计算机科学 ›› 2018, Vol. 45 ›› Issue (4): 25-33.doi: 10.11896/j.issn.1002-137X.2018.04.004
锁延锋,王少杰,秦宇,李秋香,丰大军,李京春
SUO Yan-feng, WANG Shao-jie, QIN Yu, LI Qiu-xiang, FENG Da-jun and LI Jing-chun
摘要: 为应对控制系统与互联网技术深度融合引发的安全新挑战,抵御震网病毒、火焰病毒、BlackEnergy等靶向攻击,针对工业控制系统漏洞挖掘、修复与控制等技术滞后,以及工业控制安全面临的“难发现、难监测、难防护”等问题,通过对工业控制系统的理论模型、关键技术、装备研制及测试评估进行研究,以漏洞挖掘与利用研究为主线,以理论与体系架构研究和安全技术测试验证平台的建设为基础,以动态监测防护和主动防御为目标,以测试样例集的攻防验证与典型示范为应用,提出了包含工业控制系统漏洞挖掘、深度检测、动态防护、主动防御等的整体安全技术解决方案,设计并构建了集漏洞挖掘、验证评估、动态防护、主动防御于一体的工业控制系统安全技术体系。
[1] SADEGHI A R,WACHSMANN C,WAIDNER M.Security and privacy challenges in industrial internet of things[C]∥Procee-dings of the 52nd Annual Design Automation Conference.ACM,2015:54. [2] THABET A.Stuxnet_Malware_Analysis_Paper[J].Freelancer MMware Reseafcher,2010:3-28. [3] 安天实验室.对flame病毒攻击事件的分析报告[R].哈尔滨:安全实验室,2012. [4] RAVAL S.BlackEnergy a threat to Industrial Control Systems network security[J].International Journal of Advance Research in Engineering,Science &Technology(IJAREST),2015,2(12):31-34. [5] LAI Y X,LIU Z H,CAI X T,et al.Research on intrusion detection of industrial control system[J].Journal on Communications,2017,38(2):143-156.(in Chinese) 赖英旭,刘增辉,蔡晓田,等.工业控制系统入侵检测研究综述[J].通信学报,2017,8(2):143-156. [6] SUN Y A,JING K,WANG Y Z.A Network Security Protection Research for Industrial Control System[J].Journal of Information Securyity Research,2017,3(2):171-176.(in Chinese) 孙易安,井柯,汪义舟.工业控制系统安全网络防护研究[J].信息安全研究,2017,3(2):171-176. [7] YI S W,ZHANG C B,XIE F,et al.Security analysis of indus-trial control network protocols based on Peach [J].Journal of Tsinghua University(Science & Technology),2017,7(1):50-54.(in Chinese) 伊胜伟,张翀斌,谢丰,等.基于Peach的工业控制网络协议安全分析[J].清华大学学报(自然科学版),2017,7(1):50-54. [8] ZHANG Y F,HONG Z,WU L F,et al.State based Fuzzing method for industrial control protocols[J].Computer Science,2017,4(5):132-140.(in Chinese) 张亚丰,洪征,吴礼发,等.基于状态的工业控制协议Fuzzing测试技术[J].计算机科学,2017,4(5):132-140. [9] YU C Q.The Study of Industry Control System Device Vulnerability Discovery[D].Beijing:Beijing University of Posts and Telecommunications,2015.(in Chinese) 于长奇.工业控制设备漏洞挖掘技术研究[D].北京:北京邮电大学,2015. [10] JIA C Q,FENG D Q.Security assessment for industrial control systems based on fuzzy analytic hierarchy process[J].Journal of Zhejiang University(Engineering Science),2016,50(4):759-765.(in Chinese) 贾驰千,冯冬芹.基于模糊层次分析法的工业控制系统安全评估[J].浙江大学学报(工学版),2016,0(4):759-765. [11] GONG S D,WANG L.Cyber Security Risk Assessment for Industrial Control System Based on AHP and Information Entropy[J].Industrial Control Computer,2017,0(4):11-12,15.(in Chinese) 龚斯谛,王磊.基于AHP与信息熵的工业控制系统信息安全风险评估研究[J].工业控制计算机,2017,0(4):11-12,15. [12] ZHONG L G.Research of Information Security Solutions of Industrial Control System Based on Trusted Computing [D].Dalian:Dalian University of Technolngy,2015.(in Chinese) 钟梁高.基于可信计算的工业控制系统信息安全解决方案研究[D].大连:大连理工大学,2015. [13] WU H.Research on Industrial Control Environment Computing Node Security Protection Technology[D].Beijing:Beijing University of Technolngy,2016.(in Chinese) 吴欢.工业控制环境计算节点安全防护技术研究[D].北京:北京工业大学,2016. [14] LIU N,YU X H,ZHANG J H.Coordinated Cyber-attack:Infe-rence and Thinking of Incident on Ukrainian Power Grid[J].Automation of Electric Power Systems,2016,40(6):144-147.(in Chinese) 刘念,余星火,张建华.网络协同攻击:乌克兰停电事件的推演与启示[J].电力系统自动化,2016,40(6):144-147. [15] ASGHARI H,CIERE M,VAN EETEN M J G.Post-mortem of a zombie:conficker cleanup after six years[C]∥Usenix Con-ference on Security Symposium.2015:1-16. [16] ISA.Security for Industrial Automation and Control Systems:ANSI/ISA-99.00.01-2007[S]. [17] IEC.Industrial communication networks-Network and system security IEC:62433[S].Geneva:IEC,2009. [18] Department of Energy Federal Energy Regulatory Commis- sion:Mandatory Reliability Standards for Critical Infrastructure Protection.https://www.gao.gov/products/GAO-08-493R. [19] The Smart Grid Interoperability Panel Cyber Security Working Group.Introduction to NISTIR 7628 Guidelines for Smart Grid Cyber Security.https://www.smartgrid.gov/files/nistir_7628_.pdf. [20] Regulatory Guide 5.71.Cyber security programs for nuclear facilities[M].U.S.Nuclear Regulatory Commission,2010. [21] SCHNEIER B.Attack trees[J].Doctor Dobbs Journal,1999,24(12):21-29. [22] PITRE-CAMBACDS L,BOUISSOU M.Beyond attacktrees:dynamic security modeling with Boolean logic Driven Markov Processes(BDMP)[C]∥Dependable Computing Conference(EDCC).IEEE,2010:199-208. [23] KUIPERS D,FABRO M.Control systems cyber security:Defense in depth strategies[C]∥Conference:2007 ISA Expo. [24] HADZIOSMANOVIC D,BOLZONI D,ETALLE S,et al.Challenges and opportunities in securing industrial control systems[C]∥Complexity in Engineering(COMPENG).IEEE,2012:1-6. [25] ETALLE S,GREGORY C,BOLZONI D,et al.Monitoring Industrial Control Systems to improve operations and security[R].Security Matters,2013. [26] 全国工业过程测量控制和自动化标准化技术委员会.工业控制系统信息安全:GB/T30976-2014[S]. [27] KONSTANTINOU C,MANIATAKOS M.Impact of firmware modification attacks on power systems field devices[C]∥IEEE International Conference on Smart Grid Communications.IEEE,2015:283-288. [28] National Institute of Standards and Technology.MeasurementChallenges and Opportunitie s for Developing Smart Grid Testbeds Workshop 2014.http://www.nist.gov/smartgrid/upload/SG-Testbed-Workshop-Report-FINAL-1-2-8-2014.pdf. [29] Idaho National Laboratory.National SCADA Test Bed(NSTB) Program.https://www.inl.gov. |
No related articles found! |
|