基于模糊攻防树和熵权法的工控系统脆弱性量化评估方法  被引量：5

作　　者：巩天宇 尚文利[2,3,4,5] 侯静 陈春雨[2,3,4] 曾鹏 Gong Tianyu;Shang Wenli;Hou Jing;Chen Chunyu;Zeng Peng(Faculty of Information&Control Engineering,Shenyang Jianzhu University,Shenyang 110168,China;Shenyang Institute of Automation,Chinese Academy of Sciences,Shenyang 110016,China;Institutes for Robotics&Intelligent Manufacturing,Chinese Academy of Sciences,Shenyang 110016,China;Key Laboratory of Networked Control Systems,Chinese Academy of Sciences,Shenyang 110016,China;University of Chinese Academy of Sciences,Beijing 100049,China)

机构地区：[1]沈阳建筑大学信息与控制工程学院,沈阳110168 [2]中国科学院沈阳自动化研究所,沈阳110016 [3]中国科学院机器人与智能制造创新研究院,沈阳110016 [4]中科院网络化控制系统重点实验室,沈阳110016 [5]中国科学院大学,北京100049

出　　处：《计算机应用研究》2020年第8期2409-2412,2416,共5页Application Research of Computers

基　　金：国家重点研发计划资助项目(2018YFB2004200);中国科学院战略性先导科技专项资助项目(XDC02020200);国家自然科学基金资助项目(61773368)。

摘　　要：为了提高脆弱性量化评估结果的可靠性,提出一种基于模糊攻防树和熵权法的工控系统脆弱性量化评估方法。该方法以攻击防御树为模型,首先将模糊集合理论与专家评价相结合;然后聚合多位专家对同一安全属模糊评价,在模糊聚合过程中利用模糊距离计算专家模糊评价的偏离度以提高模糊聚合的可靠性,并采用熵权法确定叶子节点量化过程中各安全属性的权重;最后计算叶子节点及攻击序列概率。案例分析表明,该方法能有效提高评估结果的可靠性,为工控系统信息安全防护提供重要依据。In order to improve the reliability of the results of vulnerability quantitative assessment,this paper proposed a vulnerability quantitative assessment method for industrial control system based on fuzzy attack and defense tree and entropy weight method.Firstly,it combined the fuzzy set theory with expert evaluation.Then,it gathered multiple experts’ fuzzy evaluation on the same security attributes.To improve the reliability of fuzzy aggregation,it used fuzzy distance to calculate the deviation degree of expert fuzzy evaluation in the process of fuzzy aggregation to improve the reliability of fuzzy aggregation,and used entropy weight method to determine the weight of each safety attribute in the process of leaf node quantization.Finally,it calculated the leaf nodes and the probability of the attack sequence.The case study shows that this method can effectively improve the reliability of evaluation results,and provides an important basis for information security protection of industrial control system.

关 键 词：模糊攻防树 模糊聚合 熵权法 工控系统 脆弱性量化评估 

分 类 号：TP301.6[自动化与计算机技术—计算机系统结构]