的第二标识信息不被其他设备(攻击者)获取。In an optional implementation, before the first device sends the second message to the second device, the first device encrypts the second message to ensure that the updated second identifier information is not obtained by other devices (attackers). .
在一个可选的实现中,在第一设备向第二设备发送第二消息之后,第一设备接收第二设备根据第二标识信息或第二标识信息的指示信息更新唤醒接收机当前使用的标识信息后发送的第二消息的确认消息,确认消息包括第二设备的身份验证信息。第一设备根据身份验证信息,确定第二设备的属性信息;第一设备根据第二设备的属性信息,与第二设备进行通信,使第一设备进一步确认第二设备已经被唤醒。In an optional implementation, after the first device sends the second message to the second device, the first device receives, by the second device, the identifier that is currently used by the wake-up receiver according to the indication information of the second identifier information or the second identifier information. The confirmation message of the second message sent after the information, the confirmation message includes the identity verification information of the second device. The first device determines the attribute information of the second device according to the identity verification information; the first device communicates with the second device according to the attribute information of the second device, so that the first device further confirms that the second device has been woken up.
在一个可选的实现中,唤醒确认帧还包括第二设备的属性信息,如终端的地址信息。In an optional implementation, the wake-up acknowledgement frame further includes attribute information of the second device, such as address information of the terminal.
第一设备接收第二设备的无线收发器发送的唤醒确认帧之后,第一设备根据第二设备的属性信息,确定第二设备的当前保护模式,即确定出第二设备当前工作在第一设备提供的哪种保护模式下。第一设备对第二设备工作在当前保护模式下的时长进行识别,并根据识别结果,确定是否对当前保护模 式进行切换,以便于第一设备更新WUR的WUR ID,同时避免受到攻击者的攻击,从而减少了信令开销,降低了额外能耗。After the first device receives the wakeup acknowledgement frame sent by the wireless transceiver of the second device, the first device determines the current protection mode of the second device according to the attribute information of the second device, that is, determines that the second device is currently working on the first device. Which protection mode is provided. The first device identifies the duration of the second device working in the current protection mode, and determines whether the current protection mode is based on the recognition result. Switching is performed so that the first device updates the WUR ID of the WUR while avoiding attacks by the attacker, thereby reducing signaling overhead and reducing additional power consumption.
在一个可选的实现中,第一设备对第二设备工作在当前保护模式下的时长进行识别,具体包括:在第一设备确定第二设备的当前保护模式为第一保护模式后,第一保护模式为每次第二设备的无线收发器被第二设备的唤醒接收机唤醒后,第一设备均更新唤醒接收机的标识信息的模式。第一设备对第二设备工作在第一保护模式的第一时长内是否受到攻击进行识别。其中,第二设备受到攻击是指第一设备收到第二设备发送的所述唤醒确认消息,但第一设备在预设时间段内未向第二设备发送过唤醒帧。在第一设备根据唤醒指示信息,确定在预设时间段内已向第二设备发送唤醒帧后,第一设备根据识别结果,对第二设备的当前保护模式进行切换,具体包括:当所述第一设备识别出第二设备工作在第一保护模式下的时间超过第一时长时,并且第二设备在第一时长内未受到过攻击,则第一设备将第二设备的当前保护模式从第一保护模式切换到第二保护模式。该方法在多轮通信中避免了第二设备长期处于开销较大的第一保护模式,并且能够根据实际情况的不同灵活地将第二设备置于不同的安全保护强度之下。In an optional implementation, the first device identifies the duration of the second device working in the current protection mode, and specifically includes: after the first device determines that the current protection mode of the second device is the first protection mode, the first The protection mode is that each time the wireless transceiver of the second device is woken up by the wakeup receiver of the second device, the first device updates the mode of waking up the identification information of the receiver. The first device identifies whether the second device is attacked within the first duration of the first protection mode. The second device is attacked, that is, the first device receives the wakeup acknowledgement message sent by the second device, but the first device does not send the wakeup frame to the second device within a preset time period. After the first device determines that the awake frame is sent to the second device in the preset time period, the first device switches the current protection mode of the second device according to the recognition result, which includes: when When the first device recognizes that the second device works in the first protection mode for more than the first duration, and the second device is not attacked within the first duration, the first device changes the current protection mode of the second device from The first protection mode is switched to the second protection mode. In the multi-round communication, the method avoids the second device being in the first protection mode with large overhead for a long time, and can flexibly place the second device under different security protection strengths according to actual situations.
在一个可选的实现中,第一设备对第二设备工作在当前保护模式下的时长进行识别,具体包括:在第一设备确定第二设备的当前保护模式为第二保护模式后,第二保护模式为在第一设备接收第二设备的无线收发器发送的唤醒确认帧,并确定在预设时间段内第一设备未向第二设备的唤醒接收机发送唤醒帧时,更新第二设备的唤醒接收机的标识信息的模式。第一设备对第二设备工作在第二保护模式下的第二时长和受攻击次数进行识别。其中,第二设备受到攻击是指第一设备收到第二设备发送的唤醒确认消息,但第一设备在预设时间段内未向第二设备发送过唤醒帧。在第一设备根据唤醒指示信息,确定在预设时间段内未向第二设备发送唤醒帧后,第一设备根据识别结果,对第二设备的当前保护模式进行切换,具体包括:当第一设备识别出第二设 备工作在第二保护模式下的时间未超过第二时长,且第二设备受攻击的次数不小于攻击次数时,第一设备将第二设备的当前保护模式从第二保护模式切换到第一保护模式。该方法在多轮通信中避免了第二设备受到持续性的攻击,并且能够根据实际情况的不同灵活地将第二设备置于不同的安全保护强度之下。In an optional implementation, the first device identifies the duration of the second device working in the current protection mode, and specifically includes: after the first device determines that the current protection mode of the second device is the second protection mode, the second The protection mode is that the first device receives the wake-up acknowledgement frame sent by the wireless transceiver of the second device, and determines that the second device is updated when the first device does not send the wake-up frame to the wake-up receiver of the second device within the preset time period. The mode of waking up the receiver's identification information. The first device identifies the second duration and the number of attacks of the second device operating in the second protection mode. The second device is attacked, that is, the first device receives the wakeup acknowledgement message sent by the second device, but the first device does not send the wakeup frame to the second device within the preset time period. After the first device determines that the awake frame is not sent to the second device in the preset time period, the first device switches the current protection mode of the second device according to the recognition result, which includes: Device identifies the second set The first device switches the current protection mode of the second device from the second protection mode to the first time when the second device is not in the second protection mode and the second device is attacked by the attacker. Protection mode. The method avoids the continuous attack of the second device in the multiple rounds of communication, and can flexibly place the second device under different security protection strengths according to actual situations.
第二方面,提供了另一种通信方法,该方法包括:第二设备的唤醒接收机在接收到唤醒帧后唤醒第二设备的无线收发器,唤醒帧包含唤醒接收机的第一标识信息,第一标识信息为唤醒接收机当前使用的标识信息。In a second aspect, another communication method is provided, the method comprising: the wake-up receiver of the second device wakes up the wireless transceiver of the second device after receiving the wake-up frame, and the wake-up frame includes the first identification information of the wake-up receiver, The first identification information is identification information currently used by the wake-up receiver.
其中,第一标识信息可以是完整的WUR标识信息或部分的WUR标识信息,如完整的MAC地址或能区分MAC地址的部分地址。The first identifier information may be complete WUR identifier information or part of WUR identifier information, such as a complete MAC address or a partial address that can distinguish the MAC address.
第二设备的无线收发器在被唤醒后,向第一设备发送唤醒确认帧,该唤醒确认帧可以是控制帧、数据帧或管理帧。唤醒确认帧包括唤醒指示信息,唤醒指示信息用于指示第二设备的无线收发器是被第二设备的唤醒接收机在接收到唤醒帧后唤醒。After being awake, the wireless transceiver of the second device sends a wakeup acknowledgement frame to the first device, and the wakeup acknowledgement frame may be a control frame, a data frame, or a management frame. The wakeup acknowledgement frame includes wakeup indication information, and the wakeup indication information is used to indicate that the wireless transceiver of the second device is woken up by the wakeup receiver of the second device after receiving the wakeup frame.
第二设备接收第一设备发送的第一消息,第一消息为第一设备在接收到唤醒指示信息后确定在预设时间段内第一设备向第二设备发送过唤醒帧后发送,第一消息为第一设备在发送唤醒帧时已确定要向第二设备发送的消息,该第一消息可以是数据帧,以实现第一设备与第二设备间的通信。或者,The second device receives the first message sent by the first device, where the first message is that after the first device receives the awake indication information, it is determined that the first device sends the awake frame to the second device after the preset time period, and the first device sends the first message. The message is that the first device has determined to send a message to the second device when sending the wake-up frame, and the first message may be a data frame to implement communication between the first device and the second device. or,
第二设备接收第一设备发送的第二消息,第二消息为第一设备在接收到唤醒指示信息后确定在预设时间段内第一设备未向第二设备发送唤醒帧后发送,该第二消息可以是数据帧、控制帧或管理帧,第二消息包括唤醒接收机的第二标识信息或第二标识信息的指示信息,根据第二标识信息或第二标识信息指示信息,更新唤醒接收机当前使用的标识信息,以用于第二设备根据第二标识信息或第二标识信息的指示信息,更新唤醒接收机当前使用的标识信息,以保证终端的通信安全。The second device receives the second message sent by the first device, and the second message is that after the first device receives the wake-up indication information, the first device determines that the first device does not send the wake-up frame to the second device after the preset time period, the first device sends the second message. The second message may be a data frame, a control frame or a management frame, and the second message includes indication information of the second identifier information or the second identifier information of the wake-up receiver, and the wake-up reception is updated according to the second identifier information or the second identifier information indication information. The identifier information currently used by the device is used by the second device to update the identifier information currently used by the wake-up receiver according to the second identifier information or the indication information of the second identifier information, so as to ensure communication security of the terminal.
在一个可选的实现中,当第一设备除了第二标识信息外,还有其他信息 (如数据)需要传输时,第二设备依次接收第一设备发送的包括第二标识信息的第二消息,和后续消息。以保证第二设备的无线收发器处于唤醒状态时接收到后续消息,避免因第二设备的无线收发器进入休眠而导致第一设备与第二设备未同步更新WUR的标识信息,二产生的失步情况。In an optional implementation, when the first device has other information besides the second identification information, When the data needs to be transmitted, the second device sequentially receives the second message that is sent by the first device, including the second identifier information, and the subsequent message. In order to ensure that the wireless transceiver of the second device is in the awake state, the subsequent message is received to prevent the first device and the second device from updating the WUR identification information due to the wireless device of the second device entering the sleep state. Step situation.
在一个可选的实现中,第二消息是第一设备经过加密处理后发送的,以确保跟新后的第二标识信息不被其他设备(攻击者)获取。In an optional implementation, the second message is sent after the first device is encrypted, to ensure that the new second identification information is not obtained by other devices (attackers).
在一个可选的实现中,第二设备根据第二标识信息或第二标识信息指示信息,更新唤醒接收机当前使用的标识信息之后,In an optional implementation, after the second device updates the identifier information currently used by the wakeup receiver according to the second identifier information or the second identifier information indication information,
第二设备向第一设备发送第二消息的确认消息,确认消息包括第二设备的身份验证信息,以使第一设备根据身份验证信息确定出第二设备的属性信息后,与第一设备进行通信。该属性信息可以为终端的身份信息,或终端的唤醒接收机的标识信息。The second device sends a confirmation message of the second message to the first device, where the confirmation message includes the identity verification information of the second device, so that the first device determines the attribute information of the second device according to the identity verification information, and then performs the Communication. The attribute information may be identity information of the terminal or identifier information of the wake-up receiver of the terminal.
在一个可选的实现中,唤醒确认帧还包括第二设备的属性信息,以使第一设备根据属性信息,确定第二设备的当前保护模式,对第二设备工作在当前保护模式下的时长进行识别,并根据识别结果,对当前保护模式在至少两种保护模式之间进行切换,至少两种保护模式包括第一保护模式和第二保护模式;其中,第一保护模式为每次第二设备的无线收发器被第二设备的唤醒接收机唤醒后,第一设备均更新唤醒接收机的标识信息的模式;第二保护模式为在第一设备接收第二设备的无线收发器发送的唤醒确认帧,并确定在预设时间段内第一设备未向第二设备的唤醒接收机发送唤醒帧时,更新唤醒接收机的标识信息的模式。该方法在多轮通信中避免了第二设备受到持续性的攻击,并且能够根据实际情况的不同灵活地将第二设备置于不同的安全保护强度之下。In an optional implementation, the wake-up acknowledgement frame further includes the attribute information of the second device, so that the first device determines, according to the attribute information, the current protection mode of the second device, and the duration of the second device working in the current protection mode. Identifying, and switching, according to the recognition result, the current protection mode between the at least two protection modes, where the at least two protection modes include a first protection mode and a second protection mode; wherein the first protection mode is second each time After the wireless transceiver of the device is woken up by the wakeup receiver of the second device, the first device updates the mode of waking up the identifier information of the receiver; the second protection mode is the wakeup sent by the wireless transceiver of the second device receiving the second device. The frame is confirmed, and a mode of updating the identification information of the wake-up receiver when the first device does not send the wake-up frame to the wake-up receiver of the second device within the preset time period is determined. The method avoids the continuous attack of the second device in the multiple rounds of communication, and can flexibly place the second device under different security protection strengths according to actual situations.
第三方面,提供了一种网络设备,该网络设备具有实现上述方法实际中网络设备行为的功能。该功能可以通过硬件实现,也可以通过硬件执行相应的软件实现。该硬件或软件包括一个或多个与上述功能相对应的模块。 In a third aspect, a network device is provided, the network device having a function of implementing the behavior of the network device in the actual method. This function can be implemented in hardware or in hardware by executing the corresponding software. The hardware or software includes one or more modules corresponding to the functions described above.
第四方面,提供了一种终端,该终端具有实现上述方法实际中终端行为的功能。该功能可以通过硬件实现,也可以通过硬件执行相应的软件实现。该硬件或软件包括一个或多个与上述功能相对应的模块。In a fourth aspect, a terminal is provided, the terminal having a function of realizing terminal behavior in the actual method. This function can be implemented in hardware or in hardware by executing the corresponding software. The hardware or software includes one or more modules corresponding to the functions described above.
第五方面,提供了另一种网络设备,该网络设备可以包括:接收器、发送器和处理器。接收器用于接收终端的无线收发器发送的唤醒确认帧,唤醒确认帧包括唤醒指示信息,唤醒指示信息用于指示终端的无线收发器是被终端的唤醒接收机在接收到唤醒帧后唤醒,唤醒帧包含所述唤醒接收机的第一标识信息,第一标识信息为唤醒接收机当前使用的标识信息。处理器用于根据唤醒指示信息,确定在预设时间段内已向终端发送过所述唤醒帧。发送器用于当处理器确定在预设时间段内已向终端发送唤醒帧时,向终端发送第一消息,第一消息为网络设备在发送唤醒帧时已确定要向终端发送的消息。处理器还用于根据唤醒指示信息,确定在预设时间段内未向终端发送所述唤醒帧。发送器还用于当处理器确定在预设时间段内未向终端发送唤醒帧时,向终端发送第二消息,第二消息包括唤醒接收机的第二标识信息或第二标识信息的指示信息,以用于终端根据第二标识信息或第二标识信息的指示信息更新唤醒接收机当前使用的标识信息。In a fifth aspect, another network device is provided, which may include: a receiver, a transmitter, and a processor. The receiver is configured to receive a wake-up acknowledgement frame sent by the wireless transceiver of the terminal, and the wake-up acknowledgement frame includes wake-up indication information, where the wake-up indication information is used to indicate that the wireless transceiver of the terminal is wake-up by the wake-up receiver of the terminal, wake up after receiving the wake-up frame, and wake up The frame includes first identification information of the wake-up receiver, and the first identification information is identifier information currently used by the wake-up receiver. The processor is configured to determine, according to the wakeup indication information, that the wakeup frame has been sent to the terminal within a preset time period. The transmitter is configured to: when the processor determines that the wake-up frame has been sent to the terminal within the preset time period, send the first message to the terminal, where the first message is a message that the network device has determined to send to the terminal when sending the wake-up frame. The processor is further configured to determine, according to the wakeup indication information, that the wakeup frame is not sent to the terminal within a preset time period. The transmitter is further configured to: when the processor determines that the wakeup frame is not sent to the terminal within the preset time period, send the second message to the terminal, where the second message includes the second identifier information of the wakeup receiver or the indication information of the second identifier information. And updating, by the terminal, the identifier information currently used by the wakeup receiver according to the indication information of the second identifier information or the second identifier information.
该网络设备还可以包括储存器,该存储器用于保存该网络设备必要的程序指令和数据。The network device can also include a memory for storing program instructions and data necessary for the network device.
在一个可选的实现中,发送器向终端发送第二消息之前,处理器,还用于对第二消息进行加密处理。In an optional implementation, before the transmitter sends the second message to the terminal, the processor is further configured to perform encryption processing on the second message.
在一个可选的实现中,在发送器向终端发送第二消息之后,接收器还用于接收终端发送的针对第二消息的确认消息,所述第二消息的确认消息是终端根据第二标识信息或第二标识信息的指示信息更新唤醒接收机当前使用的标识信息后发送的,所述第二消息的确认消息包括终端的身份验证信息。处理器还用于根据终端的身份验证信息,确定终端的属性信息,并根据终端的属性信息,与终端进行通信。该属性信息可以为终端的身份信息,或终端的 唤醒接收机的标识信息。In an optional implementation, after the sender sends the second message to the terminal, the receiver is further configured to receive an acknowledgement message sent by the terminal for the second message, where the acknowledgement message of the second message is the terminal according to the second identifier. The information or the indication information of the second identification information is sent after the identifier information currently used by the wake-up receiver is updated, and the confirmation message of the second message includes the identity verification information of the terminal. The processor is further configured to determine the attribute information of the terminal according to the identity verification information of the terminal, and communicate with the terminal according to the attribute information of the terminal. The attribute information may be identity information of the terminal, or terminal Wake up the identification information of the receiver.
在一个可选的实现中,唤醒确认帧还包括终端的属性信息;接收器接收终端的无线收发器发送的唤醒确认帧之后,处理器还用于根据终端的属性信息,确定终端的当前保护模式;对终端工作在所述当前保护模式下的时长进行识别,并根据识别结果,对所述当前保护模式在至少两种保护模式之间进行切换,所述至少两种保护模式包括第一保护模式和第二保护模式。In an optional implementation, the wakeup acknowledgement frame further includes the attribute information of the terminal; after receiving the wakeup acknowledgement frame sent by the wireless transceiver of the terminal, the processor is further configured to determine the current protection mode of the terminal according to the attribute information of the terminal. Identifying the duration of the terminal working in the current protection mode, and switching the current protection mode between at least two protection modes according to the recognition result, where the at least two protection modes include the first protection mode And the second protection mode.
在一个可选的实现中,在处理器确定终端的当前保护模式为第一保护模式后,第一保护模式为每次终端的无线收发器被终端的唤醒接收机唤醒后,处理器均更新终端的唤醒接收机的标识信息的模式。处理器具体用于对所述终端工作在第一保护模式的第一时长进行识别。受到攻击是指,接收器收到终端发送的所述唤醒确认消息,但发送器在预设时间段内未向终端发送过所述唤醒帧。在处理器根据唤醒指示信息,确定在预设时间段内已向终端发送过唤醒帧后,当处理器识别出终端工作在第一保护模式下的时间超过第一时长,并且终端在第一时长内未受到过攻击时,处理器将终端的当前保护模式从第一保护模式切换到第二保护模式。In an optional implementation, after the processor determines that the current protection mode of the terminal is the first protection mode, the first protection mode is that each time the wireless transceiver of the terminal is woken up by the wakeup receiver of the terminal, the processor updates the terminal. The mode of waking up the receiver's identification information. The processor is specifically configured to identify the first duration in which the terminal operates in the first protection mode. The attack means that the receiver receives the wakeup acknowledgement message sent by the terminal, but the sender does not send the wakeup frame to the terminal within a preset time period. After the processor determines, according to the waking indication information, that the awake frame has been sent to the terminal within the preset time period, when the processor recognizes that the terminal works in the first protection mode for more than the first duration, and the terminal is in the first duration When the attack has not been attacked, the processor switches the current protection mode of the terminal from the first protection mode to the second protection mode.
在一个可选的实现中,在处理器确定终端的当前保护模式为第二保护模式后,第二保护模式为在接收器接收终端的无线收发器发送的唤醒确认帧,并确定在预设时间段内发送器未向终端的唤醒接收机发送唤醒帧时,更新终端的唤醒接收机的标识信息的模式。处理器具体用于对终端工作在第二保护模式下的第二时长和攻击次数进行识别。其中,终端受到攻击是指,接收器收到终端发送的唤醒确认消息,但接收器在预设时间段内未向所述终端发送过所述唤醒帧。在处理器根据唤醒指示信息,确定在预设时间段内未向终端发送所述唤醒帧后,当处理器识别出终端工作在所述第二保护模式下的时间未超过第二时长,且终端受攻击的次数不小于攻击次数阈值时,处理器将终端的当前保护模式从第二保护模式切换到第一保护模式。In an optional implementation, after the processor determines that the current protection mode of the terminal is the second protection mode, the second protection mode is a wake-up acknowledgement frame sent by the wireless transceiver of the receiver receiving terminal, and determines the preset time. When the intra-segment transmitter does not transmit a wake-up frame to the wake-up receiver of the terminal, the mode of the terminal's wake-up receiver identification information is updated. The processor is specifically configured to identify the second duration and the number of attacks in which the terminal works in the second protection mode. The attack of the terminal means that the receiver receives the wakeup acknowledgement message sent by the terminal, but the receiver does not send the wakeup frame to the terminal within a preset time period. After the processor determines, according to the wakeup indication information, that the wakeup frame is not sent to the terminal within a preset time period, when the processor recognizes that the terminal works in the second protection mode, the time does not exceed the second duration, and the terminal When the number of attacks is not less than the attack threshold, the processor switches the current protection mode of the terminal from the second protection mode to the first protection mode.
第六方面,提供了一种计算机存储介质,用于储存为上述网络设备所用 的计算机软件指令,其包含用于执行上述方面所设计的程序。In a sixth aspect, a computer storage medium is provided for storage for the network device Computer software instructions comprising programs designed to perform the above aspects.
第七方面,提供了另一种终端,该终端可以包括:唤醒接收机,处理器和无线收发器。唤醒接收机用于接收唤醒帧。处理器用于在接收到唤醒帧后唤醒终端的无线收发器,唤醒帧包含唤醒接收机的第一标识信息,第一标识信息为唤醒接收机当前使用的标识信息。无线收发器用于向网络设备发送唤醒确认帧,唤醒确认帧包括唤醒指示信息,唤醒指示信息用于指示无线收发器是被唤醒接收机在接收到唤醒帧后唤醒。无线收发器用于接收网络设备发送的第一消息,第一消息为网络设备在接收到唤醒指示信息后确定在预设时间段内网络设备向唤醒接收机发送过唤醒帧后发送,第一消息为网络设备在发送唤醒帧时已确定要向无线收发器发送的消息。或者,无线收发器还用于接收网络设备发送的第二消息,第二消息为网络设备在接收到唤醒指示信息后确定在预设时间段内网络设备未向唤醒接收机发送唤醒帧后发送,第二消息包括唤醒接收机的第二标识信息或第二标识信息的指示信息,第二标识信息或第二标识信息的指示信息。处理器根据第二标识信息或第二标识信息指示信息,更新唤醒接收机当前使用的标识。In a seventh aspect, another terminal is provided, the terminal comprising: a wake-up receiver, a processor and a wireless transceiver. The wake-up receiver is used to receive the wake-up frame. The processor is configured to wake up the wireless transceiver of the terminal after receiving the wake-up frame, where the wake-up frame includes the first identifier information of the wake-up receiver, where the first identifier information is identifier information currently used by the wake-up receiver. The wireless transceiver is configured to send a wake-up acknowledgement frame to the network device, where the wake-up acknowledgement frame includes wake-up indication information, and the wake-up indication information is used to indicate that the wireless transceiver is the wake-up receiver wakes up after receiving the wake-up frame. The wireless transceiver is configured to receive the first message sent by the network device, where the first message is that after the network device receives the wake-up indication information, the network device determines that the network device sends the wake-up frame to the wake-up receiver after the preset time period, and the first message is The network device has determined the message to be sent to the wireless transceiver when transmitting the wake-up frame. Or the wireless transceiver is further configured to receive a second message sent by the network device, where the second message is that after the network device receives the wake-up indication information, the network device determines that the network device does not send the wake-up frame to the wake-up receiver after the preset time period, The second message includes indication information of the second identification information or the second identification information of the wake-up receiver, the second identification information or the indication information of the second identification information. The processor updates the identifier currently used by the wake-up receiver according to the second identification information or the second identification information indication information.
