Analysis of Impact of APT Attacks on Train Control Systems Based on Infectious Disease and Network Flow Models
Advanced persistent threat(APT)is one of the major threats facing industrial control systems today.By ex-ploiting computer equipment vulnerabilities,APT attacks intrude the train control network,infecting and disseminating to other equipment in the network,subsequently affecting the normal operation of the system.In response to the need of evaluation of the impact of APT attacks on train control systems,this paper presented a method that combines network flow theory and infectious disease model to analyze the impact of APT attacks.Firstly,by analyzing the rules of transition between equipment nodes throughout various phases of APT attacks,the paper constructed an APT attack propagation model based on infectious disease theory to analyze the trends in node variations during the attack process.Subsequently,by incorporating the changes in equipment node states into a network flow model,this paper studied the impact of equip-ment node state changes during APT attacks on the flow of train movement authorization information within the train con-trol network.Finally,considering the cyber-physical coupling of the train control system,this paper ascertained the im-pact of APT attacks on system operations.The simulation experiments manifest the trends in equipment node state chan-ges during the APT attacks,validating the effectiveness of this approach in analyzing the propagation process of APT malware within the train control network,as well as its holistic influence on the system performance.This provides a ba-sis for system managers to develop a defense strategy,thereby enhancing the information security levels of the train con-trol system.
万方数据
维普
