CN106713284A - Industrial control security testing system, and industrial control system - Google Patents

Industrial control security testing system, and industrial control system Download PDF

Info

Publication number
CN106713284A
CN106713284A CN201611099860.0A CN201611099860A CN106713284A CN 106713284 A CN106713284 A CN 106713284A CN 201611099860 A CN201611099860 A CN 201611099860A CN 106713284 A CN106713284 A CN 106713284A
Authority
CN
China
Prior art keywords
port
scanning
module
port status
testing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611099860.0A
Other languages
Chinese (zh)
Inventor
孙歆
韩嘉佳
戴桦
卢新岱
李沁园
李景
周辉
姚影
龚小刚
戚伟强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
State Grid Zhejiang Electric Power Co Ltd
Electric Power Research Institute of State Grid Zhejiang Electric Power Co Ltd
Information and Telecommunication Branch of State Grid Zhejiang Electric Power Co Ltd
Original Assignee
State Grid Corp of China SGCC
State Grid Zhejiang Electric Power Co Ltd
Electric Power Research Institute of State Grid Zhejiang Electric Power Co Ltd
Information and Telecommunication Branch of State Grid Zhejiang Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, State Grid Zhejiang Electric Power Co Ltd, Electric Power Research Institute of State Grid Zhejiang Electric Power Co Ltd, Information and Telecommunication Branch of State Grid Zhejiang Electric Power Co Ltd filed Critical State Grid Corp of China SGCC
Priority to CN201611099860.0A priority Critical patent/CN106713284A/en
Publication of CN106713284A publication Critical patent/CN106713284A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/50Testing arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses an industrial control security testing system, and an industrial control system. The industrial control security testing system comprises a port status scanning module, a testing case recommending module, and a fuzzy testing engine module, wherein the port status scanning module is used for scanning and acquiring a port status of equipment to be tested, which is used as a port status scanning result; the testing case recommending module is used for searching a preset testing case library for a testing case of a service protocol type matched with the port status scanning result when a port is in an open status according to the port status scanning result; and the fuzzy testing engine module is used for generating testing data according to the testing case obtained through the searching, carrying out variation of the testing data, and sending data obtained through the variation to the equipment to be tested for unknown security vulnerability mining. Therefore, the industrial control security testing system and the industrial control system provided by the invention have the advantages that security testing can be efficiently and automatically completed, so that a user can conveniently and efficiently carry out testing case selection and testing, automatic testing is achieved, and the error rate is extremely low.

Description

A kind of industry control safety detecting system and industrial control system
Technical field
The present invention relates to industry control technical field, more particularly to a kind of industry control safety detecting system and industrial control system.
Background technology
From the point of view of industrial control system itself, with the development of computer and network technologies, especially information-based and industry The depth integration of change, industrial control system is increasingly employed puppy parc, common hardware and common software, by internet Operation system Deng public network connection is also more and more universal, and this causes significantly to increase for the attack of industrial control system It is long, also cause that the fragility of industrial control system gradually manifests, the information security issue for facing becomes increasingly conspicuous.
Unknown security breaches to the network in industrial control system carry out excavating the fuzzy survey for needing to be based on industry control agreement Examination technology, namely find unknown security breaches by carrying out fuzz testing to the equipment and system in industry control network.But industry control Network is that the device type in industrial control field is more with the difference of internet, and agreement is complicated, agreement stipulations disunity, skill Art field is related to the fields such as petrochemical refining, water project operation, power scheduling, track traffic.Different PLC or other equipment under test bases In agreement it is different.Conventional industry control agreement just cover Modbus, IEC101, IEC103, IEC104, DNP3.0, Tens kinds of Goose, MMS, Profinet, S7_comm, Fins etc..Industry control safety detecting system needs compatible these agreements, test When need to be picked out from these agreements and be suitable for equipment under test.
Although safe test platform of the prior art is also integrated with the test case of many different agreement types, Equipment under test is carried out to be input into which test case then needs user oneself to go to judge when unknown security breaches are excavated, and is being sentenced User oneself goes the test case for choosing determination to go to carry out equipment under test unknown security breaches excavation after the completion of disconnected, on the one hand, Automaticity it is low, it is necessary to people participate in process it is more, on the other hand, due to the participation of people, error rate is higher.
Therefore, how to provide a kind of industry control safety detecting system and industrial control system for solving above-mentioned technical problem is this area Technical staff needs the problem for solving at present.
The content of the invention
It is an object of the invention to provide a kind of industry control safety detecting system, safety test can be efficiently automatically completed, just In user it is convenient, efficiently carry out test case selection and test, realize automatic test, error rate is extremely low;It is of the invention Another object is to provide a kind of industrial control system including above-mentioned industry control safety detecting system.
In order to solve the above technical problems, the invention provides a kind of industry control safety detecting system, including:
Port status scan module, for scanning and obtain equipment under test port state, as port status scan As a result;
Test case recommending module, for according to the port status scanning result, the state in the port to be opening When, the test case of the service protocol type matched with the port status scanning result is searched in default test case library;
Fuzz testing engine modules, after row variation of being gone forward side by side according to the Test cases technology test data for finding Equipment under test is sent to carry out unknown security breaches excavation.
Preferably, the system also includes:
Sweep parameter setup module, for setting user-defined sweep parameter, the sweep parameter includes scanning end Mouth scope;
Then when the sweep parameter setup module sets the scanning port scope, the port status scan module is used Port status in the range of the scanning port for scanning the equipment under test, sweep as the corresponding port status in each port Retouch result.
Preferably, the port status scan module is specifically for the scanning port scope pair to the equipment under test The port answered sends initial IP request message, and the scanning knot of each port is obtained according to the response message that each port returns Really.
Preferably, the sweep parameter also includes main frame ip addresses and scan transfer layer protocol type.
Preferably, the scan transfer layer protocol type includes TCP or UDP.
Preferably, when the scan transfer layer protocol type is TCP, then TCP scannings using semi-open SYN scannings or The connect scannings of person's acquiescence.
Preferably, the port status scan module also includes configuration file, and the configuration file includes preset preferential The port numbers of scanning and its mapping table with service protocol type.
Preferably, the port status scan module also includes grouping module, for being carried out to the scanning port scope Packet, and the scan task after packet is assigned in thread pool.
Preferably, the system also includes safety test engine modules, for being set to described being tested according to the scanning result It is standby to carry out safety test.
In order to solve the above technical problems, present invention also offers a kind of industrial control system, including industry control peace as described above Full inspection examining system.
The invention provides a kind of industry control safety detecting system and industrial control system, including port status scan module, it is used for The port status of equipment under test are scanned and obtain, as port status scanning result;Test case recommending module, for according to institute Port status scanning result is stated, when the state of port is to open, is searched in default test case library and port status scanning The test case of the service protocol type of result matching;Fuzz testing engine modules, for according to the test case life for finding Equipment under test is sent to after going forward side by side row variation into test data to carry out unknown security breaches excavation.It can be seen that, the present invention is by end Mouthful status scan module scans and after obtaining the port status of equipment under test, test case recommending module is correspondingly in default test The test case that lookup is matched with port status scanning result in use-case storehouse, fuzz testing engine modules are used according to the test of matching Example sends unexpected test data to equipment under test, can efficiently be automatically completed safety test, is easy to user convenient, efficient Carry out test case selection and test, realize automatic test, error rate is extremely low.
