[1]陈翊璐,王子博,张耀方,等.面向流程工业系统的关键攻击步骤识别[J].计算机技术与发展,2024,34(02):105-112.[doi:10. 3969 / j. issn. 1673-629X. 2024. 02. 016]
 CHEN Yi-lu,WANG Zi-bo,ZHANG Yao-fang,et al.Identification of Critical Attack Step for Process Industrial Systems[J].,2024,34(02):105-112.[doi:10. 3969 / j. issn. 1673-629X. 2024. 02. 016]
点击复制

面向流程工业系统的关键攻击步骤识别()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
34
期数:
2024年02期
页码:
105-112
栏目:
网络空间安全
出版日期:
2024-02-10

文章信息/Info

Title:
Identification of Critical Attack Step for Process Industrial Systems
文章编号:
1673-629X(2024)02-0105-08
作者:
陈翊璐1 王子博1 张耀方1 梁 超1 刘红日12 王佰玲1*
1. 哈尔滨工业大学(威海) 计算机科学与技术学院,山东 威海 264200;
2. 威海天之卫网络空间安全科技有限公司,山东 威海 264200
Author(s):
CHEN Yi-lu1 WANG Zi-bo1 ZHANG Yao-fang1 LIANG Chao1 LIU Hong-ri12 WANG Bai-ling1*
1. School of Computer Science and Technology,Harbin Institute of Technology ( Weihai) ,Weihai 264200,China;
2. Weihai Cyberguard Technologies Co. ,Ltd. ,Weihai 264200,China
关键词:
流程工业系统攻击图攻击路径中心性指标关键攻击步骤
Keywords:
process industry systemattack graphattack pathcentrality metricscritical attack step
分类号:
TP311
DOI:
10. 3969 / j. issn. 1673-629X. 2024. 02. 016
摘要:
流程工业系统面临愈来愈多的威胁,基于攻击图的关键攻击步骤识别方法能够主动识别系统威胁,提高系统安全性。 然而现有方法未考虑流程工业系统层次结构、工艺执行、事故危害等特征,无法全面准确衡量系统安全情况。 为此,提出一种基于混合攻击图的关键攻击步骤识别方法,通过对攻击步骤重要性程度进行排序,实现面向流程工业系统的关键攻击步骤识别。 首先,构建混合攻击图识别攻击者可能采取的攻击步骤,克服传统攻击图构建方法对网络可达性的依赖。 其次,综合流程工业系统特征量化攻击期望,改进接近和介数中心性指标,以捕捉混合攻击图中的攻击路径信息,同时提出边期望中心性实现节点连接边的重要性度量。 最后,改进多属性决策方法实现关键攻击步骤识别。 实验分析表明,所提方法能够较全面地识别系统潜在威胁,合理衡量攻击步骤节点及连接边的重要性,有效识别流程工业系统场景中的关键攻击步骤。
Abstract:
Security threats in process industrial systems have become increasingly prominent. The identification of critical attack stepbased on attack graph can identify system threats and?
improve the security. However,the current identification methods are unable tomeasure the security of process industrial systems comprehensively and accurately, because system characteristics, such as hierarchicalstructure,process execution,and accident hazards,have not been taken account in these methods. We propose an identification method ofcritical attack step based on hybrid attack graph. The method achieves the identification of critical attack step in process industrial systemsby ranking the importance of attack steps in the hybrid attack graph. Firstly,a hybrid attack graph is built to identify all possible attacksteps,which has a reduction of high dependence on network reachability in traditional attack graph building methods. Then attackexpectant is computed according to system characteristics. Closeness and betweenness centralities are improved to capture attack path information,and the edge expectant centrality is put forward to measure edge importance. Finally, a multi - attribute decision - makingmethod is modified to achieve the evaluation of attack step importance and the identification of critical step. Experimental results showthat the proposed method can completely identify all potential threats in process industrial systems, reasonably measure attack stepimportance,and effectively identify critical attack step.

相似文献/References:

[1]李玲娟 孙光辉.网络攻击图生成算法研究[J].计算机技术与发展,2010,(10):171.
 LI Ling-juan,SUN Guang-hui.Research on Algorithm of Generating Network Attack Graph[J].,2010,(02):171.
[2]马荟平,李 鹏,肖 航,等.基于贝叶斯攻击图的 RFID 系统安全评估模型[J].计算机技术与发展,2024,34(02):113.[doi:10. 3969 / j. issn. 1673-629X. 2024. 02. 017]
 MA Hui-ping,LI Peng,XIAO Hang,et al.RFID System Security Evaluation Model Based on Bayesian Attack Graph[J].,2024,34(02):113.[doi:10. 3969 / j. issn. 1673-629X. 2024. 02. 017]

更新日期/Last Update: 2024-02-10