Path analysis attack prediction method for electric power CPS
XIA Zhuoqun1,2,3, LI Wenhuan1,2, JIANG Lalin1,2, XU Ming3
1. Hunan Provincial Key Laboratory of Intelligent Processing of Big Data on Transportation, Changsha University of Science and Technology, Changsha 410114, China;
2. School of Computer and Communication Engineering, Changsha University of Science and Technology, Changsha 410114, China;
3. School of Computer, National University of Defense Technology, Changsha 410000, China
摘要为了有效地防御多步跨域类攻击对电力信息物理系统(cyber physical system,CPS)造成危害,该文提出一种基于路径分析的电力CPS攻击预测方法。在常用攻击图定义的基础上结合概率知识建立攻击图模型,用跨域攻击概率(cross-origin-attack probability,CO-AP)和跨域平均攻破时间(cross-origin-mean time to compromise,CO-MTTC)分别量化电力基础设施中的漏洞利用难度和攻防实战中攻击者熟练程度。在检测到实时攻击行为的基础上采用改进的Dijkstra算法枚举后续可能的攻击路径。结合2个量化指标对其进行分析,得到威胁最大的攻击路径。仿真实验结果表明:该方法能更准确地预测攻击路径,为电力CPS安全管理提供了良好的防御策略。
Abstract:The electric power industry needs to defend against multi-step cross-domain attacks seeking to damage electric power CPS. This paper presents path analysisa electric power CPS attack prediction method that defines a common attack graph based on a probability attack graph model. The Cross-origin attack probability and the cross-origin mean time to compromise are used to quantify the exploit difficulty and the attacker proficiency for offensive and defensive actions to protect the power infrastructure. When attacks are detected in real time, the improved Dijkstra algorithm will enumerate possible follow-up attack paths. The two quantitative indicators are combined to predict the greatest threat attack path. Simulations show that this method can more effectively predict the attack path as a good defensive strategy for electric power CPS security management.
刘家男, 翁健. 智能电网安全研究综述[J]. 信息网络安全, 2016(5):78-84. LIU J N, WEN J. Survey on smart grid security[J]. Netinfo Security, 2016(5):78-84. (in Chinese)
[2]
SUN C C, LIU C C, XIE J. Cyber-physical system security of a power grid:State-of-the-art[J]. Electronics, 2016, 5(3):40.
[3]
LANGNER R. Stuxnet:Dissecting a cyberwarfare weapon[J]. IEEE Security & Privacy, 2011, 9(3):49-51.
[4]
KHALID H M, PENG J C H. A Bayesian algorithm to enhance the resilience of WAMS applications against cyber attacks[J]. IEEE Transactions on Smart Grid, 2016, 7(4):2026-2037.
[5]
陈小军, 方滨兴, 谭庆丰, 等. 基于概率攻击图的内部攻击意图推断算法研究[J]. 计算机学报, 2014, 37(1):62-72. CHEN X J, FANG B X, TAN Q F, et al. Inferring attack intent of malicious insider based on probabilistic attack graph model[J]. Chinese Journal of Computers, 2014, 37(1):62-72. (in Chinese)
[6]
CHEN T M, SANCHEZ-AAMOUTSE J C, BUFORD J. Petri net modeling of cyber-physical attacks on smart grid[J]. IEEE Transactions on Smart Grid, 2011, 2(4):741-749.
[7]
张恒巍, 余定坤, 韩继红, 等. 基于攻防信号博弈模型的防御策略选取方法[J]. 通信学报, 2016, 37(5):51-61. ZHANG H W, YU D K, HAN J H, et al. Defense policies selection method based on attack-defense signaling game model[J]. Journal on Communications, 2016, 37(5):51-61. (in Chinese)
[8]
IDIKA N, BHARGAVA B. Extending attack graph-based security metrics and aggregating their application[J]. IEEE Transactions on Dependable and Secure Computing, 2012, 9(1):75-85.
[9]
JAJODIA S, NOEL S, KALAPA P, et al. Cauldron mission-centric cyber situational awareness with defense in depth[C]//Proceeding of Military Communications Conference. Baltimore, USA:IEEE, 2011:1339-1344.
[10]
WANG L Y, ISLAM T, LONG T, et al. An attack graph-based probabilistic security metric[M]//ATLURI V. Data and Applications Security XXⅡ. Berlin, Germany:Springer, 2008:283-296.
[11]
王宇飞, 高昆仑, 赵婷, 等. 基于改进攻击图的电力信息物理系统跨空间连锁故障危害评估[J]. 中国电机工程学报, 2016, 36(6):1490-1499. WANG Y F, GAO K L, ZHAO T, et al. Assessing the harmfulness of cascading failures across space in electric cyber-physical system based on improved attack graph[J]. Proceedings of the CSEE, 2016, 36(6):1490-1499. (in Chinese)
[12]
LIU X X, ZHANG J X, ZHU P D. Modeling cyber-physical attacks based on probabilistic colored Petri nets and mixed-strategy game theory[J]. International Journal of Critical Infrastructure Protection, 2017, 16:13-25.
[13]
LIU X X, ZHANG J X, ZHU P D. Dependence analysis based cyber-physical security assessment for critical infrastructure networks[C]//Proceedings of the 7th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON). Vancouver, Canada:IEEE, 2016:1-7.
[14]
ZONOUZ S, ROGERS K M, BERTHIER R, et al. SCPSE:Security-oriented cyber-physical state estimation for power grid critical infrastructures[J]. IEEE Transactions on Smart Grid, 2012, 3(4):1790-1799.
[15]
ZONOUS S, DAVIS C M, DAVIS K R, et al. SOCCA:A security-oriented cyber-physical contingency analysis in power infrastructures[J]. IEEE Transactions on Smart Grid, 2014, 5(1):3-13.
[16]
ZHANG Y C, WANG L F, XIANG Y M, et al. Power system reliability evaluation with SCADA cybersecurity considerations[J]. IEEE Transactions on Smart Grid, 2015, 6(4):1707-1721.
[17]
MELL P, SCARFONE K, ROMANOSKY S. Common vulnerability scoring system[J]. IEEE Security & Privacy, 2006, 4(6):85-89.