Brief description of the drawings
Technical scheme in order to illustrate more clearly the embodiments of the present invention, below will be to institute in prior art and embodiment The accompanying drawing for needing to use is briefly described, it should be apparent that, drawings in the following description are only some implementations of the invention Example, for those of ordinary skill in the art, on the premise of not paying creative work, can also obtain according to these accompanying drawings Obtain other accompanying drawings.
A kind of structural representation of industry control safety detecting system that Fig. 1 is provided for the present invention;
Fig. 2 sets administration interface figure for a kind of sweep parameter that the present invention is provided;
Fig. 3 sets administration interface figure for a kind of specifically sweep parameter that the present invention is provided;
A kind of scanning result schematic diagram that Fig. 4 is provided for the present invention;
A kind of scan procedure figure of industry control safety detecting system that Fig. 5 is provided for the present invention.
Specific embodiment
Core of the invention is to provide a kind of industry control safety detecting system, can efficiently be automatically completed safety test, just In user it is convenient, efficiently carry out test case selection and test, realize automatic test, error rate is extremely low;It is of the invention Another core is to provide a kind of industrial control system including above-mentioned industry control safety detecting system.
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention In accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is A part of embodiment of the present invention, rather than whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art The every other embodiment obtained under the premise of creative work is not made, belongs to the scope of protection of the invention.
Refer to Fig. 1, a kind of structural representation of industry control safety detecting system that Fig. 1 is provided for the present invention, the system bag Include:
Port status scan module 1, for scanning and obtain equipment under test port state, as port status scan As a result;
Specifically, the state of port includes open, closing and is filtered that only the state of port is when opening, to tested It is just meaningful that equipment sends corresponding test data.Here scanning result includes the status information of the port.
Preferably, port status scan module 1 is specifically for the corresponding end of scanning port scope to equipment under test Mouth sends initial IP request message, and the scanning result of each port is obtained according to the response message that each port returns.
Port status scan module 1 in scanning port state by send initial IP message judge equipment under test whether The port provides corresponding service, if it is judged that being yes, then it represents that port status are opening.
Test case recommending module 2, for according to the port status scanning result, when the state of port is to open, The test case of the service protocol type that lookup is matched with port status scanning result in default test case library;
It is understood that the test that protocol type corresponding with each port is store in default test case library is used Example, when the scanning of port status scan module 1 to certain port is to open, test case recommending module 2 is in default test case The test case of the service protocol type that lookup is matched with scanning result in storehouse.
Fuzz testing engine modules 3, for being passed after row variation of being gone forward side by side according to the Test cases technology test data for finding Equipment under test is delivered to carry out unknown security breaches excavation.
Specifically, fuzz testing engine modules 3 are according to the Test cases technology test data for finding, and to test data Enter row variation and obtain unexpected test data, then again send to equipment under test test data, come to equipment under test with this Unknown security breaches are carried out to be excavated.
Preferably, the system also includes:
Sweep parameter setup module 4, for setting user-defined sweep parameter, sweep parameter includes scanning port model Enclose;
Then when the sweep parameter setup module sets the scanning port scope, port status scan module 1 is used for The port status in the range of the scanning port of equipment under test are scanned, as the corresponding port status scanning result in each port.
Specifically, the default scoping of scanning port scope is 0-65535, if scanning port scope is not configured Words, port status scan module 1 can carry out a scanning according to all of port numbers, but actually actually useful port may Only hundreds of, therefore, user can set customized particular range port by sweep parameter setup module 4, further Improve testing efficiency.
Preferably, sweep parameter also includes main frame ip addresses and scan transfer layer protocol type.
Specifically, industry control safety detecting system can be connected with multiple main frames simultaneously, when sweep parameter includes main frame ip ground The specific transmission layer protocol type of particular target host port can be scanned when location and scan transfer layer protocol type, entered One step improves scan efficiency.
In actual applications, sweep parameter can be managed by client or human-computer interaction interface, specifically, please Reference picture 2, Fig. 2 sets administration interface figure for a kind of sweep parameter that the present invention is provided.
Preferably, scan transfer layer protocol type includes TCP or UDP.
Preferably, when scan transfer layer protocol type is TCP, then TCP scannings using semi-open SYN scannings or The connect scannings of person's acquiescence.
In actual applications, industry control safety detecting system scans the ip addresses of main frame first, after detecting connection normally, shows Show that destination host connection is normal.
TCP scannings can both be scanned using semi-open SYN, it would however also be possible to employ the connect scannings of acquiescence;UDP Scan Send the empty UDP header without data to target port.
Specifically, Fig. 3 and Fig. 4 is refer to, wherein, Fig. 3 sets pipe for a kind of specifically sweep parameter that the present invention is provided Reason surface chart, a kind of scanning result schematic diagram that Fig. 4 is provided for the present invention.
When sweep parameter is set to as shown in figure 3 above, then system can be by transmission control protocol scanning ip Whether the state of destination host port 0-65535 192.168.70.210 is open.Scanning result is illustrated in fig. 4 shown below, scanning State is open port numbers service protocol type corresponding with its during result gives equipment under test.Tested after the end of scan and used The corresponding test case that example recommending module 2 finds is corresponding Siemens S7 protocol test use-cases.Certainly, merely just arrange S7 agreements are lifted, other agreements are equally applicable.
Preferably, port status scan module 1 also includes configuration file, and configuration file includes preset priority scan Port numbers and its mapping table with service protocol type.
Specifically, the port of priority scan and the mapping table of service protocol type, port are preset in configuration file Port in the priority scan configuration file of status scan module 1, if port status are to open, it is right that scanning result is directly extracted The service protocol type answered.Test case recommending module 2 is directly searched and the service agreement after service protocol type is received The corresponding test case of type.
For the checking for accelerating this effect of sweep speed:
Scanning port scope is set to 0-102, when port sum for 3400 when, in scanning process, when going to 3% i.e. By 102 Port detectings out, so it should be evident that the speed of scanning port state is very fast.It is highly preferred that port status are swept The scanning port scope retouched during port and sweep parameter of the module 1 also to priority scan in configuration file are set carries out duplicate removal.
Preferably, port status scan module 1 also includes grouping module, for being divided scanning port scope Group, and the scan task after packet is assigned in thread pool.
Port status scan module 1 is grouped to scanning port scope, is then assigned to the scan task after packet In thread, so that multigroup while be scanned to port, further very fast sweep speed.
Specifically, Fig. 5, a kind of scan procedure figure of industry control safety detecting system that Fig. 5 is provided for the present invention be refer to.
Preferably, the system also includes safety test engine modules, for entering to equipment under test according to scanning result Row safety test.
Industry control safety detecting system except fuzz testing engine modules 3, also including other types of safety test engine mould Block, accordingly, port status scan module 1 except being supplied to the fuzz testing engine modules 3 to carry out fuzz testing scanning result, The other types of safety test engine modules are also provided to, such as safety test such as weak passwurd detection is carried out.For example when 80 During open-ended, the partial test use-case of the HTTP weak passwurds detection that test case recommending module 2 finds out.
The invention provides a kind of industry control safety detecting system, including port status scan module, for scanning and obtain The port status of equipment under test, as port status scanning result;Test case recommending module, for according to the port status Scanning result, when the state of port is to open, searches what is matched with port status scanning result in default test case library The test case of service protocol type;Fuzz testing engine modules, for according to the Test cases technology test data for finding Go forward side by side and be sent to equipment under test to carry out unknown security breaches excavation after row variation.It can be seen that, the present invention is scanned by port status Module scans and after obtaining the port status of equipment under test, test case recommending module is correspondingly looked into default test case library The test case matched with scanning result, fuzz testing engine modules is looked for send non-to equipment under test according to the test case of matching Expected test data, can efficiently be automatically completed safety test, be easy to that user is convenient, efficiently carry out test case selection And test, automatic test is realized, error rate is extremely low.
In order to solve the above technical problems, present invention also offers a kind of industrial control system, including industry control peace as described above Full inspection examining system.
The introduction of the industry control safety detecting system provided for the present invention refer to above-described embodiment, and the present invention is herein no longer Repeat.
It should be noted that in this manual, term " including ", "comprising" or its any other variant be intended to Nonexcludability is included, so that process, method, article or equipment including a series of key elements not only will including those Element, but also other key elements including being not expressly set out, or also include being this process, method, article or equipment Intrinsic key element.In the absence of more restrictions, the key element limited by sentence "including a ...", it is not excluded that Also there is other identical element in process, method, article or equipment including the key element.
The foregoing description of the disclosed embodiments, enables professional and technical personnel in the field to realize or uses the present invention. Various modifications to these embodiments will be apparent for those skilled in the art, as defined herein General Principle can be realized in other embodiments without departing from the spirit or scope of the present invention.Therefore, the present invention The embodiments shown herein is not intended to be limited to, and is to fit to and principles disclosed herein and features of novelty phase one The scope most wide for causing.

