An industrial control vulnerability mining method based on protocol state graph depth traversal

A technology of protocol status and depth traversal, applied in transmission systems, electrical components, etc., can solve problems such as difficult to simulate, difficult to achieve better results, high real-time performance of the system, and achieve the effect of poor effectiveness

Active Publication Date: 2019-11-29
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Due to the characteristics of IoT devices and industrial control system devices that are closed, difficult to debug, high real-time, and difficult to simulate, traditional vulnerability mining methods, such as reverse analysis, symbolic execution, and taint tracking, are difficult to achieve good results.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An industrial control vulnerability mining method based on protocol state graph depth traversal
  • An industrial control vulnerability mining method based on protocol state graph depth traversal
  • An industrial control vulnerability mining method based on protocol state graph depth traversal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The principles and features of the present invention are described below in conjunction with the accompanying drawings, and the examples given are only used to explain the present invention, and are not intended to limit the scope of the present invention.

[0029] This embodiment relates to a method for mining industrial control vulnerabilities based on in-depth traversal of protocol state diagrams, mainly obtaining a set of data packets to be analyzed by obtaining network data packets of a target device and performing preprocessing, and dividing the data packets in the set into blocks. Combining automatic analysis and manual analysis to obtain the constraint relationship between the basic blocks in the data packet and the state transition relationship between the data packets, and construct the protocol state diagram based on this. Traverse the protocol graph in a depth-first manner to perform fuzz tests, and detect whether the target is alive, so as to effectively dis...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an industrial control vulnerability mining method based on protocol state diagram depth traversal. The method comprises the steps of (1) obtaining the network data packets of a target device, and preprocessing the network data packets to obtain a data packet set to be analyzed, (2) carrying out partitioning processing on the data packets in the data packet set to be analyzed to obtain a large number of protocol base blocks, (3) extracting a constraint association relation between protocol base blocks in a single data packet and a state transfer association relation between the data packets, and constructing a protocol state diagram on the above basis, (4) traversing the protocol state diagram according to a depth-first mode, and generating and sending a corresponding malformed data packet, and (5) detecting whether the target device is alive, compiling a POC script according to the malformed data packet to carry out vulnerability verification if the target device is failed, and thus finding a security vulnerability in the target device. According to the method, security vulnerabilitys in Internet of things and industrial control system devices can be effectively found, and a problem of poor effectiveness of a traditional vulnerability mining method is solved.

Description

technical field [0001] The invention relates to the technical fields of network protocol security, Internet of Things / industrial control system security and security testing, in particular to a method for mining security loopholes based on deep traversal of protocol state diagrams. Background technique [0002] With the popularity of the Internet of Things, smart cities, and smart grids, various network attacks against the Internet of Things and industrial control system equipment have increased in recent years, exposing a large number of security vulnerabilities in the Internet of Things and industrial control system equipment. Actively discovering and repairing security vulnerabilities in IoT and industrial control system equipment has become an important security protection measure. [0003] Due to the characteristics of IoT devices and industrial control system devices that are closed, difficult to debug, high real-time, and difficult to simulate, traditional vulnerabili...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1433
Inventor 孙利民余文豪朱红松陈千
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap