面向大规模工控网络的关键路径分析方法

针对大规模工控网络攻击图的量化计算耗时高、消耗资源大的问题，提出了一种大规模工控网络的关键路径分析方法。首先利用割集思想结合工控网络中的原子攻击收益，计算贝叶斯攻击图关键节点集合，解决目前割集算法只考虑图结构中节点关键性的问题。其次，提出一种只更新关键节点攻击概率的贝叶斯攻击图动态更新策略，高效计算全图攻击概率，分析攻击图关键路径。实验结果表明，所提方法在大规模工控攻击图的计算中，不仅可以保证计算结果的可靠性，而且能够大幅度降低方法耗时，显著提升计算效率。

Key path analysis method for large-scale industrial control network

In order to solve the problem of high time-consuming and resource-consuming quantitative calculation of large-scale industrial control network attack graphs, a key path analysis method for large-scale industrial control networks was proposed.Firstly, the idea of cut set was used to calculate the key nodes set of Bayesian attack graph by combining the atomic attack income in industrial control network, which solved the problem that the current cut set algorithm only considers the key nodes in graph structure.Secondly, a dynamic updating strategy of Bayesian attack graph which only updated the attack probability of key nodes was proposed to efficiently calculate the attack probability of the whole graph and analyze the key path of attack graph.The experimental results show that the proposed method can not only ensure the reliability of the calculation results of large-scale industrial control attack graphs, but also can significantly reduce the time consumption and have a significant improvement in the calculation efficiency.