该终端还可以包括储存器,该存储器用于保存该终端必要的程序指令和数据。The terminal can also include a memory for storing program instructions and data necessary for the terminal.
在一个可选的实现中,第二消息是网络设备经过加密处理后发送的。In an optional implementation, the second message is sent after the network device is encrypted.
在一个可选的实现中,处理器根据第二标识信息或第二标识信息的指示信息,更新唤醒接收机当前使用的标识信息之后,In an optional implementation, after the processor updates the identifier information currently used by the wakeup receiver according to the second identifier information or the indication information of the second identifier information,
无线收发器向网络设备发送第二消息的确认消息,确认消息包括终端的身份验证信息,以使网络设备根据身份验证信息确定出终端的标识信息后,与网络设备进行通信。The wireless transceiver sends an acknowledgement message of the second message to the network device, where the acknowledgement message includes the identity verification information of the terminal, so that the network device determines the identity information of the terminal according to the identity verification information, and then communicates with the network device.
在一个可选的实现中,唤醒确认帧还包括终端的属性信息,以使网络设备根据属性信息,确定终端的当前保护模式对终端工作在当前保护模式下的时长进行识别,并根据识别结果,对当前保护模式在至少两种保护模式之间 进行切换,至少两种保护模式包括第一保护模式和第二保护模式。In an optional implementation, the wake-up acknowledgement frame further includes attribute information of the terminal, so that the network device determines, according to the attribute information, that the current protection mode of the terminal identifies the duration of the terminal working in the current protection mode, and according to the recognition result, The current protection mode is between at least two protection modes The switching is performed, and the at least two protection modes include a first protection mode and a second protection mode.
其中,第一保护模式为每次无线收发器被唤醒接收机唤醒后,网络设备均更新唤醒接收机的标识信息的模式;第二保护模式为在网络设备接收无线收发器发送的唤醒确认帧,并确定在预设时间段内网络设备未向唤醒接收机发送唤醒帧时,更新唤醒接收机的标识信息的模式。The first protection mode is that after the wireless transceiver is woken up by the wake-up receiver, the network device updates the mode of waking up the identifier information of the receiver; and the second protection mode is that the network device receives the wake-up acknowledgement frame sent by the wireless transceiver. And determining a mode for updating the identifier information of the wake-up receiver when the network device does not send the wake-up frame to the wake-up receiver within the preset time period.
再一方面,提供了一种计算机存储介质,用于储存为上述网络设备所用的计算机软件指令,其包含用于执行上述方面所设计的程序。In still another aspect, a computer storage medium is provided for storing computer software instructions for use with the network device described above, including a program designed to perform the above aspects.
附图说明DRAWINGS
图1为本发明实施例提供的WLAN系统结构示意图;FIG. 1 is a schematic structural diagram of a WLAN system according to an embodiment of the present disclosure;
图2为图1所示的AP与终端的结构示意图;2 is a schematic structural diagram of an AP and a terminal shown in FIG. 1;
图3为本发明实施例提供的一种通信方法的信令交互图;FIG. 3 is a signaling interaction diagram of a communication method according to an embodiment of the present invention;
图4为本发明实施例提供的一种唤醒确认帧的帧结构;4 is a frame structure of a wake-up acknowledgement frame according to an embodiment of the present invention;
图5为现有技术中一种唤醒确认帧的帧结构;FIG. 5 is a frame structure of a wake-up acknowledgement frame in the prior art; FIG.
图6为本发明实施例提供的另一种唤醒确认帧的帧结构;FIG. 6 is a frame structure of another wake-up acknowledgement frame according to an embodiment of the present invention;
图7为本发明实施例提供的再一种唤醒确认帧的帧结构;FIG. 7 is a schematic diagram of a frame structure of another wake-up acknowledgement frame according to an embodiment of the present invention;
图8为本发明实施例提供的再一种唤醒确认帧的帧结构;FIG. 8 is a schematic diagram of a frame structure of another wake-up acknowledgement frame according to an embodiment of the present invention;
图9为本发明实施例提供的再一种唤醒确认帧的帧结构;FIG. 9 is a schematic diagram of a frame structure of another wake-up acknowledgement frame according to an embodiment of the present invention;
图10为本发明实施例提供的一种通信方法流程图;FIG. 10 is a flowchart of a communication method according to an embodiment of the present invention;
图11为本发明实施例提供的一种保护模式的状态切换流程图;FIG. 11 is a flowchart of a state switching of a protection mode according to an embodiment of the present invention;
图12为本发明实施例提供的另一种通信方法流程图;FIG. 12 is a flowchart of another communication method according to an embodiment of the present invention;
图13为本发明实施例提供的一种网络设备的结构示意图;FIG. 13 is a schematic structural diagram of a network device according to an embodiment of the present disclosure;
图14为本发明实施例提供的一种终端的结构示意图;FIG. 14 is a schematic structural diagram of a terminal according to an embodiment of the present disclosure;
图15为本发明实施例提供的另一种网络设备的结构示意图;FIG. 15 is a schematic structural diagram of another network device according to an embodiment of the present disclosure;
图16为本发明实施例提供的另一种终端的结构示意图。 FIG. 16 is a schematic structural diagram of another terminal according to an embodiment of the present invention.
具体实施方式detailed description
下面通过附图和实施例,对本发明的技术方案做进一步的详细描述。The technical solution of the present invention will be further described in detail below through the accompanying drawings and embodiments.
本发明提供的通信方法可以应用于WLAN系统中,该WLAN系统可以包括终端和AP。The communication method provided by the present invention can be applied to a WLAN system, which can include a terminal and an AP.
以图1所示的WLAN系统为例,该WLAN系统可以包括AP(第一设备)、与该AP关联的终端(第二设备)和攻击者AP1(第三设备)。Taking the WLAN system shown in FIG. 1 as an example, the WLAN system may include an AP (first device), a terminal (second device) associated with the AP, and an attacker AP1 (third device).
终端可以称之为用户设备(user equipment,UE)、移动台(mobile station,MS)、移动终端(mobile terminal)、计算机、微机等,也可以为5G终端。例如,终端可以是移动电话(或称为“蜂窝”电话)、移动电脑、具有移动终端的计算机、智能手表等等,例如,终端还可以是便携式、袖珍式、手持式、计算机内置的或者车载的移动装置,它们与无线接入设备交换语音和/或数据。本发明对此并不限定,例如终端还包括具有多承载特征的有线接入的终端。The terminal may be referred to as a user equipment (UE), a mobile station (MS), a mobile terminal, a computer, a microcomputer, or the like, or may be a 5G terminal. For example, the terminal may be a mobile phone (or "cellular" phone), a mobile computer, a computer with a mobile terminal, a smart watch, etc., for example, the terminal may also be portable, pocket-sized, handheld, built-in or on-board Mobile devices that exchange voice and/or data with wireless access devices. The invention is not limited thereto, for example, the terminal further includes a terminal with wired access with multiple bearer features.
如图2所示,终端可以包括无线收发器(如:802.11主收发模块,也可称为WiFi收发器)和WUR,WUR用于接收唤醒帧以唤醒无线收发器。AP至少包括无线收发器(如802.11主收发模块)。As shown in FIG. 2, the terminal may include a wireless transceiver (such as an 802.11 primary transceiver module, also referred to as a WiFi transceiver) and a WUR, which is used to receive a wake-up frame to wake up the wireless transceiver. The AP includes at least a wireless transceiver (such as an 802.11 primary transceiver module).
在通信过程中,该WLAN系统涉及AP与终端中WUR间的通信,终端的无线收发器与AP的无线收发器之间的通信,从攻击者AP1到终端中WUR的通信,以及攻击者AP1到AP的通信。In the communication process, the WLAN system involves communication between the AP and the WUR in the terminal, communication between the wireless transceiver of the terminal and the wireless transceiver of the AP, communication from the attacker AP1 to the WUR in the terminal, and the attacker AP1 to AP communication.
从攻击者AP1到终端的WUR间的通信可以包括:攻击者AP1通过获取到终端中WUR的标识信息(WUR ID),向终端的WUR发送含有WUR的标识信息的唤醒帧WUP,以试图唤醒终端的无线收发器的通信。The communication between the attacker AP1 and the WUR of the terminal may include: the attacker AP1 sends the wakeup frame WUP containing the WUR identification information to the WUR of the terminal by acquiring the WUR identification information (WUR ID) in the terminal, in an attempt to wake up the terminal. Communication of the wireless transceiver.
从攻击者AP1到AP的通信可以包括:攻击者AP1通过伪装成终端的无线收发器给AP发送消息,让AP给终端的WUR更新标识信息的通信。The communication from the attacker AP1 to the AP may include: the attacker AP1 sends a message to the AP through the wireless transceiver masquerading as the terminal, and causes the AP to update the communication of the identification information to the WUR of the terminal.
其中,WUR的标识信息(WUR ID)可以被更新,即全部可变化,或可部 分变化,WUR的标识信息可以包括WUR的单用户(single user,SU)ID、多用户(multi user,MU)ID和广播(broadcast)ID,其中任意一个WUR ID均可唤醒终端的无线收发器。WUR的标识信息可以被全部更新,也可以被部分更新。WUR的标识信息还可以包括简化的帧验证码(FAC),即通过FAC的改变来更新WUR的标识信息。Among them, the WUR identification information (WUR ID) can be updated, that is, all can be changed, or can be The WUR identification information may include a single user (SU) ID, a multi-user (MU) ID, and a broadcast ID of the WUR, and any one of the WUR IDs may wake up the wireless transceiver of the terminal. . The WUR identification information can be updated in its entirety or partially. The identification information of the WUR may also include a simplified frame verification code (FAC), that is, the identification information of the WUR is updated by the change of the FAC.
由于现有技术中无论WUR有无遭受攻击均会更新WUR ID,从而引入新的信令开销、失步风险,以及产生额外的能耗,与此同时也缺乏针对不同情况(如有无受到攻击均采取相同策略)的灵活性。因此,在本发明实施例中AP与关联的至少一个终端进行通信之前,AP可以对至少一个终端进行保护模式设置,从而便于更新终端中WUR的WUR ID,避免受到攻击者AP1的攻击,以实现对所述第二设备唤醒接收机的保护,从而减少了信令开销,降低了额外能耗,以及针对不同情况提高了终端中WUR的工作灵活性。Since the WUR ID is updated in the prior art regardless of whether or not the WUR is attacked, new signaling overhead, out-of-step risk, and additional power consumption are introduced, and at the same time, there is a lack of targeting for different situations (if there is no attack). The flexibility of adopting the same strategy). Therefore, before the AP communicates with the associated at least one terminal in the embodiment of the present invention, the AP may perform protection mode setting on the at least one terminal, thereby facilitating updating the WUR ID of the WUR in the terminal to avoid attack by the attacker AP1. The second device wakes up the protection of the receiver, thereby reducing signaling overhead, reducing additional power consumption, and improving the working flexibility of the WUR in the terminal for different situations.
需要说明的是,AP可以提供包括一种或多种保护模式对至少一个终端进行保护,AP可以提供以下保护模式:It should be noted that the AP may provide protection for at least one terminal by including one or more protection modes, and the AP may provide the following protection modes:
AP可以对终端设置严格的保护模式(记为第一保护模式),也可以对终端设置宽松的保护模式(记为第二保护模式)。The AP can set a strict protection mode for the terminal (recorded as the first protection mode), or set a loose protection mode for the terminal (referred to as the second protection mode).
第一保护模式,是指每次终端的无线收发器被其WUR成功唤醒后,AP更新该WUR的标识信息的模式。其中,AP更新该WUR的标识信息的方式可以是以下两种方式中任一种:The first protection mode refers to a mode in which the AP updates the identification information of the WUR after the wireless transceiver of the terminal is successfully awake by its WUR. The method for the AP to update the WUR identification information may be any of the following two methods:
方式一,AP在通过终端的WUR成功唤醒终端的无线收发器后,向终端的无线收发器发送与终端的WUR下次通信所使用的帧验证码(Frame Authentication Code,FAC)信息或新的WUR ID,并在本次AP与终端的无线收发器通信结束后,AP与终端的WUR同步更新FAC。In the first mode, after the WUR of the terminal successfully wakes up the wireless transceiver of the terminal, the AP sends a frame authentication code (FAC) message or a new WUR used for the next communication of the WUR of the terminal to the wireless transceiver of the terminal. ID, and after the communication between the AP and the terminal's wireless transceiver ends, the AP updates the FAC with the WUR of the terminal.
方式二,AP不直接给终端的无线收发器发送包含与终端的WUR下次通信所使用的FAC信息,而是在AP与终端关联时,或终端的当前保护模式切换到第一保护模式时,AP向终端的无线收发器发送一个密匙(key),AP与终端 分别使用相同的算法,并利用该key和一些当前的信息(如本次通信时终端的WUR所使用的FAC)计算出AP与终端的WUR下次通信所使用的新FAC信息(即新的标识信息),在本次AP与终端的无线收发器通信结束后,AP与终端的WUR同步更新WUR的FAC信息,不需要额外的消息交互。In the second mode, the AP does not directly send the FAC information used by the WUR of the terminal to the wireless transceiver of the terminal, but when the AP is associated with the terminal, or when the current protection mode of the terminal is switched to the first protection mode, The AP sends a key to the wireless transceiver of the terminal, and the AP and the terminal Use the same algorithm separately, and use the key and some current information (such as the FAC used by the WUR of the terminal at the time of communication) to calculate the new FAC information (ie, the new identifier) used by the WUR for the next communication between the AP and the terminal. Information), after the communication between the AP and the wireless transceiver of the terminal ends, the AP updates the FAC information of the WUR synchronously with the WUR of the terminal, and does not require additional message interaction.
第二保护模式,是指在AP收到终端发送的唤醒确认帧,确定在预设时间段内AP未向终端的WUR发送WUP时,才可能更新该WUR的标识信息,并且在AP收到终端发送的唤醒确认帧,确定在预设时间段内AP已经向终端的WUR发送过WUP时,不更新该WUR的标识信息的模式。The second protection mode is that when the AP receives the wakeup acknowledgement frame sent by the terminal, and determines that the AP does not send the WUP to the WUR of the terminal within the preset time period, the identifier information of the WUR may be updated, and the terminal receives the terminal at the AP. The sent wakeup confirmation frame determines the mode of not updating the WUR identification information when the AP has sent the WUP to the WUR of the terminal within the preset time period.
所述唤醒确认帧WUP是在终端的无线收发器被WUR成功唤醒后,由终端的无线收发器向AP发送,携带终端的无线收发器已被WUR唤醒的指示。The wake-up acknowledgement frame WUP is sent by the wireless transceiver of the terminal to the AP after the wireless transceiver of the terminal is successfully woken up by the WUR, and the wireless transceiver of the portable terminal has been woken up by the WUR.
可选地,AP可以设置第一时长、第二时长和第一整数(攻击次数阈值)。Optionally, the AP may set the first duration, the second duration, and the first integer (attack threshold).
第一时长作用在第一保护模式,是保持终端的WUR持续未被误唤醒或受到攻击的时长,用于AP判断终端的当前保护模式是否需要从第一保护模式切换到第二保护模式。The first duration of the first protection mode is to maintain the duration of the WUR of the terminal that is not awake or attacked by the terminal. The AP determines whether the current protection mode of the terminal needs to be switched from the first protection mode to the second protection mode.
其中,误唤醒,是指终端的WUR错误的接收到其他终端中WUR的唤醒帧(终端的WUR误认为是AP发给自己的唤醒帧)后,唤醒终端的无线收发器的行为。需要说明的是,在短时间内,终端连续被误唤醒的概率很低。The false wake-up refers to the behavior of the wireless transceiver that wakes up the terminal after receiving the WUR error of the terminal and receiving the wake-up frame of the WUR in the other terminal (the WUR of the terminal mistakenly believes that the AP sends the wake-up frame to the AP). It should be noted that the probability that the terminal is erroneously awake in a short time is very low.
终端的WUR受攻击,是指终端的WUR接收到攻击者AP1发来的唤醒帧后,唤醒终端的无线收发器的行为。需要说明的是,若存在攻击者AP1,则在短时间内,终端会连续受到攻击,从而持续性的唤醒无线收发器。The WUR of the terminal is attacked, which refers to the behavior of the wireless transceiver that wakes up the terminal after the WUR of the terminal receives the wake-up frame sent by the attacker AP1. It should be noted that if there is an attacker AP1, the terminal will be continuously attacked in a short time, thereby continuously waking up the wireless transceiver.
AP接收到终端的无线收发器发送的唤醒确认帧,在识别出预设时间段内未向终端的WUR发送唤醒帧的情况下,AP认为终端被误唤醒或受到攻击。此时AP判断终端持续未被误唤醒或受到攻击的时间是否超过第一时长,若超过第一时长,AP将终端的当前保护模式从第一保护模式切换到第二保护模式;若未超过第一时长,则AP更新WUR的标识信息,并且再次设置第一时长。The AP receives the wake-up acknowledgement frame sent by the wireless transceiver of the terminal. If the wake-up frame is not sent to the WUR of the terminal within the preset time period, the AP considers that the terminal is falsely awake or attacked. At this time, the AP determines whether the time that the terminal continues to be erroneously awake or attacked exceeds the first duration. If the first duration is exceeded, the AP switches the current protection mode of the terminal from the first protection mode to the second protection mode. After a period of time, the AP updates the identification information of the WUR and sets the first duration again.
需要说明的是,AP判断终端持续被误唤醒或受到攻击的依据是:AP在预 设时间段内未向终端的WUR发送唤醒帧,但持续接收到终端的无线收发器发送的唤醒确认帧时,AP认为终端持续被误唤醒或受到攻击(本说明书中后文将“误唤醒或受到攻击”的表述统一为“受到攻击”)。It should be noted that the AP judges that the terminal is continuously awake or attacked by the AP: It is assumed that the wake-up frame is not sent to the WUR of the terminal within the time period, but when the wake-up acknowledgement frame sent by the wireless transceiver of the terminal is continuously received, the AP considers that the terminal continues to be awake or attacked by mistake (in the present specification, "wrong wake-up or The expression "by attack" is unified as "attacked").
第二时长和第一整数作用在第二保护模式。第二时长是AP记录终端的WUR是否受到过第一整数次攻击的时长,用于判断终端的当前保护模式是否需要从第二保护模式切换到第一保护模式,以判断终端的WUR是否受到持续性的攻击,从而避免因终端被误唤醒而导致的保护模式切换。第一整数为预设的终端的WUR持续受到攻击的次数阈值,当终端在第二时长内受到攻击次数不小于第一整数次时,AP认为终端的WUR受到攻击的可能性远高于误唤醒,若小于第一整数次时,AP认为终端的WUR有一定概率是被误唤醒的。The second duration and the first integer act in the second protection mode. The second duration is the duration of whether the WUR of the AP records the first integer attack, and is used to determine whether the current protection mode of the terminal needs to be switched from the second protection mode to the first protection mode to determine whether the WUR of the terminal is sustained. Sexual attack to avoid protection mode switching caused by the terminal being awake. The first integer is the threshold of the number of times the WUR of the terminal is continuously attacked. When the number of attacks by the terminal in the second time is not less than the first integer number, the AP considers that the WUR of the terminal is much more likely to be attacked than the false wakeup. If it is less than the first integer number, the AP considers that the WUR of the terminal has a certain probability of being awakened by mistake.
终端工作在第一保护模式的第一时长下,每次终端的无线收发器被WUR成功唤醒后,AP都更新WUR的标识信息;终端工作在第一保护模式,且超过第一时长后,同时终端在第一时长内没有受到过攻击,AP将终端的当前保护模式从第一保护模式切换到第二保护模式。The terminal works in the first duration of the first protection mode. After the wireless transceiver of the terminal is successfully awake by the WUR, the AP updates the identification information of the WUR; the terminal works in the first protection mode, and after the first duration, The terminal has not been attacked for the first time period, and the AP switches the current protection mode of the terminal from the first protection mode to the second protection mode.
在第二保护模式工作的第二时长下,且AP收到唤醒确认帧,确定在预设时间段内AP未向终端的WUR发送WUP时,若终端至少第一整数次受到攻击,AP将终端的当前保护模式从第二保护模式切换到第一保护模式,以更新WUR的标识信息;若终端受到小于第一整数次攻击,则AP根据实际情况可以不更新WUR的标识信息。在第二保护模式,且AP收到唤醒确认帧,确定在预设时间段内AP未向终端的WUR发送WUP时,AP与终端交互数据,正常完成本轮通信。In the second duration of the second protection mode, the AP receives the wake-up acknowledgement frame, and determines that the AP does not send the WUP to the WUR of the terminal within the preset time period, and if the terminal is attacked by at least the first integer, the AP will be the terminal. The current protection mode is switched from the second protection mode to the first protection mode to update the WUR identification information. If the terminal is less than the first integer attack, the AP may not update the WUR identification information according to the actual situation. In the second protection mode, and the AP receives the wake-up acknowledgement frame, and determines that the AP does not send the WUP to the WUR of the terminal within the preset time period, the AP interacts with the terminal to complete the current round of communication normally.
可选地,AP还可以包括第一计时器、第二计时器和第三计时器。Optionally, the AP may further include a first timer, a second timer, and a third timer.
第一计时器用于对第一保护模式进行计时,以判断在带来额外开销和风险情况下,是否运作了足够长时间。The first timer is used to time the first protection mode to determine if it has operated for a sufficient amount of time due to additional overhead and risk.
第二计时器用于对第二保护模式进行计时,以判断WUR是否受到持续性的攻击,以避免终端的误唤醒。 The second timer is used to time the second protection mode to determine whether the WUR is subjected to a persistent attack to avoid false wake-up of the terminal.
第三计时器用于设置预设时间段,以判断终端是否受到攻击。The third timer is used to set a preset time period to determine whether the terminal is attacked.
在第一保护模式下,第一计时器的工作状态为计时状态时,每次终端的无线收发器被WUR成功唤醒后,AP都更新WUR的标识信息;在第一计时器的工作状态由计时状态转为停止状态时,AP将终端的当前保护模式从第一保护模式切换到第二保护模式。In the first protection mode, when the working state of the first timer is the timing state, each time the wireless transceiver of the terminal is successfully woken up by the WUR, the AP updates the identification information of the WUR; When the state changes to the stop state, the AP switches the current protection mode of the terminal from the first protection mode to the second protection mode.
在第二保护模式下,AP收到唤醒确认帧,确定在预设时间段内AP未向终端的WUR发送WUP时,且第二计时器的工作状态为计时状态,AP认为终端受到持续攻击,AP将终端的当前保护模式从第二保护模式切换到第一保护模式,以更新WUR的标识信息;在AP收到唤醒确认帧,确定在预设时间段内AP未向终端的WUR发送WUP时,且第二计时器的工作状态为停止状态,AP与终端交互数据,正常完成本轮通信。In the second protection mode, the AP receives the wake-up acknowledgement frame, and determines that the AP does not send the WUP to the WUR of the terminal within the preset time period, and the working state of the second timer is the timed state, and the AP considers that the terminal is continuously attacked. The AP switches the current protection mode of the terminal from the second protection mode to the first protection mode to update the WUR identification information. When the AP receives the wakeup acknowledgement frame, it determines that the AP does not send the WUP to the WUR of the terminal within the preset time period. And the working state of the second timer is a stop state, and the AP interacts with the terminal to complete the current round of communication normally.
可选地,AP对至少一个终端进行相同的保护模式设置,或者对至少两个终端进行相同的保护模式设置。Optionally, the AP performs the same protection mode setting on at least one terminal, or performs the same protection mode setting on at least two terminals.
在一个例子中,以AP对三个终端进行保护模式设置为例,AP对终端保护模式的设置结果,可以如终端保护模式表1所示。In an example, the protection mode setting of the three terminals by the AP is taken as an example, and the setting result of the AP to the terminal protection mode may be as shown in the terminal protection mode table 1.
表1Table 1
终端terminal 保护模式Protection mode
终端1Terminal 1 第一保护模式First protection mode
终端2Terminal 2 第二保护模式Second protection mode
终端3Terminal 3 第一保护模式First protection mode
表1中,终端1被设置为工作在第一保护模式(当前保护模式)下,终端2被设置为工作在第二保护模式下,终端3被设置为工作在第一保护模式下。可以理解的是,AP可以通过终端的属性信息,查询到该终端所处的当前保护模式。该终端的属性信息可以为终端的身份信息,或终端的唤醒接收机 的标识信息,等等。In Table 1, terminal 1 is set to operate in a first protection mode (current protection mode), terminal 2 is set to operate in a second protection mode, and terminal 3 is set to operate in a first protection mode. It can be understood that the AP can query the current protection mode of the terminal through the attribute information of the terminal. The attribute information of the terminal may be the identity information of the terminal or the wake-up receiver of the terminal. Identification information, and so on.
可选地,根据用户实际需要,AP可以设置第二计时器的计时状态的时长比第一计时器的计时状态的时长短,如若第二计时器的计时状态的时长可以设置为1小时,则第一计时器的计时状态的时长可以设置为6小时,以避免终端的无线收发器过早休眠,而导致AP与终端未同步更新WUR ID,即失步。为了避免受到持续性的攻击,并且赋予AP将终端的当前保护模式在不同保护强度之中灵活选择的能力,AP可以将终端的当前保护模式在第一保护模式与第二保护模式间合理切换。第一计时器与第二计时器的功能可以由软件程序来实现。Optionally, according to actual needs of the user, the AP may set the duration of the timing state of the second timer to be shorter than the duration of the timing state of the first timer, and if the duration of the timing state of the second timer may be set to 1 hour, The duration of the timing state of the first timer can be set to 6 hours to prevent the wireless transceiver of the terminal from sleeping prematurely, and the AP and the terminal are not synchronized to update the WUR ID, that is, out of synchronization. In order to avoid the persistent attack and give the AP the ability to flexibly select the current protection mode of the terminal among different protection strengths, the AP can reasonably switch the current protection mode of the terminal between the first protection mode and the second protection mode. The functions of the first timer and the second timer can be implemented by a software program.
下面在通信过程中,以攻击者AP1获取到终端中WUR的第一标识信息向终端的WUR发送WUP;AP关联一个终端为例,详细介绍AP与终端间的通信方法。In the following, in the communication process, the attacker AP1 obtains the first identification information of the WUR in the terminal and sends the WUP to the WUR of the terminal; the AP associates a terminal as an example, and details the communication method between the AP and the terminal.
图3为本发明实施例提供的一种通信方法的信令交互图。如图3所示,该方法可以包括:FIG. 3 is a signaling interaction diagram of a communication method according to an embodiment of the present invention. As shown in FIG. 3, the method may include:
步骤310、AP接收终端的无线收发器发送的唤醒确认帧,该唤醒确认帧可以包括第一指示信息(唤醒指示信息),该第一指示信息用于指示终端的无线收发器是被终端的唤醒接收机在接收到唤醒帧后唤醒。Step 310: The AP receives a wake-up acknowledgement frame sent by the wireless transceiver of the terminal, where the wake-up acknowledgement frame may include first indication information (wake-up indication information), where the first indication information is used to indicate that the wireless transceiver of the terminal is awakened by the terminal. The receiver wakes up after receiving the wake-up frame.
该唤醒确认帧可以是控制帧、数据帧或管理帧。所述第一指示信息可以在前述各个帧结构中用至少一个比特位来标识。The wakeup acknowledgement frame can be a control frame, a data frame, or a management frame. The first indication information may be identified by at least one bit in each of the foregoing frame structures.
可选地,在步骤310之前,执行步骤308,AP或攻击者AP1可以向终端发送唤醒帧,以唤醒终端。Optionally, before step 310, step 308 is performed, and the AP or the attacker AP1 may send a wake-up frame to the terminal to wake up the terminal.
当AP有下行消息要发送给终端时,AP向该终端的WUR发送唤醒帧,以唤醒终端的无线收发器。唤醒帧WUP可以包括唤醒接收机的第一标识信息(原标识信息),第一标识信息可以是完整的WUR标识信息或部分的WUR标识信息,如完整的媒体介入控制(Medium Access Control,MAC)地址,或能区 分MAC地址的部分地址。When the AP has a downlink message to send to the terminal, the AP sends a wake-up frame to the WUR of the terminal to wake up the wireless transceiver of the terminal. The wake-up frame WUP may include first identification information (original identification information) of the wake-up receiver, and the first identification information may be complete WUR identification information or partial WUR identification information, such as complete Medium Access Control (MAC). Address, or energy zone Partial address of the MAC address.
当攻击者AP1监听到该终端的第一标识信息时,攻击者AP1向该终端的WUR发送唤醒帧,以唤醒终端的无线收发器,即终端受到攻击者AP1的攻击。When the attacker AP1 monitors the first identification information of the terminal, the attacker AP1 sends a wake-up frame to the WUR of the terminal to wake up the wireless transceiver of the terminal, that is, the terminal is attacked by the attacker AP1.
步骤309,终端的WUR在接收到唤醒帧之后,WUR向终端的无线收发器发送第一触发信号,以用于唤醒终端的无线收发器。在唤醒终端的无线收发器之后,终端的WUR转入休眠。Step 309, after receiving the wake-up frame, the WUR of the terminal sends a first trigger signal to the wireless transceiver of the terminal for waking up the wireless transceiver of the terminal. After waking up the wireless transceiver of the terminal, the WUR of the terminal goes to sleep.
回到步骤310,进一步的,若在预设时间段内,AP接收到终端的无线收发器发送的唤醒确认帧,则AP认为成功唤醒该终端的无线收发器。若不在预设时间段,AP接收到终端的无线收发器发送的唤醒确认帧,则AP认为终端的无线收发器受到攻击。Going back to step 310, further, if the AP receives the wake-up acknowledgement frame sent by the wireless transceiver of the terminal within the preset time period, the AP considers that the wireless transceiver of the terminal is successfully awake. If the AP does not receive the wake-up acknowledgement frame sent by the wireless transceiver of the terminal, the AP considers that the wireless transceiver of the terminal is attacked.
其中,AP设置预设时间段的方式可以包括但不限制于:通过第三计时器来设置预设时间段的方式,如AP可以设置第三计时器的预设时间段由50ms倒数至零,或由零增长到50ms;或,通过记录发送唤醒帧的时间A和接收到该终端发送的唤醒确认帧的时间B,获取时间A与时间B的差值是否在预设时间段内的方式。可以理解的是,AP向终端发送了唤醒帧,若在预设时间段内,AP没有收到终端的无线收发器发送的唤醒确认帧,则AP没有成功唤醒该终端的无线收发器。The manner in which the AP sets the preset time period may include, but is not limited to, a manner of setting a preset time period by using a third timer, for example, the AP may set the preset time period of the third timer from 50 ms to zero. Or increase from zero to 50 ms; or, by recording the time A of transmitting the wake-up frame and the time B of receiving the wake-up acknowledgement frame sent by the terminal, the manner of whether the difference between the time A and the time B is within the preset time period is obtained. It can be understood that the AP sends a wake-up frame to the terminal. If the AP does not receive the wake-up acknowledgement frame sent by the wireless transceiver of the terminal within the preset time period, the AP does not successfully wake up the wireless transceiver of the terminal.
在一个例子中,以通过第三计时器设置预设时间段为例,根据用户或运营商的实际设计需要,针对AP关联的不同的终端,可以设置不同或相同的预设时间段。若AP要延迟一段时间(如延迟300ms)再唤醒终端的无线收发器,则AP可以将针对该终端的第三计时器的预设时间段设置为第三计时器剩余50-0ms(如从300ms+50ms起开始倒计时,前300ms为延迟的时间),或第三计时器处于300-350ms之间(从0ms开始正数计时,前300ms为延迟的时间)。可以理解的是,AP可以通过对预设时间段设置延迟时间的方式同时唤醒该AP关联的多个终端。 In an example, the preset time period is set by using the third timer as an example. According to the actual design requirements of the user or the operator, different or the same preset time periods may be set for different terminals associated with the AP. If the AP wants to delay the wireless transceiver of the terminal after delaying for a period of time (such as delay of 300ms), the AP may set the preset time period of the third timer for the terminal to the remaining 30-0ms of the third timer (eg, from 300ms). The countdown starts from +50ms, the first 300ms is the delay time), or the third timer is between 300-350ms (positive counting from 0ms, the first 300ms is the delayed time). It can be understood that the AP can simultaneously wake up multiple terminals associated with the AP by setting a delay time for the preset time period.
可选地,当唤醒确认帧是控制帧时,唤醒确认帧可以是改进后的PS-Poll帧,也可以是新的控制帧。Optionally, when the wakeup acknowledgement frame is a control frame, the wakeup acknowledgement frame may be an improved PS-Poll frame or a new control frame.
如图4所示,该控制帧包含帧控制(frame control,FC)域、AP为AP的无线收发器分配的ID值的ID域、接收地址(Receive Address,RA)域、发送地址(transmit address,TA)域、WUR标识信息(可以是WUR ID Index)域和帧校验序列(frame check sequence,FCS),其中,ID域和WUR标识信息域是可选的。As shown in FIG. 4, the control frame includes a frame control (FC) field, an ID field of an ID value assigned by the AP for the wireless transceiver of the AP, a receive address (RA) field, and a transmit address (transmit address). , TA) domain, WUR identification information (may be WUR ID Index) domain and frame check sequence (FCS), wherein the ID domain and the WUR identification information field are optional.
在一个例子中,当唤醒确认帧是改进后的PS-Poll帧时(ID域是可选的),即在PS-Poll帧增加WUR标识信息域,WUR标识信息域用于承载第二指示信息,该第二指示信息可以指示唤醒帧WUP中完整的或部分的第一标识信息(如WUR的单用户ID、多用户ID或广播ID),或指示唤醒帧WUP中第一标识信息的位置信息。当WUR标识信息域可以包含2比特位时,不同的第一标识信息可以配置不同的地址信息。如地址01,分配WUR的单用户ID;地址10,分配WUR的第一多用户ID(多用户ID中的一个);地址11,分配WUR的第一广播ID(多广播ID中的一个)。In an example, when the wakeup acknowledgement frame is an improved PS-Poll frame (the ID field is optional), that is, the WUR identification information field is added in the PS-Poll frame, and the WUR identification information field is used to carry the second indication information. The second indication information may indicate complete or partial first identification information (such as a single user ID, multi-user ID or broadcast ID of the WUR) in the wake-up frame WUP, or location information indicating the first identification information in the wake-up frame WUP . When the WUR identification information field can contain 2 bits, different first identification information can be configured with different address information. For example, address 01 assigns a single user ID of WUR; address 10, assigns a first multi-user ID of WUR (one of multi-user IDs); address 11, assigns a first broadcast ID of WUR (one of multi-broadcast IDs).
在另一个例子中,当唤醒确认帧是新的控制帧时,可以在FC域中预留至少一个指示位的方式,以标识所述第一指示信息。该方式可以包括:In another example, when the wakeup acknowledgement frame is a new control frame, at least one indicator bit may be reserved in the FC domain to identify the first indication information. This method can include:
(1)在FC域的subtype子域中指示所述第一指示信息。如图5所示,当FC域中的类型type子域指示该帧为控制帧(即type子域值设为B3B2为01)时,子类型subtype子域中有预留四个指示位(0000-0011),但在802.11ax标准中,subtype子域预留的四个指示位中需要被占用一个指示位,因此在subtype子域中可以用剩余三个指示位中的一个来标识所述第一指示信息。其中,B2-B7表示比特位(1) indicating the first indication information in a subtype subfield of the FC domain. As shown in FIG. 5, when the type type subfield in the FC domain indicates that the frame is a control frame (that is, the type subfield value is set to B3B2 is 01), four sub-indicators are reserved in the subtype subtype subfield (0000). -0011), but in the 802.11ax standard, one of the four indicator bits reserved by the subtype subfield needs to be occupied by an indication bit, so that one of the remaining three indicator bits can be used in the subtype subfield to identify the An indication message. Where B2-B7 represents the bit
(2)在控制帧扩展(control frame extension)域中指示所述第一指示信息。如图6所示,当FC域中的type子域指示为控制帧(即type子域值 设为01)时,且subtype子域为0110时,FC域的B11-B8位为control frame extension域,在control frame extension域中有预留七个指示位(0000,0001,1011-1111),因此在control frame extension域中可以用七个指示位中的一个来标识所述第一指示信息。(2) indicating the first indication information in a control frame extension (control frame extension) field. As shown in FIG. 6, when the type subfield in the FC domain is indicated as a control frame (ie, a type subfield value) When set to 01), and the subtype subfield is 0110, the B11-B8 bits of the FC domain are control frame extension fields, and seven indicator bits (0000, 0001, 1011-1111) are reserved in the control frame extension field. Thus, the first indication information can be identified by one of seven indicator bits in the control frame extension field.
(3)在控制帧中除上述subtype域和control frame extension域外的其他预留的空闲比特中指示所述第一指示信息。如图7所示,该帧类型是控制帧,并且subtype域值不为0110(即没有control frame extension域),协议版本(protocolversion)域,用于指出帧的协议;类型(type)域和子类型(subtype)域,用于共同指出帧的类型;To DS域,表明该帧是基本服务集((basic service set,BSS)向路由服务器(DS)发送的帧;From DS域,表明该帧是DS向BSS发送的帧;多片段(more frag)域,用于说明长帧被分段的情况,是否还有其它的帧;重传(retry)域,用于帧的重传,接收终端利用该域消除重传帧;能量管理(power management)域,1表明STA处于节电模式;0表明处于非省电工作模式;多数据(More Data)域:1表明至少还有一个数据帧要发送给终端;保护(protected frame)域:表明帧体部分是否包含被密钥套处理过的数据;序号(order)域:1表明长帧分段传送是否采用严格编号方式。此时该帧中预留了六个指示位(B8-B11,B14-B15)作为空闲比特(该六个指示位默认设置为零),即没有特别的含义,因此可以用B8-B11,B14-B15中的六个指示位中的一个来标识所述第一指示信息。(3) indicating the first indication information in other reserved idle bits except the subtype field and the control frame extension field in the control frame. As shown in FIG. 7, the frame type is a control frame, and the subtype field value is not 0110 (ie, there is no control frame extension field), the protocol version field is used to indicate the protocol of the frame; the type field and the subtype are (subtype) field, used to jointly indicate the type of the frame; To DS field, indicating that the frame is a basic service set (BSS) sent to the routing server (DS); the From DS field indicates that the frame is The frame sent by the DS to the BSS; the more frag field is used to indicate whether the long frame is segmented, whether there are other frames, and the retry field is used for frame retransmission, and the receiving terminal utilizes The domain eliminates the retransmission frame; the power management domain, 1 indicates that the STA is in the power saving mode; 0 indicates that it is in the non-power saving mode; and the More Data field: 1 indicates that at least one data frame is to be sent. Protected frame: Indicates whether the frame body part contains data processed by the key set; the order field: 1 indicates whether the long frame segment transmission is strictly numbered. Left six indicator positions (B8-B11, B14-B15) It is an idle bit (the six indicator bits are set to zero by default), that is, there is no special meaning, so the first indication information can be identified by one of the six indication bits in B8-B11, B14-B15.
可选地,当唤醒确认帧是数据帧时,唤醒确认帧可以是一种新的空数据帧(null data packet,NDP)帧。Optionally, when the wakeup acknowledgement frame is a data frame, the wakeup acknowledgement frame may be a new null data packet (NDP) frame.
在功能上,NDP帧与PS-Poll帧类似,以用于告知终端已苏醒,但在结构上,NDP帧的帧长度比PS-Poll帧的帧长度短,可以节省传输时间,如802.11ah协议中带宽为1MHz的具有PS-Poll帧功能的NDP帧(NDP_1M PS-Poll)的长度为25bits,带宽为2MHz的NDP_2M PS-Poll长度为37bits,而传统PS-Poll帧为160bits,且带宽为20MHz。 Functionally, the NDP frame is similar to the PS-Poll frame to inform the terminal that it has awake, but structurally, the frame length of the NDP frame is shorter than the frame length of the PS-Poll frame, which can save transmission time, such as the 802.11ah protocol. The length of the NDP frame (NDP_1M PS-Poll) with the PS-Poll frame function of 1 MHz is 25 bits, the length of the NDP_2M PS-Poll with the bandwidth of 2 MHz is 37 bits, and the traditional PS-Poll frame is 160 bits, and the bandwidth is 20 MHz. .
如图8所示,该数据帧可以包含NDP帧控制(NDP Frame Control,NDP FC)域、简短的接收地址RA域、简短的发送地址TA域和携带指示信息的WUR标识信息域。As shown in FIG. 8, the data frame may include an NDP Frame Control (NDP FC Control) field, a short receiving address RA field, a short sending address TA field, and a WUR identification information field carrying indication information.
NDP帧控制域可以用于指示WUR唤醒确认帧的帧类型。WUR标识信息域中的指示信息可以指示终端被唤醒时,唤醒帧WUP中完整或简短的第一标识信息(如WUR的单用户ID、第一多用户ID或第一广播ID),或指示唤醒帧WUP中第一标识信息的位置信息。The NDP frame control field can be used to indicate the frame type of the WUR wakeup acknowledgement frame. The indication information in the WUR identification information field may indicate that the terminal is awake, wake up the complete or short first identification information in the frame WUP (such as the single user ID of the WUR, the first multi-user ID or the first broadcast ID), or indicate wake-up Location information of the first identification information in the frame WUP.
可选地,当唤醒确认帧是管理帧时,如唤醒确认帧可以是功能帧,功能帧是一种管理子类型帧,以用于要求AP采取必要的行动,如信道切换宣告等。Optionally, when the wakeup acknowledgement frame is a management frame, for example, the wakeup acknowledgement frame may be a function frame, and the function frame is a management subtype frame for requesting the AP to take necessary actions, such as a channel switch announcement.
如图9所示,该管理帧可以包括FC域、时长(Duration)域、接收地址域(Address1)、发送地址(Address2)域、接收端地址(Address3)域、序列控制(Sequence Control)域、HT控制(HT Control)域、帧体(Frame Body)域和帧校验(FCS)。Duration域用于计划占用信道的时间。Address3域可以是传输的消息经过以太网多次被转发后的最终接收者的接收地址。Sequence Control域用于重组帧片段或丢弃重复帧。Frame Body域用于承载一些帧的具体类型和解释信息,如信道切换宣告。HT控制域用于指示一些控制信息。需要说明的是,该管理帧的帧格式与帧的子类型无关,且地址域字段不随帧的子类型而改变。当帧的子类型改变时,只有Frame Body域会发生变化。As shown in FIG. 9, the management frame may include an FC domain, a Duration field, a Receive Address field (Address1), a Send Address (Address2) field, a Receiver Address (Address3) field, and a Sequence Control (Sequence Control) field. HT Control (HT Control) field, Frame Body field and Frame Check (FCS). The Duration field is used to schedule the time occupied by the channel. The Address3 field can be the receiving address of the final recipient after the transmitted message is forwarded multiple times over Ethernet. The Sequence Control field is used to reassemble frame fragments or discard duplicate frames. The Frame Body field is used to carry specific types and interpretation information of some frames, such as channel switching announcements. The HT Control field is used to indicate some control information. It should be noted that the frame format of the management frame is independent of the subtype of the frame, and the address field field does not change with the subtype of the frame. When the subtype of the frame changes, only the Frame Body field changes.
其中,如图9所示,作为唤醒确认帧的管理帧,Frame Body域至少包含两部分,类型(Category)域和WUR ID Index域。Category域用于指示该管理帧为唤醒确认帧。WUR ID Index域用于携带第二指示信息,该第二指示信息可以指示唤醒帧WUP中完整的或部分的第一标识信息(如WUR的单用户ID、多用户ID或广播ID),或指示唤醒帧WUP中第一标识信息的位置信息。As shown in FIG. 9, as a management frame of the wakeup acknowledgement frame, the Frame Body field includes at least two parts, a Category field and a WUR ID Index field. The Category field is used to indicate that the management frame is a wake-up acknowledgement frame. The WUR ID index field is used to carry the second indication information, where the second indication information may indicate complete or partial first identification information (such as a single user ID, multi-user ID or broadcast ID of the WUR) in the wake-up frame WUP, or The location information of the first identification information in the wakeup frame WUP.
可以理解的是,若终端仅能被WUR通过唯一一个第一标识信息唤醒的情况下,唤醒确认帧中WUR ID Index域的帧长度可以为0比特,其中AP可以 通过收到的WUR唤醒确认帧的帧长度,判断该唤醒确认帧是否有WUR ID Index域。It can be understood that if the terminal can only be awakened by the WUR through a unique first identifier, the frame length of the WUR ID Index field in the wakeup acknowledgement frame can be 0 bits, where the AP can The WUR wakeup confirmation frame is judged to have a WUR ID Index field by the received WUR wakeup confirmation frame length.
可选地,如果唤醒确认帧为管理帧中的功能帧,可以通过Category域中的第一指示信息判断该管理帧是否有WUR ID Index域。Optionally, if the wakeup acknowledgement frame is a function frame in the management frame, the first indication information in the Category field may be used to determine whether the management frame has a WUR ID Index field.
步骤320、AP根据第一指示信息,向终端发送第一消息或第二消息。Step 320: The AP sends the first message or the second message to the terminal according to the first indication information.
第一消息是数据帧,第二消息可以是数据帧、控制帧或管理帧。The first message is a data frame, and the second message may be a data frame, a control frame, or a management frame.
可选地,在执行步骤320之前,AP根据第一指示信息,判断在预设时间段内,是否向终端发送过唤醒帧。Optionally, before performing step 320, the AP determines, according to the first indication information, whether the awake frame is sent to the terminal within a preset time period.
当AP根据第一指示信息,确定在预设时间段内已向终端发送唤醒帧时,也就是说,终端的无线收发器被AP正常唤醒,AP向终端发送第一消息,第一消息可以包括第一数据信息,以实现终端与AP间的正常通信。When the AP determines, according to the first indication information, that the awake frame has been sent to the terminal within the preset time period, that is, the wireless transceiver of the terminal is normally awake by the AP, the AP sends a first message to the terminal, where the first message may include The first data information is used to implement normal communication between the terminal and the AP.
当AP根据第一指示信息,确定在预设时间段内未向终端发送唤醒帧时,也就是说,终端的无线收发器被误唤醒或WUR受到攻击者AP1的攻击,AP向终端的无线收发器发送第二消息,第二消息可以包括唤醒接收机的第二标识信息,第二标识信息是AP通过更新第一标识信息获得的,以避免该终端的WUR受到持续性的攻击而不断唤醒终端的无线收发器,致使该终端的能量被快速消耗,实现终端与AP间的正常通信。When the AP determines, according to the first indication information, that the awake frame is not sent to the terminal within the preset time period, that is, the wireless transceiver of the terminal is awake by mistake or the WUR is attacked by the attacker AP1, and the AP sends and receives the awake to the terminal. And sending the second message, the second message may include the second identifier information of the wake-up receiver, where the second identifier information is obtained by the AP by updating the first identifier information, so as to prevent the WUR of the terminal from being continuously attacked and continuously waking up the terminal. The wireless transceiver causes the energy of the terminal to be quickly consumed, and achieves normal communication between the terminal and the AP.
可选地,AP向终端的无线收发器发送第二消息之前,AP对第二消息进行加密处理。其中,AP加密的方式可以包括:Optionally, before the AP sends the second message to the wireless transceiver of the terminal, the AP performs encryption processing on the second message. The AP encryption method may include:
(1)AP采用类似802.11中更新群组临时密钥(Group Temporal Key,GTK)的流程。AP向终端发送改进后的基于局域网的扩展认证协议(Extensible Authentication Protocol over LAN,EAPOL)密钥(key)的消息。(1) The AP adopts a process similar to updating the Group Temporal Key (GTK) in 802.11. The AP sends an improved message of the Extensible Authentication Protocol over LAN (EAPOL) key to the terminal.
该消息可以包括加密的数据部分(即第二标识信息)和用于验证发送者(如AP)身份的消息完整性检测码(Message Integrity Code,MIC)信息。The message may include an encrypted data portion (ie, second identification information) and Message Integrity Code (MIC) information for verifying the identity of the sender (eg, AP).
(2)AP定义一种新的加密的管理帧,该结构类似于功能帧。该管理帧帧载体中可承载MIC和一些加密的其他信息(如第二标识信息)。 (2) The AP defines a new encrypted management frame that is similar to a functional frame. The management frame carrier can carry MIC and some other encrypted information (such as second identification information).
(3)AP使用加密的数据帧,数据部分承载第二标识信息。(3) The AP uses the encrypted data frame, and the data part carries the second identification information.
可选地,第二消息还可以包括唤醒接收机的第二标识信息的指示信息,如key(密匙),以指示终端使用相同的算法利用这个key和第一标识信息计算出AP与终端的WUR下次通信所使用的第二标识信息。Optionally, the second message may further include indication information, such as a key, for waking up the second identifier information of the receiver, to indicate that the terminal uses the same algorithm to calculate the AP and the terminal by using the key and the first identifier information. The second identification information used by the WUR for the next communication.
可选地,如果AP除了第二标识信息外,还有其他消息(如携带第一数据信息的数据帧)需要传输,则先向终端发送包括第二标识信息的第二消息,再传输后续消息(如数据帧)。这样,通过后续消息的传输确保终端的无线收发器处于苏醒并且已收到携带第二标识信息的第二消息,避免因终端的无线收发器进入休眠而导致AP与终端未同步更新WUR的标识信息,即第二标识信息。Optionally, if the AP needs to transmit other information (such as a data frame carrying the first data information) in addition to the second identifier information, the AP sends the second message including the second identifier information to the terminal, and then transmits the subsequent message. (such as data frames). In this way, the transmission of the subsequent message ensures that the wireless transceiver of the terminal is awake and has received the second message carrying the second identification information, so as to prevent the AP and the terminal from updating the WUR identification information due to the wireless transceiver of the terminal entering the sleep state. , that is, the second identification information.
步骤330、终端向AP发送确认消息。Step 330: The terminal sends an acknowledgement message to the AP.
若终端的无线收发器接收到第一消息,则终端向AP发送第一确认消息(针对所述第一消息的确认消息)。若终端的无线收发器接收到第二消息,则终端向AP发送第二确认消息(针对所述第二消息的确认消息)。If the wireless transceiver of the terminal receives the first message, the terminal sends a first acknowledgement message (a confirmation message for the first message) to the AP. If the wireless transceiver of the terminal receives the second message, the terminal sends a second acknowledgement message (a confirmation message for the second message) to the AP.
其中,第一确认消息和第二确认消息可以是控制帧(如ACK)、数据帧(如data+ACK等)或管理帧。The first acknowledgement message and the second acknowledgement message may be a control frame (such as ACK), a data frame (such as data+ACK, etc.), or a management frame.
可以理解的是,第一确认消息和第二确认消息可以相同,也可以不同。It can be understood that the first confirmation message and the second confirmation message may be the same or different.
当AP在预设时间段内确定向终端的WUR已发送过唤醒帧,即终端的无线收发器被AP唤醒时,该第一确认消息用于指示终端收到第一数据信息。AP与终端间的所有消息传输完成后,终端的无线收发器可以等待一段时间(如100ms)后进入休眠,在这段时间内终端可以等待接收AP发送的第三确认消息,该第三确认消息用于指示AP收到了终端发送的前述第一确认消息。终端的无线收发器要进入休眠时,无线收发器向WUR发送第二触发信号,以用于唤醒WUR。本轮通信完成。When the AP determines that the WUR has sent a wake-up frame to the WUR of the terminal, that is, the wireless transceiver of the terminal is awake by the AP, the first acknowledgement message is used to instruct the terminal to receive the first data information. After all the messages between the AP and the terminal are transmitted, the wireless transceiver of the terminal can wait for a period of time (for example, 100 ms) to enter the sleep state. During this time, the terminal can wait for the third acknowledgement message sent by the AP, the third acknowledgement message. It is used to indicate that the AP receives the foregoing first acknowledgement message sent by the terminal. When the wireless transceiver of the terminal is going to sleep, the wireless transceiver sends a second trigger signal to the WUR for waking up the WUR. This round of communication is completed.
当AP在预设时间段内确定未向终端的WUR发送唤醒帧,即终端的无线收发器被误唤醒或受到攻击者AP1的攻击时,该第二确认消息可以包括终端的 身份验证信息(如MIC),使AP根据身份验证信息,确定终端的属性信息,如终端的身份信息,以使AP与终端进行通信。When the AP determines that the wake-up frame is not sent to the WUR of the terminal within a preset time period, that is, the wireless transceiver of the terminal is awake by mistake or is attacked by the attacker AP1, the second acknowledgement message may include the terminal. The authentication information (such as MIC) enables the AP to determine the attribute information of the terminal, such as the identity information of the terminal, according to the authentication information, so that the AP communicates with the terminal.
需要说明的是,当AP采用改进后的802.11协议中更新GTK流程时,第二确认消息可以是改进后的EAPOL_key应答帧。该第二确认消息可以包括终端的MIC信息。第二确认消息也可以是改进后的Action frame的帧,其frame body中可以承载MIC信息。It should be noted that when the AP updates the GTK process in the improved 802.11 protocol, the second acknowledgement message may be the improved EAPOL_key response frame. The second confirmation message may include MIC information of the terminal. The second acknowledgement message may also be a frame of the improved Action frame, and the frame body may carry the MIC information.
