工业控制系统网络资产探测技术研究

Research on Network Asset Detection Technology of Industrial Control System

工业控制系统的安全关系到国计民生,是国家安全的重要组成部分。随着物联网技术不断发展,工业控制系统网络已经深入到各行业,但由于设计的缺陷或安全手段的缺乏,工业控制系统相关资产极易受到黑客的攻击和利用。探测、知晓暴露在互联网环境下的工控资产是实现工业控制系统信息监测、发现安全漏洞和把握网络空间安全态势的重要步骤。本文介绍工业控制系统网络资产探测常用的探测方法,利用端口探测技术扫描目标主机上的端口,根据端口开放情况使用工控协议和通用协议的网络资产探测技术发现工控设备和收集资产信息。通过互联网实验,对探测结果数据进行全面分析,总结工业控制系统网络资产探测技术特点,并指出目前技术存在的问题,对未来的发展进行展望。

The security of the industrial control system is related to the national economy and people’s livelihood,and is an impor⁃tant part of national security.With the continuous development of the Internet of Things technology,the industrial control system network has penetrated into various industries.However,due to design defects or lack of security means,the relevant assets of the industrial control system are extremely vulnerable to hackers and exploits.Detecting and knowing the industrial control assets ex⁃posed to the Internet environment is an important step to realize the information monitoring of the industrial control system,find security loopholes and grasp the security situation of cyberspace.This paper introduces the commonly used detection methods for industrial control system network asset detection.The port detection technology is used to scan the ports on the target host,and then the industrial control protocol and general protocol network asset detection technology is used to discover industrial control equipment and collect asset information according to the port opening.Through the Internet experiment,the data of the detection results are comprehensively analyzed,the characteristics of the network asset detection technology of the industrial control system are summarized,the problems existing in the current technology are pointed out,and the future development is prospected.