Claims (10)

1. a kind of industry control safety detecting system, it is characterised in that including:
Port status scan module, for scanning and obtains the port status of equipment under test, used as port status scanning result;
Test case recommending module, for according to the port status scanning result, when the state of the port is to open, The test case of the service protocol type matched with the port status scanning result is searched in default test case library;
Fuzz testing engine modules, for being transmitted after row variation of being gone forward side by side according to the Test cases technology test data for finding To equipment under test carrying out unknown security breaches excavation.
2. industry control safety detecting system according to claim 1, it is characterised in that the system also includes:
Sweep parameter setup module, for setting user-defined sweep parameter, the sweep parameter includes scanning port model Enclose;
Then when the sweep parameter setup module sets the scanning port scope, the port status scan module is used to sweep The port status in the range of the scanning port of the equipment under test are retouched, as the corresponding port status scanning knot in each port Really.
3. industry control safety detecting system according to claim 2, it is characterised in that the port status scan module is specific Initial IP request message is sent for the corresponding port of the scanning port scope to the equipment under test, and according to each end The response message that mouth is returned obtains the scanning result of each port.
4. industry control safety detecting system according to claim 2, it is characterised in that the sweep parameter also includes main frame ip Address and scan transfer layer protocol type.
5. industry control safety detecting system according to claim 4, it is characterised in that the scan transfer layer protocol type bag Include TCP or UDP.
6. industry control safety detecting system according to claim 5, it is characterised in that when the scan transfer layer protocol type During for TCP, then TCP scannings are using semi-open SYN scannings or the connect scannings of acquiescence.
7. the industry control safety detecting system according to claim any one of 1-6, it is characterised in that the port status scanning Module also includes configuration file, the port numbers of the configuration file including preset priority scan and its with service protocol type Mapping table.
8. the industry control safety detecting system according to claim any one of 2-6, it is characterised in that the port status scanning Module also includes grouping module, for being grouped to the scanning port scope, and the scan task after packet is assigned to In thread pool.
9. industry control safety detecting system according to claim 1, it is characterised in that the system also includes safety test engine Module, for carrying out safety test to the equipment under test according to the scanning result.
10. a kind of industrial control system, it is characterised in that including the industry control safety detecting system as described in claim any one of 1-9.
CN201611099860.0A 2016-12-02 2016-12-02 Industrial control security testing system, and industrial control system Pending CN106713284A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611099860.0A CN106713284A (en) 2016-12-02 2016-12-02 Industrial control security testing system, and industrial control system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611099860.0A CN106713284A (en) 2016-12-02 2016-12-02 Industrial control security testing system, and industrial control system

Publications (1)

Publication Number Publication Date
CN106713284A true CN106713284A (en) 2017-05-24

Family

ID=58934531

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611099860.0A Pending CN106713284A (en) 2016-12-02 2016-12-02 Industrial control security testing system, and industrial control system

Country Status (1)

Country Link
CN (1) CN106713284A (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107181642A (en) * 2017-05-26 2017-09-19 北京立思辰新技术有限公司 Test the method and apparatus of leak
CN107395573A (en) * 2017-06-30 2017-11-24 北京航空航天大学 The detection method and device of a kind of industrial control system
CN108924102A (en) * 2018-06-21 2018-11-30 电子科技大学 Efficient industry control agreement fuzz testing method
CN109698841A (en) * 2019-03-06 2019-04-30 成都明得科技有限公司 The unknown bug excavation system and method for industry control based on video monitoring
CN109818973A (en) * 2019-03-13 2019-05-28 信联科技(南京)有限公司 A kind of agreement fuzz testing method based on tandem
CN110493254A (en) * 2019-09-03 2019-11-22 国家计算机网络与信息安全管理中心 Industrial Yunan County's overall evaluating method and device
CN110519289A (en) * 2019-09-02 2019-11-29 杭州安恒信息技术股份有限公司 Weak passwurd detection method and device based on industrial control system
CN110708344A (en) * 2019-11-22 2020-01-17 中电科仪器仪表有限公司 Vulnerability detection method and system based on fuzzy technology
CN112448866A (en) * 2020-11-12 2021-03-05 国网北京市电力公司 Protocol detection method, device, computer readable storage medium and processor
CN112667522A (en) * 2021-01-19 2021-04-16 深圳融安网络科技有限公司 Penetration testing method and device, terminal equipment and computer readable storage medium
CN113438225A (en) * 2021-06-23 2021-09-24 江苏智能网联汽车创新中心有限公司 Vehicle-mounted terminal vulnerability detection method, system, equipment and storage medium
CN117156022A (en) * 2023-11-01 2023-12-01 中国电子科技集团公司第三十研究所 Variation data generation method for fuzzy test

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090204591A1 (en) * 2008-02-11 2009-08-13 Rauli Kaksonen Method and arrangement for test case creation
CN102087631A (en) * 2011-03-09 2011-06-08 中国人民解放军国发科学技术大学 Method for realizing fuzzing of software on the basis of state protocol
CN104113553A (en) * 2014-07-29 2014-10-22 网神信息技术(北京)股份有限公司 Port state recognition method, device and system
CN104468267A (en) * 2014-11-24 2015-03-25 国家电网公司 Information safety penetration testing method for distribution automation system
CN105245403A (en) * 2015-10-27 2016-01-13 国网智能电网研究院 Power-grid industrial control protocol vulnerability mining system and method based on fuzzy test
CN105404207A (en) * 2015-12-14 2016-03-16 中国电子信息产业集团有限公司第六研究所 Industrial environment vulnerability discovering device and method
CN106059087A (en) * 2016-07-19 2016-10-26 国网四川省电力公司电力科学研究院 Intelligent transformer substation vulnerability analysis and assessment system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090204591A1 (en) * 2008-02-11 2009-08-13 Rauli Kaksonen Method and arrangement for test case creation
CN102087631A (en) * 2011-03-09 2011-06-08 中国人民解放军国发科学技术大学 Method for realizing fuzzing of software on the basis of state protocol
CN104113553A (en) * 2014-07-29 2014-10-22 网神信息技术(北京)股份有限公司 Port state recognition method, device and system
CN104468267A (en) * 2014-11-24 2015-03-25 国家电网公司 Information safety penetration testing method for distribution automation system
CN105245403A (en) * 2015-10-27 2016-01-13 国网智能电网研究院 Power-grid industrial control protocol vulnerability mining system and method based on fuzzy test
CN105404207A (en) * 2015-12-14 2016-03-16 中国电子信息产业集团有限公司第六研究所 Industrial environment vulnerability discovering device and method
CN106059087A (en) * 2016-07-19 2016-10-26 国网四川省电力公司电力科学研究院 Intelligent transformer substation vulnerability analysis and assessment system

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107181642A (en) * 2017-05-26 2017-09-19 北京立思辰新技术有限公司 Test the method and apparatus of leak
CN107395573A (en) * 2017-06-30 2017-11-24 北京航空航天大学 The detection method and device of a kind of industrial control system
CN108924102B (en) * 2018-06-21 2020-03-10 电子科技大学 Efficient industrial control protocol fuzzy test method
CN108924102A (en) * 2018-06-21 2018-11-30 电子科技大学 Efficient industry control agreement fuzz testing method
CN109698841A (en) * 2019-03-06 2019-04-30 成都明得科技有限公司 The unknown bug excavation system and method for industry control based on video monitoring
CN109818973A (en) * 2019-03-13 2019-05-28 信联科技(南京)有限公司 A kind of agreement fuzz testing method based on tandem
CN109818973B (en) * 2019-03-13 2021-06-04 信联科技(南京)有限公司 Protocol fuzzy test method based on serial connection mode
CN110519289A (en) * 2019-09-02 2019-11-29 杭州安恒信息技术股份有限公司 Weak passwurd detection method and device based on industrial control system
CN110493254A (en) * 2019-09-03 2019-11-22 国家计算机网络与信息安全管理中心 Industrial Yunan County's overall evaluating method and device
CN110708344A (en) * 2019-11-22 2020-01-17 中电科仪器仪表有限公司 Vulnerability detection method and system based on fuzzy technology
CN110708344B (en) * 2019-11-22 2022-03-04 中电科思仪科技股份有限公司 Vulnerability detection method and system based on fuzzy technology
CN112448866A (en) * 2020-11-12 2021-03-05 国网北京市电力公司 Protocol detection method, device, computer readable storage medium and processor
CN112667522A (en) * 2021-01-19 2021-04-16 深圳融安网络科技有限公司 Penetration testing method and device, terminal equipment and computer readable storage medium
CN112667522B (en) * 2021-01-19 2023-11-07 深圳融安网络科技有限公司 Penetration test method, penetration test device, terminal equipment and computer readable storage medium
CN113438225A (en) * 2021-06-23 2021-09-24 江苏智能网联汽车创新中心有限公司 Vehicle-mounted terminal vulnerability detection method, system, equipment and storage medium
CN117156022A (en) * 2023-11-01 2023-12-01 中国电子科技集团公司第三十研究所 Variation data generation method for fuzzy test

Similar Documents

Publication Publication Date Title
CN106713284A (en) Industrial control security testing system, and industrial control system
CN110247784B (en) Method and device for determining network topology structure
CN101431440B (en) Flux monitoring method and apparatus
CN110661669A (en) Network topology automatic discovery method of network equipment based on ICMP, TCP and UDP protocols
CN107690776A (en) For the method and apparatus that feature is grouped into the case for having selectable case border in abnormality detection
CN101123614B (en) A method and communication device for processing address parsing protocol packet
US20150370848A1 (en) System and method for managing data integrity in electronic data storage
CN103607399A (en) Special IP network safety monitor system and method based on hidden network
JPH1093654A (en) General report framework system and method for extending operation of management station on network
CA2469169A1 (en) Method and apparatus for determination of network topology
CN103220161A (en) Method and device for detecting server status
CN111934936B (en) Network state detection method and device, electronic equipment and storage medium
US11153185B2 (en) Network device snapshots
CN105743878A (en) Dynamic service handling using a honeypot
CN105306284A (en) Method and device for detecting connectivity of user network interface of virtual private network
CN107947994B (en) Network topology self-discovery method and device, network equipment and computer storage medium
CN104113443A (en) Network equipment detection method, device and cloud detection system
CN103905251A (en) Network topology obtaining method and device
CN101848223B (en) Network processor-based method and device for realizing quick bidirectional forwarding detection of messages
CN106899500A (en) A kind of message processing method and device across virtual expansible LAN
JP2016167799A (en) Network monitoring method and apparatus, and packet filtering method and apparatus
CN101610266A (en) A kind of method and device that detects ARP message validity
WO2015196636A1 (en) Packet collection method and system, network device and network management centre
WO2020132949A1 (en) Industrial control system monitoring method, device and system, and computer-readable medium
Bonola et al. StreaMon: A data-plane programming abstraction for software-defined stream monitoring

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170524

RJ01 Rejection of invention patent application after publication