Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Industrial control network-oriented Quantitative evaluation method and system for influence of multi-mode attack mode on state of industrial control system

An industrial control system, quantitative evaluation technology, applied in the field of information security, can solve the problem of lack of correlation evaluation and analysis of abnormal state characteristics

Active Publication Date: 2021-10-08
SHANDONG COMP SCI CENTNAT SUPERCOMP CENT IN JINAN
View PDF9 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The research on attack impact assessment has important theoretical value and practical significance for identifying attack intentions. The research work of the above scholars has promoted the development of equipment state impact analysis under semantic attacks, but the research in the specific security attack and defense shooting range environment is still relatively rare. See
[0005] However, under the attack of the industrial control network, the equipment is in multiple stages of "normal operation → attack → attack end", and the characteristics of state changes in each stage are diverse. The existing research on the impact of attacks lacks the understanding of the various stages of the system under different attack strategies. Evaluation and analysis of state characteristic changes
In the existing research on the impact of semantic attacks, there is a lack of evaluation and analysis of the relationship between abnormal state characteristics and threat damage

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control network-oriented Quantitative evaluation method and system for influence of multi-mode attack mode on state of industrial control system
  • Industrial control network-oriented Quantitative evaluation method and system for influence of multi-mode attack mode on state of industrial control system
  • Industrial control network-oriented Quantitative evaluation method and system for influence of multi-mode attack mode on state of industrial control system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0120] A method for quantitatively evaluating the impact of multi-mode attacks on industrial control networks on the state of industrial control systems, including the following steps:

[0121] (1) Preliminary description and extraction of the state characteristics, that is, the state data set of the industrial control system, and obtain the state data segmentation point;

[0122] (2) Clustering the status features;

[0123] (3) Construct a state transition probability map;

[0124] (4) Quantitatively assess the impact on the system state based on abnormal characteristics and damage degree indicators.

[0125] The process of generating a state transition probability map from the original state data set is as follows: figure 1 shown.

[0126] The flow of the quantitative evaluation method for the impact of multi-mode attack methods on industrial control networks on the state of industrial control systems is as follows: figure 2 shown, including:

[0127] First of all, whe...

Embodiment 2

[0132] According to the method for quantitatively evaluating the impact of an industrial control network-oriented multi-mode attack on the status of an industrial control system described in Embodiment 1, the difference is that:

[0133] The specific implementation process of step (1) includes:

[0134] A. A preliminary description of the state data set of the industrial control system refers to:

[0135] The state data set of the industrial control system is expressed as DS={CM,D,TDS}, TDS represents a period of time, where tds i Indicates the specific moment, i=1,2,...n t ; n t is the number of moments and the length of the time period TDS; CM represents the collection of continuous type variables in the industrial control system in the TDS time period, Indicates the continuous type variable in the industrial control system in the TDS time period, n c is the number of continuous type variables; D represents the set of discrete type variables in the industrial cont...

Embodiment 3

[0229] A quantitative evaluation system for the impact of multi-mode attack methods on industrial control networks on the state of industrial control systems, such as Figure 8 As shown, it is used to realize the quantitative evaluation method for the impact of the industrial control network-oriented multi-mode attack mode on the state of the industrial control system described in Embodiment 1 or 2, including the preliminary description of the state data and the extraction unit, the clustering unit, and the construction of the state transition probability map unit and quantitative assessment unit;

[0230] The state data preliminary description and extraction unit is used to perform step (1); the clustering unit is used to perform step (2); the state transition probability map construction unit is used to perform step (3); the quantitative evaluation unit is used to perform step (4) .

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an industrial control network-oriented quantitative evaluation method and system for influence of a multi-mode attack mode on a state of an industrial control system, and the method comprises the following steps: (1) carrying out the preliminary description and extraction of a state feature, i.e., a state data set of the industrial control system, and obtaining a state data segmentation point; (2) clustering the state features; (3) constructing a state transition probability graph; and (4) carrying out quantitative evaluation on the influence of the system state based on the abnormal characteristics and the damage degree index. According to the method and system, for various industrial control network attack strategies, the state abnormal characteristics are taken as main indexes, the actual state change of the system in the attack proceeding stage and the attack ending stage is quantitatively evaluated, and the problem that the influence of various attack strategies on the system state is difficult to accurately evaluate is solved. According to the method and system, a formula for evaluating the influence of the attack strategy on the system state is provided, state abnormal characteristics and threat damage degrees are associated, evaluated and analyzed, and an evaluation result consistent with the actual state influence is obtained.

Description

technical field [0001] The invention relates to a method and system for quantitatively evaluating the influence of an industrial control network-oriented multi-mode attack mode on the state of an industrial control system, and belongs to the technical field of information security. Background technique [0002] Components such as engineer station, human-machine interface (HMI), control equipment, sensors, and controlled equipment in the industrial control network, as well as the communication network between them, all have the possibility of being attacked. Scholars started early in the research work on the impact of physical attacks, man-in-the-middle attacks, denial-of-service attacks, and covert attacks on industrial control networks. In 2009, Yu established a method to describe the attack threat model. Using the attack of the command u and the attack of the sensor parameter y, the way of performing denial of service attack and man-in-the-middle attack is verified by anal...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57G06F21/55
CPCG06F21/577G06F21/554G06F2221/034
Inventor 徐丽娟王英龙杨美红吴晓明赵大伟王浩玉
Owner SHANDONG COMP SCI CENTNAT SUPERCOMP CENT IN JINAN
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products