Vulnerability priority analysis method, system and device for industrial control system and storage medium

An analysis method and technology of industrial control system, applied in the field of network security, can solve problems such as inability to reflect, lack of vulnerability exploitability, etc.

Active Publication Date: 2021-05-18
HARBIN INST OF TECH AT WEIHAI +1
View PDF7 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Current vulnerability scans do not reflect these factors
Moreover, for the results of vulnerability scanning, there is currently no application method to verify the exploitability of the vulnerability. If it is determined that there is currently no method for exploiting the vulnerability, corresponding resources and costs can be saved, and the pressure on the industrial control network can be reduced.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability priority analysis method, system and device for industrial control system and storage medium
  • Vulnerability priority analysis method, system and device for industrial control system and storage medium
  • Vulnerability priority analysis method, system and device for industrial control system and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0062] A vulnerability priority analysis method for industrial control systems, which refers to: the scenario and vulnerability information obtained through detection and scanning, combined with the PoC to give the vulnerability exploitability measurement combined with the scenario, and then based on the CVSS framework, the measurement value is combined with the vulnerability report. The CVSS score, which gives the priority score of the vulnerability.

Embodiment 2

[0064] According to a kind of vulnerability priority analysis method for industrial control system described in embodiment 1, such as figure 2 , Figure 5 As shown, the difference is that the steps involved are as follows:

[0065] (1) Asset detection and vulnerability scanning: This is the basic step that vulnerability analysis must go through. After asset detection and vulnerability scanning, basic information is obtained. Basic information includes vulnerability reports, scene information corresponding to vulnerabilities, and CVSS scores; vulnerability reports Contains a brief description of the vulnerability, for example, in a certain system or service, on some version of them, a certain operation can cause a certain problem under certain network conditions, and also includes the release time, modification time, and Vulnerability type and other information. The scene information corresponding to the vulnerability includes information such as the host system, the service...

Embodiment 3

[0071] According to a kind of vulnerability priority analysis method for industrial control system described in embodiment 2, its difference is:

[0072] Such as Figure 4 As shown, the generation process of the vulnerability exploitability discriminant model based on deep learning is as follows:

[0073] In industrial control systems, actual verification of vulnerabilities requires relatively high costs. It is also of great significance in the actual production process if some vulnerabilities with low exploitability can be screened out from the set of vulnerabilities to be verified in advance. In the present invention, it is proposed to judge the exploitability of the vulnerability according to whether there is a corresponding PoC for the vulnerability. For new vulnerabilities, due to the short time of emergence, people do not know enough about the vulnerability, so there is no exploit method for this vulnerability, or the exploit method is not mature enough. This situation...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an industrial control system-oriented vulnerability priority analysis method, system and device and a storage medium, which are characterized in that scene and vulnerability information obtained by detecting and scanning is combined with a PoC to give a scene-combined vulnerability availability measure, and then based on a CVSS framework, the measure value is combined with a CVSS score in a vulnerability report to give a vulnerability priority score. According to the method, the deviation caused by the fact that only attributes of vulnerabilities are considered in the CVSS scoring in the industrial control system is relieved. According to the system, the pressure of vulnerability verification under the industrial control system is effectively relieved, the vulnerability priority score under the scene where the vulnerability is located is efficiently and automatically given based on the CVSS, and meanwhile, the recommended PoC is provided to facilitate next verification.

Description

technical field [0001] The invention relates to an industrial control system-oriented vulnerability priority analysis method, system, equipment and storage medium, belonging to the technical field of network security. Background technique [0002] With the development of the Internet of Things, the integration of industrial control systems and the Internet has gradually deepened. However, traditional industrial control systems focus on the pursuit of functions in design, and lack of security considerations, resulting in a large number of network security vulnerabilities in industrial control systems being exposed to the Internet. , making industrial control system network security incidents occur frequently. Moreover, the industrial control system is closely related to the country's important infrastructure industries, such as energy, transportation, key manufacturing, power grid and other industries. Once an industrial control network security incident occurs, it may cause ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57G06N3/04G06N3/08
CPCG06F21/577G06N3/04G06N3/08
Inventor 程晟滔王佰玲张格张哲宇王子博
Owner HARBIN INST OF TECH AT WEIHAI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap