摘要
在电力工控系统网络信息安全漏洞检测中,针对协议Fuzzing漏洞挖掘技术误报率较高的问题,设计了一个基于特征库的电力工控系统网络信息安全漏洞检测方法,通过数据包特征集的建立达成了数据包特征集的建立;利用借鉴免疫原理中基于抗原生成抗体的过程,进行数据包的编码生成数据包的检查码;通过漏洞特征成分分析建立了漏洞特征库;利用安全漏洞扫描技术实现了电力工控系统的漏洞信息检测。为了验证该漏洞检测方法的有效性,与协议Fuzzing漏洞检测方法进行对比,该漏洞检测方法的综合误报率相比协议Fuzzing漏洞检测方法要低14.05%,证明了基于特征库的电力工控系统网络信息安全漏洞检测方法的有效性。
In the network information security vulnerability detection of power industry control system,aiming at the problem of high false alarm rate of protocol fuzzing vulnerability mining technology,a method of network information security vulnerability detection of power industry control system based on feature library is designed,which achieves the establishment of data package feature set through the establishment of data package feature set,and draws lessons from the process of antigen-based antibody generation in immune principle.The detection code of the data package is generated by encoding the data package.The vulnerability feature library is established by analyzing the vulnerability feature components,and the vulnerability information detection of the power industrial control system is realized by using the security vulnerability scanning technology.In order to verify the validity of this vulnerability detection method,compared with protocol fuzzing vulnerability detection method,the comprehensive false alarm rate of this vulnerability detection method is 14.05% lower than that of protocol Fuzzing vulnerability detection method,which proves the validity of network information security vulnerability detection method of power industry control system based on feature library.
作者
胡海生
HU Haisheng(Guangdong Power Grid Co.,Ltd..Electric Power Science Research InstituteyGuangzhou 510080,China)
出处
《自动化与仪器仪表》
2019年第11期181-184,共4页
Automation & Instrumentation
基金
中国南方电网公司科技项目(No.GDKJXM20161899)
关键词
特征库
电力工控系统
网络信息安全
漏洞检测
immunity
power industry control system
network information security
vulnerability detection
