Multidimensional attack damage assessment of cyber-physical systems based on hierarchical analysis
-
摘要:
由于信息物理网络交叉互联、多重连接的特点,易成为网络攻击的对象目标。通过对信息物理网络的网络体系架构和网络应用特点进行相关研究,提出了一种信息物理网络多维攻击损毁评估模型。将信息物理网络分为物理层、规则层、服务层3个维度,基于每个维度分别给出网络攻击损毁评估属性计算方法。通过对网络状态监测,可以得到拓扑稳定性、连通可用性、失效可控性,传输稳定性、丢包可用性、误码可控性,响应稳定性、业务可用性、风险可控性3个维度的攻击损毁评估属性。采用层次分析法得到信息物理网络3个不同维度及网络整体的攻击损毁评估结果,为信息物理网络的安全防护提供支撑与依据。模拟信息物理网络遭受分布式拒绝服务攻击,并采用所提方法进行攻击损毁评估,验证了所提模型的实用性和有效性。
Abstract:With characteristics, such as cross interconnection and multiple connections, cyber-physical systems is susceptible to network attack. Through relevant research on its network architecture and on the characteristics of its network application, a model for multidimensional attack damage assessment is established. Firstly, the cyber-physical systems was divided in three dimensions: the physical layer, the rule layer and the service layer. For each layer, an attribute-based method for assessing the network attack damage was given. Then, through monitoring the network status, the attributes for attack damage assessment were obtained, which include topological stability, connectivity availability, failure controllability, transmission stability, packet loss availability, bit error controllability, response stability, service availability and risk controllability. Finally, the analytic hierarchy process was used to gain the evaluation results of the attack damage in each of the three different layers and the whole network, thus providing support and basis for the security protection of the network. Simulation of the DDoS attack on the cyber-physical systems, along with the application of the proposed method to evaluate the attack damage, verifies the practicability and effectiveness of the model.
-
表 1 网络攻击损毁评估属性
Table 1. Attributes for network attack damage assessment
% 维度 攻击损毁评估属性 数值 物理层 拓扑稳定性 74.35 连通可用性 96.65 失效可控性 92.60 规则层 传输稳定性 97.41 丢包可用性 88.22 误码可控性 67.81 服务层 响应稳定性 81.14 业务可用性 72.22 风险可控性 84.80 -
[1] ALLADI T, CHAMOLA V, ZEADALLY S. Industrial control systems: Cyberattack trends and counter-measures[J]. Computer Communications, 2020, 155: 1-8. doi: 10.1016/j.comcom.2020.03.007 [2] 郭庆来, 辛蜀骏, 王剑辉, 等. 由乌克兰停电事件看信息能源系统综合安全评估[J]. 电力系统自动化, 2016, 40(5): 145-147. https://www.cnki.com.cn/Article/CJFDTOTAL-DLXT201605022.htmGUO Q L, XIN S J, WANG J H, et al. Comprehensive security assessment for a cyber physical energy system: A lesson from Ukraine's blackout[J]. Automation of Electric Power Systems, 2016, 40(5): 145-147(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-DLXT201605022.htm [3] 王冬. 解析勒索软件Cerber的攻击方法[J]. 计算机与网络, 2016, 15: 52-53. https://www.cnki.com.cn/Article/CJFDTOTAL-JSYW201615059.htmWANG D. Analyze the attack method of ransomware Cerber[J]. Computer and Network, 2016, 15: 52-53(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-JSYW201615059.htm [4] SHI Z Y, ZHAO G L, LIU J H. The effect evaluation of the network attack based on the fuzzy comprehensive evaluation method[C]//2016 3rd International Conference on Systems and Informatics (ICSAI). Piscataway: IEEE Press, 2016: 367-372. [5] LIN J, JIANG R, QI Y L, et al. Construction of index system based on advanced persistent threat[C]//ITM Web of Conferences, 2017, 12: 03009. [6] 鲜明, 包卫东, 王永杰. 网络攻击效果评估导论[M]. 长沙: 国防科技大学出版社, 2007.XIAN M, BAO W D, WANG Y J. Introduction to effect evaluation of network attack[M]. Changsha: National University of Defense Technology Press, 2007(in Chinese). [7] 汪生, 孙乐昌. 网络攻击效果评估系统的研究与实现: 基于指标体系[J]. 计算机工程与应用, 2005, 41(34): 149-153. https://www.cnki.com.cn/Article/CJFDTOTAL-JSGG200534048.htmWANG S, SUN L C. Research and implementation of evaluation system for network attack effect based on indicator system[J]. Computer Engineering and Applications, 2005, 41(34): 149-153(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-JSGG200534048.htm [8] 赵博夫, 殷肖川. 多维网络攻击效果评估方法研究[J]. 计算机工程与设计, 2011, 32(8): 2596-2599. https://www.cnki.com.cn/Article/CJFDTOTAL-SJSJ201108010.htmZHAO B F, YIN X C. Research on multidimensional attack effect evaluation method[J]. Computer Engineering and Design, 2011, 32(8): 2596-2599(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-SJSJ201108010.htm [9] 胡影, 郑康锋, 杨义先. 一种基于原子功能的网络攻击效果评估指标体系[J]. 计算机工程与科学, 2008, 30(10): 1-4. https://www.cnki.com.cn/Article/CJFDTOTAL-JSJK200810003.htmHU Y, ZHENG K F, YANG Y X. A metric system to evaluate network attack effects based on atomic functions[J]. Computer Engineering & Science, 2008, 30(10): 1-4(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-JSJK200810003.htm [10] NIU Z, MA T, MA C L, et al. Analysis of the evaluation index for jamming partition battlefield wireless network[C]//2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference. Piscataway: IEEE Press, 2019: 2438-2442. [11] 刘进, 王永杰, 张义荣, 等. 层次分析法在网络攻击效果评估中的应用[J]. 计算机应用研究, 2005, 22(3): 113-115. https://www.cnki.com.cn/Article/CJFDTOTAL-JSYJ20050300Z.htmLIU J, WANG Y J, ZHANG Y R, et al. Application of analytic hierarchy process to network attack effect evaluation[J]. Application Research of Computers, 2005, 22(3): 113-115(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-JSYJ20050300Z.htm [12] MACIEL R, ARAUJO J, MELO C, et al. Impact evaluation of DDoS attacks using IoT devices[C]//2021 IEEE International Systems Conference (SysCon). Piscataway: IEEE Press, 2021: 1-8. [13] 李雄伟, 于明, 杨义先, 等. Fuzzy-AHP法在网络攻击效果评估中的应用[J]. 北京邮电大学学报, 2006, 29(1): 124-127. https://www.cnki.com.cn/Article/CJFDTOTAL-BJYD200601028.htmLI X W, YU M, YANG Y X, et al. Application of Fuzzy-AHP method in the effect evaluation of network attack[J]. Journal of Beijing University of Posts and Telecommunications, 2006, 29(1): 124-127(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-BJYD200601028.htm [14] CHAI Z L. An indirect variable weights method to compute fuzzy comprehensive evaluation values[J]. Soft Computing, 2019, 23(23): 12511-12519. [15] 钟远, 郝建国. 基于系统熵的网络攻击信息支援效能评估方法[J]. 解放军理工大学学报(自然科学版), 2014, 15(2): 127-132.ZHONG Y, HAO J G. Estimation method for information support efficiency of network attacks based on system entropy[J]. Journal of PLA University of Science and Technology (Natural Science Edition), 2014, 15(2): 127-132(in Chinese). [16] 戴方芳, 郑康锋, 胡影, 等. 基于二维熵分量的K均值攻击效果评估[J]. 北京邮电大学学报, 2014, 37(1): 71-75. https://www.cnki.com.cn/Article/CJFDTOTAL-BJYD201401016.htmDAI F F, ZHENG K F, HU Y, et al. A K-means cluster evaluation of attack effect based on Bi-dimensional entropy components[J]. Journal of Beijing University of Posts and Telecommunications, 2014, 37(1): 71-75(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-BJYD201401016.htm [17] 曾伟渊. 一种基于网络熵的计算机网络攻击效果定量评估方法[J]. 长春师范大学学报, 2016, 35(8): 24-29. https://www.cnki.com.cn/Article/CJFDTOTAL-CCSS201608006.htmZENG W Y. A quantitative evaluation method of computer network attack effects based on network entropy[J]. Journal of Changchun Normal University, 2016, 35(8): 24-29(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-CCSS201608006.htm [18] 魏兴. 面向目标对象的网络攻击效果评估技术研究与实现[D]. 北京: 北京邮电大学, 2018.WEI X. Research and implementation of targeted object attack evaluation[D]. Beijing: Beijing University of Posts and Telecommunications, 2018(in Chinese). [19] JAJODIA S, NOEL S, O'BERRY B. Topological analysis of network attack vulnerability[M]. Berlin: Springer, 2007: 247-266. [20] LIM G J, KIM S, CHO J, et al. Multi-UAV pre-positioning and routing for power network damage assessment[J]. IEEE Transactions on Smart Grid, 2018, 9(4): 3643-3651. [21] 郭琳茜. 面向Ad Hoc网络的攻击效果评估技术研究与实现[D]. 北京: 北京邮电大学, 2019.GUO L X. Research and implementation of attack effect evaluation technology for Ad Hoc networks[D]. Beijing: Beijing University of Posts and Telecommunications, 2019(in Chinese). [22] 贾薇, 胡影, 戴方芳. 基于攻击树的无线局域网攻击效果评估[C]//第十九届全国青年通信学术年会. 北京: 国防工业出版社, 2014: 127-131.JIA W, HU Y, DAI F F. WLAN attack effect assessment based on attack tree[C]//Proceedings of the 19th National Youth Communication Academic Conference. Beijing: National Defense Industry Press, 2014: 127-131(in Chinese). [23] 黄宁, 伍志韬. 网络可靠性评估模型与算法综述[J]. 系统工程与电子技术, 2013, 35(12): 2651-2660. https://www.cnki.com.cn/Article/CJFDTOTAL-XTYD201312033.htmHUANG N, WU Z T. Survey of network reliability evaluation models and algorithms[J]. Systems Engineering and Electronics, 2013, 35(12): 2651-2660(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-XTYD201312033.htm