AP与终端间的所有消息传输完成后,终端的无线收发器可以等待一段时间(如100ms)后进入休眠,在这段时间内终端可以等待接收AP发送的第三确认消息,该第三确认消息用于指示AP收到了终端发送的前述确认消息。通过推后终端的无线收发器进入休眠的时间可以使终端和AP相互确认各自都获取到第二标识信息,从而降低失步风险。终端的无线收发器要进入休眠时,无线收发器向WUR发送第二触发信号,以用于唤醒WUR,AP与终端也同步更新相应的WUR标识信息。本轮通信完成。After all the messages between the AP and the terminal are transmitted, the wireless transceiver of the terminal can wait for a period of time (for example, 100 ms) to enter the sleep state. During this time, the terminal can wait for the third acknowledgement message sent by the AP, the third acknowledgement message. It is used to indicate that the AP receives the foregoing acknowledgement message sent by the terminal. By pushing the wireless transceiver of the terminal to enter the sleep time, the terminal and the AP can confirm each other to obtain the second identification information, thereby reducing the risk of losing synchronization. When the wireless transceiver of the terminal is going to sleep, the wireless transceiver sends a second trigger signal to the WUR for waking up the WUR, and the AP and the terminal also update the corresponding WUR identification information. This round of communication is completed.
可选地,若终端有第二数据信息需要传输到AP时,第一确认消息和第二确认消息还可以包括第二数据信息。Optionally, if the terminal has the second data information that needs to be transmitted to the AP, the first acknowledgement message and the second acknowledgement message may further include the second data information.
上述方法中的各步骤实现了在终端的无线接收器被WUR唤醒后向AP发送的唤醒确认帧中携带终端的无线接收器是被WUR唤醒的第一指示信息,使得AP依据之前是否发送过WUP判定WUR是否受到攻击,决定是否更新WUR ID,从而有效的降低终端空闲时侦听信道的能量浪费,同时通过更新WUR ID保证了终端的通信安全。Each step in the foregoing method implements the first indication information that the wireless receiver carrying the terminal in the wakeup acknowledgement frame sent by the WUR wakes up to the AP after the wireless receiver of the terminal is awake by the WUR is WUX awake, so that the AP sends the WUP according to whether the WUP has been sent before. It is determined whether the WUR is attacked, and whether to update the WUR ID, thereby effectively reducing the waste of the listening channel when the terminal is idle, and ensuring the communication security of the terminal by updating the WUR ID.
进一步的,AP接收到终端发送的唤醒确认帧之后,AP根据唤醒确认帧,确定终端的当前保护模式。唤醒确认帧可以包括终端的属性信息,如终端的地址信息。Further, after the AP receives the wakeup acknowledgement frame sent by the terminal, the AP determines the current protection mode of the terminal according to the wakeup acknowledgement frame. The wakeup acknowledgement frame may include attribute information of the terminal, such as address information of the terminal.
可选地,AP根据终端的地址信息可以从终端的保护模式表中,获取终端的当前保护模式,即当前终端工作在第一保护模式下或在第二保护模式下。 Optionally, the AP may obtain the current protection mode of the terminal from the protection mode table of the terminal according to the address information of the terminal, that is, the current terminal works in the first protection mode or in the second protection mode.
在一个例子中,AP对终端在当前保护模式下已工作的时长和在该时长内受到攻击的次数进行识别。也就是说,AP对工作在第一保护模式下的终端,其WUR持续未受到攻击的时长是否超过第一时长进行识别;或者,AP对工作在第二保护模式下的终端,其WUR在第二时长内受到过的攻击次数是否超过第一整数进行识别。AP根据所述识别结果,对终端的当前保护模式在至少两种保护模式之间进行切换,至少两种保护模式包括第一保护模式和第二保护模式。In one example, the AP identifies the length of time that the terminal has been active in the current protection mode and the number of times the attack was attacked within that duration. That is, the AP identifies whether the duration of the WUR that has not been attacked exceeds the first duration for the terminal operating in the first protection mode; or, the AP operates the terminal in the second protection mode, and the WUR is in the Whether the number of attacks received within two hours exceeds the first integer for identification. The AP switches the current protection mode of the terminal between the at least two protection modes according to the identification result, and the at least two protection modes include a first protection mode and a second protection mode.
当终端处于第一保护模式,且终端的WUR持续未受到攻击的时长超过第一时长时,AP将终端的当前保护模式从第一保护模式切换到第二保护模式,以避免长时间处于第一保护模式,而产生较多额外开销和风险。之后的通信将在第一保护模式下运作。所有消息交互完成后结束本轮通信。When the terminal is in the first protection mode, and the duration of the WUR of the terminal is not attacked for more than the first duration, the AP switches the current protection mode of the terminal from the first protection mode to the second protection mode to avoid being in the first time for a long time. Protect the mode with more overhead and risk. Subsequent communications will operate in the first protection mode. This round of communication ends when all message interactions are completed.
当终端处于第一保护模式,且终端的WUR持续未受到攻击的时长未超过第一时长时,AP每次收到唤醒确认帧后,即终端被唤醒后,都要更新该终端中WUR的第一标识信息。所有消息交互完成后结束本轮通信。其中,AP更新第一标识信息的过程可以采用在AP与终端关联时,AP发送一个密匙给终端的无线收发器,AP与终端使用相同的算法,通过key和当前的信息(如本次通信WUR所使用FAC或FCS)计算出AP与WUR下次通信所使用的新FAC信息,在本次AP与无线收发器通信成功结束后AP与终端同步更新WUR中的FAC信息;AP也可以采用步骤320中向终端发送加密的第二消息的方式。When the terminal is in the first protection mode, and the duration of the terminal's WUR is not exceeded, the AP updates the WUR in the terminal after receiving the wake-up acknowledgement frame, that is, after the terminal is woken up. An identification information. This round of communication ends when all message interactions are completed. The process of updating the first identifier information by the AP may be performed when the AP associates with the terminal, and the AP sends a key to the wireless transceiver of the terminal, and the AP and the terminal use the same algorithm to pass the key and the current information (such as the current communication). The FAC or FCS used by the WUR calculates the new FAC information used by the AP and the WUR for the next communication. After the communication between the AP and the wireless transceiver is successfully completed, the AP and the terminal synchronize the FAC information in the WUR. The AP can also take steps. The manner in which the encrypted second message is sent to the terminal in 320.
当终端处于第二保护模式,终端的WUR在第二时长内受到攻击的次数至少达到第一整数时,AP更换WUR的第一标识信息,并将终端的当前保护模式从第二保护模式切换到第一保护模式。也就是说,终端之后的通信将在第一保护模式下运作,在第一保护模式下,每次WUR成功唤醒终端的无线收发器后,AP都要更新该WUR的标识信息。结束本轮通信,等待下轮通信。需要说明的是,在第二时长内连续或多次发生误唤醒的概率极小,因此在第二时长内如果发生一次或多次AP未发送过WUP,但终端的无线收发器被终端的WUR 唤醒的情形时,则AP认为终端的WUR受到了持续性攻击,AP将终端的当前保护模式从第二保护模式切换到第一保护模式。When the terminal is in the second protection mode, and the number of times the WUR of the terminal is attacked in the second time period reaches at least the first integer, the AP replaces the first identification information of the WUR, and switches the current protection mode of the terminal from the second protection mode to The first protection mode. That is to say, the communication after the terminal will operate in the first protection mode. In the first protection mode, each time the WUR successfully wakes up the wireless transceiver of the terminal, the AP updates the identification information of the WUR. End this round of communication and wait for the next round of communication. It should be noted that the probability of a false wake-up occurring continuously or repeatedly in the second time period is extremely small. Therefore, if one or more APs have not sent the WUP in the second time period, the wireless transceiver of the terminal is used by the terminal WUR. In the case of waking up, the AP considers that the WUR of the terminal is subjected to a persistent attack, and the AP switches the current protection mode of the terminal from the second protection mode to the first protection mode.
当终端处于第二保护模式,AP在预设时间内确定未向终端发送唤醒帧,且终端的WUR在第二时长内受到攻击的次数未达到第一整数时,AP判断终端的WUR受到攻击,更新WUR的标识信息,不更换终端的保护模式。这里第一整数为正整数。When the terminal is in the second protection mode, the AP determines that the wake-up frame is not sent to the terminal within the preset time, and the number of times the WUR of the terminal is attacked within the second time period does not reach the first integer, the AP determines that the WUR of the terminal is attacked. Update the WUR identification information without changing the protection mode of the terminal. The first integer here is a positive integer.
需要说明的是,AP判断出WUR受到攻击后没有立即将终端的当前保护模式从第二保护模式切换到第一保护模式,是为了避免小概率发生的误唤醒。也就是说,若终端在一段时长内偶尔被误唤醒(判断标准为在第二时长内终端的无线收发器受到攻击小于第一整数次),AP不会切换保护模式,以避免是误唤醒。It should be noted that the AP determines that the current protection mode of the terminal is not immediately switched from the second protection mode to the first protection mode after the WUR is attacked, in order to avoid false wake-up caused by a small probability. That is to say, if the terminal is occasionally woken up by mistake for a period of time (the criterion is that the wireless transceiver of the terminal is attacked less than the first integer number within the second time period), the AP does not switch the protection mode to avoid false wake-up.
当终端处于第二保护模式,且AP在预设时间内确定已向终端的WUR发送唤醒帧,AP向终端发送第一消息,第一消息可以包括第一数据信息,以实现终端与AP间的正常通信。When the terminal is in the second protection mode, and the AP determines that the awake frame is sent to the WUR of the terminal within the preset time, the AP sends a first message to the terminal, where the first message may include the first data information to implement the connection between the terminal and the AP. Normal communication.
在另一个例子中,AP对当前保护模式下计时器的工作状态进行识别。也就是说,AP对第一保护模式下的第一计时器的工作状态进行识别;或者,AP对第二保护模式下的第二计时器的工作状态进行识别。AP根据计时器的计时状态的识别结果,对终端当前保护模式进行切换。In another example, the AP identifies the operating state of the timer in the current protected mode. That is, the AP identifies the working state of the first timer in the first protection mode; or, the AP identifies the working state of the second timer in the second protection mode. The AP switches the current protection mode of the terminal according to the recognition result of the timer state.
当终端处于第一保护模式,且第一计时器的工作状态为停止状态时,AP将终端的当前保护模式从第一保护模式切换到第二保护模式,以避免长时间处于第一保护模式,而产生较多额外开销和风险。之后的通信将在第一保护模式下运作。所有消息交互完成后结束本轮通信。When the terminal is in the first protection mode, and the working state of the first timer is the stop state, the AP switches the current protection mode of the terminal from the first protection mode to the second protection mode to avoid being in the first protection mode for a long time. It creates more overhead and risk. Subsequent communications will operate in the first protection mode. This round of communication ends when all message interactions are completed.
当终端处于第一保护模式,且第一计时器的工作状态为计时状态时,AP每次收到唤醒确认帧后,即终端的无线收发器被唤醒后,都要更新该终端中WUR的第一标识信息。所有消息交互完成后结束本轮通信。其中,更新第一标识信息的过程可以采用在AP与终端关联时,AP发送一个秘钥(key)给终端 的无线收发器,AP与终端使用相同的算法,通过key和当前的信息(如本次通信WUR所使用FAC或FCS)计算出AP与WUR下次通信所使用的新FAC信息,在本次AP与无线收发器通信成功结束后AP与终端同步更新WUR中的FAC信息;也可以采用步骤320中向终端发送加密的第二消息的方式。When the terminal is in the first protection mode, and the working state of the first timer is the timed state, the AP updates the WUR of the terminal every time the AP receives the wakeup acknowledgement frame, that is, after the wireless transceiver of the terminal is woken up. An identification information. This round of communication ends when all message interactions are completed. The process of updating the first identifier information may be performed when the AP associates with the terminal, and the AP sends a key to the terminal. The wireless transceiver, the AP and the terminal use the same algorithm to calculate the new FAC information used by the AP and the WUR for the next communication by the key and the current information (such as the FAC or FCS used in the communication WUR). After the communication with the wireless transceiver is successfully completed, the AP synchronizes with the terminal to update the FAC information in the WUR. The method of sending the encrypted second message to the terminal in step 320 may also be adopted.
当终端处于第二保护模式,AP在预设时间内确定未向终端发送唤醒帧,且第二计时器的工作状态为计时状态时,AP将终端的当前保护模式从第二保护模式切换到第一保护模式,即AP关闭第二计时器,启动第一计时器并设定计时状态的时长。也就是说,之后的通信将在第一保护模式下运作,在第一计时器过期前,每次WUR成功唤醒无线收发器后,AP都要更新WUR的标识信息。结束本轮通信,等待下轮通信。When the terminal is in the second protection mode, and the AP determines that the wake-up frame is not sent to the terminal within the preset time, and the working state of the second timer is the timed state, the AP switches the current protection mode of the terminal from the second protection mode to the first A protection mode, that is, the AP turns off the second timer, starts the first timer, and sets the duration of the timing state. That is to say, the subsequent communication will operate in the first protection mode. Before the first timer expires, the AP updates the WUR identification information each time the WUR successfully wakes up the wireless transceiver. End this round of communication and wait for the next round of communication.
需要说明的是,在第二计时器的计时状态内连续或多次发生误唤醒的概率极小,因此在该时间段内再次发生AP未发送过WUP,但终端的无线收发器被终端的WUR唤醒的情形时,则AP认为终端受到了持续性攻击,AP将终端的当前保护模式切换到第一保护模式。其中,第一计时器可以设定一个较长的计时状态时长,以希望攻击者AP1在第一计时器的计时状态内离开,避免短时间内将终端的当前保护模式切换回第二保护模式。It should be noted that the probability of a false wake-up occurring continuously or repeatedly in the timed state of the second timer is extremely small, so that the AP does not transmit the WUP again during the time period, but the wireless transceiver of the terminal is the WUR of the terminal. In the case of waking up, the AP considers that the terminal is subjected to a persistent attack, and the AP switches the current protection mode of the terminal to the first protection mode. The first timer can set a longer timing state duration, so that the attacker AP1 is allowed to leave in the timing state of the first timer, and avoid switching the current protection mode of the terminal back to the second protection mode in a short time.
当终端处于第二保护模式,AP在预设时间内确定未向终端发送唤醒帧,且第二计时器的工作状态为停止状态时,AP启动第二计时器并设定计时状态的时长,来完成所有消息的通信,并等待下轮通信。When the terminal is in the second protection mode, the AP determines that the wake-up frame is not sent to the terminal within the preset time, and when the working state of the second timer is the stop state, the AP starts the second timer and sets the duration of the timed state. Complete communication of all messages and wait for the next round of communication.
需要说明的是,AP判断出WUR受到攻击后没有立即将终端的当前保护模式切换到第一保护模式,是为了避免小概率发生的误触发。也就是说,若终端第一次遭受攻击(判断标准为没有正在计数的第二计时器),AP不会切换终端的当前保护模式,以避免是误触发。It should be noted that the AP determines that the current protection mode of the terminal is not immediately switched to the first protection mode after the WUR is attacked, in order to avoid false triggering caused by a small probability. That is to say, if the terminal is attacked for the first time (the criterion is that there is no second timer being counted), the AP does not switch the current protection mode of the terminal to avoid false triggering.
当终端处于第二保护模式,且AP在预设时间内确定已向终端发送唤醒帧,AP向终端发送第一消息,第一消息可以包括第一数据信息,以实现终端与AP间的正常通信。 When the terminal is in the second protection mode, and the AP determines that the awake frame is sent to the terminal within the preset time, the AP sends a first message to the terminal, where the first message may include the first data information, so as to implement normal communication between the terminal and the AP. .
图10为本发明实施例提供的一种通信方法流程图。如图10所示,该方法包括:FIG. 10 is a flowchart of a communication method according to an embodiment of the present invention. As shown in FIG. 10, the method includes:
步骤1001、AP或攻击者AP1向终端发送唤醒帧,以成功唤醒终端。Step 1001: The AP or the attacker AP1 sends a wake-up frame to the terminal to successfully wake up the terminal.
AP或攻击者AP1向终端的WUR发送唤醒帧,并成功唤醒终端的无线收发器。The AP or the attacker AP1 sends a wake-up frame to the WUR of the terminal, and successfully wakes up the wireless transceiver of the terminal.
步骤1002、AP接收终端发送的唤醒确认帧。Step 1002: The AP receives a wakeup acknowledgement frame sent by the terminal.
AP接收终端的无线收发器发送的唤醒确认帧。The AP receives the wake-up acknowledgement frame sent by the wireless transceiver of the terminal.
步骤1003、AP根据唤醒确认帧,确定终端的当前保护模式。Step 1003: The AP determines a current protection mode of the terminal according to the wakeup acknowledgement frame.
若AP确定终端的当前保护模式是第一保护模式,则执行步骤1004;If the AP determines that the current protection mode of the terminal is the first protection mode, step 1004 is performed;
若AP确定终端的当前保护模式是第二保护模式,则执行步骤1006。If the AP determines that the current protection mode of the terminal is the second protection mode, step 1006 is performed.
步骤1004、终端的当前保护模式为第一保护模式,AP更新终端WUR的标识信息,之后执行步骤1005。Step 1004: The current protection mode of the terminal is the first protection mode, and the AP updates the identifier information of the terminal WUR, and then step 1005 is performed.
可选地,在执行步骤1004期间,AP与终端间可以进行数据传输,。Optionally, during the execution of step 1004, data transmission may be performed between the AP and the terminal.
步骤1005、结束本轮通信,等待下次AP或攻击者AP1给终端的WUR发送唤醒帧并成功唤醒终端,返回步骤1001。Step 1005: End the current round communication, and wait for the next AP or the attacker AP1 to send a wake-up frame to the WUR of the terminal and successfully wake up the terminal, and return to step 1001.
步骤1006、终端的当前保护模式为第二保护模式,AP判断终端的WUR是否受到攻击。Step 1006: The current protection mode of the terminal is a second protection mode, and the AP determines whether the WUR of the terminal is attacked.
若AP确定终端的WUR受到攻击,则执行步骤1008;If the AP determines that the WUR of the terminal is attacked, step 1008 is performed;
若AP确定终端的WUR没有受到攻击,则执行步骤1007。If the AP determines that the WUR of the terminal is not attacked, step 1007 is performed.
步骤1007、AP与终端进行传输数据,之后执行步骤1005。Step 1007: The AP and the terminal transmit data, and then step 1005 is performed.
步骤1008、AP更新终端WUR的标识信息,之后执行步骤1005。Step 1008: The AP updates the identifier information of the terminal WUR, and then performs step 1005.
可选地,在执行步骤1007期间,AP与终端间可以进行数据传输。Optionally, during the execution of step 1007, data transmission may be performed between the AP and the terminal.
图11为本发明实施例提供的一种保护模式的状态切换流程图。如图11所示,该方法包括:FIG. 11 is a flowchart of state switching of a protection mode according to an embodiment of the present invention. As shown in FIG. 11, the method includes:
步骤1101、终端处于第一保护模式。 Step 1101: The terminal is in the first protection mode.
步骤1102、当终端持续未被误唤醒或未受到攻击的时长超过第一时长时,AP将终端的当前保护模式从第一保护模式切换至第二保护模式,进入步骤1103。Step 1102: When the duration of the terminal that is not erroneously awake or not attacked exceeds the first duration, the AP switches the current protection mode of the terminal from the first protection mode to the second protection mode, and proceeds to step 1103.
步骤1103、终端处于第二保护模式。Step 1103: The terminal is in the second protection mode.
步骤1104、当终端在第二时长内受到至少第一整数次攻击或误唤醒时,AP将终端的当前保护模式从第二保护模式切换至第一保护模式,进入步骤1101。Step 1104: When the terminal is subjected to at least a first integer attack or a false wake-up within the second duration, the AP switches the current protection mode of the terminal from the second protection mode to the first protection mode, and proceeds to step 1101.
图12为本发明实施例提供的另一种通信方法流程图。如图12所示,该方法包括:FIG. 12 is a flowchart of another communication method according to an embodiment of the present invention. As shown in FIG. 12, the method includes:
步骤1201、AP或攻击者AP1给终端的WUR发送唤醒帧。Step 1201: The AP or the attacker AP1 sends a wake-up frame to the WUR of the terminal.
步骤1202、AP接收终端无线收发器发送的唤醒确认帧,确定终端的当前保护模式。Step 1202: The AP receives a wake-up acknowledgement frame sent by the terminal wireless transceiver, and determines a current protection mode of the terminal.
步骤1203、当终端的当前保护模式为第一保护模式时,AP确定此时第一计时器的工作状态。Step 1203: When the current protection mode of the terminal is the first protection mode, the AP determines the working state of the first timer at this time.
步骤1204、若第一计时器为停止状态,则AP将终端的当前保护模式从第一保护模式切换到第二保护模式后,执行步骤1205。Step 1204: If the first timer is in the stop state, after the AP switches the current protection mode of the terminal from the first protection mode to the second protection mode, step 1205 is performed.
步骤1205、结束本轮通信,AP等待再次收到终端发送的唤醒确认帧,收到新的唤醒确认帧后,返回步骤1201。Step 1205: End the current round communication, and the AP waits to receive the wakeup acknowledgement frame sent by the terminal again. After receiving the new wakeup acknowledgement frame, the process returns to step 1201.
步骤1206、若第一计时器为计时状态,则AP更新WUR的标识信息后,执行步骤1205。Step 1206: After the first timer is in the timed state, the AP updates the identifier information of the WUR, and then performs step 1205.
步骤1207、当终端的当前保护模式为第二保护模式时,AP确定此时终端是否受到攻击。Step 1207: When the current protection mode of the terminal is the second protection mode, the AP determines whether the terminal is attacked at this time.
步骤1208、若AP判断终端未被误唤醒或未受到攻击,则AP执行步骤1205。Step 1208: If the AP determines that the terminal is not awake by mistake or is not attacked, the AP performs step 1205.
步骤1209、若AP判断终端受到攻击,则AP更新WUR的标识信息后,执行步骤1010。 Step 1209: After the AP determines that the terminal is attacked, the AP updates the WUR identification information, and then performs step 1010.
步骤1210、AP确定此时第二计时器的工作状态。Step 1210: The AP determines the working state of the second timer at this time.
步骤1211、若第二计时器为停止状态,则AP重新启动第二计时器后,执行步骤1205。Step 1211: If the second timer is in the stop state, after the AP restarts the second timer, step 1205 is performed.
步骤1212、若第二计时器为计时状态,则AP将终端的当前保护模式从第二保护模式切换到第一保护模式后,执行步骤1205。Step 1212: If the second timer is in the counting state, after the AP switches the current protection mode of the terminal from the second protection mode to the first protection mode, step 1205 is performed.
本发明实施例提供的通信方法,通过AP接收终端发送的包括第一指示信息的唤醒确认帧,以指示终端是被终端的唤醒接收机唤醒。当AP根据第一指示信息,确定在预设时间内未向终端发送唤醒帧时,AP向终端发送包括唤醒接收机的第二标识信息的第二消息,即更新后的标识信息。AP接收终端发送的包括终端的身份验证信息的第二确认消息,之后AP根据身份验证信息,确定终端的属性信息;AP根据终端的属性信息,与终端进行通信。同时还根据终端的WUR是否受到攻击,对当前保护模式进行切换。以避免被攻击者AP1持续性攻击。该方法提升AP在不同保护模式下都能灵活采取切换策略来降低终端额外的能耗,以及减少终端中WUR未受攻击时的信令开销。In the communication method provided by the embodiment of the present invention, the AP receives the wake-up acknowledgement frame that is sent by the terminal and includes the first indication information, to indicate that the terminal is woken up by the wake-up receiver of the terminal. When the AP determines, according to the first indication information, that the awake frame is not sent to the terminal within the preset time, the AP sends a second message, that is, the updated identifier information, that includes the second identifier information of the waking receiver to the terminal. The AP receives the second confirmation message that is sent by the terminal, including the identity verification information of the terminal, and then the AP determines the attribute information of the terminal according to the identity verification information; the AP communicates with the terminal according to the attribute information of the terminal. At the same time, according to whether the WUR of the terminal is attacked, the current protection mode is switched. To avoid persistent attacks by the attacker AP1. This method improves the AP's flexible switching policy in different protection modes to reduce the additional power consumption of the terminal and reduce the signaling overhead when the WUR is not attacked in the terminal.
与上述方法对应的,本发明实施例提供了一种网络设备。Corresponding to the foregoing method, an embodiment of the present invention provides a network device.
图13为本发明实施例提供的一种网络设备,如图13所示,该网络设备,如接入点AP可以包括:接收单元1301、发送单元1302和处理单元1303。FIG. 13 is a network device according to an embodiment of the present invention. As shown in FIG. 13, the network device, such as an access point AP, may include: a receiving unit 1301, a sending unit 1302, and a processing unit 1303.
接收单元1301,用于接收终端的无线收发单元发送的唤醒确认帧,唤醒确认帧包括唤醒指示信息,唤醒指示信息用于指示终端的无线收发单元是被终端的唤醒接收单元在接收到唤醒帧后唤醒,唤醒帧包含唤醒接收单元的第一标识信息,第一标识信息为唤醒接收单元当前使用的标识信息。The receiving unit 1301 is configured to receive a wake-up acknowledgement frame sent by the wireless transceiver unit of the terminal, where the wake-up acknowledgement frame includes wake-up indication information, where the wake-up indication information is used to indicate that the wireless transceiver unit of the terminal is after receiving the wake-up frame by the wake-up receiving unit of the terminal The wake-up frame includes the first identifier information of the wake-up receiving unit, where the first identifier information is identifier information currently used by the wake-up receiving unit.
处理单元1303,用于根据唤醒指示信息,确定在预设时间段内已向终端发送过唤醒帧。The processing unit 1303 is configured to determine, according to the wakeup indication information, that the wakeup frame has been sent to the terminal within a preset time period.
发送单元1302,用于当处理单元1303确定在预设时间段内已向终端发送 唤醒帧时,向终端发送第一消息,第一消息为该接入点在发送唤醒帧时已确定要向终端发送的消息,如数据信息,以用于与终端进行通信;或者,The sending unit 1302 is configured to: when the processing unit 1303 determines that the terminal has been sent within the preset time period When the frame is awakened, the first message is sent to the terminal, where the first message is a message that the access point has determined to send to the terminal when sending the wake-up frame, such as data information, for communicating with the terminal; or
处理单元1303,还用于根据唤醒指示信息,确定在预设时间段内未向终端发送唤醒帧。The processing unit 1303 is further configured to determine, according to the wakeup indication information, that the wakeup frame is not sent to the terminal within the preset time period.
