工业控制系统(简称工控)是国家关键基础设施的核心,越来越多的工作开始关注工控系统安全。然而,这些工作的实际应用场景并不统一,因此他们取得的成果无法相互借鉴。为了解决这个问题,在深入研究这些安全技术的基础上,我们提出了工控系统安全态势感知(Situational Awareness for Industrial Control Systems Security, SA-ICSS)框架,该框架由态势觉察、态势理解和态势投射三个阶段构成。在态势觉察阶段,我们首先利用网络测绘和脆弱性发现技术获取完善的目标系统环境要素,如网络拓扑和漏洞信息;其次,我们将入侵检测和入侵诱捕等5种设备部署在目标系统中,以便从控制系统中捕获所有的可疑活动。在态势理解阶段,我们首先基于结构化威胁信息表达(Structured Threat Information Expression,STIX)标准对目标系统进行本体建模,构建了控制任务间的依赖关系以及控制任务与运行设备的映射关系;其次,自动化推理引擎通过学习分析师推理技术,从可疑活动中识别出攻击意图以及目标系统可能受到的影响。在态势投射阶段,我们首先利用攻击图、贝叶斯... 相似文献
Since many PSO variants are easily trapped in local optima from which they can barely break free, this paper proposes an adaptive hierarchical update particle swarm optimization (AHPSO) algorithm. The new term “local optimum early warning” is first defined to reflect the risk of being trapped in a local optimum. It plays a key role in the global coordinated control to determine the paradigm evolution direction and adjust the trajectory of particles in different risk environments. After that, the adaptive hierarchical update method generates two-layer and three-layer update formulas for the global exploration subpopulation and the local exploitation subpopulation, respectively, in order to improve the capability to resist the temptation of local optima. Consisting of the weighted synthesis sub-strategy and the mean evolution sub-strategy, the multi-choice comprehensive learning strategy is then employed to develop the most suitable learning paradigm to guide the motion path. Moreover, 18 benchmark functions and one real-world optimization problem are employed to evaluate the AHPSO against eight typical PSO variants. According to the experimental results, the AHPSO outperformed other methods in solving different types of functions by yielding high solution accuracy and high convergence speed.