| 基于容器的轻量级工业控制系统网络安全测试床研究 |
| |
| 引用本文: | 张仁斌,赵季翔,杨戬,吴克伟.基于容器的轻量级工业控制系统网络安全测试床研究[J].计算机应用研究,2021,38(2):506-509. |
| |
| 作者姓名: | 张仁斌 赵季翔 杨戬 吴克伟 |
| |
| 作者单位: | 合肥工业大学 计算机与信息学院,合肥230601;合肥工业大学 大数据知识工程教育部重点实验室,合肥230601;合肥工业大学 工业安全与应急技术安徽省重点实验室,合肥230601;合肥工业大学 计算机与信息学院,合肥230601 |
| |
| 基金项目: | 国家重点研发计划专项基金资助项目;中央高校基本科研业务费专项资金资助项目 |
| |
| 摘 要: | 针对现有工业控制系统(ICS)测试床部署成本高、网络拓扑简单固定、难以共享等问题,提出了一种基于容器的轻量级ICS网络安全测试床构建方法。该方法将田纳西—伊斯曼过程模型及其控制算法分别封装为两类Docker容器镜像,根据Web图形化界面绘制工业控制网络拓扑,自动配置容器接口并连接成仿真工控网络,最终实现具有真实的工业控制网络数据流的ICS网络安全测试床。实验结果表明,该方法仅需要较少的系统资源,就可快速实现给定网络拓扑的测试环境,支持多种网络攻击测试,相比于其他ICS测试床,具有更好的资源使用、加载速度和可移植性,有利于ICS网络安全的测试、研究和教学工作。
|
| 关 键 词: | 网络安全 工业控制系统安全 测试床 容器网络 Docker |
| 收稿时间: | 2019/12/23 0:00:00 |
| 修稿时间: | 2021/1/13 0:00:00 |
Research on lightweight ICS cyber security testbed based on container |
| |
| Zhang Renbin,Zhao Jixiang,Yang Jian and Wu Kewei.Research on lightweight ICS cyber security testbed based on container[J].Application Research of Computers,2021,38(2):506-509. |
| |
| Authors: | Zhang Renbin Zhao Jixiang Yang Jian and Wu Kewei |
| |
| Affiliation: | (School of Computer Science&Information Engineering,Hefei University of Technology,Hefei 230601,China;Key Laboratory of Knowledge Engineering with Big Data,Hefei University of Technology,Hefei 230601,China;Anhui Province Key Laboratory of Industry Safety&Emergency Technology,Hefei University of Technology,Hefei 230601,China) |
| |
| Abstract: | Aiming at the problems of high cost of deployment,simple and fixed network topology,and difficulty in sharing of existing industrial control system(ICS)testbed,this paper proposed a container-based lightweight ICS cybersecurity testbed construction method.This method packaged the Tennessee-Eastman process model and its control algorithm into two Docker container images,drawn the industrial control network topology according to the Web graphical interface,configured and connected the container interface to the simulation industrial control network automatically.Finally,it realized a lightweight ICS cybersecurity testbed with real industrial control network data flow.Experimental results show that this method can quickly realize the test environment of given network topology with fewer system resources and support a variety of network attack tests.Compared with other ICS testbeds,it has better resource use,load speed and portability,which is beneficial to the testing,research and teaching of ICS cybersecurity. |
| |
| Keywords: | cyber security industrial control system security testbed container network Docker |
| 本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
