一种Modbus TCP模糊测试中畸形数据过滤方法
|
摘要
工业网络控制系统安全问题受到广泛重视,本文针对Modbus TCP协议模糊测试过程中,由于缓冲区设置难以与实际情况吻合进而导致经常出现的溢出漏洞,提出了一种改进的应用数据单元(IADU)格式,避免了报文长度变化导致的长度信息丢失,并采用主成分分析(PCA)方法处理数据相关性导致重复信息大量出现问题,降低了维数爆炸的风险。进一步采用概率神经网络(PNN)对待输入畸形数据引发漏洞可能性进行匹配和判断,从而提高模糊测试的效率。实验分析结果表明,本文方法能减少8.6%的畸形数据输入量。
The security of network control system has captured worldwide attention. For the frequent overflow caused by the disparity between buffer setting and practical requirement in the Modbus TCP protocol fuzzing test, a new data structure of improved application data unit capable to preventing the message length information from being lost is presented in this paper. Then principal component analysis(PCA) is used to reduce the dimensionality explosion risk aroused by the massive identical information which comes from the data relativity. At last, a probabilistic neural network(PNN) is deployed to estimate the vulnerabilities detecting possibility of the malformed data to be input, which makes the fuzzing test more efficient. The analysis and comparison to the experiment result denote that the input data is reduced by 8.60% via using the method presented in this paper.
The security of network control system has captured worldwide attention. For the frequent overflow caused by the disparity between buffer setting and practical requirement in the Modbus TCP protocol fuzzing test, a new data structure of improved application data unit capable to preventing the message length information from being lost is presented in this paper. Then principal component analysis(PCA) is used to reduce the dimensionality explosion risk aroused by the massive identical information which comes from the data relativity. At last, a probabilistic neural network(PNN) is deployed to estimate the vulnerabilities detecting possibility of the malformed data to be input, which makes the fuzzing test more efficient. The analysis and comparison to the experiment result denote that the input data is reduced by 8.60% via using the method presented in this paper.
引文
[1] FENG X,YONG P,WEI Z,et al.Security evaluation for industrial control devices[J].Journal of Tsinghua University,2014,54(1):29-34.
[2] TAKAGI H,MORITA T,MATTA M,et al.Strategic security protection for industrial control systems[C].Society of Instrument and Control Engineers of Japan,IEEE,2015:2-7.
[3] 蔡军,邹鹏,沈弼龙,等.基于改进轮盘赌策略的反馈式模糊测试方法[J].四川大学学报(工程科学版),2016,48(2):132-138.
[4] XU Y,YANG Y,LI T,et al.Review on cyber vulnerabilities of communication protocols in industrial control systems[C].IEEE Conference on Energy Internet and Energy System Integration,2017:1-6.
[5] 秦天柱,张伟刚,瞿少成.基于Modbus协议的多路数据采集器[J].电子测量技术,2017,40(11):175-178.
[6] 孙彦赞,张瀚,吴雅婷,等.基于Modbus协议的OBD设备检测控制系统设计[J].电子测量技术,2018,41(3):102-106.
[7] AL-DALKY R,ABDULJALEEL O,SALAH K,et al.A Modbus traffic generator for evaluating the security of SCADA systems[C].International Symposium on Communication Systems,Networks & Digital Signal Processing,IEEE,2014:809-814.
[8] 向騻,赵波,纪祥敏,等.一种基于改进Fuzzing架构的工业控制设备漏洞挖掘框架[J].武汉大学学报(理学版),2013,59(5):411-415.
[9] XIONG Q,LIU H,XU Y,et al.A vulnerability detecting method for Modbus-TCP based on smart fuzzing mechanism[C].IEEE International Conference on Electro/information Technology,2015:404-409.
[10] 赖英旭,杨凯翔,刘静.基于模糊测试的工控网络协议漏洞挖掘方法[J].计算机集成制造系统,2018(6):1-22.
[11] 伊胜伟,张翀斌,谢丰,等.基于Peach的工业控制网络协议安全分析[J].清华大学学报(自然科学版),2017,57(1):50-54.
[12] 茹蓓,李虹.海量数据干扰下冗余数据高性能消除方法[J].沈阳工业大学学报,2017,39(6):686-690.
[13] 马峻,赵飞乐,徐潇,等.MRA-PCA-PSO组合优化BP神经网络模拟电路故障诊断研究[J].电子测量与仪器学报,2018,32(3):73-79..
[14] 叶永伟,刘志浩,黄利群.基于PCA的汽车涂装线设备信号特征提取[J].仪器仪表学报,2011,32(10):2363-2370.
[15] 张阔,李国勇,韩方阵.故障树法和改进PSO-PNN网络的电梯故障诊断模型[J].中国安全生产科学技术,2017,13(9):175-179.
[2] TAKAGI H,MORITA T,MATTA M,et al.Strategic security protection for industrial control systems[C].Society of Instrument and Control Engineers of Japan,IEEE,2015:2-7.
[3] 蔡军,邹鹏,沈弼龙,等.基于改进轮盘赌策略的反馈式模糊测试方法[J].四川大学学报(工程科学版),2016,48(2):132-138.
[4] XU Y,YANG Y,LI T,et al.Review on cyber vulnerabilities of communication protocols in industrial control systems[C].IEEE Conference on Energy Internet and Energy System Integration,2017:1-6.
[5] 秦天柱,张伟刚,瞿少成.基于Modbus协议的多路数据采集器[J].电子测量技术,2017,40(11):175-178.
[6] 孙彦赞,张瀚,吴雅婷,等.基于Modbus协议的OBD设备检测控制系统设计[J].电子测量技术,2018,41(3):102-106.
[7] AL-DALKY R,ABDULJALEEL O,SALAH K,et al.A Modbus traffic generator for evaluating the security of SCADA systems[C].International Symposium on Communication Systems,Networks & Digital Signal Processing,IEEE,2014:809-814.
[8] 向騻,赵波,纪祥敏,等.一种基于改进Fuzzing架构的工业控制设备漏洞挖掘框架[J].武汉大学学报(理学版),2013,59(5):411-415.
[9] XIONG Q,LIU H,XU Y,et al.A vulnerability detecting method for Modbus-TCP based on smart fuzzing mechanism[C].IEEE International Conference on Electro/information Technology,2015:404-409.
[10] 赖英旭,杨凯翔,刘静.基于模糊测试的工控网络协议漏洞挖掘方法[J].计算机集成制造系统,2018(6):1-22.
[11] 伊胜伟,张翀斌,谢丰,等.基于Peach的工业控制网络协议安全分析[J].清华大学学报(自然科学版),2017,57(1):50-54.
[12] 茹蓓,李虹.海量数据干扰下冗余数据高性能消除方法[J].沈阳工业大学学报,2017,39(6):686-690.
[13] 马峻,赵飞乐,徐潇,等.MRA-PCA-PSO组合优化BP神经网络模拟电路故障诊断研究[J].电子测量与仪器学报,2018,32(3):73-79..
[14] 叶永伟,刘志浩,黄利群.基于PCA的汽车涂装线设备信号特征提取[J].仪器仪表学报,2011,32(10):2363-2370.
[15] 张阔,李国勇,韩方阵.故障树法和改进PSO-PNN网络的电梯故障诊断模型[J].中国安全生产科学技术,2017,13(9):175-179.