电力信息与通信技术2024,Vol.22Issue(12):55-61,7.DOI:10.16543/j.2095-641x.electric.power.ict.2024.12.08
电力监控系统基于ATT&CK框架的威胁路径构建方法研究
Research on Threat Path Construction Technology of Power Monitoring System Based on ATT&CK Framework
摘要
Abstract
To solve the problem that the existing security strategy of power monitoring system is insufficient to defend against new attacks,this paper proposes an automatic threat path construction method based on ATT&CK framework.Firstly,the network undirected graph based on the connectivity between devices is constructed.Then,the threat movement path is constructed according to the asset classification information.Finally,according to the asset classification information,ATT&CK framework and network killing chain,the threat movement path information and the threat path construction are completed.This method not only provides a theoretical basis and support for the formulation of power system security policy,but also provides the possibility to adaptively adjust network security policy when threats are detected.关键词
电力监控系统/网络安全/ATT&CK框架应用/威胁路径构建Key words
power monitoring system/network security/ATT&CK framework/threat path construction分类
信息技术与安全科学引用本文复制引用
张静,张光洲,金学奇,由甲川,梁野..电力监控系统基于ATT&CK框架的威胁路径构建方法研究[J].电力信息与通信技术,2024,22(12):55-61,7.基金项目
国家电网有限公司总部科技项目资助"电力监控系统网络安全靶场构建及攻防推演关键技术研究"(5211JP230001). (5211JP230001)
