引用本文: | 陆耿虹,冯冬芹.工控网络安全态势感知算法实现[J].控制理论与应用,2016,33(8):1054~1060.[点击复制] |
LU Geng-hong,FENG Dong-qin.Industrial control system network security situation awareness modeling and algorithm implementation[J].Control Theory and Technology,2016,33(8):1054~1060.[点击复制] |
|
工控网络安全态势感知算法实现 |
Industrial control system network security situation awareness modeling and algorithm implementation |
摘要点击 5326 全文点击 1474 投稿时间:2015-09-19 修订日期:2016-08-22 |
查看全文 查看/发表评论 下载PDF阅读器 |
DOI编号 10.7641/CTA.2016.50767 |
2016,33(8):1054-1060 |
中文关键词 工业控制系统 拜占庭将军问题 完整性攻击 网络安全态势感知 |
英文关键词 industrial control system Byzantine generals problem integrity attacks network security situation awareness (NSSA) |
基金项目 国家自然科学基金项目(61223004)资助. |
|
中文摘要 |
为了探知工控系统的网络安全态势, 准确判断系统运行状况, 提出了安全态势感知方法. 针对已有的完整
性攻击研究, 建立基于拜占庭将军问题的工控网络安全态势感知模型以及相应的安全态势感知算法. 本文提出的
算法主要通过三个部分实现: 首先对控制回路内的各节点信息进行采集与处理, 得到系统中各节点状态; 然后, 利
用所得节点状态, 执行算法流程, 确定系统内存在的恶意节点; 最终获取准确的工控网络安全态势. 实验结果表明:
该态势感知模型与算法能准确提炼系统中的恶意节点并判断当前系统安全态势. |
英文摘要 |
In order to explore network security situation of industrial control system, and find out how exactly the industrial
control system performs, a method based on security situation awareness is proposed. According to the current studies
of integrity attacks, this paper presents an industrial control network security situation awareness model with Byzantine
generals problem being taken into accounts and also security situation awareness algorithm. The algorithm proposed in this
paper can be implemented by three major steps: firstly, acquiring the current nodes’ states by the data which is collected
from every nodes in the control loop of the industrial control system, and the data is preprocessed as well; Secondly, implementing
the algorithm with the data obtained, the malicious node in the control industrial system can then be identified;
At last, the accurate industrial control network security situation awareness is procured. The result of simulation indicates
the validity of the proposed model and corresponding algorithm, which can be used for identifying the malicious node and
then estimating the current industrial control network security situation. |
|
|
|
|
|