摘要
随着工业化与信息化的融合发展,联网工控系统和设备数量持续上升,网络攻击手段复杂多变、重大安全事件频繁发生,不断敲响了工业信息安全警钟。工业控制系统蜜罐技术作为被动诱捕手段之一,能够有效捕获针对工业控制系统发起的网络攻击数据,进而分析攻击手段,剖析黑客活动趋势,在工控安全态势感知领域有着极高的实用价值。本文结合国家工控安全监测与态势感知平台应用结果,分析工控蜜罐的具体作用及功能,并阐述当前工控蜜罐遇到的问题及下一步研究方向。
With the integration and development of industrialization and informatization,the number of networked industrial control systems and equipment continues to rise,network attack methods are complex and changeable,and major security incidents occur frequently,which constantly sounds the alarm of industrial information security.As one of the passive entrapm ent m ethods,the ICS honeypot technology can effectively capture the network attack data launched against the industrial control system,and then analyze the attack method and the trend of hacker activities.It has extrem ely high practical value in the field of industrial control security situation awareness.This paper analyzes the specific functions of the ICS honeypot from the perspective of industrial control security situation awareness,com bined with the application results of the national industrial information security monitoring and situational awareness platform,and expounds the current problems encountered by the ICS honeypot and the next research directions.
出处
《自动化博览》
2020年第6期38-42,共5页
Automation Panorama1
关键词
工控安全
工控蜜罐
态势感知
Industrial control system security
ICS honeypot
Situational awareness
