Research On Vulnerability Of Modbus Network Based On Attack Graph

In recent years, many security issues occurred in industrial control area. Economic loss, bodily harm and social influence were caused. Modbus is a most widely-used communication protocol, and has become one industrial control standard (De facto). Lots of research on information security has been done by the scholars domestic and overseas. However, research on industrial control network security, especially on Modbus vulnerability, is rare. In this paper, attack graph models of Modbus network used for qualitative analysis and based on PageRank are built. Methods for analyzing the vulnerability of Modbus network qualitatively and quantitatively based on the models are proposed. Experiments are carried out and the vulnerability of the network is analyzed and protection advice is given. The main works of this paper are as follows:(1)The attack graph model for qualitative analysis of Modbus vulnerability is built and the vulnerability of each node is analyzed. Vulneralbilities available for attackers in Modbus network are analyzed and the rank of each node in Modbus network is graded. The qualitative analysis model is built and analysis on Modbus vulnerability is done.(2)The PageRank-based attack graph (PAG) model is built and criterition of Modbus network vulnerability and method for calculating it are proposed. The communication mechanism of Modbus is analyzed. The dependency relationships between the devices in the Modbus network are analyzed. The asset values of the devices are evaluated and the rank of the devices is determined. Besides, the state transfer probabilities between the devices are determined. The criterition of vulnerability of Modbus network is defined and method for computing the vulnerability of Modbus network and node based on Bayesian network is proposed.(3)Modbus/TCP experiment network for boiler system and wireless Modbus experiment network for data acquisition system are built and experiments are carried out and analysis is done. PageRank-based attack graph models of the two networks are built and the vulnerability of each node is analyzed. Factors influencing the vulnerability of the Modbus network node are analyzed and protection advice is given.