《電子技術(shù)應(yīng)用》
您所在的位置:首頁(yè) > 模拟设计 > 设计应用 > 基于贝叶斯攻击图的油气生产物联网系统风险评估
基于贝叶斯攻击图的油气生产物联网系统风险评估
网络安全与数据治理
刘子龙1,周纯杰1,胡晓娅1,2,曹德舜3,李娜3
1.华中科技大学人工智能与自动化学院;2.深圳华中科技大学研究院;3.中石化安全工程研究院有限公司
摘要: 针对油气生产物联网系统动态风险评估问题,提出一种基于贝叶斯攻击图的油气生产物联网系统风险评估模型。首先通过对系统进行风险分析,得到入侵证据及系统漏洞,结合入侵证据和漏洞利用成功概率,采用EM算法对训练数据进行数据补全并动态更新贝叶斯攻击图的条件概率参数表,通过条件概率表可计算得出先验概率,结合入侵证据计算得到节点的后验概率,进而得到系统的风险值,考虑资源利用的相关性对风险值进行最终修正。仿真结果分析证明了该模型的有效性和准确性。
中圖分類(lèi)號(hào):TP309 文獻(xiàn)標(biāo)識(shí)碼:ADOI:10.19358/j.issn.2097-1788.2024.04.001
引用格式:劉子龍,周純杰,胡曉婭,等.基于貝葉斯攻擊圖的油氣生產(chǎn)物聯(lián)網(wǎng)系統(tǒng)風(fēng)險(xiǎn)評(píng)估[J].網(wǎng)絡(luò)安全與數(shù)據(jù)治理,2024,43(4):3-11,23.
Risk assessment of oil and gas production IoT system based on Bayesian attack graph
Liu Zilong1,Zhou Chunjie1, Hu Xiaoya1,2,Cao Deshun3, Li Na3
1.School of Artificial Intelligence and Automation, Huazhong University of Science and Technology; 2.Research Institute of Huazhong University of Science and Technology in Shenzhen; 3.SINOPEC Research Institute of Safety Engineering Co.,
Abstract: Aiming at the dynamic risk assessment of oil and gas production IoT system, a risk assessment model of oil and gas production IoT system based on Bayesian attack graph was proposed. Firstly, through the risk analysis of the system, the intrusion evidence and system vulnerabilities are obtained, combined with the intrusion evidence and the success probability of vulnerability exploitation, the EM algorithm is used to complete the data of the training data and dynamically update the conditional probability parameter table of the Bayesian attack graph, the prior probability can be calculated through the conditional probability table, and the posterior probability of the node is calculated by combining the intrusion evidence, then the risk value of the system is obtained, and the risk value is finally corrected considering the correlation of resource utilization. The simulation results have proved the effectiveness and accuracy of the model.
Key words : Bayesian attack diagram; Bayesian parameter learning; valueatrisk calculation; risk value correction

引言

隨著信息技術(shù)的不斷發(fā)展和油氣產(chǎn)業(yè)的不斷推進(jìn),油氣生產(chǎn)物聯(lián)網(wǎng)系統(tǒng)逐步演化為開(kāi)放、互聯(lián)互通式系統(tǒng),在監(jiān)測(cè)、控制和優(yōu)化油氣生產(chǎn)過(guò)程中發(fā)揮著日益重要的作用。然而信息技術(shù)和物理系統(tǒng)的深度融合,使得油氣生產(chǎn)物聯(lián)網(wǎng)系統(tǒng)面臨著極大的信息安全威脅。風(fēng)險(xiǎn)評(píng)估可反映信息系統(tǒng)的安全狀態(tài),進(jìn)而為系統(tǒng)模型的搭建、安全策略的決定以及系統(tǒng)長(zhǎng)期穩(wěn)定運(yùn)行提供有力保障。國(guó)內(nèi)外學(xué)者提出了多種安全評(píng)估方法,包括層次分析法、模糊風(fēng)險(xiǎn)評(píng)估法、貝葉斯網(wǎng)絡(luò)評(píng)估法、攻擊圖分析法等。


本文詳細(xì)內(nèi)容請(qǐng)下載:

http://www.ihrv.cn/resource/share/2000005961


作者信息:

劉子龍1,周純杰1,胡曉婭1,2,曹德舜3,李娜3

(1.華中科技大學(xué)人工智能與自動(dòng)化學(xué)院,湖北武漢470074;

2.深圳華中科技大學(xué)研究院,廣東深圳518057;

3.中石化安全工程研究院有限公司,山東青島266000)


Magazine.Subscription.jpg

此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。

相關(guān)內(nèi)容