期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于改进Fuzzing架构的工业控制设备漏洞挖掘框架 被引量:6

Vulnerability Detection Framework of Industrial Control Equipment Based on Improved Fuzzing
原文传递
导出
摘要 漏洞挖掘是解决当前工业控制系统安全问题的有效途径.本文分析了现有工业控制平台漏洞挖掘的问题,提出了一种改进的Fuzzing架构.通过引入置信度的概念对测试用例进行量化,将其作为分类器的输入进行分类,从而预先筛选出可能有效的测试用例,实现了减少输入空间、增加命中率的目的.基于该架构设计的针对工业控制系统的一种通用漏洞挖掘框架,实现了集畸形数据构造、测试目标监控和测试结果管理为一体,并同时支持多目标、多协议、多平台的扩展.通过对某款工业控制器进行实际测试,证明了该架构的可行性与高效性. Vulnerability detection is an effective way to solve security problem of current industrial control system.By analyzing the difficulties of vulnerability detection in the existing industrial control platform,this paper proposes an improved fuzzing framework that introduces the concept of confidence to quantify the test cases as a classifier input,and thus pre-screens potential test cases,so as to reduce input space and enhance hit rate.Based on this architecture design for industrial control systems,the generic framework for vulnerability mining combines with malformed data structure,test target monitoring,and test results management,and supports multi-target,multi-protocol,multiplatform extensions.Finally,experimental results on an industrial controller have shown the feasibility and effectiveness of the method.
作者 向騻 赵波 纪祥敏 张焕国
机构地区 武汉大学计算机学院 空天信息安全与可信计算教育部重点实验室 福建农林大学计算机与信息学院
出处 《武汉大学学报(理学版)》 CAS CSCD 北大核心 2013年第5期411-415,共5页 Journal of Wuhan University:Natural Science Edition
基金 国家自然科学基金(61173138 61272452) 国家自然科学基金青年基金(61003268) 湖北省重点新产品新工艺研究开发项目(2012BAA03004)资助项目
关键词 工业控制系统 FUZZING 置信度 漏洞挖掘 industrial control system Fuzzing confidence vulnerability detection
分类号 TP399 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献1

二级参考文献13

  • 1B.P. Miller, L. Fredrikson, B. So, An empirical study of the reliability of UNIX utilities, Comm. of the ACM 33 (1990) 32.
  • 2P. Godefroid, M. Levin, D. Molnar, Automated whitebox fuzz testing, In NDSS, 2008.
  • 3P. Godefroid, P. Halleux, A.V. Nori, S.K. Rajamani, W. Schulte, N. Tillmann, Automating software testing using program analysis, IEEE Software (2008) 30-37.
  • 4D. Aitel, The Advantages of Block-Based Protocol Analysis for Security Testing, Immunity Inc., 2002.
  • 5T. Boutell, et al., PNG (Portable Network Graphics) Specification, Version 1.0, IETF Request for Comments 2083.
  • 6C. Luk. R. Cohn. R. Muth. et al.. Pin: Building customized program analysis tools with d) namic insY:rumentation, in: Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI2005). 2007. DP. 190-200.
  • 7P.J. Schroeder. B. Korel, Black-box test reduction using l/O analysis, in: Proceedings of the International Symposium on Software and Analysis (ISSTA '00), Portland, Oregon, August 2000.
  • 8C.C. Michael, G. McGraw. M.A. Schatz. Generating software test data by evolution. IEEE Transactions on Software Engineering 27 (2001) 1085-2001.
  • 9P.M. Minn, Search-based software test data generation: a survey, Softw. Test. Verif. Reliab. 14 (2004) 105-156.
  • 10C.D. Grosso. G. Antoniol. M.D. Penta, P. Galinier, E.Merlo. lmproxing nctxork applications security: A new heuristic to gencrale stress lcsting data. In GECCO'05, 2005.

共引文献4

同被引文献44

  • 1IE C 6 2 4 4 3 Network and system secu rity for in du strial - p ro cessm easurem ent and con trol[S] . 2 0 1 2 .
  • 2The N ation al R esearch C oun cil. M aking the nation s a fe r : the role ofscien ce an d technology in countering terrorism [R] . W ashingtonD C , U S A : the N ational R esearch C o u n cil, 2 0 0 2 .
  • 3U nited States G eneral A ccou ntin g O ffice. C ritical infrastructureprotection : ch allen ges and efforts to secu re control sy stem s, G AO -0 4 - 3 5 4 [R] . W ashington D C , U S A : G eneral A ccou ntin g O ffice( G A O ) , 2 0 0 4 .
  • 4E isen h au er J , D onnelly P , E llis M , et al. R o ad m ap to secu recontrol system s in the energy sector [R] . W ashington D C , U S A :E n ergetic In corp orated , the U S D epartm ent o f Energy an d the U SD epartm ent o f H om eland S ecu rity , 2 0 0 6 .
  • 5D epartm ent o f H om eland Security. N ation al infrastructure protectionp lan [R] . W ashington D C , U S A : D epartm ent o f H om elandS ecu rity , 2 0 0 9 .
  • 6E nergy Sector Control System s W orking G roup ( E SC SW G ) .R oadm ap to ach ieve energy delivery system s cyber security [R] .W ashington D C , U S A : O ffice o f E lectricity D elivery and EnergyR e liab ility , 2 0 1 1 .
  • 7Com m ission o f the E uro p ean C o m m u n ities, Com m unication from theCom m ission to the C oun cil and the E u ropean P arliam en t. C riticalinfrastructure protection in the fight again st terrorism , COM ( 2 0 0 4 )7 0 2 fin al [R] . B r u s s e ls , B elgiu m : C om m ission o f the E u rop eanco m m u n icaties, 2 0 0 4 .
  • 8Com m ission o f the E uro p ean C om m unities. Com m unication from thecom m ission on a european program m e for critical infrastructurep rotection , COM ( 2 0 0 6 ) 7 8 6 F in al [R] . B r u sse ls, B e lg iu m :Com m ission o f the E u ropean co m m u n icaties, 2 0 0 6 .
  • 9Com m ission o f the E uro p ean C om m unities. Com m unication from thecom m ission to the european p arlia m en t, the c o u n c il, The europeaneconom ic an d so cial com m ittee and the com m ittee o f the region s - adigital agen d a for E u ro p e , COM ( 2 0 1 0 ) 2 4 5 F in a l[R] . B r u sse ls,B e lg iu m : Com m ission o f the E uro p ean C o m m u n icaties, 2 0 1 0 .
  • 10C hee - W T , Chen C L . V u ln erability assessm en t o f cybersecu rityfor SC A D A system s u sin g attack trees. Power En gin eerin g SocietyG eneral M eeting. I E E E , 2 0 0 7 : 1 - 8 .

引证文献6

二级引证文献45

武汉大学学报(理学版)
2013年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部