Automatic penetration testing method for industrial control terminal equipment

A technology of penetration testing and terminal equipment, applied in the field of automated penetration testing between industrial control terminal equipment, can solve problems such as huge time and unfavorable security testing, save time and cost, expand test surface, save time and energy. Effect

Pending Publication Date: 2022-01-14
NANJING UNIV OF POSTS & TELECOMM
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the penetration test of industrial control equipment, due to the particularity of industrial control private protocols, the results detected by traditional tools such as Nmap only include device version, port opening information, product serial number, etc. Further analysis of industrial control equipment requires manual testing by security personnel. Construct protocol packets to communicate with devices to obtain sensitive information, which is very unfavorable for automated security testing
At the same time, due to the large number of industrial control terminal devices, it will take a huge amount of time to test all the devices under the intranet.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Automatic penetration testing method for industrial control terminal equipment
  • Automatic penetration testing method for industrial control terminal equipment
  • Automatic penetration testing method for industrial control terminal equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The technical solution of the present invention will be further described in detail below in conjunction with the accompanying drawings.

[0037] An automated penetration testing method for industrial control terminal equipment. Aiming at the disadvantages that the upper computer's participation in penetration testing is not conducive to automatic implementation and low efficiency, a method for penetration testing between penetration devices is proposed, which can effectively improve the penetration testing of the target. Efficiency of penetration testing endpoint devices in the network. Specifically, the industrial control system communication protocol is generally based on the TCP / IP protocol, and the private communication function is implemented on the communication function provided by TCP / IP, including reading terminal device data, issuing instructions, and preventing replay of response bytes attack etc. According to the results of the survey, the current mainstre...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an automatic penetration test method for industrial control terminal equipment, which introduces the concept of penetration test between equipment, and downloads the penetration test into the equipment in the form of a program, so that the time and energy of safety personnel are saved, and the test process tends to the automatic test; the terminal equipment downloading the program has the function of simultaneously communicating with a plurality of devices to be tested, which means that a plurality of devices can be tested in the same period of time, and all connected devices under the intranet can be tested, so that the test range is expanded, and the time cost is saved; by analyzing the general protocol and expanding the test program, the penetration test can be carried out on the terminal equipment of different brands under the same intranet, and the test expandability is improved.

Description

technical field [0001] The invention belongs to the field of industrial control system security, and in particular relates to an automatic penetration test method for industrial control terminal equipment. Background technique [0002] With the continuous integration of industrialization and informatization, more and more information technologies have poured into the industrial production environment, which has greatly improved the efficiency of industrial production and reduced the cost of cables used for communication. However, while enjoying the convenience brought by information technology, it also introduces security problems that have never been faced in the industrial field before. The original industrial control system is an "information island", and a closed-loop system including equipment control, equipment communication, data monitoring, and data collection is formed inside the factory. With the continuous integration with information technology, more and more in...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F8/30G06F11/36H04L67/06H04L69/22
CPCG06F8/315G06F11/3688H04L67/06H04L69/22
Inventor 肖甫赵创业占力戈沙乐天周剑董建阔张品昌桂林卿
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap