工业控制协议模糊测试综述
A Survey of Fuzzing for Industrial Control Protocols
金增旺 1江令洋 2丁俊怡2
作者信息
- 1. 西北工业大学网络空间安全学院,陕西 西安,710072;西北工业大学太仓长三角研究院,江苏太仓,215400
- 2. 西北工业大学网络空间安全学院,陕西 西安,710072
- 折叠
摘要
随着工业控制系统(Industrial Control Systems,ICS)在关键基础设施中的广泛应用,其潜在的安全威胁日益引发关注.工业控制协议(Industrial Control Protocol,ICP)作为ICS中控制指令和监控数据传输的核心,面临着安全漏洞的严重挑战,模糊测试作为一种动态漏洞挖掘技术,在ICP安全性检测中扮演着重要角色.本文总结了基于传统技术和深度学习的模糊测试方法,分析了几种提升模糊测试效率和效果的策略,介绍了基于生成对抗网络(GAN)和其他深度学习模型的最新研究进展.最后,本文讨论了工业控制协议的安全防护措施,包括协议加密与认证、入侵检测与异常监控、访问控制和白名单等,旨在为研究人员和工程师提供一个全面的视角,以应对ICS中的安全挑战.
Abstract
With the widespread application of Industrial Control Systems(ICS)in critical infrastructure,its potential security threats have attracted increasing attention.As the core of control instructions and monitoring data transmission in ICS,Industrial Control Protocol(ICP)faces serious challenges of security vulnerabilities.As a dynamic vulnerability mining technology,fuzzing plays an important role in ICP security detection.First,this paper summarizes fuzzing methods based on traditional technology and deep learning.Then,several classical strategies to improve the efficiency and effectiveness of fuzzing are reviewed.Next,the latest research progress of fuzzing is investigated based on generative adversarial networks(GANs)and other deep learning models.Finally,the security protection measures for ICS are discussed,including protocol encryption and authentication,intrusion detection and anomaly monitoring,access control and whitelisting,etc.This paper aims to provide researchers and engineers with a comprehensive perspective to deal with security challenges in ICS.
关键词
工业控制系统/工控协议/模糊测试Key words
Industrial Control System/Industrial Control Protocol/Fuzzing引用本文复制引用
出版年
2024
NETL
NSTL
万方数据