Quantitative evaluation method and system for industrial control network-oriented multi-mode attack mode on state of industrial control system

A technology of industrial control system and industrial control network, applied in the field of information security, can solve the problems of lack of correlation evaluation and analysis of abnormal state characteristics

Active Publication Date: 2022-02-11
SHANDONG COMP SCI CENTNAT SUPERCOMP CENT IN JINAN
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The research on attack impact assessment has important theoretical value and practical significance for identifying attack intentions. The research work of the above scholars has promoted the development of equipment state impact analysis under semantic attacks, but the research in the specific security attack and defense shooting range environment is still relatively rare. See
[0005] However, under the attack of the industrial control network, the equipment is in multiple stages of "normal operation → attack → attack end", and the characteristics of state changes in each stage are diverse. The existing research on the impact of attacks lacks the understanding of the various stages of the system under different attack strategies. Evaluation and analysis of state characteristic changes
In the existing research on the impact of semantic attacks, there is a lack of evaluation and analysis of the relationship between abnormal state characteristics and threat damage

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Quantitative evaluation method and system for industrial control network-oriented multi-mode attack mode on state of industrial control system
  • Quantitative evaluation method and system for industrial control network-oriented multi-mode attack mode on state of industrial control system
  • Quantitative evaluation method and system for industrial control network-oriented multi-mode attack mode on state of industrial control system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0120] A method for quantitatively evaluating the impact of multi-mode attacks on industrial control networks on the state of industrial control systems, including the following steps:

[0121] (1) Preliminary description and extraction of the state characteristics, that is, the state data set of the industrial control system, and obtain the state data segmentation point;

[0122] (2) Clustering the status features;

[0123] (3) Construct a state transition probability map;

[0124] (4) Quantitatively assess the impact on the system state based on abnormal characteristics and damage degree indicators.

[0125] The process of generating a state transition probability map from the original state data set is as follows: figure 1 shown.

[0126] The flow of the quantitative evaluation method for the impact of multi-mode attack methods on industrial control networks on the state of industrial control systems is as follows: figure 2 shown, including:

[0127] First of all, whe...

Embodiment 2

[0132] According to the method for quantitatively evaluating the impact of an industrial control network-oriented multi-mode attack on the status of an industrial control system described in Embodiment 1, the difference is that:

[0133] The specific implementation process of step (1) includes:

[0134] A. A preliminary description of the state data set of the industrial control system refers to:

[0135] The state data set of the industrial control system is expressed as DS={CM,D,TDS}, TDS represents a period of time, where tds i Indicates the specific moment, i=1,2,...n t ; n t is the number of moments and the length of the time period TDS; CM represents the collection of continuous type variables in the industrial control system in the TDS time period, Indicates the continuous type variable in the industrial control system in the TDS time period, n c is the number of continuous type variables; D represents the set of discrete type variables in the industrial cont...

Embodiment 3

[0229] A quantitative evaluation system for the impact of multi-mode attack methods on industrial control networks on the state of industrial control systems, such as Figure 8 As shown, it is used to realize the quantitative evaluation method for the impact of the industrial control network-oriented multi-mode attack mode on the state of the industrial control system described in Embodiment 1 or 2, including the preliminary description of the state data and the extraction unit, the clustering unit, and the construction of the state transition probability map unit and quantitative assessment unit;

[0230] The state data preliminary description and extraction unit is used to perform step (1); the clustering unit is used to perform step (2); the state transition probability map construction unit is used to perform step (3); the quantitative evaluation unit is used to perform step (4) .

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention relates to a method and system for quantitatively evaluating the impact of multi-mode attack methods on industrial control systems on the state of industrial control systems. Data segmentation point; (2) Clustering state characteristics; (3) Constructing state transition probability map; (4) Quantitatively evaluating the impact of system state based on abnormal characteristics and damage degree indicators. The present invention is oriented to a variety of industrial control network attack strategies, and takes the abnormal state characteristics as the main index to quantitatively evaluate the actual state changes of the system during the attack progress stage and the attack end stage, and solves the problem that it is difficult to accurately evaluate the influence of various attack strategies on the system state. The present invention proposes a formula for assessing the impact of attack strategies on system states, associates, evaluates and analyzes state abnormal features and threat damage degrees, and obtains an evaluation result that is relatively consistent with the actual state impact.

Description

technical field [0001] The invention relates to a method and system for quantitatively evaluating the influence of an industrial control network-oriented multi-mode attack mode on the state of an industrial control system, and belongs to the technical field of information security. Background technique [0002] Components such as engineer station, human-machine interface (HMI), control equipment, sensors, and controlled equipment in the industrial control network, as well as the communication network between them, all have the possibility of being attacked. Scholars started early in the research work on the impact of physical attacks, man-in-the-middle attacks, denial-of-service attacks, and covert attacks on industrial control networks. In 2009, Yu established a method to describe the attack threat model. Using the attack of the command u and the attack of the sensor parameter y, the way of performing denial of service attack and man-in-the-middle attack is verified by anal...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57G06F21/55
CPCG06F21/577G06F21/554G06F2221/034
Inventor 徐丽娟王英龙杨美红吴晓明赵大伟王浩玉
Owner SHANDONG COMP SCI CENTNAT SUPERCOMP CENT IN JINAN
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap