计算机科学 ›› 2018, Vol. 45 ›› Issue (11): 143-148.doi: 10.11896/j.issn.1002-137X.2018.11.021
徐丙凤1, 何高峰2
XU Bing-feng1, HE Gao-feng2
摘要: 信息物理融合系统(Cyber-Physical System,CPS)多为安全攸关系统,是网络攻击的高价值目标,需要对其进行有效的安全评估。为此,提出一种基于攻击图的信息物理融合系统渗透测试方法。首先,对传统攻击图进行改进,考虑物理攻击、攻击持续时间以及物理系统的连续变量值,提出适用于CPS的攻击图建模技术AGC(Attack Graph for CPS),并在图中增加攻击可行性参数以表示单步攻击的成功率;其次,基于AGC提出最优攻击路径选择策略,包括最小攻击代价、最短攻击时间等,并设计面向CPS的智能渗透测试算法;最后,通过应用实例对方法的有效性进行验证。分析结果表明,该方法能够根据渗透测试目标选择最优攻击路径,并能根据实际反馈结果自动调整后续攻击步骤,有效实现CPS的安全评估。
中图分类号:
[1]AYAN B,TRIDIB M.Ensuring Safety,Security and Sustainability of Mission-Critical Cyber-Physical Systems [J].Proceedings of the IEEE,2012,100(1):283-299. [2]PENG K L,PENG W,WANG D X,et al.Research Survey on Security Issues in Cyber-Physical Systems [J].Netinfo Security,2016(7):20-28.(in Chinese) 彭昆仑,彭伟,王东霞,等.信息物理融合系统安全问题研究综述[J].信息网络安全,2016(7):20-28. [3]TANG Y,CHEN Q,LI M Y,et al.Overview on Cyber-attacks Against Cyber Physical Power System [J].Automation of Electric Power Systems,2016,40(17):59-69.(in Chinese) 汤奕,陈倩,李梦雅,等.电力信息物理融合系统环境中的网络攻击研究综述[J].电力系统自动化,2016,40(17):59-69. [4]国家互联网信息办公室.国家网络空间安全战略[EB/OL].(2016-12-27).http://www.cac.gov.cn/2016-12/27/c_1120195926.htm. [5]FANG B X,JIA Y,LI A P,et al.Cyber Ranges:state-of-the-art and research challenges [J].Journal of Cyber Security,2016,1(3):1-9.(in Chinese) 方滨兴,贾焰,李爱平,等.网络空间靶场技术研究[J].信息安全学报,2016,1(3):1-9. [6]BYES E J,FRANZ M,MILLER D.The use of attack trees in assessing vulnerabilities in SCADA systems [C]∥Proceedings of the 2004 IEEE Conference on International Infrastructure Survivability Workshop.Lisbon,Portugal:IEEE,2004:210-217. [7]XIE F,LU T,GUO X,et al.Security analysis on cyber-physical system using attack tree [C]∥Proceedings of the 2013 Ninth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.Piscataway,NJ:IEEE,2013:429-432. [8]DAMODARAN S K,COURETAS J M.Cyber modeling & simu- lation for cyber-range events[C]∥Proceedings of the Conferen-ce on Summer Computer Simulation.Chicago,Illinois:Society for Computer Simulation International,2015:1-8. [9]SABALIAUSKAITE G,MATHUR A P.Aligning cyber-physical system safety and security [M]∥Complex Systems Design &Management Asia.Springer International Publishing,2015:41-53. [10]LU H K,CHEN D Q,PENG Y,et al.Quantitative research on risk Assessment for information security of industrial control system [J].Process Automation Instrumentation,2013,35(10):21-25.(in Chinese) 卢慧康,陈冬青,彭勇,等.工业控制系统信息安全风险评估量化研究[J].自动化仪表,2013,35(10):21-25. [11]WOO P S,KIM B H,HUR D.Towards Cyber security risks assessment in electric utility SCADA systems[J].Journal of Electrical Engineering and Technology,2015,10(3):888-894. [12]BOUCHTI A E,HAQIQ A.Modeling cyber-attack for SCADA systems using CoPNet approach [C]∥Proceedings of International Conference on Complex Systems.Agadir,Morocco:IEEE Press,2012:1-6. [13]WANG Z G,WEI Q,LIU W W.Quantitative risk assessment of industrial control systems based on attack-tree and CVSS [J].Application Research of Computers,2016,33(12):3785-3790.(in Chinese) 王作广,魏强,刘雯雯.基于攻击树与 CVSS 的工业控制系统风险量化评估[J].计算机应用研究,2016,33(12):3785-3790. [14]CUI Y,ZHANG L J,WU H.Automatic generation method for penetration test programs based on attack graph [J].Journal of Computer Applications,2010,30(8):2146-2150.(in Chinese) 崔颖,章丽娟,吴灏.基于攻击图的渗透测试方案自动生成方法[J].计算机应用,2010,30(8):2146-2150. [15]LUAN J,WANG J,XUE M.Automated Vulnerability Modeling and Verification for Penetration Testing Using Petri Nets[C]∥International Conference on Cloud Computing and Security.Springer International Publishing,2016:71-82. [16]MAINKA C,SOMOROVSKY J,SCHWENK J.Penetration testing tool for web services security[C]∥Proceedings of 2012 IEEE Eighth World Congress on Services (SERVICES).Honolulu,HI,USA:IEEE,2012:163-170. [17]ANTUNES N,VIEIRA M.Penetration testing for web services [J].Computer,2014,47(2):30-36. [18]PENG Y,JIANG C Q,XIANG T,et al.Cyber-physical attack modeling and impact on critical infrastructure [J].Journal of Tsinghua University(Science and Technology),2013,53(12):1653-1663.(in Chinese) 彭勇,江常青,向憧,等.关键基础设施信息物理攻击建模和影响评价[J].清华大学学报(自然科学版),2013,53(12):1653-1663. [19]KAYNAR K,SIVRIKAYA F.Distributed attack graph generation [J].IEEE Transactions on Dependable and Secure Computing,2016,13(5):519-532. [20]QIU J,WANG T,YIN S,et al.Data-based optimal control for networked double-layer industrial processes[J].IEEE Transactions on Industrial Electronics,2017,64(5):4179-4186. [21]LI H,WANG Y,CAO Y.Searching Forward Complete Attack Graph Generation Algorithm Based on Hypergraph Partitioning [J].Procedia Computer Science,2017,107(C):27-38. [22]Common vulnerability scoring system v3.0:specification document[R].North Carolina:FIRST-Forum of Incident Response and Security Teams,2015. |
[1] | 李嘉睿, 凌晓波, 李晨曦, 李子木, 杨家海, 张蕾, 吴程楠. 基于贝叶斯攻击图的动态网络安全分析 Dynamic Network Security Analysis Based on Bayesian Attack Graphs 计算机科学, 2022, 49(3): 62-69. https://doi.org/10.11896/jsjkx.210800107 |
[2] | 杨萍, 舒辉, 康绯, 卜文娟, 黄宇垚. 一种基于语义分析的恶意代码攻击图生成方法 Generating Malicious Code Attack Graph Using Semantic Analysis 计算机科学, 2021, 48(6A): 448-458. https://doi.org/10.11896/jsjkx.201100074 |
[3] | 张凯, 刘京菊. 基于吸收Markov链的网络入侵路径分析方法 Attack Path Analysis Method Based on Absorbing Markov Chain 计算机科学, 2021, 48(5): 294-300. https://doi.org/10.11896/jsjkx.200700108 |
[4] | 李智, 邓杰, 杨溢龙, 韦尚锋. 从信息物理融合系统问题模型到UML用例图的变换方法 Transformational Approach from Problem Models of Cyber-Physical Systems to Use Case Diagrams in UML 计算机科学, 2020, 47(12): 65-72. https://doi.org/10.11896/jsjkx.201200044 |
[5] | 徐丙凤, 何高峰, 张黎宁. 基于状态事件故障树的信息物理融合系统风险建模 Risk Modeling for Cyber-physical Systems Based on State/Event Fault Trees 计算机科学, 2019, 46(5): 105-110. https://doi.org/10.11896/j.issn.1002-137X.2019.05.016 |
[6] | 叶子维, 郭渊博, 李涛, 琚安康. 一种基于知识图谱的扩展攻击图生成方法 Extended Attack Graph Generation Method Based on Knowledge Graph 计算机科学, 2019, 46(12): 165-173. https://doi.org/10.11896/jsjkx.190400092 |
[7] | 曾赛文,文中华,戴良伟,袁润. 基于不确定攻击图的攻击路径的网络安全分析 Analysis of Network Security Based on Uncertain Attack Graph Path 计算机科学, 2017, 44(Z6): 351-355. https://doi.org/10.11896/j.issn.1002-137X.2017.6A.080 |
[8] | 刘春,黄冉冉,韩道军. 基于目标的信息物理融合系统事件模型的分析 Goal Oriented Approach for Analayzing Event Model of Cyber-physical Systems 计算机科学, 2017, 44(4): 100-103. https://doi.org/10.11896/j.issn.1002-137X.2017.04.022 |
[9] | 汤小春,田凯飞. 基于语义模型的实时数据有效性保证策略研究 Validity Protection Strategy for Real Time Data in CPS Based on Semantics 计算机科学, 2017, 44(12): 11-16. https://doi.org/10.11896/j.issn.1002-137X.2017.12.002 |
[10] | 朱华旻,吴礼发,康红凯. 基于SecLA的云服务商选择方法研究 Research of Cloud Provider Selection Method Based on SecLA 计算机科学, 2016, 43(5): 100-107. https://doi.org/10.11896/j.issn.1002-137X.2016.05.019 |
[11] | 单美静. 基于AHP法的移动支付安全风险评估 Analytic Hierarchy Process-based Assessment Method on Mobile Payment Security 计算机科学, 2015, 42(Z11): 368-371. |
[12] | 杨志才,裘杭萍,权冀川,雷智朋. CPS拓扑结构节点重要性排序方法 Node Importance Ordering for Topology Structure of Cyber-physical Systems 计算机科学, 2015, 42(8): 128-131. |
[13] | 刘纯尧,张立臣. 信息物理融合系统的动态多优先级调度 Dynamic Multi-priority Scheduling for Cyber-physical Systems 计算机科学, 2015, 42(1): 28-32. https://doi.org/10.11896/j.issn.1002-137X.2015.01.006 |
[14] | 赖欣,黄邦菊. 空管自动化系统信息安全评估研究 Research of Information Security Assessment for ATC Automation Systems 计算机科学, 2014, 41(Z6): 474-476. |
[15] | 丘威. 一种基于LHPN的信息物理融合系统模型验证方法 Method for Verification of LHPN-based Cyber Physical System 计算机科学, 2014, 41(Z6): 64-66. |
|