摘要
文章通过隐马尔可夫模型(HMM)表征一个工业控制网络攻击场景的风险状态转移关系,通过风险状态与安全告警事件关联概率进行网络风险状态预测。文章定义了网络资产、威胁、脆弱性量化因子及其计算方式,对量化因子归一化处理并用于网络整体风险值分析。文章构建了基于典型4层工业控制系统结构的仿真环境,采用MATLAB对方法进行仿真验证。实验表明,文章方法可用于安全状态及风险值的动态评估过程。
In this paper,the Hidden Markov Model is used to characterize the risk state transition relationship of an industrial control network attack scene,and the network risk state is predicted by the correlation probability between the risk state and the security alarm event.This paper defines the quantitative factors of network assets,threats and vulnerability and their calculation methods,normalizes the quantitative factors and applies them to the analysis of the overall risk value of the network.This paper constructs a simulation environment based on the typical four-layer industrial control system structure,and simulates and verifies the method by MATLAB.Experimental results show that the proposed method can be used in the dynamic assessment process of security states and risk value.
作者
李世斌
李婧
唐刚
李艺
LI Shibin;LI Jing;TANG Gang;LI Yi(China Software Testing Center,Beijing 100048,China;China Academy of Information and Communications Technology,Beijing 100191,China)
出处
《信息网络安全》
CSCD
北大核心
2020年第9期57-61,共5页
Netinfo Security
基金
国家重点研发计划[2018YFB0803505]。
