| For a long time,railway signal system has been regarded as a kind of private network without the risk of being invaded.At present,most of the defense measures are aimed to solve its software or hardware's failure problems in the network.However people show little care about the network information security,there is few defense measures in railway signal security data network.With the intelligence construction of railway signal system network,its security is facing a serious problem.The security attack that happens in the railway signal network will not only affect the control performance of the system,but also will affect the safe operation of the train.So the hidden threat to security of the network should be analyzed.It is of great significance to carry out defense research.Based on the above considerations,this paper takes the signal security data network as the research object,and focuses on the information security defense research of the signal security data network.In order to ensure the security of the network in the actual scene,the signal security data network adopts the protection strategy of separate net work and physical isolation.In this paper,for the purpose of active defense which means that it's considered any attack can reach the network,the research on the information security defense of signal security data network is carried out.The contents of this paper are as follows:(1)The information security problems in ICS(Industrial Control system)are studied,with emphasis on the defense of information security in ICS.This paper has analyzed the network threats that the railway signal system faced with and the vulnerability of the defense system.At last we choose the signal security data network as the research object.(2)The internal structure and interface characteristics of CBI,TCC and TSRS in signal security data network are researched.We have completed the scanning of port and vulnerability mining.We aslo have researchd the risks that may be brought to the network.(3)The penetration test is completed in the signal security data network.Based on the discovered ports and vulnerabilities,the attack tree model is used to analyze the possible attacks in the network.Combined with DoS attack,command attack,password explosion attack and malicious code attack,the penetration attack scenarios for TSRS and network management server are designed.According to the results of the attack,the impact of infiltration attack on the network is analyzed.(4)The defense scheme of the signal security data network is designed.According to the defense scheme specific defense measures are deployed at the corresponding nodes.The defense detection experiments are designed to verify the effectiveness of the defense scheme.In this paper,based on the idea of "boundary isolation","internal situational awareness"and "depth defense of host",the defense scheme of signal security data network is designed.According to the designed experiment,it is proved that the deployed defense scheme can resist the infiltration attacks on the network.The defense scheme not only can effectively detect and stop attacks but also can help network security managers perceive the information security situation in the signal security data network in real time.The results of defense detection experiment proves that the proposed solution can provide support for the information security defense of signal security data network. |
PDF Full Text Request