基于攻击图的信息物理融合系统渗透测试方法
|
摘要
信息物理融合系统(Cyber-Physical System,CPS)多为安全攸关系统,是网络攻击的高价值目标,需要对其进行有效的安全评估。为此,提出一种基于攻击图的信息物理融合系统渗透测试方法。首先,对传统攻击图进行改进,考虑物理攻击、攻击持续时间以及物理系统的连续变量值,提出适用于CPS的攻击图建模技术AGC(Attack Graph for CPS),并在图中增加攻击可行性参数以表示单步攻击的成功率;其次,基于AGC提出最优攻击路径选择策略,包括最小攻击代价、最短攻击时间等,并设计面向CPS的智能渗透测试算法;最后,通过应用实例对方法的有效性进行验证。分析结果表明,该方法能够根据渗透测试目标选择最优攻击路径,并能根据实际反馈结果自动调整后续攻击步骤,有效实现CPS的安全评估。
As a typical example of security-related system,cyber-physical system(CPS)is the high-value target of network attack.Therefore,its security protection needs to be effectively assessed.To this end,apenetration testing method for CPS based on attack graph is proposed.Firstly,the traditional attack graph is improved and a new attack graph for CPS(AGC)is proposed.Specifically,the physical attack,the duration of the attack and the continuous variable value of physical system are considered in AGC.Additionally,the attack feasibility parameter is added to represent the success rate of single-step attack.Secondly,based on AGC,the optimal attack path selection strategies are represented,including the minimum attack cost,the shortest attack time and so on.Furthermore,the intelligent penetration testing algorithm is designed to accomplish automated penetration.Finally,the effectiveness of the proposed method is verified by case study.The results show that the method can select the optimal attack path to the target,intelligently adjust the subsequent attack steps according to the feedback,and assess the security of CPS effectively.
As a typical example of security-related system,cyber-physical system(CPS)is the high-value target of network attack.Therefore,its security protection needs to be effectively assessed.To this end,apenetration testing method for CPS based on attack graph is proposed.Firstly,the traditional attack graph is improved and a new attack graph for CPS(AGC)is proposed.Specifically,the physical attack,the duration of the attack and the continuous variable value of physical system are considered in AGC.Additionally,the attack feasibility parameter is added to represent the success rate of single-step attack.Secondly,based on AGC,the optimal attack path selection strategies are represented,including the minimum attack cost,the shortest attack time and so on.Furthermore,the intelligent penetration testing algorithm is designed to accomplish automated penetration.Finally,the effectiveness of the proposed method is verified by case study.The results show that the method can select the optimal attack path to the target,intelligently adjust the subsequent attack steps according to the feedback,and assess the security of CPS effectively.
引文
[1]AYAN B,TRIDIB M.Ensuring Safety,Security and Sustainability of Mission-Critical Cyber-Physical Systems[J].Proceedings of the IEEE,2012,100(1):283-299.
[2]PENG K L,PENG W,WANG D X,et al.Research Survey on Security Issues in Cyber-Physical Systems[J].Netinfo Security,2016(7):20-28.(in Chinese)彭昆仑,彭伟,王东霞,等.信息物理融合系统安全问题研究综述[J].信息网络安全,2016(7):20-28.
[3]TANG Y,CHEN Q,LI M Y,et al.Overview on Cyber-attacks Against Cyber Physical Power System[J].Automation of Electric Power Systems,2016,40(17):59-69.(in Chinese)汤奕,陈倩,李梦雅,等.电力信息物理融合系统环境中的网络攻击研究综述[J].电力系统自动化,2016,40(17):59-69.
[4]国家互联网信息办公室.国家网络空间安全战略[EB/OL].(2016-12-27).http://www.cac.gov.cn/2016-12/27/c_1120195926.htm.
[5]FANG B X,JIA Y,LI A P,et al.Cyber Ranges:state-of-the-art and research challenges[J].Journal of Cyber Security,2016,1(3):1-9.(in Chinese)方滨兴,贾焰,李爱平,等.网络空间靶场技术研究[J].信息安全学报,2016,1(3):1-9.
[6]BYES E J,FRANZ M,MILLER D.The use of attack trees in assessing vulnerabilities in SCADA systems[C]∥Proceedings of the 2004IEEE Conference on International Infrastructure Survivability Workshop.Lisbon,Portugal:IEEE,2004:210-217.
[7]XIE F,LU T,GUO X,et al.Security analysis on cyber-physical system using attack tree[C]∥Proceedings of the 2013 Ninth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.Piscataway,NJ:IEEE,2013:429-432.
[8]DAMODARAN S K,COURETAS J M.Cyber modeling&simulation for cyber-range events[C]∥Proceedings of the Conference on Summer Computer Simulation.Chicago,Illinois:Society for Computer Simulation International,2015:1-8.
[9]SABALIAUSKAITE G,MATHUR A P.Aligning cyber-physical system safety and security[M]∥Complex Systems Design&Management Asia.Springer International Publishing,2015:41-53.
[10]LU H K,CHEN D Q,PENG Y,et al.Quantitative research on risk Assessment for information security of industrial control system[J].Process Automation Instrumentation,2013,35(10):21-25.(in Chinese)卢慧康,陈冬青,彭勇,等.工业控制系统信息安全风险评估量化研究[J].自动化仪表,2013,35(10):21-25.
[11]WOO P S,KIM B H,HUR D.Towards Cyber security risks assessment in electric utility SCADA systems[J].Journal of Electrical Engineering and Technology,2015,10(3):888-894.
[12]BOUCHTI A E,HAQIQ A.Modeling cyber-attack for SCADAsystems using CoPNet approach[C]∥Proceedings of International Conference on Complex Systems.Agadir,Morocco:IEEEPress,2012:1-6.
[13]WANG Z G,WEI Q,LIU W W.Quantitative risk assessment of industrial control systems based on attack-tree and CVSS[J].Application Research of Computers,2016,33(12):3785-3790.(in Chinese)王作广,魏强,刘雯雯.基于攻击树与CVSS的工业控制系统风险量化评估[J].计算机应用研究,2016,33(12):3785-3790.
[14]CUI Y,ZHANG L J,WU H.Automatic generation method for penetration test programs based on attack graph[J].Journal of Computer Applications,2010,30(8):2146-2150.(in Chinese)崔颖,章丽娟,吴灏.基于攻击图的渗透测试方案自动生成方法[J].计算机应用,2010,30(8):2146-2150.
[15]LUAN J,WANG J,XUE M.Automated Vulnerability Modeling and Verification for Penetration Testing Using Petri Nets[C]∥International Conference on Cloud Computing and Security.Springer International Publishing,2016:71-82.
[16]MAINKA C,SOMOROVSKY J,SCHWENK J.Penetration testing tool for web services security[C]∥Proceedings of 2012IEEE Eighth World Congress on Services(SERVICES).Honolulu,HI,USA:IEEE,2012:163-170.
[17]ANTUNES N,VIEIRA M.Penetration testing for web services[J].Computer,2014,47(2):30-36.
[18]PENG Y,JIANG C Q,XIANG T,et al.Cyber-physical attack modeling and impact on critical infrastructure[J].Journal of Tsinghua University(Science and Technology),2013,53(12):1653-1663.(in Chinese)彭勇,江常青,向憧,等.关键基础设施信息物理攻击建模和影响评价[J].清华大学学报(自然科学版),2013,53(12):1653-1663.
[19]KAYNAR K,SIVRIKAYA F.Distributed attack graph generation[J].IEEE Transactions on Dependable and Secure Computing,2016,13(5):519-532.
[20]QIU J,WANG T,YIN S,et al.Data-based optimal control for networked double-layer industrial processes[J].IEEE Transactions on Industrial Electronics,2017,64(5):4179-4186.
[21]LI H,WANG Y,CAO Y.Searching Forward Complete Attack Graph Generation Algorithm Based on Hypergraph Partitioning[J].Procedia Computer Science,2017,107(C):27-38.
[22]Common vulnerability scoring system v3.0:specification document[R].North Carolina:FIRST-Forum of Incident Response and Security Teams,2015.
1)https://cve.mitre.org/index.html
[2]PENG K L,PENG W,WANG D X,et al.Research Survey on Security Issues in Cyber-Physical Systems[J].Netinfo Security,2016(7):20-28.(in Chinese)彭昆仑,彭伟,王东霞,等.信息物理融合系统安全问题研究综述[J].信息网络安全,2016(7):20-28.
[3]TANG Y,CHEN Q,LI M Y,et al.Overview on Cyber-attacks Against Cyber Physical Power System[J].Automation of Electric Power Systems,2016,40(17):59-69.(in Chinese)汤奕,陈倩,李梦雅,等.电力信息物理融合系统环境中的网络攻击研究综述[J].电力系统自动化,2016,40(17):59-69.
[4]国家互联网信息办公室.国家网络空间安全战略[EB/OL].(2016-12-27).http://www.cac.gov.cn/2016-12/27/c_1120195926.htm.
[5]FANG B X,JIA Y,LI A P,et al.Cyber Ranges:state-of-the-art and research challenges[J].Journal of Cyber Security,2016,1(3):1-9.(in Chinese)方滨兴,贾焰,李爱平,等.网络空间靶场技术研究[J].信息安全学报,2016,1(3):1-9.
[6]BYES E J,FRANZ M,MILLER D.The use of attack trees in assessing vulnerabilities in SCADA systems[C]∥Proceedings of the 2004IEEE Conference on International Infrastructure Survivability Workshop.Lisbon,Portugal:IEEE,2004:210-217.
[7]XIE F,LU T,GUO X,et al.Security analysis on cyber-physical system using attack tree[C]∥Proceedings of the 2013 Ninth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.Piscataway,NJ:IEEE,2013:429-432.
[8]DAMODARAN S K,COURETAS J M.Cyber modeling&simulation for cyber-range events[C]∥Proceedings of the Conference on Summer Computer Simulation.Chicago,Illinois:Society for Computer Simulation International,2015:1-8.
[9]SABALIAUSKAITE G,MATHUR A P.Aligning cyber-physical system safety and security[M]∥Complex Systems Design&Management Asia.Springer International Publishing,2015:41-53.
[10]LU H K,CHEN D Q,PENG Y,et al.Quantitative research on risk Assessment for information security of industrial control system[J].Process Automation Instrumentation,2013,35(10):21-25.(in Chinese)卢慧康,陈冬青,彭勇,等.工业控制系统信息安全风险评估量化研究[J].自动化仪表,2013,35(10):21-25.
[11]WOO P S,KIM B H,HUR D.Towards Cyber security risks assessment in electric utility SCADA systems[J].Journal of Electrical Engineering and Technology,2015,10(3):888-894.
[12]BOUCHTI A E,HAQIQ A.Modeling cyber-attack for SCADAsystems using CoPNet approach[C]∥Proceedings of International Conference on Complex Systems.Agadir,Morocco:IEEEPress,2012:1-6.
[13]WANG Z G,WEI Q,LIU W W.Quantitative risk assessment of industrial control systems based on attack-tree and CVSS[J].Application Research of Computers,2016,33(12):3785-3790.(in Chinese)王作广,魏强,刘雯雯.基于攻击树与CVSS的工业控制系统风险量化评估[J].计算机应用研究,2016,33(12):3785-3790.
[14]CUI Y,ZHANG L J,WU H.Automatic generation method for penetration test programs based on attack graph[J].Journal of Computer Applications,2010,30(8):2146-2150.(in Chinese)崔颖,章丽娟,吴灏.基于攻击图的渗透测试方案自动生成方法[J].计算机应用,2010,30(8):2146-2150.
[15]LUAN J,WANG J,XUE M.Automated Vulnerability Modeling and Verification for Penetration Testing Using Petri Nets[C]∥International Conference on Cloud Computing and Security.Springer International Publishing,2016:71-82.
[16]MAINKA C,SOMOROVSKY J,SCHWENK J.Penetration testing tool for web services security[C]∥Proceedings of 2012IEEE Eighth World Congress on Services(SERVICES).Honolulu,HI,USA:IEEE,2012:163-170.
[17]ANTUNES N,VIEIRA M.Penetration testing for web services[J].Computer,2014,47(2):30-36.
[18]PENG Y,JIANG C Q,XIANG T,et al.Cyber-physical attack modeling and impact on critical infrastructure[J].Journal of Tsinghua University(Science and Technology),2013,53(12):1653-1663.(in Chinese)彭勇,江常青,向憧,等.关键基础设施信息物理攻击建模和影响评价[J].清华大学学报(自然科学版),2013,53(12):1653-1663.
[19]KAYNAR K,SIVRIKAYA F.Distributed attack graph generation[J].IEEE Transactions on Dependable and Secure Computing,2016,13(5):519-532.
[20]QIU J,WANG T,YIN S,et al.Data-based optimal control for networked double-layer industrial processes[J].IEEE Transactions on Industrial Electronics,2017,64(5):4179-4186.
[21]LI H,WANG Y,CAO Y.Searching Forward Complete Attack Graph Generation Algorithm Based on Hypergraph Partitioning[J].Procedia Computer Science,2017,107(C):27-38.
[22]Common vulnerability scoring system v3.0:specification document[R].North Carolina:FIRST-Forum of Incident Response and Security Teams,2015.
1)https://cve.mitre.org/index.html