| With the deep integration of industrialization and informationization,information technology upgrade China's industrial control systems in an all-round way,at the same time,information security issues are also introduced.Different from the traditional IT systems,attacks on industrial control systems often have more serious consequences.However,the existing safety protection technology in industrial control system has some problems,such as difficult data acquisition,patch reinforcement and response.SDN realizes the separation of forwarding and control,and supports control of the network by programming,which provides a new way to solve the information security problems of industrial control systems.Aiming at the information security requirement of industrial control system,this thesis designs an industrial control information security protection system based on SDN from two angles.For the static vulnerability assessment and remediation of industrial control systems,through equipment discovery,vulnerability scanning,hidden danger analysis and reinforcement strategy,the system is evaluated from the perspective of the whole system and an optimal reinforcement strategy is generated.Based on this,SDN is used to implement virtual patches and security zone partitioning to secure the system;For the dynamic security protection of industrial control systems,the industrial control system field data is obtained through SDN mirroring.Based on LSTM and snort,real-time intrusion detection is performed on industrial control systems.After anomalies are discovered,software-defined networks are used to implement security response methods such as isolation and redirection,forming a security closed loop for detecting responses and preventing attacks from causing damage to the system.By means of SDN,security response means such as isolation and redirection are realized,which can prevent attacks from destroying the system and form a security closed loop of detection response.At the same time,the mobile defense technology is introduced into the industrial control system,and the topology transformation and IP/port hopping of the industrial control system are realized based on the software-defined network,which confuses and deceives the attacker,prevents attacks from occurring at the root,and realizes active dynamic defense.Finally,the integrated implementation and test verification of the protection system are carried out based on the dual-tank experimental platform.Attack and defense simulation is carried out through remote login,MITM attack and DOS attack,which verifies the effectiveness of the protection system. |
PDF Full Text Request