Journal of System Simulation ›› 2021, Vol. 33 ›› Issue (6): 1466-1488.doi: 10.16182/j.issn1004731x.joss.20-0875
Previous Articles Next Articles
Wang Bailing1,2, Liu Hongri1,2,3, Zhang Yaofang1,2, Lü Sicai1,2, Wang Zibo1,2, Wang Qimeng4
Received:
2020-10-11
Revised:
2021-01-26
Online:
2021-06-18
Published:
2021-06-23
CLC Number:
Wang Bailing, Liu Hongri, Zhang Yaofang, Lü Sicai, Wang Zibo, Wang Qimeng. Review on Key Technologies of Industrial Control System Security Simulation[J]. Journal of System Simulation, 2021, 33(6): 1466-1488.
[1] 2018中国工业互联网创新发展白皮书[EB/OL]. (2018-08-07) [2021-06-09] http://www.mtx.cn/#/report?id=653548. China’s Industrial Internet Innovative Development White Paper in 2018[EB/OL]. (2018-08-07) [2021-06-09] http://www.mtx.cn/#/report?id=653548. [2] 锁延锋, 王少杰, 秦宇, 等. 工业控制系统的安全技术与应用研究综述[J]. 计算机科学, 2018, 45(4): 25-33. Suo Yanfeng, Wang Shaojie, Qin Yu, et al.Summary of Security Technology and Application in Industrial Control System[J]. Computer Science, 2018, 45(4): 25-33. [3] Queiroz C, Mahmood A, Hu J, et al.Building a SCADA security testbed[C]// 2009 Third International Conference on Network and System Security. Gold Coast, QLD, Australia: IEEE, 2009: 357-364. [4] Davis C M, Tate J E, Okhravi H, et al.SCADA Cyber Security Testbed Development[C]// Power Symposium, 2006. Naps 2006. North American. Carbondale, IL, USA: IEEE, 2007: 483-488. [5] Mallouhi M, Al-Nashif Y, Cox D, et al.A Testbed for Analyzing Security of SCADA Control Systems (TASSCS)[C]// Innovative Smart Grid Technologies (ISGT), 2011 IEEE PES. Anaheim, CA, USA: IEEE, 2011: 1-7. [6] Siaterlis C, Genge B, Hohenadel M.EPIC: a Testbed for Scientifically Rigorous Cyber-physical Security Experimentation[J]. IEEE Transactions on Emerging Topics in Computing, 2013, 1(2): 319-330. [7] Urias V, Van Leeuwen B, Richardson B.Supervisory Command and Data Acquisition (SCADA) System Cyber Security Analysis Using a Live, Virtual, and Constructive (LVC) Testbed[C]// Military Communi- cations Conference, 2012-MILCOM 2012. Orlando, FL, USA: IEEE, 2012: 1-8. [8] Hahn A, Ashok A, Sridhar S, et al.Cyber-physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid[J]. IEEE Transactions on Smart Grid (S1949-3053), 2013, 4(2): 847-855. [9] 威努特. 工控网络攻防演练平台[EB/OL]. (2016-08-06) [2021-06-09] http://www.winicssec.com/product/d32.html. Winicssec. Industrial Control Networks Attack and Defense Drill Platform[EB/OL]. (2016-08-06) [2021-06- 09] http://www.winicssec.com/product/d32.html. [10] 王勇, 刘蔚. 工业控制系统共性安全技术测试床[P]. 上海: CN106647714A, 2017-05-10. Wang Yong, Liu Wei. A Common Security Technology Testbed for Industrial Control System[P]. Shanghai: CN106647714A, 2017-05-10. [11] 浙江大学工业控制技术国家重点实验室. 工业控制系统安全脆弱性分析与建模的理论与应用研究[EB/OL] (2016-12-31) [2021-06-09] http://output.nsfc.gov.cn/conclusionProject/6419634e161361a72f7acb39898d6acd. State Key Laboratory of Industrial Control Technology. Research on Theory and Application of Industrial Control System Security Vulnerability Analysis and Modeling [EB/OL] (2016-12-31) [2021-06-09] http://output.nsfc.gov.cn/conclusionProject/6419634e161361a72f7acb39898d6acd. [12] Austrian Institute of Technology. AIT CYBER RANGE [EB/OL]. (2018-09-12) [2021-06-09] https://cyberra-nge.at/ait-cyber-range/. [13] 网络安全应急技术国家工程实验室, 关键基础设施安全应急响应中心. 埃森哲推出工控网络安全靶场项目[EB/OL]. (2019-12-01) [2021-06-09] https://www.ics-c-ert.org.cn/portal/page/133/626b2d0fd6f148bf84869c50501d619b.html. Cyber Emergency Response Technology National Engineering Laboratory, Critical Infrastructure Security Response Center. Industrial Control Network Safe Range Projects Proposed by Accenture [EB/OL]. (2019-12-01) [2021-06-09] https://www.ics-cert.org.cn/portal/page/133/626b2d0fd6f148bf84869c50501d619b.html. [14] RHEA. Next Generation Cyber Range Services [EB/OL]. (2020-09-08) [2021-06-09] https://www.rheagroup.com/services-solutions/security/cybersecurity/cyber-range. [15] 宁波工业互联网研究院. 工控安全试验场[EB/OL]. (2018-09-18)[2021-06-09]http://www.niii.com/index.php/studio.html. Ningbo Industrial Internet Institute. Industrial Control Security Testing Ground[EB/OL]. (2018-09-18) [2021- 06-09]http://www.niii.com/index.php/studio.html. [16] 安恒信息. 工控攻防演练平台[EB/OL]. (2019-10-11) [2021-06-09]https://www.dbappsecurity.com.cn/show-64-30-1.html. DAS Security. Industrial Control System Attack and Defense Drill Platform [EB/OL]. (2019-10-11) [2021-06-09]https://www.dbappsecurity.com.cn/show-64-30-1.html [17] 科梁信息. 电力工控网络攻防靶场[EB/OL]. (2017-03- 11) [2021-06-09] http://www.keliangtek.com/solution/e-xplain/102.html. KeLiang. Attack and Defense Range for Electric-power Industrial Control Network[EB/OL]. (2017-03-11) [2021-06-09]http://www.keliangtek.com/solution/explain/102.html. [18] Lukas R. CONPOT ICS/SCADA Honeypot[EB/OL]. (2019-07-20)[2021-06-09] https://github.com/mushorg/conpot. [19] Cybereason. Cybereason’s Newest Honeypot Shows How Multistage Ransomware Attacks Should Have Critical Infrastructure Providers On High Alert [EB/OL]. (2020-06-09) [2021-06-09]. https://www.cybereason.com/blog/cybereason-honeypot-multistage-ransomware. [20] Trend Micro. Trend Micro Creates Factory Honeypot to Trap Attackers [EB/OL]. (2020-01-30) [2021-06-09] https://www.trendmicro.com/en_us/research/20/a/this-week-in-security-news-trend-micro-creates-factory-honeypot-to-trap-malicious-attackers-and-microsoft-leaves-250m-customer-service-records-open-to-the-web.html. [21] 北京安天网络安全技术有限公司. 安天捕风蜜罐系统[EB/OL].(2020-03-25)[2021-06-09]https://www.antiy.cn/About/news/20200312.html. Antiy Labs. Antiy Bufeng Honeypot System[EB/OL]. (2020-03-25) [2021-06-09] https://www.antiy.cn/About/news/20200312.html. [22] 烽台科技. 工控蜜罐-实战攻防演练专用(定制) [EB/ OL]. (2020-03-08) [2021-06-09] 工控蜜罐-实战攻防演练专用(定制) [EB/ OL]. (2020-03-08) [2021-06-09] http://www.fengtaisec.com/ Fengtai Technology.Industrial Control Honeypot: Spe- cial for Actual Attack and Defense Drill (Custom) [EB/ OL]. (2020-03-08)[2021-06-09]Industrial Control Honeypot: Spe- cial for Actual Attack and Defense Drill (Custom) [EB/ OL]. (2020-03-08)[2021-06-09]http://www.fengtaisec.com/ [23] 六方云. 工控威胁感知系统-工业蜜罐[EB/OL]. (2020-07-23) [2021-06-09] https://www.6cloudtech.com/portal/index/product/pagename/page_industrial_honeypot.html. 6cloud. Industrial Control Honeypot: Industrial Control Threat Perception System[EB/OL]. (2020-07-23)[2021- 06-09] https://www.6cloudtech.com/portal/index/product/pagename/page_industrial_honeypot.html. [24] 东北大学“谛听”网络安全团队. 2019年工业控制系统网络安全态势白皮书[EB/OL]. (2020-04-22) [2021-06-09] https://www.secrss.com/articles/18999. DITECTING of Northeastern University. The Cybersecurity Situations of Industrial Control System White Paper in2019[EB/OL]. (2020-04-22) [2021-06-09] https://www.secrss.com/articles/18999. [25] Marco O.T-pot[EB/OL]. (2021-05-07) [2021-06-09] https://github.com/telekom-security/tpot-ce. [26] 周振柳, 郑安刚, 邹和平. 电力二次系统安全防护综合仿真试验床研究[J]. 系统仿真学报, 2015, 27(6): 1221-1226. Zhou Zhenliu, Zheng Angang, Zou Heping.Research on Safty Protection Compositive Simulation Test Bed for Electric Secondary System[J]. Journal of System Simulation, 2015, 27(6): 1221-1226. [27] Chowdhury N M M K, Boutaba R. A Survey of Network Virtualization[J]. Computer Networks (1389-1286), 2010, 54(5): 862-876. [28] Kreutz D, Ramos F M V, Verissimo P E, et al. Software-defined Networking: A Comprehensive Survey[J]. Proceedings of the IEEE (S0018-9219) 2014, 103(1): 14-76. [29] Costanzo S, Galluccio L, Morabito G, et al.Software Defined Wireless Networks: Unbridling SDNs[C]// 2012 European Workshop on Software Defined Networking. Darmstadt, Germany: IEEE, 2012: 1-6. [30] Drutskoy D, Keller E, Rexford J.Scalable Network Virtualization in Software-defined Networks[J]. IEEE Internet Computing (S1089-7801), 2012, 17(2): 20-27. [31] 黄锦松, 杨艺, 王文鼐. 一种基于虚拟化平台的网络仿真准实验床[J]. 计算机技术与发展, 2015, 25(8): 208-212. Huang Jinsong, Yang Yi, Wang Wennai.A Para-testbed for Network Simulation Based on Virtualized Platform[J]. Computer Technology and Development, 2015, 25(8): 208-212. [32] 张浩, 刘渊, 王晓锋, 等. 基于云平台的高逼真链路仿真研究[J]. 计算机工程, 2017, 43(8): 1-7. Zhang Hao, Liu Yuan, Wang Xiaofeng, et al.Research on High-fidelity Link Emulation Based on Cloud Platform[J]. Computer Engineering, 2017, 43(8): 1-7. [33] Machii W, Kato I, Koike M, et al.Dynamic zoning based on situational activitie for ICS Security[C]//2015 10th Asian Control Conference (ASCC). Kota Kinabalu, Malaysia: IEEE, 2015: 1-5. [34] Ghazisaeedi E, Huang C.Energy-aware Node and Link Reconfiguration for Virtualized Network Environments[J]. Computer Networks (S1389-1286), 2015, 93P3(Dec.24): 460-479. [35] Han B, Gopalakrishnan V, Ji L, et al.Network Function Virtualization: Challenges and Opportunities for Innovations[J]. IEEE Communications Magazine (S0163-6804), 2015, 53(2): 90-97. [36] Hawilo H, Shami A, Mirahmadi M, et al.NFV: State of the Art, Challenges, and Implementation in Next Generation Mobile Networks (vEPC)[J]. IEEE Network (S0890-8044), 2014, 28(6): 18-26. [37] Petroulakis N E, Fysarakis K, Askoxylakis I, et al.Reactive Security for SDN/NFV‐Enabled Industrial Networks Leveraging Service Function Chaining[J]. Transactions on Emerging Telecommunications Technologies (S2161-5748), 2018, 29(7): e3269. [38] Babiceanu R F, Seker R.Cyber Resilience Protection for Industrial Internet of Things: A Software-defined Networking Approach[J]. Computers in Industry (S0166-3615), 2019, 104: 47-58. [39] Piedrahita A F M, Gaur V, Giraldo J, et al. Virtual Incident Response Functions in Control Systems[J]. Computer Networks (1389-1286), 2018, 135(Apr.22): 147-159. [40] Cruz T, Simoes P, Monteiro E.Virtualizing Programmable Logic Controllers: Toward a Convergent Approach[J]. IEEE Embedded Systems Letters (S1943-0663), 2016, 8(4): 69-72. [41] Goldschmidt T, Murugaiah M K, Sonntag C, et al.Cloud-based control: A multi-tenant, horizontally scalable soft-PLC[C]// 2015 IEEE 8th International Conference on Cloud Computing. New York, NY, USA: IEEE, 2015: 909-916. [42] Alves T, Das R, Morris T.Virtualization of Industrial Control System Testbeds for Cybersecurity[C]// The 2nd Annual Industrial Control System Security Workshop. New York, NY, USA: ACM, 2016: 10-14. [43] Murillo A F, Cómbita L F, Gonzalez A C, et al.A Virtual Environment for Industrial Control Systems: A Nonlinear Use-Case in Attack Detection, Identification, and Response[C]// The 4th Annual Industrial Control System Security Workshop. New York, NY, USA: ACM, 2018: 25-32. [44] Muthukumar N, Srinivasan S, Ramkumar K, et al.A Model-based Approach for Design and Verification of Industrial Internet of Things[J]. Future Generation Computer Systems (S0167-739X), 2019, 95: 354-363. [45] Alves T, Das R, Werth A, et al.Virtualization of SCADA Testbeds for Cybersecurity Research: A Modular Approach[J]. Computers & Security (S0167-4048), 2018, 77: 531-546. [46] 宋贺, 王晓锋. 基于轻量级虚拟化的LDDoS仿真方法[J]. 计算机工程, 2020, 46(3): 105-113. Song He, Wang Xiaofeng.LDDoS Emulation Method Based on Lightweight Virtualization[J]. Computer Engineering, 2020, 46(3): 105-113. [47] 曾子懿, 邱菡, 朱俊虎, 等. 基于能力度量的网络安全实验环境多仿真规划[J]. 计算机科学, 2018, 45(11): 160-163,186. Zeng Ziyi, Qiu Han, Zhu Junhu, et al.Network Security Experiment Environment Multi-emulation Panning Based on Capability Measurement[J]. Computer Science, 2018, 45(11): 160-163, 186. [48] 刘渊, 邱常伶, 王晓锋, 等. 面向多尺度融合网络仿真的拓扑映射方法研究[J]. 系统仿真学报, 2019, 31(10): 2030-2041. Liu Yuan, Qiu Changling, Wang Xiaofeng, et al.Research on Topology Mapping Method for Multiscale Integration Network Emulation[J]. Journal of System Simulation, 2019, 31(10): 2030-2041. [49] 吴文燕, 姜鑫, 王晓锋, 等. 虚拟化与数字仿真融合的多尺度网络复现技术[J]. 计算机应用, 2018, 38(3): 746-752. Wu Wenyan, Jiang Xin, Wang Xiaofeng, et al.Multi-scale Network Replication Technology for Fusion of Virtualization and Digital Simulation[J]. Journal of Computer Applications, 2018, 38(3): 746-752. [50] Vishwanath K V, Vahdat A.Swing: Realistic and Responsive Network Traffic Generation[J]. IEEE/ACM Transactions on Networking (S1063-6692), 2009, 17(3): 712-725. [51] Sommers J, Kim H, Barford P.Harpoon: a Flow-level Traffic Generator for Router and Network Tests[J]. ACM SIGMETRICS Performance Evaluation Review (S0163-5999), 2004, 32(1): 392-392. [52] Clegg R G.Simulating internet traffic with Markov-modulated processes[C]// UK Performance Engineering Workshop. Berlin, Germany: Springer, 2007: 25-37. [53] Vishwanath K V, Vahdat A.Realistic and responsive network traffic generation[C]// ACM SIGCOMM Computer Communication Review. New York, NY, USA: ACM, 2006, 36(4): 111-122. [54] Salvador P, Pacheco A, Valadas R.Modeling IP Traffic: Joint Characterization of Packet Arrivals and Packet Sizes Using BMAPs[J]. Computer Networks (S1389-1286), 2004, 44(3): 335-352. [55] Li T, Liu J.Cluster-based Spatiotemporal Background Traffic Generation for Network Simulation[J]. ACM Transactions on Modeling and Computer Simulation (TOMACS)(S1049-3301), 2014, 25(1): 1-25. [56] Dainotti A, Pescapé A, Rossi P S, et al.Internet Traffic Modeling by Means of Hidden Markov Models[J]. Computer Networks (S1389-1286), 2008, 52(14): 2645-2662. [57] Klemm A, Lindemann C, Lohmann M.Modeling IP Traffic Using the Batch Markovian Arrival Process[J]. Performance Evaluation (S0166-5316), 2003, 54(2): 149-173. [58] 田中大, 高宪文, 李树江, 等. 遗传算法优化回声状态网络的网络流量预测[J]. 计算机研究与发展, 2015, 52(5): 1137-1145. Tian Zhongda, Gao Xianwen, Li Shujiang, et al.Prediction Method for Network Traffic Based on Genetic Algorithm Optimized Echo State Network[J]. Journal of Computer Research and Development, 2015, 52(5): 1137-1145. [59] Zhou J, Yang X, Sun L, et al.Network Traffic Prediction Method based on Improved Echo State Network[J]. IEEE Access (S2169-3536), 2018, 6: 70625-70632. [60] 李松, 周亚同, 池越, 等. 高斯过程混合模型应用于网络流量预测研究[J]. 计算机工程与应用, 2020, 56(5): 186-193. Li Song, Zhou Yatong, Chi Yue, et al.Application of Gaussian Process Mixture Model on Network Traffic Prediction[J]. Computer Engineering and Applications, 2020, 56(5): 186-193. [61] 殷荣网. 基于FCM-LSSVM网络流量预测模型[J]. 计算机工程与应用, 2016, 52(1): 105-109. Yin Rongwang.Network Traffic Predicting Model Based on FCM-LSSVM. Computer Engineering and Applicat- ions[J]. Computer Engineering and Applications, 2016, 52(1): 105-109. [62] 贾松达, 庞宇松, 阎高伟. 多任务LS-SVM在时间序列预测中的应用[J]. 计算机工程与应用, 2018, 54(3): 233-237. Jia Songda, Pang Yusong, Yan Gaowei.Multi-task LS-SVM for Application of Time Series Prediction[J]. Computer Engineering and Applications, 2018, 54(3): 233-237. [63] 李校林, 吴腾. 基于PF-LSTM网络的高效网络流量预测方法[J]. 计算机应用研究, 2019, 36(12): 3833-3836. Li Xiaolin, Wu Teng.Efficient Network Traffic Prediction Method Based on PF-LSTM Network[J]. Application Research of Computers, 2019, 36(12): 3833-3836. [64] 林振荣, 黎嘉诚, 杨冬芹, 等. 改进微分进化和小波神经网络的网络流量预测[J]. 计算机工程与设计, 2019, 40(12): 3413-3418. Lin Zhenrong, Li Jiacheng, Yang Dongqin, et al.Network Traffic Prediction Based on Wavelet Neural Network with Improved Differential Evolution Algorithm[J]. Computer Engineering and Design, 2019, 40(12): 3413-3418. [65] Xia C, Jin X, Xu C, et al.Real-time Scheduling Under Heterogeneous Routing for Industrial Internet of Things[J]. Computers & Electrical Engineering, 2020, 86: 106740. [66] 褚伟波, 管晓宏, 蔡忠闽, 等. 面向互动式网络场景再现的流速控制系统与方法[J]. 计算机学报, 2012, 35(7): 1485-1497. Chu Weibo, Guan Xiaohong, Cai Zhongmin, et al.System and Method for Real-Time Volume Control in Reproducing Network Scenario[J]. Chinese Journal of Computers, 2012, 35(7): 1485-1497. [67] Zhang X, Liu H, Wang B, et al.Generating Realistic Network Traffic and Interactive Application Workloads Using Container Technology[C]// 2017 IEEE 9th International Conference on Communication Software and Networks (ICCSN). Guangzhou, China: IEEE, 2017: 1021-1025. [68] Avallone S, Guadagno S, Emma D, et al.D-ITG Distributed Internet Traffic Generator[C]// Quantitative Evaluation of Systems, 2004. QEST 2004 Proceedings. First International Conference on the. Enscheda, the Netherlands: IEEE, 2004: 316-317. [69] Botta A, Dainotti A, PescapÉ A.A Tool for the Generation of Realistic Network Workload for Emerging Networking Scenarios[J]. Computer Networks (S1389-1286), 2012, 56(15): 3531-3547. [70] Molnár S, Megyesi P, Szabó G.Multi-functional traffic generation framework based on accurate user behavior emulation[C]//2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). Turin, Italy: IEEE, 2013: 13-14. [71] Wu W, Huang N, Zhang Y.A New Hybrid Traffic Generation Model for Tactical Internet reliability test[C]// 2015 Annual Reliability and Maintainability Symposium (RAMS). Palm Harbor, FL, USA: IEEE, 2015: 1-6. [72] Amirkhanyan A, Sapegin A, Gawron M, et al.Simulation User Behavior on a Security Testbed Using User Behavior States Graph[C]// Proceedings of the 8th International Conference on Security of Information and Networks. New York, NY, USA: ACM, 2015: 217-223. [73] Wright C V, Connelly C, Braje T, et al.Generating Client Workloads and High-fidelity Network Traffic for Controllable, Repeatable Experiments in Computer Security[C]// International Workshop on Recent Advances in Intrusion Detection. Ottawa, ON, Canada: Springer Berlin Heidelberg, 2010: 218-237. [74] Jorgensen Z, Yu T.On Mouse Dynamics as a Behavioral Biometric for Authentication[C]// Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security. New York, NY, USA: ACM, 2011: 476-482. [75] Zheng N, Paloski A, Wang H.An Efficient User Verification System via Mouse Movements[C]// ACM Conference on Computer and Communications Security. New York, NY, USA: ACM, 2011: 139-150. [76] Alquwatli M H, Habaebi M H, Khan S.Review of SCADA Systems and IoT Honeypots[C]// 2019 IEEE 6th International Conference on Engineering Technologies and Applied Sciences (ICETAS). Kuala Lumpur, Malaysia: IEEE, 2019: 1-6. [77] Leita C, Mermoud K, Dacier M.Scriptgen: an automated script generation tool for honeyd[C]// 21st Annual Computer Security Applications Conference (ACS- AC'05). IEEE, 2005: 203-214. [78] Winn M, Rice M, Dunlap S, et al.Constructing Cost-effective and Targetable Industrial Control System Honeypots for Production Networks[J]. International Journal of Critical Infrastructure Protection (S1874-5482), 2015, 10: 47-58. [79] Kołtyś K, Gajewski R.SHaPe: A Honeypot for Electric Power Substation[J]. Journal of Telecommunications and Information Technology (S1509-4553), 2015(4): 37-43. [80] Buza D I, Juhász F, Miru G, et al.CryPLH: Protecting Smart Energy Systems from Targeted Attacks with a PLC Honeypot[C]// International Workshop on Smart Grid Security. Munich, Germany: Springer, Cham, 2014: 181-192. [81] Xiao F, Chen E, Xu Q.S7commtrace: A High Interactive Honeypot for Industrial Control System based on s7 Protocol[C]// International Conference on Information and Communications Security. Beijing, China: Springer, Cham, 2017: 412-423. [82] 赵国新, 丁若凡, 游建舟, 等. 基于工控业务仿真的高交互可编程逻辑控制器蜜罐系统设计实现[J]. 