本文選題：工控軟件 + 動(dòng)態(tài)污點(diǎn)分析　； 參考：《北京郵電大學(xué)》2016年碩士論文

【摘要】：工業(yè)控制系統(tǒng)(簡(jiǎn)稱“工控系統(tǒng)”)是工業(yè)生產(chǎn)中采用的控制系統(tǒng)的總稱。隨著工控系統(tǒng)不斷轉(zhuǎn)型升級(jí),越來越多的傳統(tǒng)IT技術(shù)應(yīng)用于工業(yè)控制中,然而,工控系統(tǒng)的升級(jí)雖然推進(jìn)了工業(yè)生產(chǎn)的發(fā)展,卻也帶來了諸多的安全隱患,特別是在2010年“震網(wǎng)”事件后,工控系統(tǒng)安全事件出現(xiàn)井噴式增長(zhǎng),工控系統(tǒng)安全問題日益嚴(yán)峻。工控問題解決的關(guān)鍵在于在被攻擊前進(jìn)行安全檢測(cè)和修復(fù)。目前,國內(nèi)外關(guān)于工控系統(tǒng)的研究重點(diǎn)主要聚焦于工控網(wǎng)絡(luò),關(guān)于其他方面如工控軟件和工控設(shè)備固件的研究則相對(duì)較少,而當(dāng)前暴露出的涉及工控軟件和工控設(shè)備固件的安全問題逐漸增多,危害較大,因此本文將工控軟件和工控設(shè)備固件作為研究重點(diǎn),研究相應(yīng)的安全檢測(cè)技術(shù)。具體工作包括:(1)闡述研究背景,分析國內(nèi)外研究現(xiàn)狀,將本文研究重點(diǎn)定為工控軟件和工控設(shè)備固件的安全檢測(cè)。(2)研究工業(yè)控制系統(tǒng)特點(diǎn),從與傳統(tǒng)IT系統(tǒng)區(qū)別、安全事件和公開漏洞三方面出發(fā)對(duì)其安全性進(jìn)行分析,研究了現(xiàn)有工控軟件和固件安全檢測(cè)技術(shù)的特點(diǎn),并重點(diǎn)分析了常見工控軟件安全檢測(cè)技術(shù)的不足。(3)針對(duì)工控軟件設(shè)計(jì)了一種基于動(dòng)態(tài)污點(diǎn)分析的模糊測(cè)試方法。模糊測(cè)試是軟件安全檢測(cè)最常用的方法,傳統(tǒng)模糊測(cè)試存在變異位置選擇盲目、變異策略簡(jiǎn)單等不足,因此本文引入動(dòng)態(tài)污點(diǎn)分析技術(shù)輔助完成測(cè)試用例生成。該方法采用工控軟件配置文件作為樣本文件,使用結(jié)合工控軟件特點(diǎn)改進(jìn)的動(dòng)態(tài)污點(diǎn)分析技術(shù)完成關(guān)鍵變異字節(jié)的選取,并結(jié)合模糊測(cè)試技術(shù)完成畸形數(shù)據(jù)的生成和測(cè)試,使得測(cè)試用例更具有針對(duì)性且檢測(cè)效率更高。(4)根據(jù)設(shè)計(jì)的工控軟件安全檢測(cè)方法,本文實(shí)現(xiàn)了相應(yīng)的工控軟件安全檢測(cè)系統(tǒng),詳細(xì)介紹了系統(tǒng)的設(shè)計(jì)與實(shí)現(xiàn),并使用系統(tǒng)對(duì)現(xiàn)有實(shí)驗(yàn)環(huán)境進(jìn)行安全檢測(cè),通過與傳統(tǒng)模糊測(cè)試結(jié)果進(jìn)行對(duì)比分析,得出本文方法實(shí)現(xiàn)系統(tǒng)的安全檢測(cè)效率和正確性明顯提高。(5)針對(duì)工控設(shè)備固件本文設(shè)計(jì)了一種基于特征值工控固件安全檢測(cè)方法。該方法主要包括固件識(shí)別和固件安全檢測(cè)兩方面,在大量分析工控固件特性的基礎(chǔ)上,本文針對(duì)固件識(shí)別提出了采用特征值匹配方法;在安全檢測(cè)方面結(jié)合工控固件嵌入式特性,提出了一種專門針對(duì)ftp server后門的安全檢測(cè)模型。最終結(jié)合本文方法模型對(duì)某一款國外品牌固件進(jìn)行安全檢測(cè),成功驗(yàn)證此固件存在的后門信息,并分析出后門信息內(nèi)容和來源,證明了方法的有效性。
[Abstract]:Industrial control system (abbreviated as "industrial control system") is the general name of control system used in industrial production. With the continuous transformation and upgrading of industrial control system, more and more traditional IT technology is applied in industrial control. However, although the upgrading of industrial control system has promoted the development of industrial production, it has also brought many hidden dangers to safety. Especially after the "earthquake net" incident in 2010, the industrial control system security incidents appear blowout growth, industrial control system security problems are increasingly serious. The key to solve industrial control problem lies in security detection and repair before being attacked. At present, the research focus of industrial control system at home and abroad is mainly focused on industrial control network, and the research on other aspects such as industrial control software and firmware of industrial control equipment is relatively few. At present, the safety problems related to industrial control software and firmware of industrial control equipment are gradually increasing, which is harmful. Therefore, this paper focuses on industrial control software and firmware of industrial control equipment, and studies the corresponding safety detection technology. The specific work includes: (1) expatiating the research background, analyzing the current research situation at home and abroad, and focusing the research on the industrial control software and the safety inspection of the firmware of industrial control equipment. (2) to study the characteristics of the industrial control system, which is different from the traditional IT system. Security events and open vulnerabilities are analyzed, and the characteristics of existing industrial control software and firmware security detection techniques are studied. The deficiency of common industrial control software safety detection technology is analyzed. A fuzzy test method based on dynamic stain analysis is designed for industrial control software. Fuzzy testing is the most commonly used method for software security detection. The traditional fuzzy test has some shortcomings such as blind selection of mutation location and simple mutation strategy. So this paper introduces dynamic stain analysis technology to complete test case generation. In this method, the industrial control software configuration file is used as the sample file, the dynamic stain analysis technique, which combines the characteristics of the industrial control software, is used to complete the selection of the key variant bytes, and the fuzzy test technique is used to complete the generation and test of the abnormal data. According to the design of the industrial control software security detection method, this paper implements the corresponding industrial control software security detection system, and introduces the design and implementation of the system in detail. The system is used to detect the safety of the existing experimental environment, and the results are compared with the traditional fuzzy test results. It is concluded that the safety detection efficiency and correctness of the system are obviously improved by this method. (5) A new method based on eigenvalue is designed in this paper for the firmware of industrial control equipment. This method mainly includes firmware recognition and firmware security detection. On the basis of analyzing the characteristics of industrial control firmware, this paper proposes a method of eigenvalue matching for firmware recognition. In the aspect of security detection, a security detection model for ftp server backdoor is proposed based on the embedded characteristics of industrial control firmware. Finally, combining the method model of this paper, a foreign brand firmware is tested, and the back door information is verified successfully, and the content and source of the back door information are analyzed, which proves the validity of the method.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2016
【分類號(hào)】：TP273;TP309

