Design And Implementation Of Attack Path Analysis System For Measurement And Control System

With the deepening integration of industrial networks and the Internet,the risk of industrial networks being attacked is gradually increasing.Various potential risks in measurement and control systems make it difficult to maintain system security,causing huge property losses and even endangering lives,which brings challenges for system security analysis.As a model to describe the attack behavior of the system through graph structure,the attack graph can visually and clearly analyze the attack path and show the system security status.However,in the analysis of the attack path of the measurement and control system,there are currently problems such as the lack of information displayed in the attack graph,the traditional two-layer architecture attack graph cannot reflect the industrial business process,and the low efficiency of the attack graph analysis of large-scale industrial control networks.To this end,this paper conducts the research and system design of attack path analysis for measurement and control system.It realizes the display of the attack graph association from the business layer operation of the measurement and control system to the underlying vulnerability,as well as the efficient calculation and analysis of the critical path probability of the attack graph in large-scale network.It proposes a solution for the attack path analysis,and provides effective reference data for the security protection of the measurement and control system.Firstly,for the lack of attack graph semantics in the industrial network environment,this paper extends the semantics of attack graph vulnerabilities and attack templates.The attack graph vulnerability layer semantics are extended in terms of host vulnerabilities and proprietary protocol vulnerabilities in conjunction with industrial network characteristics.At the same time,a variety of measurement and control system attack behavior is abstracted and modeled to realize the extension of attack semantics.Secondly,to address the problem that the traditional attack graph architecture cannot show the business process of the measurement and control system,this paper proposes a modeling method for the business layer operation behavior.The template definitions of twelve common operations are given to realize the mapping and association display of business layer operations to the host layer.Thirdly,to solve the problem of attack path analysis for large-scale networks,this paper designs a key node selection algorithm based on the idea of optimal minimum cut set.Based on the quantification of Bayesian attack graph,the key node cut set of the attack graph is calculated considering the characteristics of different node asset value,vulnerability eisk and attack benefit.And an attack graph path probability calculation strategy for partial node probability update is proposed to improve the efficiency of attack graph critical path analysis while minimizing the impact of non-critical nodes on the attack graph probability calculation.Finally,based on the above work,the overall architecture of the attack path analysis system for measurement and control system,each functional module and database are designed.And the functional verification and testing of the algorithm and system are completed.