工业控制系统的漏洞风险评估方法
|
摘要
针对当前ICS的漏洞风险分析忽略漏洞间关联关系的现状,提出一种新的ICS漏洞风险评估方法。该方法首先建立ICS攻击图模型;然后提出漏洞价值和漏洞利用概率两个指标,并结合ICS的安全属性和防御特征等给出指标的计算公式;接着,采用层次分析法,并兼顾组件特性和攻击者目的完成指标量化;最后,根据攻击图中漏洞之间的关联性计算出漏洞的实际利用概率和综合损失,进而完成漏洞风险值的计算。以民航某ICS为例进行实验分析,结果表明,该方法能够较为全面地评估ICS系统中漏洞的风险。
In allusion to the current situation that the current vulnerability risk analysis of the ICS ignores the correlations between vulnerabilities,a method of new vulnerability risk assessment for the ICSs is proposed. In the method,the ICS attack graph model is established. Two indexes of vulnerability value and vulnerability utilization probability are put forward. The calculation formulas of the indexes are given combining the security attributes and defensive characteristics of the ICSs. The index quantification is completed by adopting the analytic hierarchy process and considering the component features and attacker′s purposes. The actual utilization probability and comprehensive loss of the vulnerabilities are calculated according to the correlations between vulnerabilities in the attack graph,so as to complete the calculation of vulnerability risk values. An experimental analysis was conducted taking a certain ICS of the civil aviation as an example. The results show that the method can comprehensively assess the vulnerability risk of the ICS.
In allusion to the current situation that the current vulnerability risk analysis of the ICS ignores the correlations between vulnerabilities,a method of new vulnerability risk assessment for the ICSs is proposed. In the method,the ICS attack graph model is established. Two indexes of vulnerability value and vulnerability utilization probability are put forward. The calculation formulas of the indexes are given combining the security attributes and defensive characteristics of the ICSs. The index quantification is completed by adopting the analytic hierarchy process and considering the component features and attacker′s purposes. The actual utilization probability and comprehensive loss of the vulnerabilities are calculated according to the correlations between vulnerabilities in the attack graph,so as to complete the calculation of vulnerability risk values. An experimental analysis was conducted taking a certain ICS of the civil aviation as an example. The results show that the method can comprehensively assess the vulnerability risk of the ICS.
引文
[1] CHEMINOD M,DURANTE L,VALENZANO A. Review of security issues in industrial networks[J]. IEEE transactions on industrial informatics,2013,9(1):277-293.
[2] LANGNER R. Stuxnet:dissecting a cyberwarfare weapon[J].IEEE security&privacy,2011,9(3):49-51.
[3]武文博,康锐,李梓.基于攻击图的信息物理系统信息安全风险评估方法[J].计算机应用,2016,36(1):203-206.WU Wenbo,KANG Rui,LI Zi. Attack graph based risk assessment method for cyber security of cyber-physical system[J]. Journal of computer applications,2016,36(1):203-206.
[4]黄家辉,冯冬芹,王虹鉴.基于攻击图的工控系统脆弱性量化方法[J].自动化学报,2016,42(5):792-798.HUANG Jiahui,FENG Dongqin,WANG Hongjian. A method for quantifying vulnerability of industrial control system based on attack graph[J]. Acta automatica sinica,2016,42(5):792-798.
[5]王作广,魏强,刘雯雯.基于攻击树与CVSS的工业控制系统风险量化评估[J].计算机应用研究,2016,33(12):3785-3790.WANG Zuoguang, WEI Qiang, LIU Wenwen. Quantitative risk assessment of industrial control systems based on attacktree and CVSS[J]. Application research of computers,2016,33(12):3785-3790.
[6] HOMER J,ZHANG S,OU X,et al. Aggregating vulnerability metrics in enterprise networks using attack graphs[J]. Journal of computer security,2013,21(4):561-597.
[7] NOEL S,JAJODIA S. Understanding complex network attack graphs through clustered adjacency matrices[C]//Proceedings of the 21th Annual Computer Security Applications Conference.Tucson:IEEE,2005:160-169.
[8]蒋宁,林浒,尹震宇,等.工业控制网络的信息安全及纵深防御体系结构研究[J].小型微型计算机系统,2017,38(4):830-833.JIANG Ning,LIN Hu,YIN Zhenyu,et al. Research of security and defense-in-depth architecture of industrial control network[J]. Journal of Chinese computer systems,2017,38(4):830-833.
[9] SHAKSHUKI E M,KANG N,SHELTAMI T R. EAACK:a secure intrusion-detection system for MANETs[J]. IEEE transactions on industrial electronics,2013,60(3):1089-1098.
[10] BEAMER S,ASANOVI?K,PATTERSON D. Direction-optimizing breadth-first search[J]. Scientific programming,2013,21(3):137-148.
[2] LANGNER R. Stuxnet:dissecting a cyberwarfare weapon[J].IEEE security&privacy,2011,9(3):49-51.
[3]武文博,康锐,李梓.基于攻击图的信息物理系统信息安全风险评估方法[J].计算机应用,2016,36(1):203-206.WU Wenbo,KANG Rui,LI Zi. Attack graph based risk assessment method for cyber security of cyber-physical system[J]. Journal of computer applications,2016,36(1):203-206.
[4]黄家辉,冯冬芹,王虹鉴.基于攻击图的工控系统脆弱性量化方法[J].自动化学报,2016,42(5):792-798.HUANG Jiahui,FENG Dongqin,WANG Hongjian. A method for quantifying vulnerability of industrial control system based on attack graph[J]. Acta automatica sinica,2016,42(5):792-798.
[5]王作广,魏强,刘雯雯.基于攻击树与CVSS的工业控制系统风险量化评估[J].计算机应用研究,2016,33(12):3785-3790.WANG Zuoguang, WEI Qiang, LIU Wenwen. Quantitative risk assessment of industrial control systems based on attacktree and CVSS[J]. Application research of computers,2016,33(12):3785-3790.
[6] HOMER J,ZHANG S,OU X,et al. Aggregating vulnerability metrics in enterprise networks using attack graphs[J]. Journal of computer security,2013,21(4):561-597.
[7] NOEL S,JAJODIA S. Understanding complex network attack graphs through clustered adjacency matrices[C]//Proceedings of the 21th Annual Computer Security Applications Conference.Tucson:IEEE,2005:160-169.
[8]蒋宁,林浒,尹震宇,等.工业控制网络的信息安全及纵深防御体系结构研究[J].小型微型计算机系统,2017,38(4):830-833.JIANG Ning,LIN Hu,YIN Zhenyu,et al. Research of security and defense-in-depth architecture of industrial control network[J]. Journal of Chinese computer systems,2017,38(4):830-833.
[9] SHAKSHUKI E M,KANG N,SHELTAMI T R. EAACK:a secure intrusion-detection system for MANETs[J]. IEEE transactions on industrial electronics,2013,60(3):1089-1098.
[10] BEAMER S,ASANOVI?K,PATTERSON D. Direction-optimizing breadth-first search[J]. Scientific programming,2013,21(3):137-148.