信息安全研究2024,Vol.10Issue(6):532-538,7.DOI:10.12379/j.issn.2096-1057.2024.06.07
面向工业互联网设备的异常行为关联分析攻击溯源技术研究
Research on Traceability Techniques of Anomalous Behavior Correlation Analysis Attacks for Industrial Internet Devices
摘要
Abstract
In this paper,an attack tracing detection method based on abnormal behavior correlation analysis mapping is proposed to solve the problem of unclear attack mechanism analysis and jump process in industrial control network side and device side under the industrial Internet scenario.The method is based on similarity comparison of abnormal behavior sequences,mapping analysis of abnormal behavior sequences and attack stages,and constructing a complete attack chain by linking the attack association subgraphs between different devices in series.Finally,the effectiveness of the attack detection and traceability method is verified,through constructing a simulation test environment for industrial intelligent devices and realizing the replay reproduction of common industrial device attack behaviors.关键词
工业互联网/攻击溯源/攻击检测/异常行为/工控安全系统Key words
industrial Internet/attack attribution/attack detection/abnormal behavior/security of industrial control system分类
信息技术与安全科学引用本文复制引用
林晨,刚占慧,韦彦,郭娴,曲海阔,王冲华..面向工业互联网设备的异常行为关联分析攻击溯源技术研究[J].信息安全研究,2024,10(6):532-538,7.基金项目
国防基础科研计划资助项目(JCKY2021608B001) (JCKY2021608B001)
