Research On Information Security Risk Assessment Technology Of Industrial Control System Based On Game Theory

With the continuous development of the process of industrialization,the integration of industrial control system and modern information technology is more and more in-depth,the boundary between the traditional industrial control system and the Internet(public network)is gradually broken,and gradually get rid of the traditional closed transformation into an interconnected system.Therefore,the existence of network attack is not only limited to the field of network information security,but also gradually spread to the field of industrial control system.All kinds of industrial information is facing the danger of being stolen,tampered with,deleted and so on,serious industrial control system attack accidents happen from time to time.At present,the information security of industrial control system has become one of the hot research directions at home and abroad,the research contents include depth defense,intrusion detection,situation awareness,risk assessment and so on.Among them,the risk assessment study can judge the risk level of industrial control system,and provide reference for improving the security defense ability of control system,which has profound significance for the safety research of control system.Therefore,this paper takes the information security risk assessment of industrial control system as the research direction,and the research contents include the following two points:(1)The attack and defense confrontation between the attacker and the defender in the industrial control system.Firstly,the attack and defense game layer is added to the hierarchical analysis model.According to the hierarchical structure of the industrial control system,the analytic hierarchy model is constructed.By establishing the complete information static game model,and giving the calculation formulas of attack function and defense function,the attack and defense game layer is analyzed.Secondly,the fuzzy analytic hierarchy process is used to calculate the weight value of each layer of elements,and the security risk value is calculated layer by layer.Finally,the industrial water treatment control system is taken as an example to list part of the attack mode and defense mode in the control system.By referring to literature,CVE database and expert evaluation data,Matlab,Gambit and other software,the security risk value of the control system is calculated layer by layer,and the overall security risk value of the control system is obtained.The security risk level of the control system was judged,and the influence of different attack threats and equipment assets security risk value on the overall security risk of the control system was analyzed,so as to provide suggestions for the security protection of the control system.(2)In view of the information uncertainty between the attacker and the defender in the industrial control system,the complete information static game model can't meet the more complex security risk assessment scenarios in the control system,so a security risk assessment method of industrial control system based on the incomplete information static game model is proposed.Firstly,a static Bayesian game model for offense and defense was established,which was a typical static game model with incomplete information.The concepts of participant income,mixed strategy and Bay-leaf equilibrium of mixed strategy were understood,and the model equilibrium was analyzed.Secondly,according to the calculation method of information security risk value,the security risk value of the control system is calculated based on the probability distribution of the defender's income and the attacker's optimal strategy choice,and the risk evaluation algorithm process of incomplete information static game model is described.Finally,an example is given to verify the feasibility of the proposed method.