发送单元1302,还用于当处理单元1303确定在预设时间段内未向终端发送唤醒帧时,向终端发送第二消息。第二消息包括终端的唤醒接收单元的第二标识信息或第二标识信息的指示信息,以用于终端根据第二标识信息或第二标识信息的指示信息更新唤醒接收单元当前使用的标识信息。The sending unit 1302 is further configured to: when the processing unit 1303 determines that the wake-up frame is not sent to the terminal within the preset time period, send the second message to the terminal. The second message includes the second identification information of the awake receiving unit of the terminal or the indication information of the second identification information, for the terminal to update the identifier information currently used by the awake receiving unit according to the indication information of the second identification information or the second identification information.
可选地,在发送单元1302向终端发送第二消息之前,处理单元1303,还用于对第二消息进行加密处理。Optionally, before the sending unit 1302 sends the second message to the terminal, the processing unit 1303 is further configured to perform encryption processing on the second message.
可选地,在发送单元1302向终端发送第二消息之后,Optionally, after the sending unit 1302 sends the second message to the terminal,
接收单元1301,还用于接收终端发送的针对第二消息的确认消息,所述第二消息的确认消息是终端根据第二标识信息或第二标识信息的指示信息更新唤醒接收单元当前使用的标识信息后发送的,所述第二消息的确认消息包括终端的身份验证信息。The receiving unit 1301 is further configured to receive an acknowledgment message sent by the terminal for the second message, where the acknowledgment message of the second message is that the terminal updates the identifier currently used by the awake receiving unit according to the indication information of the second identifier information or the second identifier information. After the information is sent, the confirmation message of the second message includes the identity verification information of the terminal.
处理单元1303,还用于根据终端的身份验证信息,确定终端的属性信息;根据终端的属性信息,与AP进行通信。The processing unit 1303 is further configured to determine, according to the identity verification information of the terminal, attribute information of the terminal, and communicate with the AP according to the attribute information of the terminal.
可选地,唤醒确认帧还可以包括终端的属性信息;Optionally, the wakeup acknowledgement frame may further include attribute information of the terminal;
在接收单元1301接收终端的无线收发单元发送的唤醒确认帧之后,After the receiving unit 1301 receives the wake-up acknowledgement frame sent by the wireless transceiver unit of the terminal,
处理单元1303,还用于根据终端的属性信息,确定终端的当前保护模式。The processing unit 1303 is further configured to determine a current protection mode of the terminal according to the attribute information of the terminal.
对终端工作在当前保护模式下的时长进行识别,并根据识别结果,对终端的当前保护模式在至少两种保护模式之间进行切换,至少两种保护模式包括第一保护模式和第二保护模式。Identifying the duration of the terminal working in the current protection mode, and switching the current protection mode of the terminal between the at least two protection modes according to the recognition result, where the at least two protection modes include the first protection mode and the second protection mode .
可选地,终端的当前保护模式可以是第一保护模式或者第二保护模式。Optionally, the current protection mode of the terminal may be the first protection mode or the second protection mode.
处理单元1303,具体用于对终端工作在第一保护模式的第一时长进行识别。或者,对终端工作在第二保护模式下的第二时长和攻击次数进行识别。 The processing unit 1303 is specifically configured to identify the first duration in which the terminal works in the first protection mode. Alternatively, the second duration and the number of attacks in which the terminal works in the second protection mode are identified.
其中,终端受到攻击是指,接收单元1301接收到该接入点发送的唤醒确认消息,但发送单元在预设时间段内未向该接入点发送过唤醒帧。The attacking of the terminal means that the receiving unit 1301 receives the wakeup acknowledgement message sent by the access point, but the sending unit does not send the wakeup frame to the access point within a preset time period.
在处理单元1303根据唤醒指示信息,确定在预设时间段内已向终端发送唤醒帧后,After the processing unit 1303 determines, according to the wakeup indication information, that the wakeup frame has been sent to the terminal within the preset time period,
当处理单元1303识别出终端工作在第一保护模式下的时间超过第一时长,并且所述第二设备在所述第一时长内未受到过攻击时,处理单元1303将终端的当前保护模式从第一保护模式切换到第二保护模式;或者,When the processing unit 1303 recognizes that the time when the terminal works in the first protection mode exceeds the first duration, and the second device is not attacked within the first duration, the processing unit 1303 sets the current protection mode of the terminal from Switching the first protection mode to the second protection mode; or,
当处理单元1303识别出终端工作在第二保护模式下的时间未超过第二时长,且终端受攻击的次数不小于攻击次数阈值时,处理单元1303将终端的当前保护模式从第二保护模式切换到第一保护模式。When the processing unit 1303 recognizes that the time when the terminal works in the second protection mode does not exceed the second duration, and the number of times the terminal is attacked is not less than the attack threshold, the processing unit 1303 switches the current protection mode of the terminal from the second protection mode. Go to the first protection mode.
本发明实施例接入点的各功能模块的功能,可以通过图3提供的各个方法步骤来实现,因此,本发明提供的接入点的具体工作过程和有益效果,在此不复赘述。The functions of the function modules of the access point in the embodiment of the present invention can be implemented by using the various method steps provided in FIG. 3 . Therefore, the specific working process and beneficial effects of the access point provided by the present invention are not described herein.
与上述方法对应的,本发明实施例提供了一种终端。Corresponding to the foregoing method, an embodiment of the present invention provides a terminal.
图14为本发明实施例提供的一种终端,如图14所示,该终端可以包括:唤醒接收单元1401、处理单元1402和无线收发单元1403,FIG. 14 is a terminal according to an embodiment of the present invention. As shown in FIG. 14, the terminal may include: a wake-up receiving unit 1401, a processing unit 1402, and a wireless transceiver unit 1403.
唤醒接收单元1401,用于接收唤醒帧。The wakeup receiving unit 1401 is configured to receive a wakeup frame.
处理单元1402,用于在接收到唤醒帧后唤醒无线收发单元1403,唤醒帧包含唤醒接收单元1401的第一标识信息,第一标识信息为唤醒接收单元1401当前使用的标识信息。The processing unit 1402 is configured to wake up the wireless transceiver unit 1403 after receiving the wake-up frame, where the wake-up frame includes the first identifier information of the wake-up receiving unit 1401, where the first identifier information is identifier information currently used by the wake-up receiving unit 1401.
无线收发单元1403,用于向AP发送唤醒确认帧,唤醒确认帧包括唤醒指示信息,唤醒指示信息用于指示无线收发单元1403是被终端的唤醒接收单元1401在接收到所述唤醒帧后唤醒。The wireless transceiver unit 1403 is configured to send a wake-up acknowledgement frame to the AP, where the wake-up acknowledgement frame includes wake-up indication information, and the wake-up indication information is used to indicate that the wireless transceiver unit 1403 is wake-up by the wake-up receiving unit 1401 of the terminal after receiving the wake-up frame.
无线收发单元1403,还用于接收AP发送的第一消息,第一消息为AP在接收到唤醒指示信息后确定在预设时间段内AP向所述唤醒接收单元1401发 送过唤醒帧后发送,第一消息为AP在发送唤醒帧时已确定要向无线收发单元1403发送的消息。或者,The wireless transceiver unit 1403 is further configured to receive the first message sent by the AP, where the first message is that the AP determines, after receiving the awake indication information, that the AP sends the awake receiving unit 1401 within a preset time period. After the wake-up frame is sent, the first message is a message that the AP has determined to send to the wireless transceiver unit 1403 when the wake-up frame is sent. or,
接收AP发送的第二消息,第二消息为AP在接收到唤醒指示信息后确定在预设时间段内AP未向唤醒接收单元1401发送唤醒帧后发送,第二消息包括唤醒接收单元1401的第二标识信息或第二标识信息的指示信息。And receiving, by the AP, the second message, after the AP receives the awake indication information, determining that the AP does not send the awake frame to the awake receiving unit 1401 within a preset time period, where the second message includes the awake receiving unit 1401. Two indication information or indication information of the second identification information.
处理单元1402,还用于根据第二标识信息或第二标识信息的指示信息,更新唤醒接收单元1401当前使用的标识。The processing unit 1402 is further configured to update the identifier currently used by the awake receiving unit 1401 according to the second identification information or the indication information of the second identification information.
可选地,第二消息是AP经过加密处理后发送的。Optionally, the second message is sent by the AP after being encrypted.
可选地,处理单元1402根据第二标识信息或第二标识信息的指示信息,更新唤醒接收单元1401当前使用的标识信息之后,Optionally, after the processing unit 1402 updates the identifier information currently used by the wake receiving unit 1401 according to the second identifier information or the indication information of the second identifier information,
无线收发单元1403,还用于向AP发送第二消息的确认消息,确认消息包括终端的身份验证信息,以使AP根据身份验证信息确定出终端的属性信息后,与AP进行通信。The wireless transceiver unit 1403 is further configured to send an acknowledgement message of the second message to the AP, where the acknowledgement message includes the identity verification information of the terminal, so that the AP determines the attribute information of the terminal according to the identity verification information, and then communicates with the AP.
可选地,唤醒确认帧还包括终端的属性信息,以使AP根据终端的属性信息,确定终端的当前保护模式,对终端工作在当前保护模式下的时长进行识别,并根据识别结果,对当前保护模式在至少两种保护模式之间进行切换,至少两种保护模式包括第一保护模式和第二保护模式。Optionally, the wake-up acknowledgement frame further includes attribute information of the terminal, so that the AP determines the current protection mode of the terminal according to the attribute information of the terminal, and identifies the duration of the terminal working in the current protection mode, and according to the recognition result, the current The protection mode switches between at least two protection modes, the at least two protection modes including a first protection mode and a second protection mode.
可以理解的是,无线收发单元1403可以包括接收单元和发送单元。It can be understood that the wireless transceiver unit 1403 can include a receiving unit and a transmitting unit.
本发明实施例终端的各功能模块的功能,可以通过图3提供的各个方法步骤来实现,因此,本发明提供的终端的具体工作过程和有益效果,在此不复赘述。The functions of the functional modules of the terminal in the embodiment of the present invention can be implemented by using the various method steps provided in FIG. 3 . Therefore, the specific working process and beneficial effects of the terminal provided by the present invention are not described herein.
与上述方法对应的,本发明实施例还提供了另一种网络设备。Corresponding to the above method, the embodiment of the present invention further provides another network device.
图15为本发明实施例提供的另一种网络设备,如图15所示,该网络设备,如接入点可以包括无线收发器1510(如802.11主收发模块)、处理器1520、存储器1530和收发天线1540,无线收发器1510具有接收器和发送器 的功能。收发天线1540也可以被看作是无线收发器1510的一部分,这种情况下,收发天线1540可以不用在图15中画出。FIG. 15 is another network device according to an embodiment of the present invention. As shown in FIG. 15, the network device, such as an access point, may include a wireless transceiver 1510 (such as an 802.11 primary transceiver module), a processor 1520, a memory 1530, and Transceiver antenna 1540, wireless transceiver 1510 has a receiver and a transmitter The function. Transceiver antenna 1540 can also be considered as part of wireless transceiver 1510, in which case transceiver antenna 1540 may not be depicted in FIG.
处理器1520将准备通过无线收发器1510发送的指令消息和数据消息存储于存储器1530,处理器1520在准备好待发送的指令或数据后,向无线收发器1510发送通知,以指示已准备好待发送的数据,最后无线收发器1510从存储器1530中获取待发送的指令或数据,并通过收发天线1540发射出去。其中,无线收发器1510发送消息需将待发送的消息内容调制成电信号从收发天线1540以电磁波形式发射出去,而无线收发器1510接收消息也需要通过收发天线1540接收电磁波信号并从中解析出其它设备发送给自己的消息。The processor 1520 stores the instruction message and the data message to be sent through the wireless transceiver 1510 in the memory 1530, and after the processor 1520 prepares the instruction or data to be transmitted, sends a notification to the wireless transceiver 1510 to indicate that it is ready The transmitted data, finally the wireless transceiver 1510 retrieves the command or data to be transmitted from the memory 1530 and transmits it through the transceiver antenna 1540. The wireless transceiver 1510 needs to modulate the content of the message to be sent into an electrical signal to be transmitted from the transceiver antenna 1540 in the form of electromagnetic waves, and the wireless transceiver 1510 needs to receive the electromagnetic wave signal through the transmitting and receiving antenna 1540 and analyze the other signals therefrom. The message that the device sends to itself.
处理器1520可以是中央处理器(central processing unit,CPU),或者CPU和硬件芯片的组合。上述硬件芯片可以是专用集成电路(application-specific integrated circuit,ASIC),可编程逻辑器件(programmable logic device,PLD)或其组合。上述PLD可以是复杂可编程逻辑器件(complex programmable logic device,CPLD),现场可编程逻辑门阵列(field-programmable gate array,FPGA),通用阵列逻辑(generic array logic,GAL)或其任意组合。The processor 1520 can be a central processing unit (CPU), or a combination of a CPU and a hardware chip. The hardware chip may be an application-specific integrated circuit (ASIC), a programmable logic device (PLD), or a combination thereof. The PLD may be a complex programmable logic device (CPLD), a field-programmable gate array (FPGA), a general array logic (GAL), or any combination thereof.
存储器1530可以包括易失性存储器(volatile memory),例如随机存取存储器(random-access memory,RAM);存储器1530也可以包括非易失性存储器(non-volatile memory),例如只读存储器(read-only memory,ROM),快闪存储器(flash memory),硬盘(hard disk drive,HDD)或固态硬盘(solid-state drive,SSD)。存储器1530还可以包括上述种类的存储器的组合。The memory 1530 may include a volatile memory such as a random-access memory (RAM); the memory 1530 may also include a non-volatile memory such as a read-only memory (read) -only memory, ROM), flash memory, hard disk drive (HDD) or solid-state drive (SSD). The memory 1530 may also include a combination of the above types of memories.
结合图3所示的方法,接入点的各功能器件的工作过程可以包括:In conjunction with the method shown in FIG. 3, the working process of each functional device of the access point may include:
无线收发器1510(可实现前文所述的接收器和发送器的功能),用于接收终端的无线收发器发送的唤醒确认帧,唤醒确认帧包括唤醒指示信息。该 唤醒指示信息用于指示终端的无线收发器是被终端的唤醒接收机在接收到唤醒帧后唤醒,唤醒帧包含唤醒接收机的第一标识信息,第一标识信息为唤醒接收机当前使用的标识信息。The wireless transceiver 1510 (which can implement the functions of the receiver and the transmitter described above) is configured to receive a wake-up acknowledgement frame sent by the wireless transceiver of the terminal, and the wake-up acknowledgement frame includes wake-up indication information. The The wakeup indication information is used to indicate that the wireless transceiver of the terminal is awake by the wakeup receiver of the terminal after receiving the wakeup frame, and the wakeup frame includes the first identifier information of the wakeup receiver, and the first identifier information is the identifier currently used by the wakeup receiver. information.
处理器1520,用于根据唤醒指示信息,确定在预设时间段内已向终端发送唤醒帧。The processor 1520 is configured to determine, according to the wakeup indication information, that the wakeup frame has been sent to the terminal within a preset time period.
无线收发器1510,还用于当处理器确定在预设时间段内已向终端发送唤醒帧时,向终端发送第一消息,第一消息为网络设备在发送唤醒帧时已确定要向终端发送的消息。The wireless transceiver 1510 is further configured to: when the processor determines that the wake-up frame has been sent to the terminal within the preset time period, send the first message to the terminal, where the first message is that the network device determines to send to the terminal when sending the wake-up frame Message.
处理器1520,还用于根据唤醒指示信息,确定在预设时间段内未向终端发送唤醒帧。The processor 1520 is further configured to determine, according to the wakeup indication information, that the wakeup frame is not sent to the terminal within the preset time period.
无线收发器1510,还用于当处理器1520确定在预设时间段内未向终端发送唤醒帧时,向终端发送第二消息,第二消息包括唤醒接收机的第二标识信息或第二标识信息的指示信息,以用于终端根据第二标识信息或第二标识信息的指示信息更新唤醒接收机当前使用的标识信息。The wireless transceiver 1510 is further configured to: when the processor 1520 determines that the wakeup frame is not sent to the terminal within the preset time period, send the second message to the terminal, where the second message includes the second identifier information or the second identifier of the wakeup receiver. The indication information of the information is used by the terminal to update the identifier information currently used by the wake-up receiver according to the indication information of the second identifier information or the second identifier information.
可选地,该接入点还可以包括一个专门用来发送WUP的发射机WUR 1550(图15中未示出)。WUR 1550在有数据发送时被无线收发器1510或处理器1520触发发送WUP。所述WUP由收发天线1540发射出去。所述无线收发器1510和WUR 1550可工作于相同频段,收发天线1540可以包含同一根天线。所述无线收发器1510和WUR 1550也可工作于不频段,则收发天线1540包含适用于不同频段的多根天线,即无线收发器1510和WUR 1550使用的天线不相同。Optionally, the access point may also include a transmitter WUR 1550 (not shown in Figure 15) dedicated to transmitting the WUP. The WUR 1550 is triggered to transmit a WUP by the wireless transceiver 1510 or the processor 1520 when there is data transmission. The WUP is transmitted by the transceiver antenna 1540. The wireless transceiver 1510 and the WUR 1550 can operate in the same frequency band, and the transceiver antenna 1540 can include the same antenna. The wireless transceiver 1510 and the WUR 1550 can also operate in a non-band, and the transceiver antenna 1540 includes multiple antennas suitable for different frequency bands, that is, the antennas used by the wireless transceiver 1510 and the WUR 1550 are different.
需要说明的是,由于上述实施例中该网络设备各器件解决问题的实施方式以及有益效果可以参见图3所示的方法实施方式以及有益效果,故在此不复赘述。It should be noted that, due to the implementation manner and the beneficial effects of the solutions of the devices in the network device in the foregoing embodiments, reference may be made to the method embodiments and the beneficial effects shown in FIG. 3, and thus details are not described herein.
图16为本发明实施例提供的另一种终端,如图16所示,该终端至少包括唤醒接收机1610,处理器1620、无线收发器1630(如802.11主收发模块)、 存储器1640和收发天线1650。FIG. 16 is another terminal according to an embodiment of the present invention. As shown in FIG. 16, the terminal includes at least a wake-up receiver 1610, a processor 1620, and a wireless transceiver 1630 (such as an 802.11 main transceiver module). Memory 1640 and transceiver antenna 1650.
无线收发器1630从存储器1640获取无线收发器1630收到的指令消息或数据消息,并经处理后得到指令或数据。唤醒接收机1610通过收发天线1650接收其他设备发送的唤醒帧,当唤醒接收机1610收到发给自己的唤醒帧时,向处理器1620发送触发信号,以使处理器1620触发无线收发器1630,以唤醒无线收发器1630。其中,无线收发器1630发送消息需将待发送的消息内容调制成电信号从收发天线1650以电磁波形式发射出去,而无线收发器1630接收消息也需要通过收发天线1650接收电磁波信号并从中解析出其它设备发送给自己的消息。The wireless transceiver 1630 retrieves an instruction message or data message received by the wireless transceiver 1630 from the memory 1640 and processes it to obtain an instruction or data. The wake-up receiver 1610 receives the wake-up frame sent by the other device through the transceiver antenna 1650. When the wake-up receiver 1610 receives the wake-up frame sent to itself, it sends a trigger signal to the processor 1620 to cause the processor 1620 to trigger the wireless transceiver 1630. To wake up the wireless transceiver 1630. The wireless transceiver 1630 needs to modulate the content of the message to be sent into an electrical signal to be transmitted from the transmitting and receiving antenna 1650 in the form of electromagnetic waves, and the wireless transceiver 1630 needs to receive the electromagnetic wave signal through the transmitting and receiving antenna 1650 and parse out the other signal. The message that the device sends to itself.
处理器1620可以是CPU,或者CPU和硬件芯片的组合。上述硬件芯片可以是ASIC,PLD或其组合。上述PLD可以是CPLD,FPGA,GAL或其任意组合。The processor 1620 can be a CPU, or a combination of a CPU and a hardware chip. The above hardware chip may be an ASIC, a PLD, or a combination thereof. The above PLD may be a CPLD, an FPGA, a GAL, or any combination thereof.
存储器1640可以包括易失性存储器,例如随机存取存储器;存储器1640也可以包括非易失性存储器,例如只读存储器,快闪存储器,硬盘或固态硬盘。存储器1640还可以包括上述种类的存储器的组合。 Memory 1640 can include volatile memory, such as random access memory; memory 1640 can also include non-volatile memory, such as read only memory, flash memory, hard disk or solid state hard disk. The memory 1640 may also include a combination of the above types of memories.
结合图3所示的方法,终端的各功能器件的工作过程可以包括:In conjunction with the method shown in FIG. 3, the working process of each functional device of the terminal may include:
唤醒接收机1610,用于接收唤醒帧。The receiver 1610 is woken up for receiving a wake-up frame.
处理器1620,用于在接收到唤醒帧后唤醒终端的无线收发器1630,唤醒帧包含唤醒接收机的第一标识信息,第一标识信息为唤醒接收机当前使用的标识信息。The processor 1620 is configured to wake up the wireless transceiver 1630 of the terminal after receiving the wake-up frame, where the wake-up frame includes first identifier information of the wake-up receiver, where the first identifier information is identifier information currently used by the wake-up receiver.
无线收发器1630,用于向AP发送唤醒确认帧,唤醒确认帧包括唤醒指示信息,唤醒指示信息用于指示无线收发器1630是被唤醒接收机1610在接收到唤醒帧后唤醒。The wireless transceiver 1630 is configured to send a wakeup acknowledgement frame to the AP, where the wakeup acknowledgement frame includes wakeup indication information, and the wakeup indication information is used to indicate that the wireless transceiver 1630 is the wakeup receiver 1610 to wake up after receiving the wakeup frame.
无线收发器1630,还用于接收AP发送的第一消息,第一消息为AP在接收到唤醒指示信息后确定在预设时间段内AP向唤醒接收机1610发送过唤醒 帧后发送,第一消息为AP在发送唤醒帧时已确定要向无线收发器1630发送的消息;或者,The wireless transceiver 1630 is further configured to receive the first message sent by the AP, where the first message is that the AP determines that the AP sends the wakeup to the wakeup receiver 1610 within a preset time period after receiving the wakeup indication information. After the frame is sent, the first message is a message that the AP has determined to send to the wireless transceiver 1630 when sending the wake-up frame; or
无线收发器1630,还用于接收AP发送的第二消息,第二消息为AP在接收到唤醒指示信息后确定在预设时间段内AP未向唤醒接收机1610发送唤醒帧后发送,第二消息包括唤醒接收机1610的第二标识信息或第二标识信息的指示信息,第二标识信息或第二标识信息的指示信息;The wireless transceiver 1630 is further configured to receive a second message sent by the AP, where the second message is that after the AP receives the wake-up indication information, the AP determines that the AP does not send the wake-up frame to the wake-up receiver 1610 after the preset time period, and the second message is sent. The message includes indication information of the second identification information or the second identification information of the wake-up receiver 1610, and the indication information of the second identification information or the second identification information;
处理器1620根据第二标识信息或第二标识信息指示信息,更新唤醒接收机1610当前使用的标识。The processor 1620 updates the identifier currently used by the wake receiver 1610 according to the second identification information or the second identification information indication information.
需要说明的是,无线收发器1630和唤醒接收机1610可工作于相同频段,则收发天线1650包含一根天线。无线收发器1630和唤醒接收机1610也可工作于不同频段,则收发天线1650可包含适用于不同频段的多根天线,无线收发器1630和唤醒接收机1610使用的天线不相同。It should be noted that the wireless transceiver 1630 and the wake-up receiver 1610 can operate in the same frequency band, and the transceiver antenna 1650 includes one antenna. The wireless transceiver 1630 and the wake-up receiver 1610 can also operate in different frequency bands. The transceiver antenna 1650 can include multiple antennas suitable for different frequency bands, and the antennas used by the wireless transceiver 1630 and the wake-up receiver 1610 are different.
由于上述实施例中该终端各器件解决问题的实施方式以及有益效果可以参见图3所示的方法实施方式以及有益效果,故在此不复赘述。For the implementation manners and the beneficial effects of the solutions of the terminals in the foregoing embodiments, reference may be made to the method embodiments and the beneficial effects shown in FIG. 3, and thus details are not described herein.
专业人员应该还可以进一步意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、计算机软件或者二者的结合来实现,为了清楚地说明硬件和软件的可互换性,在上述说明中已经按照功能一般性地描述了各示例的组成及步骤。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本发明的范围。A person skilled in the art should further appreciate that the elements and algorithm steps of the various examples described in connection with the embodiments disclosed herein can be implemented in electronic hardware, computer software, or a combination of both, in order to clearly illustrate hardware and software. Interchangeability, the composition and steps of the various examples have been generally described in terms of function in the above description. Whether these functions are performed in hardware or software depends on the specific application and design constraints of the solution. A person skilled in the art can use different methods for implementing the described functions for each particular application, but such implementation should not be considered to be beyond the scope of the present invention.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分步骤是可以通过程序来指令处理器完成,所述的程序可以存储于计算机可读存储介质中,所述存储介质是非短暂性(英文:non-transitory)介质,例如随机存取存储器,只读存储器,快闪存储器,硬盘,固态硬盘,磁带(英文: magnetic tape),软盘(英文:floppy disk),光盘(英文:optical disc)及其任意组合。It will be understood by those skilled in the art that all or part of the steps of implementing the above embodiments may be performed by a program, and the program may be stored in a computer readable storage medium, which is non-transitory ( English: non-transitory) media, such as random access memory, read-only memory, flash memory, hard disk, solid state disk, tape (English: Magnetic tape), floppy disk (English: floppy disk), optical disc (English: optical disc) and any combination thereof.
以上所述,仅为本发明较佳的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到的变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应该以权利要求的保护范围为准。 The above is only a preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or within the technical scope disclosed by the present invention. Alternatives are intended to be covered by the scope of the present invention. Therefore, the scope of protection of the present invention should be determined by the scope of the claims.