计算机应用, 2020, 40(9): 2650-2656. Zhao Guoxin, Ding Ruofan, You Jianzhou, et al.Design and Implementation of High-interaction Programmable Logic Controller Honeypot System Based on Industrial Control Business Simulation[J]. Journal of Computer Applications, 2020, 40(9): 2650-2656. [83] Girtz K, Mullins B, Rice M, et al.Practical Application Layer Emulation in Industrial Control System Honeypots[C]// International Conference on Critical Infrastructure Protection. Arlington, USA: Springer, Cham, 2016: 83-98. [84] Pliatsios D, Sarigiannidis P, Liatifis T, et al.A Novel and Interactive Industrial Control System Honeypot for Critical Smart Grid Infrastructure[C]// 2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD). Limassol, Cyprus: IEEE, 2019: 1-6. [85] 游建舟, 吕世超, 孙玉砚, 等. 物联网蜜罐综述[J]. 信息安全学报, 2020, 5(4): 138-156. You Jianzhou, Lü Shichao, Sun Yuyan, et al.A Survey on Honeypots of Internet of Things[J]. Journal of Cyber Security, 2020, 5(4): 138-156. [86] 石乐义, 李阳, 马猛飞. 蜜罐技术研究新进展[J]. 电子与信息学报, 2019, 41(2): 498-508. Shi Leyi, Li Yang, Ma Mengfei.Latest Research Progress of Honeypot Technology[J]. Journal of Electronics & Information Technology, 2019, 41(2): 498-508. [87] 李政达, 周成胜. 基于蜜罐的工控蜜网系统的设计与实现[J]. 信息技术与网络安全, 2020, 39(8): 21-26, 32. Li Zhengda, Zhou Chengsheng.Design and Implementation of Honeynet Based on Honeypot for Industrial Control System[J]. Network and Information Security, 2020, 39(8): 21-26, 32. [88] SCADA Honeynets How to Build and Analyzing Attacks [EB/OL]. (2020-04-24) [2021-06-09] https://s4xevents.com/wp-content/uploads/2020/04/9Honeynet.pdf [89] Simões P, Cruz T, Proença J, et al.Specialized Honeypots for SCADA Systems[M]. Cyber Security: Analytics, Technology and Automation. Springer, Cham, 2015: 251-269. [90] Ammar Z, AlSharif A. Deployment of IoT-based honeynet model[C]// Proceedings of the 6th International Conference on Information Technology: IoT and Smart City. New York, NY, USA: ACM, 2018: 134-139. [91] Memari N, Hashim S J B, Samsudin K B. Towards Virtual Honeynet Based on LXC Virtualization[C]// 2014 IEEE Region 10 Symposium. Kuala Lumpur, Malaysia: IEEE, 2014: 496-501. [92] Serbanescu A V, Obermeier S, Yu D Y.A Flexible Architecture for Industrial Control System Honeypots[C]// 2015 12th International Joint Conference on e-Business and Telecommunications (ICETE). Colmar, France: IEEE, 2015, 4: 16-26. [93] Ding C, Zhai J, Dai Y.An Improved ICS Honeypot Based on SNAP7 and IMUNES[C]// International Conference on Cloud Computing and Security. Haikou, China: Springer, Cham, 2018: 303-313. [94] Haney M, Papa M.A Framework for the Design and Deployment of a SCADA Honeynet[C]// The 9th Annual Cyber and Information Security Research Conference. New York, NY, USA: ACM, 2014: 121-124. [95] Mashima D, Chen B, Gunathilaka P, et al.Towards a Grid-Wide, High-Fidelity Electrical Substation Honeynet[C]// 2017 IEEE International Conference on Smart Grid Communications (SmartGridComm). Maui, HI(US): IEEE, 2017: 89-95. [96] Hecker C, Hay B.Automated Honeynet Deployment for Dynamic Network Environment[C]// 2013 46th Hawaii International Conference on System Sciences. Wailea, HI, USA: IEEE, 2013: 4880-4889. [97] Fan W, Fernández D, Du Z.Versatile Virtual Honeynet Management Framework[J]. IET Information Security (S1751-8709), 2016, 11(1): 38-45. [98] 方滨兴, 贾焰, 李爱平, 等. 网络空间靶场技术研究[J].信息安全学报, 2016, 1(3): 1-9. Fang Binxing, Jia Yan, Li Aiping, et al.Cyber Ranges: State-of-the-art and Research Challenges[J]. Journal of Cyber Security, 2016, 1(3): 1-9. [99] Čeleda P, Čegan J, Vykopal J, et al.Kypo-a Platform for Cyber Defence Exercises[J]. M&S Support to Operational Tasks Including War Gaming, Logistics, Cyber Defence. NATO Science and Technology Organization, 2015. [100] Vykopal J, Vizváry M, Oslejsek R, et al.Lessons Learned from Complex Hands-on Defence Exercises in a Cyber Range[C]// 2017 IEEE Frontiers in Education Conference (FIE). Indianapolis, IN, USA: IEEE, 2017: 1-8. [101] Tian Z, Cui Y, An L, et al.A Real-Time Correlation of Host-level Events in Cyber Range Service for Smart Campus[J]. IEEE Access (S2169-3536), 2018, 6: 35355-35364. [102] 刘渊, 冯兴兵, 王晓锋, 等. 面向虚实互联网络的链路采集技术研究[J]. 系统仿真学报, 2020, 32(3): 421-429. Liu Yuan, Feng Xingbing, Wang Xiaofeng, et al.Research of Link Acquisition Technology for Virtual-reality Network[J]. Journal of System Simulation, 2020, 32(3): 421-429. [103] Ahmed I, Obermeier S, Sudhakaran S, et al.Programmable Logic Controller Forensics[J]. IEEE Security & Privacy (S1540-7993), 2017, 15(6): 18-24. [104] Yau K, Chow K P, Yiu S M.A Forensic Logging System for Siemens Programmable Logic Controllers[C]// IFIP International Conference on Digital Forensics. New Delhi, India: Springer, Cham, 2018: 331-349. [105] Senthivel S, Ahmed I, Roussev V.SCADA Network Forensics of the PCCC Protocol[J]. Digital Investigation, 2017, 22(aug.): 57-65. [106] Yau K, Chow K P.PLC Forensics based on Control Program Logic Change Detection[J]. Journal of Digital Forensics, Security and Law (S1558-7215), 2015, 10(4): 5. [107] Wu T, Nurse J R C. Exploring the use of Plc Debugging Tools for Digital Forensic Investigations on Scada Systems[J]. Journal of Digital Forensics, Security and Law (S1558-7215), 2015, 10(4): 7. [108] 曹康华, 董伟伟, 汪锦量, 等. 基于虚拟蜜网的用电信息采集系统攻击检测方法[J]. 计算机科学, 2019, 46(S2): 455-459. Cao Kanghua, Dong Weiwei, Wang Jinliang, et al.Attack Detection Method for Electricity Information Collection System Based on Virtual Honeynet[J]. Computer Science, 2019, 46(S2): 455-459. [109] Gautam R, Kumar S, Bhattacharya J.Optimized virtual Honeynet with Implementation of Host Machine as Honeywall[C]// 2015 Annual IEEE India Conference (INDICON). New Delhi, India: IEEE, 2015: 1-6. [110] Data Collection and Data Analysis in Honeypots and Honeynets [EB/OL] (2015-04-22) [2021-06-09] http:// spi.unob.cz/papers/2015/2015-19.pdf [111] Nawrocki M, Wählisch M, Schmidt T C, et al. A Survey on Honeypot Software and Data Analysis[J]. arXiv preprint arXiv:1608.06249, 2016. [112] Moore C, Al-Nemrat A.An Analysis of Honeypot Programs and the Attack Data Collected[C]// International Conference on Global Security, Safety, and Sustainability. London, UK: Springer, Cham, 2015: 228-238. [113] Sokol P, Kopčová V.Lessons Learned From Correlation of Honeypots' Data and Spatial Data[C]// 2016 8th International Conference on Electronics, Computers and Artificial Intelligence (ECAI). Ploiesti, Romania: IEEE, 2016: 1-8. [114] Fraunholz D, Zimmermann M, Hafner A, et al.Data Mining in Long-term Honeypot Data[C]// 2017 IEEE International Conference on Data Mining Workshops (ICDMW). New Orleans, LA, USA: IEEE, 2017: 649-656. [115] Zarreh A, Wan H D, Lee Y, et al.Risk Assessment for Cyber Security of Manufacturing Systems: A Game Theory Approach[J]. Procedia Manufacturing (S2351- 9789), 2019, 38: 605-612. [116] Liu X, Shahidehpour M, Li Z, et al.Power System Risk Assessment in Cyber Attacks Considering the Role of Protection Systems[J]. IEEE Transactions on Smart Grid (S1949-3053), 2016, 8(2): 572-580. [117] Zhang Q, Zhou C, Xiong N, et al.Multimodel-based Incident Prediction and Risk Assessment in Dynamic Cybersecurity Protection for Industrial Control Systems[J]. IEEE Transactions on Systems, Man, and Cybernetics: Systems (S2168-2216), 2015, 46(10): 1429-1444. [118] Zhu Q, Qin Y, Zhou C, et al.Extended Multilevel Flow Model-based Dynamic Risk Assessment for Cyber- security Protection in Industrial Production Systems[J]. International Journal of Distributed Sensor Networks (S1550-1477), 2018, 14(6): 1550147718779564. [119] Zhang Q, Zhou C, Tian Y C, et al.A Fuzzy Probability Bayesian Network Approach for Dynamic Cybersecurity Risk Assessment in Industrial Control Systems[J]. IEEE Transactions on Industrial Informatics (S1551-3203), 2017, 14(6): 2497-2506. [120] Baybutt P.Issues for Security Risk Assessment in the Process Industries[J]. Journal of Loss Prevention in the Process Industries (S0950-4230), 2017, 49(Pt.B): 509-518. [121] 龚俭, 臧小东, 苏琪, 等. 