[1]刘知竹,冯璐,荀鹏,等.基于分散化序列的联网 ICS 设备搜索技术[J].计算机技术与发展,2018,28(11):1-5.[doi:10.3969/ j.issn.1673-629X.2018.11.001]
 LIU Zhi-zhu,FENG Lu,XUN Peng,et al.Networked ICS Device Search Technique Based on Dispersed Sequence[J].,2018,28(11):1-5.[doi:10.3969/ j.issn.1673-629X.2018.11.001]
点击复制

基于分散化序列的联网 ICS 设备搜索技术()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
28
期数:
2018年11期
页码:
1-5
栏目:
智能、算法、系统工程
出版日期:
2018-11-10

文章信息/Info

Title:
Networked ICS Device Search Technique Based on Dispersed Sequence
文章编号:
1673-629X(2018)11-0001-05
作者:
刘知竹1冯璐2荀鹏1刘吉元1
1.国防科技大学 计算机学院,湖南 长沙 410073; 2.长沙学院 电子信息与电气工程学院,湖南 长沙 410022
Author(s):
LIU Zhi-zhu1FENG Lu2XUN Peng1LIU Ji-yuan1
1. School of Computer,National University of Defense Technology,Changsha 410073,China; 2. School of Electronic Information and Electrical Engineering,Changsha University,Changsha 410022,China
关键词:
工业控制系统联网设备搜索分散化序列ModbusSiemens S7
Keywords:
industrial control systemnetworked device searchdispersed sequencesModbusSiemens S7
分类号:
TP393
DOI:
10.3969/ j.issn.1673-629X.2018.11.001
文献标志码:
A
摘要:
针对已知的联网设备搜索行为存在重复扫描的问题,提出了一种基于分散化序列的联网 ICS 设备搜索技术,并设计了分散化序列的启发式生成算法。对于分散化序列,邻近的 IPv4 地址在其中的位置相距较远,使得按照其顺序执行扫描时能够降低对小规模网段的扫描频度。 实验测试了基于 Modbus 和 Siemens S7 协议获取 ICS 设备信息的机制,分析了生成分散化序列的最优算法参数,模拟实现了对 IPv4 空间中的 ICS 设备搜索并从蜜罐视角分析了搜索行为的特征。实验结果表明,基于该搜索技术能够在分布式扫描全网 ICS 设备的同时避免重复扫描,提高了搜索的效率。
Abstract:
Aiming at the problem of repeated scanning in searching behavior of known networked devices,we present a networked ICS device search technology based on dispersed sequences,and design a heuristic generation algorithm for dispersed sequences. Nearby IPv4 addresses are far apart in the dispersed sequence,which decreases the frequency of scanning in the order of the sequence on small scale network. The mechanism of obtaining ICS device information based on Modbus and Siemens S7 protocol is tested in the experiment,the optimal algorithm parameters for generating dispersed sequences are analyzed,the ICS device search in IPv4 space is simulated,and the characteristics of search behavior are analyzed from the perspective of honeypot. The experiment shows that based on this search technology,the whole network ICS device can be scanned in distributed while avoiding repeated scanning.

相似文献/References:

[1]胡建华,刘鑫朝,李辉.基于. NET的动态实时曲线的绘制方法[J].计算机技术与发展,2013,(03):179.
 HU Jian-hua,LIU Xin-chao,LI Hui.Method of Dynamic Real-time Curve Drawing Based on . Net[J].,2013,(11):179.
[2]刘 俊,陈 慧,王 军.基于区块链的 ICS 数据安全策略研究[J].计算机技术与发展,2021,31(01):149.[doi:10. 3969 / j. issn. 1673-629X. 2021. 01. 027]
 LIU Jun,CHEN Hui,WANG Jun.Research on Data Security Strategy of ICS Based on Blockchain[J].,2021,31(11):149.[doi:10. 3969 / j. issn. 1673-629X. 2021. 01. 027]
[3]赵东东,石乐义,谢云飞.基于 CP-ABE 的工业控制系统加密传输方案[J].计算机技术与发展,2022,32(10):94.[doi:10. 3969 / j. issn. 1673-629X. 2022. 10. 016]
 ZHAO Dong-dong,SHI Le-yi,XIE Yun-fei.Encrypted Transmission Scheme of Industrial Control System Based on CP-ABE[J].,2022,32(11):94.[doi:10. 3969 / j. issn. 1673-629X. 2022. 10. 016]
[4]姚 旭,王 钢,任秀勤,等.基于发电厂控制系统的工控蜜罐设计与实现[J].计算机技术与发展,2022,32(10):114.[doi:10. 3969 / j. issn. 1673-629X. 2022. 10. 019]
 YAO Xu,WANG Gang,REN Xiu-qin,et al.Design and Implementation of Industrial Control Honeypot Based on Power Plant Control System[J].,2022,32(11):114.[doi:10. 3969 / j. issn. 1673-629X. 2022. 10. 019]
[5]韩子彬.选煤厂工控网络安全实验分析[J].计算机技术与发展,2022,32(S2):162.[doi:10. 3969 / j. issn. 1673-629X. 2022. S2. 029]
 HAN Zi-bin.Experimental Analysis of Industrial Control Network Security in Coal Preparation Plant[J].,2022,32(11):162.[doi:10. 3969 / j. issn. 1673-629X. 2022. S2. 029]
[6]郑铁军,王 齐,张宏杰,等.基于组合扫描的无状态工控设备资产探测方法[J].计算机技术与发展,2023,33(07):98.[doi:10. 3969 / j. issn. 1673-629X. 2023. 07. 015]
 ZHENG Tie-jun,WANG Qi,ZHANG Hong-jie,et al.Stateless Industrial Control Equipment Asset Detection Method Based on Combined Scanning[J].,2023,33(11):98.[doi:10. 3969 / j. issn. 1673-629X. 2023. 07. 015]

更新日期/Last Update: 2018-11-10