Claims (30)

  1. 一种通信方法,其特征在于,所述方法包括:A communication method, characterized in that the method comprises:
    第一设备接收第二设备的无线收发器发送的唤醒确认帧,所述唤醒确认帧包括唤醒指示信息,所述唤醒指示信息用于指示所述第二设备的无线收发器是被所述第二设备的唤醒接收机在接收到唤醒帧后唤醒,所述唤醒帧包含所述唤醒接收机的第一标识信息,所述第一标识信息为所述唤醒接收机当前使用的标识信息;Receiving, by the first device, a wake-up acknowledgement frame sent by the wireless transceiver of the second device, where the wake-up acknowledgement frame includes wake-up indication information, where the wake-up indication information is used to indicate that the wireless transceiver of the second device is the second The wake-up receiver of the device wakes up after receiving the wake-up frame, where the wake-up frame includes first identifier information of the wake-up receiver, where the first identifier information is identifier information currently used by the wake-up receiver;
    当所述第一设备根据所述唤醒指示信息,确定在预设时间段内已向所述第二设备发送过所述唤醒帧时,所述第一设备向所述第二设备发送第一消息,所述第一消息为所述第一设备在发送所述唤醒帧时已确定要向所述第二设备发送的消息;When the first device determines, according to the awake indication information, that the awake frame has been sent to the second device within a preset time period, the first device sends a first message to the second device. The first message is a message that the first device has determined to send to the second device when sending the wake-up frame;
    当所述第一设备根据所述唤醒指示信息,确定在预设时间段内未向所述第二设备发送所述唤醒帧时,所述第一设备向所述第二设备发送第二消息,所述第二消息包括所述唤醒接收机的第二标识信息或所述第二标识信息的指示信息,以用于所述第二设备根据所述第二标识信息或所述第二标识信息的指示信息更新所述唤醒接收机当前使用的标识信息。When the first device determines, according to the awake indication information, that the awake frame is not sent to the second device within a preset time period, the first device sends a second message to the second device, The second message includes the second identifier information of the wake-up receiver or the indication information of the second identifier information, where the second device is used according to the second identifier information or the second identifier information. The indication information updates the identification information currently used by the wake-up receiver.
  2. 根据权利要求1所述的方法,其特征在于,所述第一设备向所述第二设备发送第二消息之前,所述方法还包括:The method according to claim 1, wherein before the sending, by the first device, the second message to the second device, the method further comprises:
    所述第一设备对所述第二消息进行加密处理。The first device performs encryption processing on the second message.
  3. 根据权利要求1或2所述的方法,其特征在于,在所述第一设备向所述第二设备发送所述第二消息之后,所述方法还包括:The method according to claim 1 or 2, wherein after the first device sends the second message to the second device, the method further includes:
    所述第一设备接收所述第二设备发送的所述第二消息的确认消息,所述第二消息的确认消息是所述第二设备根据所述第二标识信息或所述第二标识信息的指示信息更新所述唤醒接收机当前使用的标识信息后发送的,所述确认消息包括所述第二设备的身份验证信息;Receiving, by the first device, an acknowledgement message of the second message sent by the second device, where the confirmation message of the second message is that the second device is configured according to the second identifier information or the second identifier information The indication information is sent after the identifier information currently used by the wake-up receiver is updated, and the confirmation message includes the identity verification information of the second device;
    所述第一设备根据所述第二设备的身份验证信息,确定所述第二设备的 属性信息;Determining, by the first device, the second device according to the identity verification information of the second device Attribute information
    所述第一设备根据所述第二设备的属性信息,与所述第二设备进行通信。The first device communicates with the second device according to the attribute information of the second device.
  4. 根据权利要求1或2所述的方法,其特征在于,所述唤醒确认帧还包括所述第二设备的属性信息;The method according to claim 1 or 2, wherein the wake-up acknowledgement frame further includes attribute information of the second device;
    所述第一设备接收第二设备的无线收发器发送的唤醒确认帧之后,所述方法还包括:After the first device receives the wake-up acknowledgement frame sent by the wireless transceiver of the second device, the method further includes:
    所述第一设备根据所述第二设备的属性信息,确定所述第二设备的当前保护模式;Determining, by the first device, a current protection mode of the second device according to the attribute information of the second device;
    所述第一设备对所述第二设备工作在所述当前保护模式下的时长进行识别;Determining, by the first device, a duration of operation of the second device in the current protection mode;
    所述第一设备根据识别结果,对所述当前保护模式在至少两种保护模式之间进行切换,所述至少两种保护模式包括第一保护模式和第二保护模式。And the first device switches between the at least two protection modes according to the recognition result, where the at least two protection modes include a first protection mode and a second protection mode.
  5. 根据权利要求4所述的方法,其特征在于,所述第一设备对所述第二设备工作在所述当前保护模式下的时长进行识别,具体包括:The method according to claim 4, wherein the determining, by the first device, the duration of the second device operating in the current protection mode, specifically includes:
    在所述第一设备确定所述第二设备的当前保护模式为第一保护模式后,所述第一保护模式为每次所述第二设备的无线收发器被所述第二设备的唤醒接收机唤醒后,所述第一设备均更新所述唤醒接收机的标识信息的模式;After the first device determines that the current protection mode of the second device is the first protection mode, the first protection mode is that each time the wireless transceiver of the second device is received by the second device After the device wakes up, the first device updates a mode of the identifier information of the wake-up receiver;
    所述第一设备对所述第二设备工作在所述第一保护模式的第一时长内是否受到攻击进行识别;Determining, by the first device, whether the second device is attacked during the first duration of the first protection mode;
    其中,所述第二设备受到攻击是指,所述第一设备收到所述第二设备发送的所述唤醒确认消息,但所述第一设备在预设时间段内未向所述第二设备发送过所述唤醒帧;The second device is attacked by the first device, and the first device receives the wakeup confirmation message sent by the second device, but the first device does not go to the second within a preset time period. The device sends the wake-up frame;
    在所述第一设备根据所述唤醒指示信息,确定在预设时间段内已向所述第二设备发送所述唤醒帧后,所述第一设备根据识别结果,对所述当前保护模式进行切换,具体包括:After the first device determines, according to the awake indication information, that the awake frame has been sent to the second device within a preset time period, the first device performs the current protection mode according to the recognition result. Switching, specifically includes:
    当所述第一设备识别出所述第二设备工作在所述第一保护模式下的时间 超过所述第一时长时,并且所述第二设备在所述第一时长内未受到过攻击,则所述第一设备将所述第二设备的当前保护模式从所述第一保护模式切换到所述第二保护模式。When the first device recognizes that the second device is working in the first protection mode When the first duration is exceeded, and the second device is not attacked within the first duration, the first device switches the current protection mode of the second device from the first protection mode. To the second protection mode.
  6. 根据权利要求4所述的方法,其特征在于,所述第一设备对所述第二设备工作在所述当前保护模式下的时长进行识别,具体包括:The method according to claim 4, wherein the determining, by the first device, the duration of the second device operating in the current protection mode, specifically includes:
    在所述第一设备确定所述第二设备的当前保护模式为第二保护模式后,所述第二保护模式为在所述第一设备接收所述第二设备的无线收发器发送的唤醒确认帧,并确定在所述预设时间段内所述第一设备未向所述第二设备的唤醒接收机发送唤醒帧时,更新所述第二设备的唤醒接收机的标识信息的模式;After the first device determines that the current protection mode of the second device is the second protection mode, the second protection mode is that the first device receives the wake-up confirmation sent by the wireless transceiver of the second device. a frame, and determining, when the first device does not send a wake-up frame to the wake-up receiver of the second device within the preset time period, updating a mode of the identifier information of the wake-up receiver of the second device;
    所述第一设备对所述第二设备工作在所述第二保护模式下的第二时长和受攻击次数进行识别;The first device identifies the second duration and the number of attacks in the second protection mode of the second device;
    其中,所述第二设备受到攻击是指,所述第一设备收到所述第二设备发送的所述唤醒确认消息,但所述第一设备在预设时间段内未向所述第二设备发送过所述唤醒帧;The second device is attacked by the first device, and the first device receives the wakeup confirmation message sent by the second device, but the first device does not go to the second within a preset time period. The device sends the wake-up frame;
    在所述第一设备根据所述唤醒指示信息,确定在预设时间段内未向所述第二设备发送所述唤醒帧后,所述第一设备根据识别结果,对所述当前保护模式进行切换,具体包括:After the first device determines, according to the awake indication information, that the awake frame is not sent to the second device within a preset time period, the first device performs the current protection mode according to the recognition result. Switching, specifically includes:
    当所述第一设备识别出所述第二设备工作在所述第二保护模式下的时间未超过所述第二时长,且所述第二设备受攻击的次数不小于攻击次数时,所述第一设备将所述第二设备的当前保护模式从所述第二保护模式切换到所述第一保护模式。When the first device recognizes that the time when the second device works in the second protection mode does not exceed the second duration, and the number of times the second device is attacked is not less than the number of attacks, the The first device switches the current protection mode of the second device from the second protection mode to the first protection mode.
  7. 一种通信方法,其特征在于,所述方法包括:A communication method, characterized in that the method comprises:
    第二设备的唤醒接收机在接收到唤醒帧后唤醒所述第二设备的无线收发器,所述唤醒帧包含所述唤醒接收机的第一标识信息,所述第一标识信息为所述唤醒接收机当前使用的标识信息; The wake-up receiver of the second device wakes up the wireless transceiver of the second device after receiving the wake-up frame, where the wake-up frame includes first identification information of the wake-up receiver, and the first identification information is the wake-up Identification information currently used by the receiver;
    所述第二设备的无线收发器在被唤醒后,向第一设备发送唤醒确认帧,所述唤醒确认帧包括唤醒指示信息,所述唤醒指示信息用于指示所述第二设备的无线收发器是被所述第二设备的唤醒接收机在接收到所述唤醒帧后唤醒;After being awake, the wireless transceiver of the second device sends a wakeup acknowledgement frame to the first device, where the wakeup acknowledgement frame includes wakeup indication information, and the wakeup indication information is used to indicate the wireless transceiver of the second device. Waking up by the wake-up receiver of the second device after receiving the wake-up frame;
    所述第二设备接收所述第一设备发送的第一消息,所述第一消息为所述第一设备在接收到所述唤醒指示信息后确定在预设时间段内所述第一设备向所述第二设备发送过所述唤醒帧后发送,所述第一消息为所述第一设备在发送所述唤醒帧时已确定要向所述第二设备发送的消息;或者,The second device receives the first message sent by the first device, where the first message is that the first device determines, after receiving the awake indication information, that the first device is in a preset time period. After the second device sends the wake-up frame, the first message is a message that the first device has determined to send to the second device when sending the wake-up frame; or
    所述第二设备接收所述第一设备发送的第二消息,所述第二消息为所述第一设备在接收到所述唤醒指示信息后确定在预设时间段内所述第一设备未向所述第二设备发送所述唤醒帧后发送,所述第二消息包括所述唤醒接收机的第二标识信息或所述第二标识信息的指示信息,Receiving, by the second device, the second message that is sent by the first device, where the second message is that, after receiving the awake indication information, the first device determines that the first device is not within a preset time period. Sending the wake-up frame to the second device, where the second message includes the second identifier information of the wake-up receiver or the indication information of the second identifier information,
    所述第二设备根据所述第二标识信息或所述第二标识信息指示信息,更新所述唤醒接收机当前使用的标识信息。And the second device updates the identifier information currently used by the wakeup receiver according to the second identifier information or the second identifier information indication information.
  8. 根据权利要求7所述的方法,其特征在于,所述第二消息是所述第一设备经过加密处理后发送的。The method according to claim 7, wherein the second message is sent after the first device is encrypted.
  9. 根据权利要求7或8所述的方法,其特征在于,所述第二设备根据所述第二标识信息或所述第二标识信息指示信息,更新所述唤醒接收机当前使用的标识信息之后,所述方法还包括:The method according to claim 7 or 8, wherein the second device updates the identifier information currently used by the wake-up receiver according to the second identifier information or the second identifier information indication information, The method further includes:
    所述第二设备向所述第一设备发送所述第二消息的确认消息,所述确认消息包括所述第二设备的身份验证信息,以使所述第一设备根据所述身份验证信息确定出所述第二设备的属性信息后,根据所述第二设备的属性信息与所述第二设备进行通信。The second device sends an acknowledgement message of the second message to the first device, where the acknowledgement message includes identity verification information of the second device, so that the first device determines according to the identity verification information. After the attribute information of the second device is output, the second device is in communication according to the attribute information of the second device.
  10. 根据权利要求7或8所述的方法,其特征在于,所述唤醒确认帧还包括所述第二设备的属性信息,以使所述第一设备根据所述属性信息,确定所述第二设备的当前保护模式,对所述第二设备工作在所述当前保护模式下的时长进行识别,并根据识别结果,对所述当前保护模式在至少两种保护模 式之间进行切换,所述至少两种保护模式包括第一保护模式和第二保护模式;其中,所述第一保护模式为每次所述第二设备的无线收发器被所述第二设备的唤醒接收机唤醒后,所述第一设备均更新所述唤醒接收机的标识信息的模式;所述第二保护模式为在所述第一设备接收所述第二设备的无线收发器发送的唤醒确认帧,并确定在所述预设时间段内所述第一设备未向所述第二设备的唤醒接收机发送唤醒帧时,更新所述唤醒接收机的标识信息的模式。The method according to claim 7 or 8, wherein the wake-up acknowledgement frame further includes attribute information of the second device, so that the first device determines the second device according to the attribute information. Current protection mode, identifying a duration of operation of the second device in the current protection mode, and according to the recognition result, the current protection mode is in at least two protection modes Switching between the modes, the at least two protection modes including a first protection mode and a second protection mode; wherein the first protection mode is that each time the wireless transceiver of the second device is used by the second device After the wake-up receiver wakes up, the first device updates a mode of the identifier information of the wake-up receiver; the second protection mode is sent by the wireless device that receives the second device by the first device. Wake up the acknowledgement frame and determine a mode of updating the identifier information of the wake-up receiver when the first device does not send a wake-up frame to the wake-up receiver of the second device within the preset time period.
  11. 一种网络设备,其特征在于,所述网络设备包括:A network device, where the network device includes:
    接收单元,用于接收终端的无线收发器发送的唤醒确认帧,所述唤醒确认帧包括唤醒指示信息,所述唤醒指示信息用于指示所述终端的无线收发单元是被所述终端的唤醒接收单元在接收到唤醒帧后唤醒,所述唤醒帧包含所述唤醒接收单元的第一标识信息,所述第一标识信息为所述唤醒接收单元当前使用的标识信息;a receiving unit, configured to receive a wake-up acknowledgement frame sent by the wireless transceiver of the terminal, where the wake-up acknowledgement frame includes wake-up indication information, where the wake-up indication information is used to indicate that the wireless transceiver unit of the terminal is received by the terminal The unit wakes up after receiving the wake-up frame, where the wake-up frame includes first identifier information of the wake-up receiving unit, where the first identifier information is identifier information currently used by the wake-up receiving unit;
    处理单元,用于根据所述唤醒指示信息,确定在预设时间段内已向所述终端发送过所述唤醒帧;a processing unit, configured to determine, according to the wakeup indication information, that the wakeup frame has been sent to the terminal within a preset time period;
    发送单元,用于当所述处理单元确定在预设时间段内已向所述终端发送所述唤醒帧时,向所述终端发送第一消息,所述第一消息为所述网络设备在发送所述唤醒帧时已确定要向所述终端发送的消息;或者,a sending unit, configured to: when the processing unit determines that the wake-up frame has been sent to the terminal within a preset time period, send a first message to the terminal, where the first message is sent by the network device The message to be sent to the terminal has been determined when the frame is awakened; or
    所述处理单元,还用于根据所述唤醒指示信息,确定在预设时间段内未向所述终端发送所述唤醒帧;The processing unit is further configured to: according to the awake indication information, determine that the wake-up frame is not sent to the terminal within a preset time period;
    所述发送单元,还用于所述处理单元确定在预设时间段内未向所述第一设备发送所述唤醒帧时,向所述终端发送第二消息,所述第二消息包括所述唤醒接收单元的第二标识信息或所述第二标识信息的指示信息,以用于所述终端根据所述第二标识信息或所述第二标识信息的指示信息更新所述唤醒接收单元当前使用的标识信息。The sending unit is further configured to: when the processing unit determines that the wake-up frame is not sent to the first device within a preset time period, send a second message to the terminal, where the second message includes the And waking up the second identifier information of the receiving unit or the indication information of the second identifier information, for the terminal to update, according to the second identifier information or the indication information of the second identifier information, the current use of the wakeup receiving unit Identification information.
  12. 根据权利要求11所述的网络设备,其特征在于,在所述发送单元向所述终端发送第二消息之前, The network device according to claim 11, wherein before the sending unit sends the second message to the terminal,
    所述处理单元,还用于对所述第二消息进行加密处理。The processing unit is further configured to perform encryption processing on the second message.
  13. 根据权利要求11或12所述的网络设备,其特征在于,在所述发送单元向所述终端发送第二消息之后,The network device according to claim 11 or 12, wherein after the sending unit sends the second message to the terminal,
    所述接收单元,还用于接收所述终端发送的所述第二消息的确认消息,所述第二消息的确认消息是所述第二设备根据所述第二标识信息或所述第二标识信息的指示信息更新所述唤醒接收单元当前使用的标识信息后发送的,所述确认消息包括所述终端的身份验证信息;The receiving unit is further configured to receive an acknowledgement message of the second message sent by the terminal, where the confirmation message of the second message is that the second device is configured according to the second identifier information or the second identifier The indication information of the information is sent after the identifier information currently used by the waking receiving unit is updated, and the confirmation message includes the identity verification information of the terminal;
    所述处理单元,还用于根据所述终端的身份验证信息,确定所述终端的属性信息;The processing unit is further configured to determine attribute information of the terminal according to the identity verification information of the terminal;
    根据所述终端的属性信息,与所述终端进行通信。Communicating with the terminal according to the attribute information of the terminal.
  14. 根据权利要求11或12所述的网络设备,其特征在于,所述唤醒确认帧还包括所述终端的属性信息;The network device according to claim 11 or 12, wherein the wake-up acknowledgement frame further includes attribute information of the terminal;
    所述接收单元接收所述终端的无线收发单元发送的所述唤醒确认帧之后,After the receiving unit receives the wake-up acknowledgement frame sent by the wireless transceiver unit of the terminal,
    所述处理单元,还用于根据所述终端的属性信息,确定所述终端的当前保护模式;The processing unit is further configured to determine a current protection mode of the terminal according to the attribute information of the terminal;
    对所述终端工作在所述当前保护模式下的时长进行识别;Identifying a duration of operation of the terminal in the current protection mode;
    根据识别结果,对所述当前保护模式在至少两种保护模式之间进行切换,所述至少两种保护模式包括第一保护模式和第二保护模式。And switching, according to the recognition result, the current protection mode between at least two protection modes, where the at least two protection modes include a first protection mode and a second protection mode.
  15. 根据权利要求14所述的网络设备,其特征在于,在所述处理单元确定终端的当前保护模式为第一保护模式后,所述第一保护模式为每次所述终端的无线收发单元被所述终端的唤醒接收单元唤醒后,所述处理单元均更新所述终端的唤醒接收单元的标识信息的模式;The network device according to claim 14, wherein after the processing unit determines that the current protection mode of the terminal is the first protection mode, the first protection mode is that each time the wireless transceiver unit of the terminal is After the wake-up receiving unit of the terminal wakes up, the processing unit updates a mode of the identifier information of the wake-up receiving unit of the terminal;
    所述处理单元,具体用于对所述终端工作在所述第一保护模式的第一时长,以及所述终端在所述第一时长内是否受到过攻击进行识别;The processing unit is specifically configured to: identify, by the terminal, the first duration of the first protection mode, and whether the terminal is attacked during the first duration;
    其中,所述终端受到攻击是指,所述接收单元接收到所述终端发送的所述唤醒确认消息,但所述发送单元在预设时间段内未向所述终端发送过所述 唤醒帧;The receiving unit receives the wake-up confirmation message sent by the terminal, but the sending unit does not send the message to the terminal within a preset time period. Wake up frame
    在所述处理单元根据所述唤醒指示信息,确定在预设时间段内已向所述终端发送所述唤醒帧后,Determining, after the processing unit sends the wake-up frame to the terminal within a preset time period, according to the wake-up indication information,
    当所述处理单元识别出所述终端工作在所述第一保护模式下的时间超过所述第一时长,并且所述终端在所述第一时长内未受到过攻击时,所述处理单元将所述终端的当前保护模式从所述第一保护模式切换到所述第二保护模式。When the processing unit recognizes that the terminal works in the first protection mode for more than the first duration, and the terminal is not attacked within the first duration, the processing unit will The current protection mode of the terminal is switched from the first protection mode to the second protection mode.
  16. 根据权利要求14所述的网络设备,其特征在于,在所述处理单元确定所述终端的当前保护模式为第二保护模式后,所述第二保护模式为在所述接收单元接收所述终端的无线收发单元发送的唤醒确认帧,并确定在所述预设时间段内所述发送单元未向所述终端的唤醒接收单元发送唤醒帧时,更新所述终端的唤醒接收单元的标识信息的模式;The network device according to claim 14, wherein after the processing unit determines that the current protection mode of the terminal is the second protection mode, the second protection mode is that the terminal is received by the receiving unit. Updating the wake-up confirmation frame sent by the wireless transceiver unit, and determining that, when the sending unit does not send the wake-up frame to the wake-up receiving unit of the terminal within the preset time period, updating the identifier information of the wake-up receiving unit of the terminal mode;
    所述处理单元,具体用于对所述终端工作在所述第二保护模式下的第二时长和攻击次数进行识别;The processing unit is specifically configured to identify a second duration and an attack number of the terminal working in the second protection mode;
    其中,所述终端受到攻击是指,所述接收单元接收到所述终端发送的所述唤醒确认消息,但所述发送单元在预设时间段内未向所述终端发送过所述唤醒帧;The receiving unit receives the wakeup acknowledgement message sent by the terminal, but the sending unit does not send the wakeup frame to the terminal within a preset time period;
    在所述处理单元根据所述唤醒指示信息,确定在预设时间段内未向所述终端发送所述唤醒帧后,After the processing unit determines, according to the awake indication information, that the wake-up frame is not sent to the terminal within a preset time period,
    当所述处理单元识别出所述终端工作在所述第二保护模式下的时间未超过所述第二时长,且所述终端受攻击的次数不小于所述攻击次数阈值时,所述处理单元将所述终端的当前保护模式从所述第二保护模式切换到所述第一保护模式。When the processing unit recognizes that the time when the terminal works in the second protection mode does not exceed the second duration, and the number of times the terminal is attacked is not less than the attack threshold, the processing unit Switching the current protection mode of the terminal from the second protection mode to the first protection mode.
  17. 一种终端,其特征在于,所述终端包括:唤醒接收单元、处理单元和无线收发单元, A terminal, comprising: a wake-up receiving unit, a processing unit, and a wireless transceiver unit,
    所述唤醒接收单元,用于接收唤醒帧;The wake-up receiving unit is configured to receive a wake-up frame;
    所述处理单元,用于在接收到唤醒帧后唤醒所述终端的无线收发单元,所述唤醒帧包含所述唤醒接收单元的第一标识信息,所述第一标识信息为所述唤醒接收单元当前使用的标识信息;The processing unit is configured to wake up the wireless transceiver unit of the terminal after receiving the wake-up frame, where the wake-up frame includes first identifier information of the wake-up receiving unit, where the first identifier information is the wake-up receiving unit Identification information currently in use;
    所述无线收发单元,用于向网络设备发送唤醒确认帧,所述唤醒确认帧包括唤醒指示信息,所述唤醒指示信息用于指示所述无线收发单元是被所述终端的唤醒接收单元在接收到所述唤醒帧后唤醒;The wireless transceiver unit is configured to send a wakeup confirmation frame to the network device, where the wakeup acknowledgement frame includes wakeup indication information, where the wakeup indication information is used to indicate that the wireless transceiver unit is received by the wakeup receiving unit of the terminal Wake up after the wake-up frame;
    所述无线收发单元,还用于接收所述网络设备发送的第一消息,所述第一消息为所述网络设备在接收到所述唤醒指示信息后确定在预设时间段内所述网络设备向所述唤醒接收单元发送过唤醒帧后发送,所述第一消息为所述网络设备在发送所述唤醒帧时已确定要向所述无线收发单元发送的消息;或者,The wireless transceiver unit is further configured to receive a first message sent by the network device, where the first message is that the network device determines, after receiving the awake indication information, that the network device is within a preset time period. And sending, after sending the wake-up frame to the wake-up receiving unit, the first message is a message that the network device has determined to send to the wireless transceiver unit when sending the wake-up frame; or
    接收所述网络设备发送的第二消息,所述第二消息为所述网络设备在接收到所述唤醒指示信息后确定在预设时间段内所述网络设备未向所述唤醒接收单元发送唤醒帧后发送,所述第二消息包括所述唤醒接收单元的第二标识信息或所述第二标识信息的指示信息;Receiving a second message sent by the network device, where the second message is that, after receiving the awake indication information, the network device determines that the network device does not send a wakeup to the awake receiving unit within a preset time period. After the frame is sent, the second message includes the second identifier information of the wakeup receiving unit or the indication information of the second identifier information;
    所述处理单元根据所述第二标识信息或所述第二标识信息的指示信息,更新所述唤醒接收单元当前使用的标识。The processing unit updates the identifier currently used by the wake-up receiving unit according to the second identifier information or the indication information of the second identifier information.
  18. 根据权利要求17所述的终端,其特征在于,所述第二消息是所述网络设备经过加密处理后发送的。The terminal according to claim 17, wherein the second message is sent after the network device is encrypted.
  19. 根据权利要求17或18所述的终端,其特征在于,所述处理单元根据所述第二标识信息或所述第二标识信息的指示信息,更新所述唤醒接收单元当前使用的标识信息之后,The terminal according to claim 17 or 18, wherein the processing unit updates the identifier information currently used by the wake-up receiving unit according to the second identifier information or the indication information of the second identifier information,
    所述无线收发单元,还用于向所述网络设备发送所述第二消息的确认消息,所述确认消息包括所述终端的身份验证信息,以使所述网络设备根据所述身份验证信息确定出所述终端的属性信息后,与所述网络设备进行通信。 The wireless transceiver unit is further configured to send an acknowledgement message of the second message to the network device, where the confirmation message includes identity verification information of the terminal, so that the network device determines according to the identity verification information. After the attribute information of the terminal is output, communication is performed with the network device.
  20. 根据权利要求15或16所述的终端,其特征在于,所述唤醒确认帧还包括所述终端的属性信息,以使所述网络设备根据所述属性信息,确定所述终端的当前保护模式,对所述终端工作在所述当前保护模式下的时长进行识别,并根据识别结果,对所述当前保护模式在至少两种保护模式之间进行切换,所述至少两种保护模式包括第一保护模式和第二保护模式;The terminal according to claim 15 or 16, wherein the wake-up acknowledgement frame further includes attribute information of the terminal, so that the network device determines a current protection mode of the terminal according to the attribute information, Identifying a duration of the working in the current protection mode, and switching the current protection mode between at least two protection modes according to the recognition result, where the at least two protection modes include the first protection Mode and second protection mode;
    其中,所述第一保护模式为每次所述无线收发单元被所述唤醒接收单元唤醒后,所述处理单元均更新所述唤醒接收单元的标识信息的模式;所述第二保护模式为在所述网络设备接收所述无线收发单元发送的唤醒确认帧,并确定在所述预设时间段内所述网络设备未向所述唤醒接收单元发送唤醒帧时,更新所述唤醒接收单元标识信息的模式。The first protection mode is that after the wireless transceiver unit is awake by the wake-up receiving unit, the processing unit updates a mode of the identifier information of the wake-up receiving unit; the second protection mode is Receiving, by the network device, a wake-up acknowledgement frame sent by the wireless transceiver unit, and determining that the wake-up receiving unit identifier information is updated when the network device does not send a wake-up frame to the wake-up receiving unit within the preset time period Mode.
  21. 一种网络设备,其特征在于,所述网络设备包括:A network device, where the network device includes:
    接收器,用于接收终端的无线收发器发送的唤醒确认帧,所述唤醒确认帧包括唤醒指示信息,所述唤醒指示信息用于指示所述终端的无线收发器是被所述终端的唤醒接收机在接收到唤醒帧后唤醒,所述唤醒帧包含所述唤醒接收机的第一标识信息,所述第一标识信息为所述唤醒接收机当前使用的标识信息;a receiver, configured to receive a wake-up acknowledgement frame sent by the wireless transceiver of the terminal, where the wake-up acknowledgement frame includes wake-up indication information, where the wake-up indication information is used to indicate that the wireless transceiver of the terminal is received by the terminal The device wakes up after receiving the wake-up frame, where the wake-up frame includes first identifier information of the wake-up receiver, where the first identifier information is identifier information currently used by the wake-up receiver;
    处理器,用于根据所述唤醒指示信息,确定在预设时间段内已向所述终端发送所述唤醒帧;a processor, configured to determine, according to the wakeup indication information, that the wakeup frame has been sent to the terminal within a preset time period;
    发送器,用于当所述处理器确定在预设时间段内已向所述终端发送所述唤醒帧时,向所述终端发送过第一消息,所述第一消息为所述网络设备在发送所述唤醒帧时已确定要向所述终端发送的消息;a transmitter, configured to send a first message to the terminal when the processor determines that the wake-up frame has been sent to the terminal within a preset time period, where the first message is that the network device is The message to be sent to the terminal has been determined when the wake-up frame is sent;
    所述处理器,还用于根据所述唤醒指示信息,确定在预设时间段内未向所述终端发送所述唤醒帧;The processor is further configured to determine, according to the awake indication information, that the awake frame is not sent to the terminal within a preset time period;
    所述发送器,还用于当所述处理器确定在预设时间段内未向所述终端发送所述唤醒帧时,向所述终端发送第二消息,所述第二消息包括所述唤醒接 收机的第二标识信息或所述第二标识信息的指示信息,以用于所述终端根据所述第二标识信息或所述第二标识信息的指示信息更新所述唤醒接收机当前使用的标识信息。The transmitter is further configured to: when the processor determines that the wake-up frame is not sent to the terminal within a preset time period, send a second message to the terminal, where the second message includes the wake-up Connect The second identifier information of the receiver or the indication information of the second identifier information, for the terminal to update, according to the second identifier information or the indication information of the second identifier information, the current use of the wakeup receiver Identification information.
  22. 根据权利要求21所述的网络设备,其特征在于,所述发送器向所述终端发送第二消息之前,The network device according to claim 21, wherein before the sender sends the second message to the terminal,
    所述处理器,还用于对所述第二消息进行加密处理。The processor is further configured to perform encryption processing on the second message.
  23. 根据权利要求21或22所述的网络设备,其特征在于,在所述发送器向所述终端发送所述第二消息之后,The network device according to claim 21 or 22, after the sender sends the second message to the terminal,
    所述接收器,还用于接收所述终端发送的针对所述第二消息的确认消息,所述第二消息的确认消息是所述第二设备根据所述第二标识信息或所述第二标识信息的指示信息更新所述唤醒接收机当前使用的标识信息后发送的,所述确认消息包括所述终端的身份验证信息;The receiver is further configured to receive an acknowledgement message sent by the terminal for the second message, where the confirmation message of the second message is that the second device is based on the second identifier information or the second And the indication information of the identifier information is sent after updating the identifier information currently used by the wake-up receiver, where the acknowledgement message includes identity verification information of the terminal;
    所述处理器,还用于根据所述终端的身份验证信息,确定所述终端的属性信息;The processor is further configured to determine attribute information of the terminal according to the identity verification information of the terminal;
    根据所述终端的属性信息,与所述终端进行通信。Communicating with the terminal according to the attribute information of the terminal.
  24. 根据权利要求21或22所述的网络设备,其特征在于,所述唤醒确认帧还包括所述终端的属性信息;The network device according to claim 21 or 22, wherein the wakeup acknowledgement frame further includes attribute information of the terminal;
    所述接收器接收终端的无线收发器发送的唤醒确认帧之后,After the receiver receives the wake-up acknowledgement frame sent by the wireless transceiver of the terminal,
    所述处理器,还用于根据所述终端的属性信息,确定所述终端的当前保护模式;The processor is further configured to determine a current protection mode of the terminal according to the attribute information of the terminal;
    对所述终端工作在所述当前保护模式下的时长进行识别;Identifying a duration of operation of the terminal in the current protection mode;
    根据识别结果,对所述当前保护模式在至少两种保护模式之间进行切换,所述至少两种保护模式包括第一保护模式和第二保护模式。And switching, according to the recognition result, the current protection mode between at least two protection modes, where the at least two protection modes include a first protection mode and a second protection mode.
  25. 根据权利要求24所述的网络设备,其特征在于,在所述处理器确定所述终端的当前保护模式为所述第一保护模式后,所述第一保护模式为每次所述终端的无线收发器被所述终端的唤醒接收机唤醒后,所述处理器均更新 所述终端的唤醒接收机的标识信息的模式;The network device according to claim 24, wherein after the processor determines that the current protection mode of the terminal is the first protection mode, the first protection mode is wireless each time the terminal After the transceiver is woken up by the wakeup receiver of the terminal, the processors are updated a mode of the terminal waking up the identification information of the receiver;
    所述处理器,具体用于对所述终端工作在所述第一保护模式的第一时长,以及所述终端在所述第一时长内是否受到攻击进行识别;The processor is specifically configured to: identify, by the terminal, a first duration of the first protection mode, and whether the terminal is attacked during the first duration;
    其中,所述终端受到攻击是指,所述接收器收到所述终端发送的所述唤醒确认消息,但所述接收器在预设时间段内未向所述终端发送过所述唤醒帧;The attacking of the terminal means that the receiver receives the wakeup acknowledgement message sent by the terminal, but the receiver does not send the wakeup frame to the terminal within a preset time period;
    在所述处理器根据所述唤醒指示信息,确定在预设时间段内已向所述终端发送所述唤醒帧后,当所述处理器识别出所述终端工作在所述第一保护模式下的时间超过所述第一时长,并且所述终端在所述第一时长内未受到过攻击时,所述处理器将所述终端的当前保护模式从所述第一保护模式切换到所述第二保护模式。Determining, after the processor according to the awake indication information, that the wake-up frame has been sent to the terminal within a preset time period, when the processor identifies that the terminal works in the first protection mode The processor switches the current protection mode of the terminal from the first protection mode to the first time when the time exceeds the first duration and the terminal is not attacked within the first duration Second protection mode.
  26. 根据权利要求24所述的网络设备,其特征在于,在所述处理器确定所述终端的当前保护模式为第二保护模式后,所述第二保护模式为在所述接收器接收所述终端的无线收发器发送的唤醒确认帧,并确定在所述预设时间段内所述发送器未向所述终端的唤醒接收机发送唤醒帧时,更新所述终端的唤醒接收机的标识信息的模式;The network device according to claim 24, wherein after the processor determines that the current protection mode of the terminal is the second protection mode, the second protection mode is that the terminal is received by the receiver. Updating the wake-up acknowledgement frame sent by the wireless transceiver, and determining that when the transmitter does not send the wake-up frame to the wake-up receiver of the terminal within the preset time period, updating the identifier information of the wake-up receiver of the terminal mode;
    所述处理器,具体用于对所述终端工作在所述第二保护模式下的第二时长和攻击次数进行识别;The processor is specifically configured to identify a second duration and an attack number of the terminal working in the second protection mode;
    其中,所述终端受到攻击是指,所述接收器收到所述终端发送的所述唤醒确认消息,但所述接收器在预设时间段内未向所述终端发送过所述唤醒帧;The attacking of the terminal means that the receiver receives the wakeup acknowledgement message sent by the terminal, but the receiver does not send the wakeup frame to the terminal within a preset time period;
    在所述处理器根据所述唤醒指示信息,确定在预设时间段内未向所述终端发送所述唤醒帧后,当所述处理器识别出所述终端工作在所述第二保护模式下的时间未超过所述第二时长,且所述终端受攻击的次数不小于所述攻击次数阈值时,所述处理器将所述终端的当前保护模式从第二保护模式切换到所述第一保护模式。Determining, after the processor according to the awake indication information, that the awake frame is not sent to the terminal within a preset time period, when the processor identifies that the terminal works in the second protection mode The processor switches the current protection mode of the terminal from the second protection mode to the first when the time of the terminal is not longer than the second attack time, and the number of times the terminal is attacked is not less than the attack number threshold Protection mode.
  27. 一种终端,其特征在于,所述终端包括:唤醒接收机,处理器和无 线收发器,A terminal, the terminal comprising: a wake-up receiver, a processor and none Line transceiver,
    所述唤醒接收机,用于接收唤醒帧;The wake-up receiver is configured to receive a wake-up frame;
    所述处理器,用于在接收到所述唤醒帧后唤醒所述终端的所述无线收发器,所述唤醒帧包含所述唤醒接收机的第一标识信息,所述第一标识信息为所述唤醒接收机当前使用的标识信息;The processor is configured to wake up the wireless transceiver of the terminal after receiving the wake-up frame, where the wake-up frame includes first identifier information of the wake-up receiver, where the first identifier information is Declaring the identification information currently used by the receiver;
    所述无线收发器,用于向网络设备发送唤醒确认帧,所述唤醒确认帧包括唤醒指示信息,所述唤醒指示信息用于指示所述无线收发器是被所述唤醒接收机在接收到所述唤醒帧后唤醒;The wireless transceiver is configured to send a wake-up acknowledgement frame to the network device, where the wake-up acknowledgement frame includes wake-up indication information, where the wake-up indication information is used to indicate that the wireless transceiver is received by the wake-up receiver Wake up after wake-up frame;
    所述无线收发器,用于接收所述网络设备发送的第一消息,所述第一消息为所述网络设备在接收到所述唤醒指示信息后确定在预设时间段内所述网络设备向所述唤醒接收机发送过唤醒帧后发送,所述第一消息为所述网络设备在发送所述唤醒帧时已确定要向所述无线收发器发送的消息;或者,The wireless transceiver is configured to receive a first message sent by the network device, where the first message is that the network device determines, after receiving the awake indication information, that the network device is in a preset time period Sending, after the wake-up receiver sends the wake-up frame, the first message is a message that the network device has determined to send to the wireless transceiver when sending the wake-up frame; or
    所述无线收发器,还用于接收所述网络设备发送的第二消息,所述第二消息为所述网络设备在接收到所述唤醒指示信息后确定在预设时间段内所述网络设备未向所述唤醒接收机发送唤醒帧后发送,所述第二消息包括所述唤醒接收机的第二标识信息或所述第二标识信息的指示信息,所述第二标识信息或所述第二标识信息的指示信息;The wireless transceiver is further configured to receive a second message sent by the network device, where the second message is that the network device determines that the network device is within a preset time period after receiving the awake indication information Not sending the wake-up frame to the wake-up receiver, where the second message includes the second identifier information of the wake-up receiver or the indication information of the second identifier information, the second identifier information or the Two indication information of the identification information;
    所述处理器根据所述第二标识信息或所述第二标识信息指示信息,更新所述唤醒接收机当前使用的标识。And the processor updates the identifier currently used by the wakeup receiver according to the second identifier information or the second identifier information indication information.
  28. 根据权利要求27所述的终端,其特征在于,所述第二消息是所述网络设备经过加密处理后发送的。The terminal according to claim 27, wherein the second message is sent after the network device is encrypted.
  29. 根据权利要求27或28所述的终端,其特征在于,所述处理器根据所述第二标识信息或所述第二标识信息的指示信息,更新所述唤醒接收机当前使用的标识信息之后,The terminal according to claim 27 or 28, wherein the processor updates the identification information currently used by the wake-up receiver according to the second identification information or the indication information of the second identification information,
    所述无线收发器向所述网络设备发送所述第二消息的确认消息,所述确认消息包括所述终端的身份验证信息,以使所述网络设备根据所述身份验证 信息确定出所述终端的标识信息后,与所述网络设备进行通信。The wireless transceiver sends an acknowledgement message of the second message to the network device, where the acknowledgement message includes identity verification information of the terminal, so that the network device performs verification according to the identity After determining the identification information of the terminal, the information communicates with the network device.
  30. 根据权利要求27或28所述的终端,其特征在于,所述唤醒确认帧还包括所述终端的属性信息,以使所述网络设备根据所述属性信息,确定所述终端的当前保护模式,对所述终端工作在所述当前保护模式下的时长进行识别,并根据识别结果,对所述当前保护模式在至少两种保护模式之间进行切换,所述至少两种保护模式包括第一保护模式和第二保护模式;The terminal according to claim 27 or 28, wherein the wake-up acknowledgement frame further includes attribute information of the terminal, so that the network device determines a current protection mode of the terminal according to the attribute information, Identifying a duration of the working in the current protection mode, and switching the current protection mode between at least two protection modes according to the recognition result, where the at least two protection modes include the first protection Mode and second protection mode;
    其中,所述第一保护模式为每次所述无线收发器被所述唤醒接收机唤醒后,所述处理器均更新所述唤醒接收机的标识信息的模式;所述第二保护模式为在所述网络设备接收所述无线收发器发送的唤醒确认帧,并确定在所述预设时间段内所述网络设备未向所述唤醒接收机发送唤醒帧时,更新所述唤醒接收机标识信息的模式。 The first protection mode is a mode in which the processor updates the identification information of the wake-up receiver after the wireless transceiver is woken up by the wake-up receiver; the second protection mode is Receiving, by the network device, a wake-up acknowledgement frame sent by the wireless transceiver, and determining that the wake-up receiver identification information is updated when the network device does not send a wake-up frame to the wake-up receiver within the preset time period Mode.
PCT/CN2016/104090 2016-10-31 2016-10-31 Communication method, network device, and terminal WO2018076356A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2016/104090 WO2018076356A1 (en) 2016-10-31 2016-10-31 Communication method, network device, and terminal
CN201711052385.6A CN108012315B (en) 2016-10-31 2017-10-30 Communication method, network equipment and terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2016/104090 WO2018076356A1 (en) 2016-10-31 2016-10-31 Communication method, network device, and terminal

