|
|
- 2018
基于路径分析的电力CPS攻击预测方法
|
Abstract:
为了有效地防御多步跨域类攻击对电力信息物理系统(cyber physical system,CPS)造成危害,该文提出一种基于路径分析的电力CPS攻击预测方法。在常用攻击图定义的基础上结合概率知识建立攻击图模型,用跨域攻击概率(cross-origin-attack probability,CO-AP)和跨域平均攻破时间(cross-origin-mean time to compromise,CO-MTTC)分别量化电力基础设施中的漏洞利用难度和攻防实战中攻击者熟练程度。在检测到实时攻击行为的基础上采用改进的Dijkstra算法枚举后续可能的攻击路径。结合2个量化指标对其进行分析,得到威胁最大的攻击路径。仿真实验结果表明:该方法能更准确地预测攻击路径,为电力CPS安全管理提供了良好的防御策略。
Abstract:The electric power industry needs to defend against multi-step cross-domain attacks seeking to damage electric power CPS. This paper presents path analysisa electric power CPS attack prediction method that defines a common attack graph based on a probability attack graph model. The Cross-origin attack probability and the cross-origin mean time to compromise are used to quantify the exploit difficulty and the attacker proficiency for offensive and defensive actions to protect the power infrastructure. When attacks are detected in real time, the improved Dijkstra algorithm will enumerate possible follow-up attack paths. The two quantitative indicators are combined to predict the greatest threat attack path. Simulations show that this method can more effectively predict the attack path as a good defensive strategy for electric power CPS security management.
