本文關(guān)鍵詞：基于攻擊圖的Modbus網(wǎng)絡(luò)脆弱性研究　出處：《浙江大學(xué)》2015年碩士論文　論文類型：學(xué)位論文

  更多相關(guān)文章： Modbus 脆弱性 PageRank 攻擊圖 貝葉斯網(wǎng)絡(luò)

【摘要】：近年來,工業(yè)控制領(lǐng)域出現(xiàn)了許多安全事件,造成了重大經(jīng)濟(jì)損失、人員傷亡以及社會(huì)影響。Modbus是工業(yè)上應(yīng)用最廣泛的通信協(xié)議之一,已經(jīng)成為了事實(shí)上的工業(yè)標(biāo)準(zhǔn)。國內(nèi)外專家對(duì)于信息領(lǐng)域安全問題已經(jīng)做了大量研究,但是對(duì)于工業(yè)控制網(wǎng)絡(luò)安全問題的研究,尤其對(duì)于Modbus網(wǎng)絡(luò)脆弱性的研究并不多。本文建立了Modbus網(wǎng)絡(luò)脆弱性定性分析的攻擊圖模型和基于PageRank的攻擊圖模型,提出了在兩種模型上分別對(duì)Modbus網(wǎng)絡(luò)脆弱性進(jìn)行定性和定量分析的方法,并進(jìn)行了實(shí)驗(yàn),分析了Modbus網(wǎng)絡(luò)的脆弱性,提出了防護(hù)建議。本文的主要工作如下：(1)建立了Modbus網(wǎng)絡(luò)脆弱性的定性分析攻擊圖模型,分析了Modbus網(wǎng)絡(luò)中節(jié)點(diǎn)的脆弱性。通過分析Modbus網(wǎng)絡(luò)中存在的可被利用的漏洞,評(píng)定了Modbus網(wǎng)絡(luò)中節(jié)點(diǎn)的資產(chǎn)價(jià)值,建立了Modbus網(wǎng)絡(luò)的攻擊圖模型,并進(jìn)行了脆弱性定性分析。(2)建立了Modbus網(wǎng)絡(luò)的基于PageRank的攻擊圖模型(PageRank-based Attack Graph, PAG),并提出了Modbus網(wǎng)絡(luò)脆弱性的度量指標(biāo)和計(jì)算方法。首先介紹了Modbus協(xié)議的通信機(jī)制,分析了Modbus網(wǎng)絡(luò)中設(shè)備之間的依賴關(guān)系,對(duì)Modbus網(wǎng)絡(luò)中設(shè)備的資產(chǎn)價(jià)值進(jìn)行了評(píng)估,使用PageRank方法確定了網(wǎng)絡(luò)中各個(gè)節(jié)點(diǎn)的重要度等級(jí)。此外,通過分析Modbus網(wǎng)絡(luò)的通信機(jī)制,確定了攻擊者在攻擊的過程中各個(gè)節(jié)點(diǎn)之間的狀態(tài)轉(zhuǎn)移概率。最后提出了Modbus網(wǎng)絡(luò)脆弱性和節(jié)點(diǎn)脆弱性的度量指標(biāo),提出了使用貝葉斯網(wǎng)絡(luò)對(duì)Modbus網(wǎng)絡(luò)脆弱性進(jìn)行定量分析的方法。(3)建立了鍋爐控制系統(tǒng)的Modbus/TCP實(shí)驗(yàn)網(wǎng)絡(luò)和數(shù)據(jù)采集系統(tǒng)的無線Modbus實(shí)驗(yàn)網(wǎng)絡(luò)的仿真實(shí)驗(yàn)環(huán)境,進(jìn)行了實(shí)驗(yàn)和分析。使用基于PageRank的攻擊圖對(duì)兩個(gè)實(shí)驗(yàn)網(wǎng)絡(luò)的脆弱性進(jìn)行建模,分析了模型中的每個(gè)節(jié)點(diǎn)的脆弱性,分析了影響Modbus網(wǎng)絡(luò)中節(jié)點(diǎn)脆弱性的因素,最后提出了對(duì)Modbus網(wǎng)絡(luò)進(jìn)行防護(hù)的指導(dǎo)建議。
[Abstract]:In recent years, there have been many security incidents in the field of industrial control, resulting in significant economic losses, casualties and social impact. Modbus is one of the most widely used communication protocols in industry. Experts at home and abroad have done a lot of research on the security of information field, but the research on the security of industrial control network. Especially for the Modbus network vulnerability is not much research. This paper establishes the Modbus network vulnerability qualitative analysis of the attack graph model and the attack graph model based on PageRank. In this paper, a qualitative and quantitative analysis method of Modbus network vulnerability is proposed based on two models, and experiments are carried out to analyze the vulnerability of Modbus network. The main work of this paper is as follows: 1) the qualitative analysis attack graph model of Modbus network vulnerability is established. The vulnerability of nodes in Modbus network is analyzed, and the assets value of nodes in Modbus network is evaluated by analyzing the exploitable vulnerabilities in Modbus network. The attack graph model of Modbus network is established. Finally, the vulnerability qualitative analysis. 2) the attack graph model based on PageRank of Modbus network is established (. PageRank-based Attack Graph. At the same time, the paper puts forward the measure index and calculation method of Modbus network vulnerability. Firstly, the communication mechanism of Modbus protocol is introduced. The dependence of devices in Modbus network is analyzed, and the asset value of devices in Modbus network is evaluated. PageRank method is used to determine the importance of each node in the network. In addition, the communication mechanism of Modbus network is analyzed. The state transition probability of each node during the attack is determined. Finally, the metrics of Modbus network vulnerability and node vulnerability are proposed. This paper presents a method of quantitative analysis of Modbus network vulnerability using Bayesian network. The Modbus/TCP experimental network of boiler control system and the simulation environment of wireless Modbus experimental network of data acquisition system are established. Using the attack graph based on PageRank to model the vulnerability of the two experimental networks and analyze the vulnerability of each node in the model. The factors that affect the vulnerability of nodes in Modbus network are analyzed. Finally, the guiding suggestions for the protection of Modbus network are put forward.
【學(xué)位授予單位】：浙江大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2015
【分類號(hào)】：TP273;TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 陳曉剛;孫可;曹一家;;基于復(fù)雜網(wǎng)絡(luò)理論的大電網(wǎng)結(jié)構(gòu)脆弱性分析[J];電工技術(shù)學(xué)報(bào);2007年10期

2 張國華;張建華;楊京燕;王策;張印;段滿銀;;基于有向權(quán)重圖和復(fù)雜網(wǎng)絡(luò)理論的大型電力系統(tǒng)脆弱性評(píng)估[J];電力自動(dòng)化設(shè)備;2009年04期

3 吳金宇;金舒原;楊智;;基于網(wǎng)絡(luò)流的攻擊圖分析方法[J];計(jì)算機(jī)研究與發(fā)展;2011年08期

4 苘大鵬;張冰;周淵;楊武;楊永田;;一種深度優(yōu)先的攻擊圖生成方法[J];吉林大學(xué)學(xué)報(bào)(工學(xué)版);2009年02期

5 劉勃,周荷琴;基于貝葉斯網(wǎng)絡(luò)的網(wǎng)絡(luò)安全評(píng)估方法研究[J];計(jì)算機(jī)工程;2004年22期

6 王航;高強(qiáng);莫毓昌;;基于攻擊圖和安全度量的網(wǎng)絡(luò)脆弱性評(píng)價(jià)[J];計(jì)算機(jī)工程;2010年03期

7 趙豹;張怡;孟源;;基于攻擊模式的反向搜索攻擊圖生成算法[J];計(jì)算機(jī)工程與科學(xué);2011年07期

8 趙冬梅;蘇紅順;吳敬;馬建峰;;基于熵理論的無線網(wǎng)絡(luò)安全的模糊風(fēng)險(xiǎn)評(píng)估[J];計(jì)算機(jī)應(yīng)用與軟件;2006年08期

9 閆新娟;譚敏生;嚴(yán)亞周;呂明娥;;基于隱馬爾科夫模型和神經(jīng)網(wǎng)絡(luò)的入侵檢測(cè)研究[J];計(jì)算機(jī)應(yīng)用與軟件;2012年02期

10 馮冬芹;沈佳駿;褚健;;基于有色Petri網(wǎng)的時(shí)鐘同步協(xié)議安全性分析[J];控制與決策;2014年12期

相關(guān)碩士學(xué)位論文 前4條

1 周嶸;基于現(xiàn)場(chǎng)總線的集散控制系統(tǒng)研究[D];西北工業(yè)大學(xué);2003年

2 王國興;基于以太網(wǎng)的現(xiàn)場(chǎng)總線設(shè)計(jì)與實(shí)現(xiàn)[D];中國科學(xué)院研究生院（沈陽計(jì)算技術(shù)研究所）;2010年

3 凌從禮;工業(yè)控制系統(tǒng)脆弱性分析與建模研究[D];浙江大學(xué);2013年

4 潘高峰;基于復(fù)雜網(wǎng)絡(luò)理論的電網(wǎng)脆弱性研究[D];廣東工業(yè)大學(xué);2014年

，

本文編號(hào)：1379615