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 熊琦;彭勇;伊勝偉;戴忠華;王婷;;工控網(wǎng)絡(luò)協(xié)議Fuzzing測(cè)試技術(shù)研究綜述[J];小型微型計(jì)算機(jī)系統(tǒng);2015年03期

2 丁迪;薛質(zhì);;基于Peach的模糊測(cè)試樣本變異策略研究[J];信息安全與通信保密;2014年11期

3 王毅凡;宋志慧;周密;;美國加強(qiáng)工業(yè)控制系統(tǒng)安全建設(shè)的主要舉措探究[J];信息安全與通信保密;2014年06期

4 ;工業(yè)和信息化部通知加強(qiáng)工業(yè)控制系統(tǒng)信息安全管理[J];信息安全與通信保密;2014年06期

5 忽朝儉;薛一波;趙糧;李舟軍;;無文件系統(tǒng)嵌入式固件后門檢測(cè)[J];通信學(xué)報(bào);2013年08期

6 夏春明;劉濤;王華忠;吳清;;工業(yè)控制系統(tǒng)信息安全現(xiàn)狀及發(fā)展趨勢(shì)[J];信息安全與技術(shù);2013年02期

7 彭勇;江常青;謝豐;戴忠華;熊琦;高洋;;工業(yè)控制系統(tǒng)信息安全研究進(jìn)展[J];清華大學(xué)學(xué)報(bào)(自然科學(xué)版);2012年10期

8 劉威;李冬;孫波;;工業(yè)控制系統(tǒng)安全分析[J];信息網(wǎng)絡(luò)安全;2012年08期

9 余勇;林為民;;工業(yè)控制SCADA系統(tǒng)的信息安全防護(hù)體系研究[J];信息網(wǎng)絡(luò)安全;2012年05期

10 張帥;;工業(yè)控制系統(tǒng)安全風(fēng)險(xiǎn)分析[J];信息安全與通信保密;2012年03期

相關(guān)會(huì)議論文 前1條

1 李戰(zhàn)寶;張文貴;潘卓;;美國確保工業(yè)控制系統(tǒng)安全的做法及對(duì)我們的啟示[A];第27次全國計(jì)算機(jī)安全學(xué)術(shù)交流會(huì)論文集[C];2012年

相關(guān)博士學(xué)位論文 前1條

1 蔣烈輝;固件代碼逆向分析關(guān)鍵技術(shù)研究[D];解放軍信息工程大學(xué);2007年

相關(guān)碩士學(xué)位論文 前5條

1 于長(zhǎng)奇;工控設(shè)備漏洞挖掘技術(shù)研究[D];北京郵電大學(xué);2015年

2 胡剛;固件代碼逆向分析關(guān)鍵技術(shù)研究[D];解放軍信息工程大學(xué);2011年

3 黃奕;基于模糊測(cè)試的軟件安全漏洞發(fā)掘技術(shù)研究[D];中國科學(xué)技術(shù)大學(xué);2010年

4 張煌;新型DCS控制組態(tài)及仿真軟件的開發(fā)[D];山東大學(xué);2009年

5 譚威;基于PLC的工業(yè)控制系統(tǒng)的設(shè)計(jì)與實(shí)現(xiàn)[D];華中科技大學(xué);2007年

，

本文編號(hào)：2048910