Publications (1)

Publication Number Publication Date
WO2018076356A1 true WO2018076356A1 (en) 2018-05-03

Family

ID=62024221

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/104090 WO2018076356A1 (en) 2016-10-31 2016-10-31 Communication method, network device, and terminal

Country Status (1)

Country Link
WO (1) WO2018076356A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2573344A (en) * 2018-05-04 2019-11-06 Canon Kk Communication methods and devices
CN114286431A (en) * 2021-12-02 2022-04-05 海尔优家智能科技(北京)有限公司 Method and device for enabling low power consumption mode, storage medium and electronic device
WO2023142004A1 (en) * 2022-01-28 2023-08-03 北京小米移动软件有限公司 Communication method and apparatus, device, and storage medium
WO2025015485A1 (en) * 2023-07-14 2025-01-23 北京小米移动软件有限公司 Information indication method, terminal, network device, communication system, and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014051820A1 (en) * 2012-09-28 2014-04-03 Intel Corporation Methods and arrangements for low power active radio reception
CN103974391A (en) * 2013-02-04 2014-08-06 华为终端有限公司 Device wake-up method and device
CN104105089A (en) * 2013-04-01 2014-10-15 中兴通讯股份有限公司 Data transmission method, device and system
EP2833680A1 (en) * 2013-07-29 2015-02-04 Alcatel Lucent An energy limited node, an access network node, a communications system, and a communication method
US20150334650A1 (en) * 2014-05-16 2015-11-19 Intel Corporation Method, system and apparatus for providing coexistence between low power stations and non-low power stations
CN105373713A (en) * 2015-11-23 2016-03-02 上海汽车集团股份有限公司 Vehicle-mounted terminal awakening method, vehicle-mounted terminal and vehicle

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014051820A1 (en) * 2012-09-28 2014-04-03 Intel Corporation Methods and arrangements for low power active radio reception
CN103974391A (en) * 2013-02-04 2014-08-06 华为终端有限公司 Device wake-up method and device
CN104105089A (en) * 2013-04-01 2014-10-15 中兴通讯股份有限公司 Data transmission method, device and system
EP2833680A1 (en) * 2013-07-29 2015-02-04 Alcatel Lucent An energy limited node, an access network node, a communications system, and a communication method
US20150334650A1 (en) * 2014-05-16 2015-11-19 Intel Corporation Method, system and apparatus for providing coexistence between low power stations and non-low power stations
CN105373713A (en) * 2015-11-23 2016-03-02 上海汽车集团股份有限公司 Vehicle-mounted terminal awakening method, vehicle-mounted terminal and vehicle

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2573344A (en) * 2018-05-04 2019-11-06 Canon Kk Communication methods and devices
GB2573344B (en) * 2018-05-04 2020-07-15 Canon Kk Communication methods and devices
CN114286431A (en) * 2021-12-02 2022-04-05 海尔优家智能科技(北京)有限公司 Method and device for enabling low power consumption mode, storage medium and electronic device
CN114286431B (en) * 2021-12-02 2024-03-22 海尔优家智能科技(北京)有限公司 Method and device for starting low-power mode, storage medium and electronic device
WO2023142004A1 (en) * 2022-01-28 2023-08-03 北京小米移动软件有限公司 Communication method and apparatus, device, and storage medium
WO2025015485A1 (en) * 2023-07-14 2025-01-23 北京小米移动软件有限公司 Information indication method, terminal, network device, communication system, and storage medium

Similar Documents

Publication Publication Date Title
CN108541047B (en) Indication method and device of downlink service data
US10924996B2 (en) State switching method and apparatus
EP3499977B1 (en) Method and device for sending and receiving wur frame
WO2018082402A1 (en) Control information transmission method and apparatus
EP2115903B1 (en) Wake-on-wlan for stationary wireless stations
WO2018192374A1 (en) Site wake-up method and site
US12041546B2 (en) Wireless communication method and wireless communication terminal using wake-up radio
EP3522613B1 (en) Wakeup method and apparatus
US10485029B2 (en) System and method for collision detection and mitigation with wake-up packets
CN108616968B (en) Method and apparatus for transmitting frame
WO2021004119A1 (en) Method and apparatus for waking, storage medium, and terminal
WO2018076356A1 (en) Communication method, network device, and terminal
CN107820305B (en) Method and device for transmitting WUR message
CN117941423A (en) Wireless communication method, device and equipment
JP2019537910A (en) Method for sending wake-up packet, method, apparatus and device for sending first frame after node wake-up
CN108012315B (en) Communication method, network equipment and terminal
WO2022141009A1 (en) Method and apparatus for sending paging message
WO2018054169A1 (en) Channel switching method and device
CN111343615B (en) Method and apparatus for short-range communication
WO2018171591A1 (en) Method and apparatus for waking up device
CN108076476B (en) Method and device for transmitting data
WO2018149280A1 (en) Data receiving method and device
CN108093462B (en) Communication method and device based on wake-up receiver
EP3490310B1 (en) Method and device for transmitting data
WO2018113192A1 (en) Wireless device wakeup method, sending device, and receiving device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16920395

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16920395

Country of ref document: EP

Kind code of ref document: A1