IEC104 protocol vulnerability mining method based on protocol state graph traversing

A technology of IEC104, protocol status, applied in electrical components, transmission systems, etc., can solve problems such as network information security, destructive impact of equipment systems, etc., to reduce execution time and solve the effect of poor effectiveness

Inactive Publication Date: 2019-04-19
CHINA ELECTRIC POWER RES INST +2
View PDF3 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] On the other hand, after the telecontrol system is networked, network information security issues follow
When attackers send malformed IEC104 protocol packets to such devices, it is easy to cause destructive effects on these devices and even the system, resulting in unpredictable consequences

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • IEC104 protocol vulnerability mining method based on protocol state graph traversing
  • IEC104 protocol vulnerability mining method based on protocol state graph traversing
  • IEC104 protocol vulnerability mining method based on protocol state graph traversing

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0050] Exemplary embodiments of the present invention will now be described with reference to the drawings; however, the present invention may be embodied in many different forms and are not limited to the embodiments described herein, which are provided for the purpose of exhaustively and completely disclosing the present invention. invention and fully convey the scope of the invention to those skilled in the art. The terms used in the exemplary embodiments shown in the drawings do not limit the present invention. In the figures, the same units / elements are given the same reference numerals.

[0051] Unless otherwise specified, the terms (including scientific and technical terms) used herein have the commonly understood meanings to those skilled in the art. In addition, it can be understood that terms defined by commonly used dictionaries should be understood to have consistent meanings in the context of their related fields, and should not be understood as idealized or over...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an IEC104 protocol vulnerability mining method based on protocol state graph traversing. The IEC104 protocol vulnerability mining method based on protocol state graph traversingcomprises the steps of: processing an obtained network data packet of target equipment into a de-weighted protocol base block; constructing a protocol state graph according to the de-weighted protocol base block; traversing the protocol state graph according to a pre-set rule, and generating at least one malformed data packet; and performing vulnerability testing on the at least one malformed data packet, and determining a script corresponding to the malformed data packet passing vulnerability testing as one vulnerability of the target equipment. According to the vulnerability mining method provided by the invention, vulnerability mining testing is carried out by taking state side RTU equipment as an object; security vulnerabilities in a power system and industrial control system equipment can be effectively discovered; when a test case is generated, a traversing path is relatively effective; the proportion of the generated effective test case is relatively high; and the execution time is reduced.

Description

technical field [0001] The invention belongs to the technical field of electric power system security, and in particular relates to a method for mining IEC104 protocol loopholes based on protocol state graph traversal. Background technique [0002] The power system is one of the essential infrastructures of the country. With the continuous integration of communications, industrial control and servers, power system automation has become the mainstream. The operating environment of the power system is more complex, and the requirements for the safe and stable operation of the power grid are also increasing. High, power system information security has become an important indicator affecting the stable operation of the power grid, and power system information security has received great attention from the state and the power industry. Establishing a power system security protection system, further improving security prevention technical measures, and thus improving the overall p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1433H04L69/26
Inventor 王磊孙利民朱朝阳周亮韩丽芳孙玉砚应欢缪思薇余文豪邱意民庞铖
Owner CHINA ELECTRIC POWER RES INST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap