CN114117451B - Industrial robot system network attack path segmentation method - Google Patents
Industrial robot system network attack path segmentation method Download PDFInfo
- Publication number
- CN114117451B CN114117451B CN202111469018.2A CN202111469018A CN114117451B CN 114117451 B CN114117451 B CN 114117451B CN 202111469018 A CN202111469018 A CN 202111469018A CN 114117451 B CN114117451 B CN 114117451B
- Authority
- CN
- China
- Prior art keywords
- industrial robot
- robot system
- attack
- chain model
- attack chain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 230000011218 segmentation Effects 0.000 title claims description 15
- 239000011159 matrix material Substances 0.000 claims abstract description 55
- 238000011156 evaluation Methods 0.000 claims abstract description 46
- 230000007704 transition Effects 0.000 claims description 34
- 230000006399 behavior Effects 0.000 claims description 13
- 238000004364 calculation method Methods 0.000 claims description 9
- 238000012545 processing Methods 0.000 claims description 3
- 238000004458 analytical method Methods 0.000 claims description 2
- 238000012550 audit Methods 0.000 description 4
- 238000013139 quantization Methods 0.000 description 4
- 238000005065 mining Methods 0.000 description 3
- 238000004519 manufacturing process Methods 0.000 description 2
- FFBHFFJDDLITSX-UHFFFAOYSA-N benzyl N-[2-hydroxy-4-(3-oxomorpholin-4-yl)phenyl]carbamate Chemical compound OC1=C(NC(=O)OCC2=CC=CC=C2)C=CC(=C1)N1CCOCC1=O FFBHFFJDDLITSX-UHFFFAOYSA-N 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 238000005206 flow analysis Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000035515 penetration Effects 0.000 description 1
- 238000000513 principal component analysis Methods 0.000 description 1
- 238000011002 quantification Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012502 risk assessment Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/04—Manufacturing
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/30—Computing systems specially adapted for manufacturing
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Economics (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Strategic Management (AREA)
- General Physics & Mathematics (AREA)
- Tourism & Hospitality (AREA)
- Marketing (AREA)
- Entrepreneurship & Innovation (AREA)
- Software Systems (AREA)
- General Business, Economics & Management (AREA)
- Manufacturing & Machinery (AREA)
- Computing Systems (AREA)
- Primary Health Care (AREA)
- Health & Medical Sciences (AREA)
- Development Economics (AREA)
- Educational Administration (AREA)
- General Health & Medical Sciences (AREA)
- Game Theory and Decision Science (AREA)
- Operations Research (AREA)
- Quality & Reliability (AREA)
- Feedback Control In General (AREA)
Abstract
The invention discloses a method for dividing network attack paths of an industrial robot system, which comprises the following steps: step S1: carrying out risk element identification on the industrial robot system, and constructing an attack chain model of the industrial robot system; step S2: evaluating the network attack selection probability and the attack success probability of the industrial robot system, wherein the evaluation result is used as the weight of the directed arc of the attack chain model of the industrial robot system; step S3: outputting an industrial robot system attack chain model incidence matrix according to the input arc and the output arc weight of the industrial robot system attack chain model; step S4: sequentially searching a top library in an attack chain model association matrix of the industrial robot system, and searching matrix elements of each top library to a bottom library; step S5: and forming network attack paths of the industrial robot system according to the node sequence of the library. The method improves the efficiency of dividing the attack path and reduces the possibility of error division of the network attack path.
Description
Technical Field
The invention belongs to the field of information security risk assessment, and relates to a network attack path segmentation method of an industrial robot system.
Background
The industrial robot system is an important component part of the intelligent manufacturing industry, and a large number of automation equipment and intelligent sensors are contained in the industrial robot system, so that the operation efficiency and control accuracy of the industrial robot system are greatly improved, and the rapid development of the intelligent manufacturing industry is promoted. However, access to a large number of automation devices and intelligent sensors also increases potential safety hazards within the industrial robot system to some extent, and an attacker may simultaneously affect and destroy operation of the industrial robot system by adopting security holes specific to the industrial control system and security holes of the conventional information system. Moreover, because the industrial robot system has a more compact structure compared with other industrial control systems, an attacker can develop penetration attack on core equipment of the industrial robot system by utilizing a series of network attack behaviors, so that an attack chain model of the industrial robot system is constructed, and the safety protection is of great research significance on the basis.
For an attack chain model of an industrial robot system, because the utilization relation of all security vulnerabilities is complex, a proper method needs to be selected to segment a network attack path in the attack chain model. The traditional method is low in efficiency when applied to network attack path segmentation and is difficult to distinguish the logic of the combined attack, so that an efficient and accurate network attack path segmentation method needs to be found.
Disclosure of Invention
Aiming at the problems that the security vulnerability exploitation relationship of an industrial robot system is complex, the traditional method is low in efficiency of network attack path segmentation and difficult to distinguish the logic of the combined attack, the invention provides the network attack path segmentation method of the industrial robot system.
The invention aims at realizing the following technical scheme:
a network attack path segmentation method of an industrial robot system comprises the following steps:
step S1: carrying out risk element identification on the industrial robot system, and constructing an attack chain model of the industrial robot system;
step S2: evaluating the network attack selection probability and the attack success probability of the industrial robot system, wherein the evaluation result is used as the weight of the directed arc of the attack chain model of the industrial robot system;
step S3: outputting an industrial robot system attack chain model incidence matrix according to the input arc and the output arc weight of the industrial robot system attack chain model;
step S4: sequentially searching a top library in an attack chain model association matrix of the industrial robot system, and searching matrix elements of each top library to a bottom library;
step S5: and forming network attack paths of the industrial robot system according to the node sequence of the library.
Compared with the prior art, the invention has the following advantages:
according to the method, the attack chain model of the industrial robot system is analyzed, the link relation between the top library and the bottom library is determined according to the directional arc weight of the attack chain model of the industrial robot system, all the network attack paths of the industrial robot system are segmented on the basis of the attack chain model of the industrial robot system, and compared with the traditional method, the method has the advantages that the network attack path segmentation efficiency is low, and the combination attack logic is difficult to distinguish.
Drawings
Fig. 1 is an overall flowchart of the network attack path segmentation method of the industrial robot system of the present invention.
Fig. 2 is an example of an attack chain model of the industrial robot system of the present invention.
Fig. 3 is a specific flowchart of the network attack path splitting method of the industrial robot system according to the present invention.
Detailed Description
The following description of the present invention is provided with reference to the accompanying drawings, but is not limited to the following description, and any modifications or equivalent substitutions of the present invention should be included in the scope of the present invention without departing from the spirit and scope of the present invention.
The invention provides a method for dividing network attack paths of an industrial robot system, which is shown in figure 1 and comprises the following steps:
step S1: carrying out risk element identification on the industrial robot system according to related software such as log audit, vulnerability mining and the like, and constructing an attack chain model of the industrial robot system;
step S2: evaluating the network attack selection probability and the attack success probability of the industrial robot system by expert scoring and other methods, wherein the evaluation result is used as the weight of the directed arc of the attack chain model of the industrial robot system;
step S3: outputting an industrial robot system attack chain model incidence matrix according to the input arc and the output arc weight of the industrial robot system attack chain model;
step S4: sequentially searching a top library in an attack chain model association matrix of the industrial robot system, and searching matrix elements of each top library to a bottom library;
step S5: and forming network attack paths of the industrial robot system according to the node sequence of the library.
As shown in fig. 3, the specific implementation steps are as follows:
step S1: carrying out risk element identification on the industrial robot system according to related software such as log audit, vulnerability mining and the like, determining assets, threats and potential vulnerabilities contained in the industrial robot system, and sequentially assigning numbers to the threats and the vulnerabilities;
step S2: the method comprises the steps of selecting an attack starting state of an industrial robot system as an attack chain starting node, according to the utilization relation of threat and vulnerability in the industrial robot system, using the threat as a transition node t of an attack chain model, using the vulnerability as a library node p of the attack chain model, connecting the library node p and the transition node t through directed arcs delta and gamma in sequence until a final attack target is reached, and constructing a Petri network attack chain model;
step S3: according to the assignment results of experts on assets, threats and vulnerabilities in the industrial robot system, calculating attack selection probability of risks in the industrial robot system, and taking the attack selection probability as the weight of the input arc of the corresponding transition, wherein the calculation formulas of the attack selection probability and the weight of the input arc of the corresponding transition are as follows:
wherein R is C Selecting probability for attack, wherein delta is an attack chain model input arc of the industrial robot system, w (delta) is the weight of the attack chain model input arc of the industrial robot system, and As, th and Vu are assignment results of assets, threats and vulnerability corresponding to risks in the industrial robot system respectively;
step S4: selecting safety evaluation indexes of the industrial robot system according to GB/T22239-2019 and other standards, classifying the safety evaluation indexes according to the evaluation content of the safety evaluation indexes to form safety rating unit indexes, constructing a three-layer industrial robot system safety evaluation index system by taking a safety evaluation result as a target layer, taking the safety rating unit indexes as a standard layer and taking the safety evaluation indexes as a scheme layer, scoring the safety evaluation indexes, and calculating corresponding safety protection capability quantization results of each threat behavior by adopting a hierarchical analysis method according to the constructed industrial robot system safety evaluation index system and index evaluation results;
step S5: carrying out standardization processing on the quantization results of the safety protection capacities, and calculating attack success probability to be used as the weight of the output arc of the corresponding transition, wherein the weight calculation formula of the output arc is as follows:
wherein, gamma is the output arc of the attack chain model of the industrial robot system, w (gamma) is the output arc weight of the attack chain model of the industrial robot system, w is the weight vector of each safety evaluation index, v= (v) 1 ,v 2 ,···,v s ) V ' = (v ') as an evaluation result vector of each security evaluation index for threat behavior ' 1 ,v′ 2 ,···,v′ s ) An ideal evaluation result vector for each safety evaluation index aiming at threat behaviors;
step S6: calculating the numbers m and n of library nodes and transition nodes in the industrial robot systemRespectively forming an attack chain model input matrix I m×n And output matrix O m×n Wherein, the attack chain model inputs matrix I m×n And output matrix O m×n The calculation method of (1) is as follows:
in delta i,j 、γ p,q Respectively an input arc of a transition node and an output arc of the transition node of the attack chain model of the industrial robot system, wherein i and j are delta respectively i,j At I m×n Corresponding to the number of the nodes in the attack chain model library of the industrial robot system and the number of the transition nodes, p and q are gamma respectively p,q At O m×n Corresponding to the number of rows and columns of the industrial robot system attack chain model transition node and library node, w (delta) i,j )、w(γ p,q ) Input matrix I for attack chain models of industrial robot systems respectively m×n Output matrix O m×n The elements in the model correspond to the input arc weight of the transition node and the output arc weight of the transition node of the attack chain model of the industrial robot system;
step S7: obtaining an attack chain model incidence matrix of the industrial robot system according to the input matrix and the output matrix of the attack chain model, wherein the calculation method of the attack chain model incidence matrix of the industrial robot system comprises the following steps:
RL m×n =O m×n -I m×n ;
in the formula, RL m×n For the attack chain model incidence matrix of the industrial robot system, I m×n Input matrix for attack chain model of industrial robot system, O m×n Outputting a matrix for an attack chain model of the industrial robot system;
step S8: searching rows of the incidence matrix with non-negative real numbers, if yes, entering a step S9, otherwise, entering a step S15;
step S9: selecting a row which is not searched by the incidence matrix and has only non-negative real numbers, and recording the corresponding column number A i The non-negative real number corresponding element is an attack chain modelSetting i, j and k=0 in the top library;
step S10: letting i increase by 1, judging whether i is not greater than n, if so, proceeding to step S11, otherwise proceeding to step S15;
step S11: search column A i Line B with median negative j ;
Step S12: letting j increase by 1, judging whether j is not greater than m, if so, entering step S13, otherwise entering S10;
step S13: search column B j Column C with median positive number k ;
Step S14: let k increase 1 by oneself, judge k is not greater than n, if yes, enter step S11, otherwise enter step S12;
step S15: and forming the network attack path of the industrial robot system by taking the reverse sequence of the search sequence.
Examples:
for ease of understanding, FIG. 2 shows one example of an industrial robot system attack chain model of the present invention. There are 11 library nodes and 7 transition nodes in the figure.
As shown in fig. 3, the specific implementation steps of the network attack path splitting method of the industrial robot system of the present embodiment are as follows:
step S1: and carrying out risk element identification on the industrial robot system according to related software such as log audit and vulnerability mining, determining assets, threats and potential vulnerabilities contained in the industrial robot system by methods such as flow analysis, log audit and vulnerability scanning according to the risk element identification result of the industrial robot system, and sequentially assigning numbers to the threats and the vulnerabilities.
Step S2: the method comprises the steps of selecting an attack starting state of an industrial robot system as an attack chain starting node, according to the utilization relation of threat and vulnerability in the industrial robot system, using the threat as a transition node t of an attack chain model, using the vulnerability as a library node p of the attack chain model, connecting the library node p and the transition node t through directed arcs delta and gamma in sequence until a final attack target is reached, and constructing a Petri network attack chain model.
Step S3: and calculating attack selection probability of risks in the industrial robot system according to assignment results of experts on assets, threats and vulnerabilities in the industrial robot system, and taking the attack selection probability as the weight of the input arc of the corresponding transition.
In this embodiment, the assignment results of the assets, threats, and vulnerabilities corresponding to the risks in the industrial robot system are respectively As, th, and Vu, and the interval of each assignment result is (0, 5)]The attack selection probability R of the risk C And the weight w (delta) of the corresponding transition input arc is calculated as follows:
step S4: according to the constructed industrial robot system safety evaluation index system and index evaluation result, calculating safety evaluation index weight by adopting a analytic hierarchy process, and calculating corresponding safety protection capacity quantization results of each threat behavior.
In this embodiment, the industrial robot system safety evaluation index system may be constructed by methods such as principal component analysis and ReliefF, and the index evaluation result is scored by an expert for meeting the requirements of each safety protection. The safety evaluation index system of the constructed industrial robot system is provided with s safety evaluation indexes, and the weight vector of each safety evaluation index is calculated as w= (w) by a analytic hierarchy process 1 ,w 2 ,···,w s ) The evaluation result vector of each security evaluation index for threat behavior obtained by expert scoring is v= (v) 1 ,v 2 ,···,v s ) The corresponding security protection capability quantifying result of the threat behavior is:
V=w×v T (2)。
step S5: and (3) carrying out standardization processing on the security protection capability quantification results, and calculating attack success probability as the weight of the output arc of the corresponding transition.
In this embodiment, let the ideal evaluation result (i.e. completely satisfying the safety protection requirement) vector of each safety evaluation index for threat behavior be v ' = (v ') ' 1 ,v′ 2 ,···,v′ s ),The standardized threat behavior corresponding security protection capability quantization result is:
V′=w×v′ T (3)
probability of attack success R S And the calculation formula of the weight w (gamma) of the transition output arc is as follows:
step S6: and calculating the numbers m and n of nodes in the library and transition nodes in the industrial robot system to respectively form an attack chain model input matrix and an attack chain model output matrix.
In this embodiment, the attack chain model input matrix I m×n The method comprises the following steps:
in the present embodiment, the attack chain model input matrix O m×n The method comprises the following steps:
in this embodiment, the attack chain model input matrix I m×n Element w (delta) 5,4 ) Represented as a library node p 5 Connection transition node t 4 The weights of the directed arcs of (2) and the meaning of other elements in the matrix are the same; attack chain model input matrix O m×n Element w (delta) 1,3 ) Represented as transition node t 1 Node p of connection base 3 The weights of the directed arcs of (a) and the meaning of other elements in the matrix are the same.
Step S7: and obtaining an attack chain model association matrix of the industrial robot system according to the attack chain model input matrix and the attack chain model output matrix.
In this embodiment, the industrial robot system attack chain model association matrix RL m×n The calculation formula of (2) is as follows:
step S8: the search correlation matrix has only rows with non-negative real numbers, if yes, the step S9 is entered, otherwise the step S15 is entered.
In the present embodiment, the correlation matrix RL m×n Only the rows of non-negative real numbers have 10, 11 rows.
Step S9: selecting a row which is not searched by the incidence matrix and has only non-negative real numbers, and recording the corresponding column number A i The non-negative real number corresponding element is the attack chain model top library, i, j, k=0.
In the present embodiment, the association matrix RL is used m×n Row 10, corresponding column number a i 5 or 6. Wherein A is i 5 the library node of the attack chain model top library is p 10 ,A i The library node of the top library of the attack chain model of 6 is p 10 。
Step S10: and (3) increasing i by 1, judging whether i is not more than n, if so, entering S11, otherwise, entering S15.
Step S11: search column A i Line B with median negative j 。
In the present embodiment, the association matrix RL is used m×n In A of i For example 6, search column A i Line B with median negative j Is 8, the corresponding element is-w (delta) 8,6 )。
Step S12: and (3) increasing j by 1, judging whether j is not more than m, if so, entering S13, otherwise, entering S10.
Step S13: search column B j Column C with median positive number k 。
In the present embodiment, the association matrix RL is used m×n B in (B) j For example 8, search column B j Column C with median positive number k 4, the corresponding element is w (gamma 4,8 )。
Step S14: and (3) increasing k by 1, judging whether k is not more than n, if so, proceeding to step S11, otherwise proceeding to step S12.
Step S15: and forming the network attack path of the industrial robot system by taking the reverse sequence of the search sequence.
In this embodiment, a certain path searched for is set as { p } 11 ,p 9 ,p 4 ,p 3 ,p 1 The network attack path of the industrial robot system obtained by the search is { p } 1 ,p 3 ,p 4 ,p 9 ,p 11 }。
Claims (5)
1. The industrial robot system network attack path segmentation method is characterized by comprising the following specific steps:
step S1: carrying out risk element identification on the industrial robot system, determining the assets, the threats and the potential vulnerabilities contained in the industrial robot system, and sequentially assigning numbers to the threats and the vulnerabilities;
step S2: the attack starting state of the industrial robot system is selected as an attack chain starting node, and the threat is used as a transition node of an attack chain model according to the utilization relation of the threat and vulnerability in the industrial robot systemtVulnerability as a library node for attack chain modelspNode the librarypAnd a transition nodetSequentially pass through directional arcs、/>Connecting until reaching a final attack target, and constructing a Petri network attack chain model;
step S3: calculating attack selection probability of risks in the industrial robot system according to assignment results of experts on assets, threats and vulnerabilities in the industrial robot system, and taking the attack selection probability as the weight of an input arc of the corresponding transition;
step S4: selecting safety evaluation indexes of the industrial robot system, classifying the safety evaluation indexes according to the evaluation content of the safety evaluation indexes to form safety rating unit indexes, constructing a three-layer industrial robot system safety evaluation index system by taking a safety evaluation result as a target layer, taking the safety rating unit indexes as a criterion layer and taking the safety evaluation indexes as a scheme layer, scoring the safety evaluation indexes, and calculating corresponding safety protection capability quantitative results of each threat behavior by adopting a hierarchical analysis method according to the constructed industrial robot system safety evaluation index system and the index evaluation results;
step S5: carrying out standardized processing on the quantized results of each safety protection capability, and calculating attack success probability as the weight of an output arc of the corresponding transition;
step S6: calculating the number of library nodes and transition nodes in an industrial robot systemm、nRespectively forming an attack chain model input matrix and an attack chain model output matrix;
step S7: obtaining an attack chain model association matrix of the industrial robot system according to the input matrix and the output matrix of the attack chain model;
step S8: searching rows of the incidence matrix with non-negative real numbers, if yes, entering a step S9, otherwise, entering a step S15;
step S9: selecting rows which are not searched by the incidence matrix and have only non-negative real numbers, and recording the corresponding column numbersA i The non-negative real number corresponding element is the top base of the attack chain model, and is arrangedi , j , k=0;
Step S10: order theiSelf-increasing 1, judgeiWhether or not to be not greater thannIf yes, go to step S11, otherwise go to step S15;
step S11: search columnA i Rows with median negativeB j ;
Step S12: order thejSelf-increasing 1, judgejWhether or not to be not greater thanmIf yes, go to step S13, otherwise go to step S10;
step S13: search columnB j Column with median positive numberC k ;
Step S14: order thekSelf-increasing 1, judgekWhether or not to be not greater thannIf yes, go to step S11, otherwise go to step S12;
step S15: and forming the network attack path of the industrial robot system by taking the reverse sequence of the search sequence.
2. The industrial robot system network attack path segmentation method according to claim 1, wherein the attack selection probability and the weight of the transition input arc are calculated by the following formula:
;
in the method, in the process of the invention,selecting probabilities for attacks->Inputting arcs for an attack chain model of an industrial robot system, < >>The weights of the arcs are input for the industrial robot system attack chain model,As、Th、Vuand respectively assigning results of assets, threats and vulnerabilities corresponding to risks in the industrial robot system.
3. The industrial robot system network attack path segmentation method according to claim 1, wherein the weight calculation formula of the output arc is:
;
in the method, in the process of the invention,outputting an arc for an attack chain model of the industrial robot system, < ->Outputting arc weights for an attack chain model of an industrial robot system, < +.>Weight vector for each safety evaluation index, +.>For the evaluation result vector of each safety evaluation index for threat behavior,/for the safety evaluation index for threat behavior>Is an ideal evaluation result vector of each safety evaluation index aiming at threat behaviors.
4. The industrial robot system network attack path segmentation method according to claim 1, wherein the attack chain model input matrixAnd output matrix->The calculation method of (1) is as follows:
;
in the method, in the process of the invention,、/>respectively an input arc of a transition node and an output arc of the transition node of the attack chain model of the industrial robot system, < >>Respectively->At->Corresponding to the number of rows and columnsIn the node number and transition node number of the attack chain model library of the industrial robot system, +.>Respectively->At->Corresponding to the number of rows and columns of the industrial robot system attack chain model transition node and library node, and +.>、/>Input matrix for attack chain model of industrial robot system respectively>Output matrix->The elements in the model correspond to the input arc weight of the transition node and the output arc weight of the transition node of the attack chain model of the industrial robot system.
5. The industrial robot system network attack path segmentation method according to claim 1, wherein the industrial robot system attack chain model association matrix calculation method is as follows:
;
in the method, in the process of the invention,for the industrial robot system attack chain model incidence matrix, < +.>Inputting a matrix for an attack chain model of an industrial robot system, < >>And outputting a matrix for the attack chain model of the industrial robot system.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111469018.2A CN114117451B (en) | 2021-12-04 | 2021-12-04 | Industrial robot system network attack path segmentation method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111469018.2A CN114117451B (en) | 2021-12-04 | 2021-12-04 | Industrial robot system network attack path segmentation method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114117451A CN114117451A (en) | 2022-03-01 |
CN114117451B true CN114117451B (en) | 2023-08-11 |
Family
ID=80366510
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111469018.2A Active CN114117451B (en) | 2021-12-04 | 2021-12-04 | Industrial robot system network attack path segmentation method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114117451B (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102638458A (en) * | 2012-03-23 | 2012-08-15 | 中国科学院软件研究所 | Method for identifying vulnerability utilization safety threat and determining associated attack path |
CN112491801A (en) * | 2020-10-29 | 2021-03-12 | 国电南瑞科技股份有限公司 | Incidence matrix-based object-oriented network attack modeling method and device |
US11140189B2 (en) * | 2013-08-23 | 2021-10-05 | The Boeing Company | System and method for discovering optimal network attack paths |
-
2021
- 2021-12-04 CN CN202111469018.2A patent/CN114117451B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102638458A (en) * | 2012-03-23 | 2012-08-15 | 中国科学院软件研究所 | Method for identifying vulnerability utilization safety threat and determining associated attack path |
US11140189B2 (en) * | 2013-08-23 | 2021-10-05 | The Boeing Company | System and method for discovering optimal network attack paths |
CN112491801A (en) * | 2020-10-29 | 2021-03-12 | 国电南瑞科技股份有限公司 | Incidence matrix-based object-oriented network attack modeling method and device |
Non-Patent Citations (1)
Title |
---|
《基于对象Petri网的信任攻击建模与分析》;黄光球;系统仿真学报;第29卷(第8期);1702-1711 * |
Also Published As
Publication number | Publication date |
---|---|
CN114117451A (en) | 2022-03-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112905421B (en) | Container abnormal behavior detection method of LSTM network based on attention mechanism | |
KR102271449B1 (en) | Artificial intelligence model platform and operation method thereof | |
CN112966100B (en) | Training method and device for data classification and classification model and electronic equipment | |
CN114900346B (en) | Network security testing method and system based on knowledge graph | |
CN117220920A (en) | Firewall policy management method based on artificial intelligence | |
CN115225336A (en) | Vulnerability availability calculation method and device for network environment | |
CN114117451B (en) | Industrial robot system network attack path segmentation method | |
Shao et al. | Malicious code classification method based on deep residual network and hybrid attention mechanism for edge security | |
CN114139374B (en) | Industrial robot system attack chain modeling method based on Petri network | |
CN114861739B (en) | Characteristic channel selectable multi-component system degradation prediction method and system | |
CN116545679A (en) | Industrial situation security basic framework and network attack behavior feature analysis method | |
CN114201199B (en) | Protection upgrading method based on big data of information security and information security system | |
Nguyen et al. | Toward the analysis of graph neural networks | |
CN113254939B (en) | Intelligent contract vulnerability detection method based on multi-attention mechanism and self-adaptive learning | |
CN112651026B (en) | Application version mining method and device with service safety problem | |
Luo et al. | A Language Model-based Fine-Grained Address Resolution Framework in UAV Delivery System | |
CN114254130A (en) | Relation extraction method of network security emergency response knowledge graph | |
CN106095813A (en) | A kind of identification method of user identifier and device | |
Cheng et al. | Optimization of life-cycle cost of retrofitting school buildings under seismic risk using evolutionary support vector machine | |
CN117725597B (en) | Vulnerability threat prediction method based on space-time memory network | |
AU2021103651A4 (en) | A method and system for performing weather forecast | |
CN115640577B (en) | Vulnerability detection method and system for binary Internet of things firmware program | |
CN114139165B (en) | Intelligent contract vulnerability detection method based on multi-target recognition in machine learning | |
Yan et al. | Malware variants detection based on ensemble learning | |
CN117610410A (en) | Thermal hydraulic constitutive model construction method, device, equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |