中国科学院沈阳自动化研究所机构知识库
Advanced  
SIA OpenIR  > 工业控制网络与系统研究室  > 期刊论文
题名: 基于区域/边界规则的Modbus TCP通讯安全防御模型
其他题名: Security defense module of Modbus TCP communication based on region/enclave rules
作者: 张盛山 ; 尚文利 ; 万明 ; 张华良 ; 曾鹏
作者部门: 工业控制网络与系统研究室
关键词: 工业通讯协议 ; 工业控制系统 ; 白名单 ; 入侵检测 ; 数据采集与监控系统
刊名: 计算机工程与设计
ISSN号: 1000-7024
出版日期: 2014
卷号: 35, 期号:11, 页码:3701-3707
收录类别: CSCD
产权排序: 1
摘要: 针对目前工业控制系统中新型工业病毒的入侵检测难点问题,分析Modbus通讯协议的设计缺陷,提出Modbus TCP通讯深度解析方法,通过对Modbus应用层协议的关键字段的解析,有效应对来自协议应用层的威胁。在此基础上,提出Modbus TCP通讯的安全规则描述的一般形式,并进一步提出基于入侵检测规则和"白名单"相结合的工业SCADA系统中Modbus TCP通讯安全防御模型,通过定义不同区域间正常通讯的最小集合,极大程度上消除系统存在的风险敞口,通过及时报警兼顾可能合法但可疑的通讯流量。仿真实验验证了该方法的有效性。
英文摘要: To solve the problem that it is difficult to detect the intrusion of advanced industrial virus into the industrial control system, design flaws of Modbus TCP were analyzed, and a method was proposed, through which the Modbus TCP packet was deeply parsed to deal with the threat from the application layer. Furthermore, a normal method describing the security rule was proposed and a Modbus TCP communication protection method in the industrial control system or SCADA system that combining the IDS rule with “white-list” was designed, which defined what was necessary between different zones, thus the possibility of being attacked was diminished, while in the meantime a suspicious but probable legal packet would trigger an alarm. The simulation experiments validate the effectiveness of the proposed method.
语种: 中文
Citation statistics:
内容类型: 期刊论文
URI标识: http://ir.sia.cn/handle/173321/15447
Appears in Collections:工业控制网络与系统研究室_期刊论文

Files in This Item: Download All
File Name/ File Size Content Type Version Access License
基于区域_边界规则的ModbusTCP通讯安全防御模型.pdf(801KB)----开放获取View Download
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[张盛山]'s Articles
[尚文利]'s Articles
[万明]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[张盛山]‘s Articles
[尚文利]‘s Articles
[万明]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
文件名: 基于区域_边界规则的ModbusTCP通讯安全防御模型.pdf
格式: Adobe PDF
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2016  中国科学院沈阳自动化研究所 - Feedback
Powered by CSpace