| Modern society heavily depends on critical infrastructures, including energy, traffic, information and telecommunications, just to name a few. Critical infrastructures generally share the features of large scale, complex structure, heterogeneous devices, and non-intermittent running state. Critical infrastructures are attractive targets for adversaries. In past wars, critical infrastructures are often the initial targets of strike. During peace time, the terrorists may cause serious impact by attacking critical infrastructures. In total, critical infrastructures face great threats today.Nowadays, critical infrastructures are adopting more standard information technologies and network technologies, and becoming networked infrastructures and critical part of cyberspace. While the IT technology enhances operation efficiency in critical infrastructures, it also brings new entry points for adversaries. An adversary may launch an attack from cyberspace and damage the critical infrastructure in a hidden, silent and non-contact way. The Stuxnet incident(2010) showed the possibility that attack from cyberspace can destroy physical equipment. With the ascending trend of adopting information and network technologies in critical infrastructures, such attack will be a main threat in the future.In this thesis, the development and features of critical infrastructure network are investigated. The attack model and defense method for critical infrastructure network are also studied, which includes cross-domain attack model, collaborative defense method, and threat prevention measures.To study the new attack in critical infrastructure network, an attack model is given and a concept of multi-domain converged network is proposed. The converged network includes social domain, cyber domain and physical domain. The attack effect is expressed by the attenuation and superposition of attack signal, and the attack effect in core network zone is evaluated in different scenarios of network security measures, attack plans and network structures. This study shows that the general security measures can impact the propagation of attack signal, but are not efficient on defending against cross-domain attacks. It is suggested that the defense measures should be a cooperative one and make the network immune from threat. It is also found that the star-style network structure is conducive to superposition of attack signal compared to random distributed network. So the critical infrastructure network should avoid adopting the star-style network structure.To defend hidden, silent attacks in critical infrastructure, a novel worm detection method is proposed. Unlike traditional signature-based and behavior-based detection method, this method utilizes worm’s fundamental feature that a worm must propagates from host to host. The propagation of a worm is expressed by propagation of same hosts’ behaviors. When same behaviors propagate among hosts and meet given criteria, corresponding hosts are believed to be infected by the worm. This method doesn’t need worm’s individual features and can be used in detecting unknown worms. The experiment has shown that Stuxnet worm can be detected successfully. According to accessible documents, this is the first work that tries to detect Stuxnet without any knowledge of target worm. To eliminate the threat, an automatic measure is proposed. This measure can generate operation rules and process the rules in an automatic way. Considering that threat can propagate from explicit network links and implicit channels(such as removable devices), a topology detection method which utilizes propagation of benign worm is proposed. Based on the detected topology, the possible threat propagation scale can be identified and the threat elimination rules can be applied only in the infected part but not in the whole network, which can defend against attacks timely, while avoid bringing unnecessary impact.To build threat prevention measures, a hash chain technology based layered encryption mechanism is proposed for protecting sensitive data. Besides showing the layered defense, this mechanism is also lightweight and has convenient key management. It can be used independently or as a supplementary for existing security measures. The performance evaluation on different kinds of devices showed its efficiency. Meanwhile, the root cause of failures in Stuxnet incident is analyzed in this thesis, and a lightweight data authentication measure for controller devices in critical infrastructure network is proposed. This measure can protect physical eauipment from being attacked by malwares. Furthermore, this measure won’t bring any delay to runtime operations in control system.According to what we have stated above, we not only have studied the security problems on critical infrastructure network and attack model, but also have proposed some effective solutions on cooperative defense and threat prevention. They are of great significance in both theory and practice to promote the research on the security issues in critical infrastructure network and the technology practicality on defense measures.
|
PDF Full Text Request