| With the increasingly close combination of informatization and industrialization in the global scope,the fourth industrial revolution represented by this has begun.According to available data,the Stuxnet attack on Iran's nuclear facilities in 2010 damaged a large number of industrial control equipment,causing serious economic losses.Since then,the security incidents of industrial control system have occurred frequently,resulting in increasingly serious economic losses.The loopholes in industrial control industry discovered by researchers have been increasing year by year.Therefore,the safety problem of industrial control system has attracted wide attention all over the world.Industrial control system has its particularity,such as real-time,high accuracy,low fault tolerance,different from the general operating system.Because most industrial control systems are unable to disclose their operation details,it is necessary to use their network communication protocols to exploit their vulnerabilities,and the most effective method is fuzzy testing.However,due to the above characteristics,using the traditional fuzzy testing technology will reduce the efficiency and coverage,and waste a lot of manpower and material resources.Therefore,if the automatic fuzzy test method can be developed in a timely and effective manner,it is an urgent task for those companies and countries that have lost a lot of economy due to industrial control system industry loopholes,and it is also a research subject of theoretical value and practical significance for the protection of national security.Aiming at the shortcomings of traditional vulnerability mining techniques,this paper constructs hierarchical attention mechanism and generates test cases from sequence to sequence using gated recursive units,and carries out experimental tests on the industrial control protocol.The experimental results are better than the usual method of fuzzy testing based on template.In view of this,several common industrial control protocols are analyzed,and the template of protocol test case generation is written according to the protocol specification.In the daily production and living environment test of enterprises,it is often necessary to detect the connectivity of the equipment before the vulnerability mining.In consideration of this situation,an industrial control protocol fuzzy test vulnerability mining platform is designed.Integrate the previously written templates with the hierarchical attention testing approach to the fuzzy testing platform.Compared with the traditional technology,the method mentioned in this paper is more targeted and practical,which is helpful for the further design and development of the vulnerability mining tools in the future. |
PDF Full Text Request