网络安全态势感知综述[J].软件学报, 2017, 28(4): 1010-1026. Gong Jian, Zang Xiaodong, Su Qi, et al.Survey of Network Security Situation Awareness[J]. Journal of Software, 2017, 28(4): 1010-1026. [122] 贾焰, 王晓伟, 韩伟红, 等. YHSSAS: 面向大规模网络的安全态势感知系统[J]. 计算机科学, 2011, 38(2): 4-8, 37. Jia Yan, Wang Xiaowei, Han Weihong, et al.YHSSAS: Large-scale Network Oriented Security Situational Awareness System[J]. Computer Science, 2011, 38(2): 4-8, 37. [123] Hoffman B, Buchler N, Doshi B, et al.Situational Awareness in Industrial Control Systems[M]. Cyber-security of SCADA and Other Industrial Control Systems. Switzerland: Springer, Cham, 2016: 187-208. [124] 王坤, 邱辉, 杨豪璞. 基于攻击模式识别的网络安全态势评估方法[J]. 计算机应用, 2016, 36(1): 194-198, 226. Wang Kun, Qiu Hui, Yang Haopu.Network Security Situation Evaluation Method Based on Attack Pattern Recognition[J]. Journal of Computer Applications, 2016, 36(1): 194-198, 226. [125] 杨豪璞, 邱辉, 王坤. 面向多步攻击的网络安全态势评估方法[J]. 通信学报, 2017, 38(1): 187-198. Yang Haopu, Qiu Hui, Wang Kun.Network Security Situation Evaluation Method for Multi-step Attack[J]. Journal on Communications, 2017, 38(1): 187-198. [126] Shi H, Tu X, Wang Z.An Industrial Control System Situation Awareness Method based on Weighting Algorithm[C]// 3rd International Conference on Mechatronics Engineering and Information Technology (ICMEIT 2019). Dalian, China: Atlantis Press, 2019. [127] 陆耿虹, 冯冬芹. 工控网络安全态势感知算法实现[J].控制理论与应用, 2016, 33(8): 1054-1060. Lu Genghong, Feng Dongqin.Industrial Control System Network Security Situation Awareness Modeling and Algorithm Implementation[J]. Control Theory & Applications, 2016, 33(8): 1054-1060. [128] 陆耿虹, 冯冬芹. 基于粒子滤波的工业控制网络态势感知建模[J]. 自动化学报, 2018, 44(8): 1405-1412. Lu Genghong, Feng Dongqin.Modeling of Industrial Control Network Situation Awareness With Particler Filtering[J]. Acta Automatica Sinica, 2018, 44(8): 1405-1412. [129] 陆耿虹, 冯冬芹. 基于改进C-SVC的工控网络安全态势感知[J]. 控制与决策, 2017, 32(7): 1223-1228. Lu Genghong, Feng Dongqin.Industrial Control Net-work Security Situation Awareness Based on Improved C-SVC[J]. Control and Design, 2017, 32(7): 1223-1228. [130] 尚文利, 敖建松, 赵剑明, 等. 基于DAE的工控系统态势理解算法[J]. 小型微型计算机系统, 2020, 41(6): 1231-1236. Shang Wenli, Ao Jiansong, Zhao Jianming, et al.Situation Understanding Algorithm for Industrial Control Systems Based on DAE[J]. Journal of Chinese Computer Systems, 2020, 41(6): 1231-1236. [131] 敖建松, 尚文利, 赵剑明, 等. 基于ARIMA预测修正的工控系统态势理解算法[J]. 计算机应用研究, 2019, 37(9): 1-5. Ao Jiansong, Shang Wenli, Zhao Jianming, et al.Situation Understanding Algorithm for Industrial Control System Based on ARIMA Prediction and Modification[J]. Application Research of Computers, 2019, 37(9): 1-5. [132] 刘玉岭, 冯登国, 连一峰, 等. 基于时空维度分析的网络安全态势预测方法[J]. 计算机研究与发展, 2014, 51(8): 1681-1694. Liu Yuling, Feng Dengguo, Lian Yifeng, et al.Network Situation Prediction Method Based on Spatial-Time Dimension Analysis[J]. Journal of Computer Research and Development, 2014, 51(8): 1681-1694. |
[1] | Lu BaiHong, Zhao Jianjun, Liu Gesan. The Research and Implementation of Film Virtual Photography Harware-in-the-loop Simulation [J]. Journal of System Simulation, 2021, 33(8): 1938-1946. |
[2] | Liu Yuan, Qiu Changling, Wang Xiaofeng, Jiang Min. Research on Topology Mapping Method for Multiscale Integration Network Emulation [J]. Journal of System Simulation, 2019, 31(10): 2030-2041. |
[3] | Guo Songhui, Li Qingbao, Sun Lei, Gong Xuerong, Yang Tianchi. Performance Modeling of Cryptographic Service System Virtualization Based on ISSM [J]. Journal of System Simulation, 2017, 29(8): 1692-1701. |
[4] | Chen Zhijia, Zhu Yuanchang, Di Yanqiang, Feng Shaochong. Design of IaaS Mode “Cloud Training” System [J]. Journal of System Simulation, 2015, 27(5): 1095-1104. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||