CN109688003A - One kind being used for railway signal system network information security methods of risk assessment - Google Patents
One kind being used for railway signal system network information security methods of risk assessment Download PDFInfo
- Publication number
- CN109688003A CN109688003A CN201811569418.9A CN201811569418A CN109688003A CN 109688003 A CN109688003 A CN 109688003A CN 201811569418 A CN201811569418 A CN 201811569418A CN 109688003 A CN109688003 A CN 109688003A
- Authority
- CN
- China
- Prior art keywords
- attack
- signal system
- possibility
- railway signal
- network information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 17
- 238000012502 risk assessment Methods 0.000 title claims abstract description 16
- 230000006870 function Effects 0.000 claims abstract description 25
- 230000011664 signaling Effects 0.000 claims description 8
- 238000004891 communication Methods 0.000 claims description 7
- 101000836873 Homo sapiens Nucleotide exchange factor SIL1 Proteins 0.000 claims description 6
- 102100027096 Nucleotide exchange factor SIL1 Human genes 0.000 claims description 6
- 101000880156 Streptomyces cacaoi Subtilisin inhibitor-like protein 1 Proteins 0.000 claims description 6
- 101000879675 Streptomyces lavendulae Subtilisin inhibitor-like protein 4 Proteins 0.000 claims description 6
- 101000880160 Streptomyces rochei Subtilisin inhibitor-like protein 2 Proteins 0.000 claims description 6
- 238000004364 calculation method Methods 0.000 claims description 5
- 238000005516 engineering process Methods 0.000 claims description 4
- 230000008450 motivation Effects 0.000 claims description 4
- 230000002265 prevention Effects 0.000 claims description 4
- 101000879673 Streptomyces coelicolor Subtilisin inhibitor-like protein 3 Proteins 0.000 claims description 3
- 238000006386 neutralization reaction Methods 0.000 claims description 2
- 238000010304 firing Methods 0.000 abstract 1
- 230000002567 autonomic effect Effects 0.000 description 2
- 238000011156 evaluation Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000004886 process control Methods 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
- 238000010977 unit operation Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
-
- G06Q50/40—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/30—Services specially adapted for particular environments, situations or purposes
- H04W4/40—Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
- H04W4/42—Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for mass transport vehicles, e.g. buses, trains or aircraft
Abstract
The present invention discloses one kind for railway signal system network information security methods of risk assessment, first constructs railway signal system information flow model and railway signal system functions of the equipments structural model: determining that signal system threatens scene further according to signal system information flow model and signal system functions of the equipments structural model;Then it is directed to different threat scenes, influence severity caused by firing a possibility that raw and attack of attacking against each other is analyzed;A possibility that being occurred according to attack and attack impact severity to determine network information security risk.The present invention can make the comprehensive railway signal system functions of the equipments safety feature of network information security risk assessment, improve the accuracy and practicability of the risk assessment of the railway signal system network information;Network information security risk assessment can be made to combine closely with railway service, more accurately reflect the risk that railway signal control system is faced.
Description
Technical field
The present invention relates to railway information security technology areas, specially a kind of to be used for the railway signal system network information security
Methods of risk assessment.
Background technique
Railway signal system is a kind of special industrial control system, often safety (Safety), reliability and reality
When property etc. is put in the first place, its Network Information Security Problem faced is not fully taken into account, to the risk of railway signal system
Assessment mainly solves control part of appliance random failure and thrashing problems.On the other hand, since railway signal system is adopted
Technical characterstic, the existing network information security methods of risk assessment for information system cannot be also applicable in well.Example
Such as, open (bulletin) number for CN106790198A Chinese invention patent, disclose " a kind of method for evaluating information system risk and
System ", this method determine that each risk of each assessment object in the information system is basic according to security risk report
The value of element, each risk fundamental include at least assets, three threat, fragility fundamentals, just do not cover
The influence to entire railway signal system service security risk such as railway signals equipment functional safety (Safety).In addition, railway
Signal system is train operation process control system, and the targeted assessment object of above-mentioned methods of risk assessment is assets, without deep
Degree combine control system service logic, cannot deeper into the risk portraying railway signal system and being faced.
Summary of the invention
In view of the above-mentioned problems, the purpose of the present invention is to provide one kind can be improved railway signal system network information risk
The accuracy and practicability of assessment, more accurately reflect the risk that railway signal control system is faced is used for railway signal system
System network information security methods of risk assessment.Technical solution is as follows:
One kind being used for railway signal system network information security methods of risk assessment, comprising the following steps:
Step 1: building railway signal system information flow model:
It according to the operation flow and logic of railway signal system, summarizes abstract, obtains signal system information flow model,
The information flow model includes the direction of the underlying dimension of signal system and the information flow of signal system;The signal system
The information of system includes the status information of each underlying dimension and the control letter that scheduling train drives safely by way of expectations
Breath;
Step 2: building railway signal system functions of the equipments structural model:
The railway signal system functions of the equipments structural model includes that signals security functions of the equipments structural model and safety are set
Standby traffic model, signal system equipment and technology feature is described in the signals security functions of the equipments structural model, with accurate
Analyze safety prevention measure used by signalling arrangement;The secure device communication model retouches signalling arrangement secure communication
It states;
Step 3: building railway signal system threatens scene:
Determine that signal system threatens scene according to signal system information flow model and signal system functions of the equipments structural model;
It includes that train hypervelocity, train overrun a signal and train interrupt that the signal system, which threatens scene,;
Step 4: for different threat scenes, attacking against each other fires a possibility that raw and is analyzed:
Attack occur a possibility that by the technical capability of attacker, the chance of access system, signal system profession is known
The degree of understanding of knowledge and attack motivation determine;
Step 5: for different threat scenes, the influence severity caused by attack is analyzed;
Attack the severity that impacts by attack density and it is under attack after assets functional safety integrity levels
SIL (Safety Integrity Level) is determined;
Step 6: network information security Risk Calculation is carried out for different threat scenes:
A possibility that being occurred according to attack and attack impact severity to determine network information security risk.
Further, a possibility that attack occurs is divided into that possibility is low, in possibility and possibility is high;The attack
Caused by influence severity be divided into influence it is small, influence to neutralize influence it is big;To attack possibility it is low and meanwhile attack caused by influence
Small attack is determined as low danger risk;It is low while in influencing caused by attacking or influencing big attack row that possibility will be attacked
For, and influence small caused by attack while attacking the attack that in possibility or possibility is high and be determined as middle danger risk;It will
Big attack is influenced caused by attack simultaneously during attack possibility height while attack impact, and in attack possibility
It is determined as high risk;It is determined as serious high-risk wind for big attack is influenced caused by the high attack simultaneously of attack possibility
Danger.
Further, the functional safety integrity levels of the assets are divided into SIL0, SIL1, SIL2, SIL4;It will be by
The functional safety integrity levels of assets are that the attack of SIL0 or SIL1 is determined as influencing small attack after attack;It will be under attack
The functional safety integrity levels of assets are that the attack of SIL2 or SIL3 is determined as the attack in influence afterwards;Money after will be under attack
The functional safety integrity levels of production are that the attack of SIL4 is determined as influencing big attack.
The beneficial effects of the present invention are: the present invention can make the comprehensive railway signal system of network information security risk assessment
Functions of the equipments safety feature improves the accuracy and practicability of the risk assessment of the railway signal system network information;It can make net
Network information security risk evaluation is combined closely with railway service, more accurately reflects the wind that railway signal control system is faced
Danger.
Detailed description of the invention
Fig. 1 technical solution of the present invention process and schematic diagram.
Railway signal system information flow model figure in Fig. 2 technical solution of the present invention.
Railway signal system functions of the equipments structural model figure is built in Fig. 3 technical solution of the present invention.
Specific embodiment
The present invention is described in further details in the following with reference to the drawings and specific embodiments.The process and principle of appraisal procedure
As shown in Figure 1, including threatening scene, a possibility that occurring is attacked, the severity and the network information security impacted is attacked
Risk.By establishing information flow model, the information flow of signal system and the behavior relation of each element of system are described,
Threat scene is analyzed.By establishing signals security (Safety) functions of the equipments structural model, to signal system equipment skill
Art feature is described, accurately to analyze safety prevention measure used by signalling arrangement.It is set by establishing safety (Safety)
Signalling arrangement safety (Safety) communication is described in standby traffic model.In summary three models, by establishing railway letter
Number system information flow model and functional structure determine and threaten scene, to threatening scene to be analyzed and portrayed.
Attack occur a possibility that by the technical capability of attacker, the chance of access system, signal system profession is known
The degree of understanding of knowledge and attack motivation determine.It is complete by the safety of attack density and assets to attack the severity impacted
Whole property grade (SIL, Safety Integrity Level) determines.Or only utilize the safety integrity level of assets
(SIL) severity is influenced caused by attack to determine.A possibility that network information security risk is occurred by attack and attack are made
It is determined at the severity of influence.
Specific step is as follows:
Step 1: building railway signal system information flow model.
It according to the operation flow and logic of railway signal system, summarizes abstract, obtains signal system information flow model,
The information flow model includes the direction of the underlying dimension of signal system and the information flow of signal system;The signal system
The information of system includes the status information of each underlying dimension and the control letter that scheduling train drives safely by way of expectations
Breath.
As shown in Fig. 2, the underlying dimension of box representation signal system, the direction of arrow representative information flowing, signal
The information of system is broadly divided into two classes: the first kind, is the status information of each underlying dimension of signal system, is signal control
The basis that system is correctly controlled;Such as " the block section shape that train control center (TCC) is sent to release-locking device (CBI) in Fig. 2
" the section direction/carry out information " that state " or release-locking device (CBI) are sent to train control center (TCC).Second class is control letter
Breath, scheduling train drive safely by way of expectations;As in Fig. 2 distributed autonomic (CTC) self-regulating machine to release-locking device
(CBI) what " the access way control order " or mobile unit (OBE) sent was sent to the distributed autonomic center (CTC) " adjusts
It drags out a miserable existence and enables ".
Step 2: building railway signal system functions of the equipments structural model.
The railway signal system functions of the equipments structural model includes that signals security functions of the equipments structural model and safety are set
Standby traffic model, signal system equipment and technology feature is described in the signals security functions of the equipments structural model, with accurate
Analyze safety prevention measure used by signalling arrangement;The secure device communication model retouches signalling arrangement secure communication
It states.
It is with railway signal system core control equipment radio block center (RBC, Radio Blocking Center)
Example analyzes its safety (Safety) functional architecture model, as shown in figure 3, RBC, which multiplies 2 using general-purpose computations server construction 2, takes 2
Computer system, system core logic processing unit include hardware platform, operating system, fail-safe processing software, using patrolling
Collect software and engineering configuration data etc..Wherein VPC_A (Vital Platform Computer) and VPC_B is at fail-safe
Unit is managed, and is referred to as FSPA (Fail-Safe-Platform A) and FSPB, for realizing RBC logic function, output makes
Energy unit is compared the operation result of VPC_A and VPC_B, is exported, is blocked if inconsistent defeated if consistent
Out.
Step 3: building railway signal system threatens scene.
Determine that signal system threatens scene according to signal system information flow model and signal system functions of the equipments structural model;
The signal system threat scene includes that the signal system threat scene includes in train hypervelocity, train overrun a signal and train
Disconnected operation.By establishing railway signal system information flow model, determines and threaten scene, network information security risk can be made to comment
Estimate and combine closely with railway service, more accurately reflects the risk that railway signal control system is faced.
It causes train to exceed the speed limit for target of attack with malicious attack, is that RBC system illustrates (as shown in table 1) so that position occurs,
According to RBC systematic functional structrue model, RBC fail-safe unitary operation mistake and RBC export enabling unit program/data quilt
Forgery will cause train hypervelocity, therefore available two threats scene, (1) malicious persons cause RBC fail-safe unit
Operation mistake;(2) RBC output enabling unit program/data are distorted/forged to malicious persons.
The threat scene that 1 malicious persons of table attack RBC causes train to exceed the speed limit
Step 4: for different threat scenes, attacking against each other fires a possibility that raw and is analyzed.
Attack occur a possibility that by the technical capability of attacker, the chance of access system, signal system profession is known
The degree of understanding of knowledge and attack motivation determine.Using table 2 be directed to different threat scenes, attack against each other fire a possibility that raw into
Row analysis.
A possibility that attack of table 2 occurs
Step 5: for different threat scenes, the influence severity caused by attack is analyzed.
The severity that impacts is attacked by the functional safety integrity levels (SIL:Safety of attack density and assets
IntegrityLevel it) determines.The functional safety integrity levels of assets are divided into SIL0, SIL1, SIL2, SIL4;It will be by
The functional safety integrity levels of assets are that the attack of SIL0 or SIL1 is determined as influencing small attack after attack;It will be under attack
The functional safety integrity levels of assets are that the attack of SIL2 or SIL3 is determined as the attack in influence afterwards;Money after will be under attack
The functional safety integrity levels of production are that the attack of SIL4 is determined as influencing big attack.
Determine that influence severity caused by attack makes network using the functional safety integrity levels (SIL) of assets
Information security risk evaluation integrates railway signal system functions of the equipments safety feature, improves railway signal system network information risk
The accuracy and practicability of assessment.
It is directed to different threat scenes using using table 3, influences to analyze caused by attack.
Table 3 influences caused by attacking
Step 6: network information security Risk Calculation is carried out for different threat scenes:
A possibility that being occurred according to attack and attack impact severity to determine network information security risk.It utilizes
4 pairs of table different threat scenes carry out Risk Calculation.
4 Risk Calculation of table
It will be divided into attack a possibility that occurring that possibility is low, in possibility and possibility is high;It is influenced caused by the attack
Severity, which is divided into, influences small, influence neutralization influence greatly;To attack possibility it is low and meanwhile attack caused by influence small attack row
To be determined as low danger risk;It is low while in influencing caused by attacking or influencing big attack, Yi Jigong that possibility will be attacked
Influence is small caused by hitting while attacking the attack that in possibility or possibility is high and is determined as middle danger risk;Possibility will be attacked
It is high simultaneously influenced during attack impacts, and caused by being attacked simultaneously in attack possibility big attack be determined as it is high-risk
Risk;It is determined as serious high risk for big attack is influenced caused by the high attack simultaneously of attack possibility.
Claims (3)
1. one kind is used for railway signal system network information security methods of risk assessment, which comprises the following steps:
Step 1: building railway signal system information flow model:
It according to the operation flow and logic of railway signal system, summarizes abstract, obtains signal system information flow model, it is described
Information flow model includes the direction of the underlying dimension of signal system and the information flow of signal system;The signal system
Information includes the status information of each underlying dimension and the control information that scheduling train drives safely by way of expectations;
Step 2: building railway signal system functions of the equipments structural model:
The railway signal system functions of the equipments structural model includes that signals security functions of the equipments structural model and safety equipment are logical
Believe model, signal system equipment and technology feature is described in the signals security functions of the equipments structural model, accurately to analyze
Safety prevention measure used by signalling arrangement;Signalling arrangement secure communication is described in the secure device communication model;
Step 3: building railway signal system threatens scene:
Determine that signal system threatens scene according to signal system information flow model and signal system functions of the equipments structural model;It is described
It includes that train hypervelocity, train overrun a signal and train interrupt that signal system, which threatens scene,;
Step 4: for different threat scenes, attacking against each other fires a possibility that raw and is analyzed:
Attack occur a possibility that by the technical capability of attacker, the chance of access system, to signal system professional knowledge
Degree of understanding and attack motivation determine;
Step 5: for different threat scenes, the influence severity caused by attack is analyzed;
Attack the severity that impacts by attack density and it is under attack after assets functional safety integrity levels SIL Lai
It determines;
Step 6: network information security Risk Calculation is carried out for different threat scenes:
A possibility that being occurred according to attack and attack impact severity to determine network information security risk.
2. according to claim 1 be used for railway signal system network information security methods of risk assessment, which is characterized in that
A possibility that attack occurs is divided into that possibility is low, in possibility and possibility is high;The serious journey of influence caused by the attack
It spends to be divided into and influences small, influence neutralization influence greatly;It is low while influencing small attack caused by attacking and determine that possibility will be attacked
For low danger risk;It is low while in influencing caused by attacking or influencing big attack that possibility will be attacked, and attack causes
Influence it is small while attacking the attack that in possibility or possibility is high and be determined as middle danger risk;Possibility height will be attacked simultaneously
During attack impacts, and big attack is influenced caused by attacking simultaneously in attack possibility and is determined as high risk;
It is determined as serious high risk for big attack is influenced caused by the high attack simultaneously of attack possibility.
3. the network information security methods of risk assessment of railway signal safety equipment according to claim 1 or 2, feature
It is, the functional safety integrity levels of the assets are divided into SIL0, SIL1, SIL2, SIL4;The function of assets after will be under attack
The attack that energy safety integrity level is SIL0 or SIL1 is determined as influencing small attack;The function peace of assets after will be under attack
Full integrity levels are that the attack of SIL2 or SIL3 is determined as the attack in influence;The functional safety of assets is complete after will be under attack
Whole property grade is that the attack of SIL4 is determined as influencing big attack.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811569418.9A CN109688003B (en) | 2018-12-21 | 2018-12-21 | Network information security risk assessment method for railway signal system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811569418.9A CN109688003B (en) | 2018-12-21 | 2018-12-21 | Network information security risk assessment method for railway signal system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109688003A true CN109688003A (en) | 2019-04-26 |
| CN109688003B CN109688003B (en) | 2021-05-18 |
Family
ID=66188717
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811569418.9A Active CN109688003B (en) | 2018-12-21 | 2018-12-21 | Network information security risk assessment method for railway signal system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109688003B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110682875A (en) * | 2019-09-19 | 2020-01-14 | 中国第一汽车股份有限公司 | Vehicle safety risk assessment method and device and vehicle |
| CN112465302A (en) * | 2020-11-06 | 2021-03-09 | 中国航空工业集团公司西安航空计算技术研究所 | System and method for evaluating network security risk of civil aircraft airborne system |
| CN112787836A (en) * | 2019-11-07 | 2021-05-11 | 比亚迪股份有限公司 | Information security network topology and method for implementing information security |
| CN113065195A (en) * | 2021-04-02 | 2021-07-02 | 中国第一汽车股份有限公司 | Vehicle information security threat assessment method, device, medium and electronic equipment |
| CN113610338A (en) * | 2021-06-23 | 2021-11-05 | 卡斯柯信号有限公司 | Rail transit signal system safety risk evaluation and risk early warning method and device |
| CN114978569A (en) * | 2022-03-09 | 2022-08-30 | 西南交通大学 | Threat analysis method for railway signal control system based on information physical fusion |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107067129A (en) * | 2016-12-12 | 2017-08-18 | 北京交通大学 | Way and structures risk case possibility acquisition methods and system based on grid |
| CN107995225A (en) * | 2017-12-26 | 2018-05-04 | 国网河南省电力公司信息通信公司 | A kind of security even analysis method towards complex network |
| CN108876184A (en) * | 2018-06-29 | 2018-11-23 | 中车建设工程有限公司 | A kind of security risk evaluations and method for early warning of Railway Tunnel operation phase |
-
2018
- 2018-12-21 CN CN201811569418.9A patent/CN109688003B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107067129A (en) * | 2016-12-12 | 2017-08-18 | 北京交通大学 | Way and structures risk case possibility acquisition methods and system based on grid |
| CN107995225A (en) * | 2017-12-26 | 2018-05-04 | 国网河南省电力公司信息通信公司 | A kind of security even analysis method towards complex network |
| CN108876184A (en) * | 2018-06-29 | 2018-11-23 | 中车建设工程有限公司 | A kind of security risk evaluations and method for early warning of Railway Tunnel operation phase |
Non-Patent Citations (2)
| Title |
|---|
| YU-TSO CHEN: "Modeling Information Security Threats for Smart Grid Applications by Using Software Engineering and Risk Management", 《2018 IEEE INTERNATIONAL CONFERENCE ON SMART ENERGY GRID ENGINEERING (SEGE)》 * |
| 李赛飞 等: "铁路通信网络安全的分析测试与可信防御研究", 《西南交通大学学报》 * |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110682875A (en) * | 2019-09-19 | 2020-01-14 | 中国第一汽车股份有限公司 | Vehicle safety risk assessment method and device and vehicle |
| CN112787836A (en) * | 2019-11-07 | 2021-05-11 | 比亚迪股份有限公司 | Information security network topology and method for implementing information security |
| CN112465302A (en) * | 2020-11-06 | 2021-03-09 | 中国航空工业集团公司西安航空计算技术研究所 | System and method for evaluating network security risk of civil aircraft airborne system |
| CN112465302B (en) * | 2020-11-06 | 2022-12-06 | 中国航空工业集团公司西安航空计算技术研究所 | System and method for evaluating network security risk of civil aircraft airborne system |
| CN113065195A (en) * | 2021-04-02 | 2021-07-02 | 中国第一汽车股份有限公司 | Vehicle information security threat assessment method, device, medium and electronic equipment |
| CN113610338A (en) * | 2021-06-23 | 2021-11-05 | 卡斯柯信号有限公司 | Rail transit signal system safety risk evaluation and risk early warning method and device |
| CN114978569A (en) * | 2022-03-09 | 2022-08-30 | 西南交通大学 | Threat analysis method for railway signal control system based on information physical fusion |
| CN114978569B (en) * | 2022-03-09 | 2023-05-05 | 西南交通大学 | Threat analysis method for railway signal control system with information physical fusion |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109688003B (en) | 2021-05-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109688003A (en) | One kind being used for railway signal system network information security methods of risk assessment | |
| US10440048B1 (en) | Anti-attacking modelling for CMD systems based on GSPN and Martingale theory | |
| Hughes et al. | Quantitative metrics and risk assessment: The three tenets model of cybersecurity | |
| Asaka et al. | A method of tracing intruders by use of mobile agents | |
| Yang et al. | Anomaly-based intrusion detection for SCADA systems | |
| Salem et al. | A survey of insider attack detection research | |
| CN111818102B (en) | Defense efficiency evaluation method applied to network target range | |
| CN105868629B (en) | Security threat situation assessment method suitable for electric power information physical system | |
| CN109660556A (en) | User log-in method, device, equipment and storage medium based on information security | |
| Liao et al. | Feature extraction and construction of application layer DDoS attack based on user behavior | |
| CN107294953A (en) | Attack operation detection method and device | |
| CN111553569B (en) | Method, device, equipment and storage medium for evaluating physical protection effectiveness of nuclear facility | |
| CN104281795A (en) | Mouse action based password fault tolerance method | |
| CN115150182B (en) | Information system network attack detection method based on flow analysis | |
| CN112291280A (en) | Network flow monitoring and auditing method and system | |
| Zhang et al. | An intrusion detection method of data tampering attack in communication-based train control system | |
| CN107612927A (en) | The safety detection method of electric power scheduling automatization system | |
| Perkins et al. | Using discrete event simulation to model attacker interactions with cyber and physical security systems | |
| Martinez-Moyano et al. | Modeling the emergence of insider threat vulnerabilities | |
| CN115664868A (en) | Security level determination method and device, electronic equipment and storage medium | |
| CN113094715B (en) | Network security dynamic early warning system based on knowledge graph | |
| KR102381277B1 (en) | Method And Apparatus for Providing Security for Defending Cyber Attack | |
| CN115018069A (en) | Multi-type mapping neural network back door risk assessment method, system and equipment | |
| CN114244623A (en) | Network security attack and defense drilling automatic scoring system | |
| CN112311815A (en) | Monitoring, auditing and anti-cheating method and system under training competition |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |