刍议水利网络安全实战演练的攻与防  被引量:2

Discussion on attack and defense of water conservancy cyber security drill

在线阅读下载全文

作  者:黄锐[1] 王妍[1] 谷立成 赵满胜[1] HUANG Rui;WANG Yan;GU Licheng;ZHAO Mansheng(Information Network Center of Water Commission,Haihe Water Conservancy Commission,the Ministry of Water Resources,Tianjin 300170,China)

机构地区:[1]水利部海河水利委员会水利信息网络中心,天津300170

出  处:《水利信息化》2020年第6期27-31,共5页Water Resources Informatization

摘  要:在水利部组织的网络安全攻防演练中,攻防双方的技术水平和对抗能力在博弈中不断升级。介绍攻防演练的组织模式及红蓝紫三方在攻防演练中的职责与任务,描述攻击方在情报收集、据点建立、横向移动3个阶段常用的攻击策略和战术,并以海河水利委员会参与的攻防演练防守工作为例,探讨防守方在战前准备、实战应对和总结整改3个阶段应采取的措施和应对部署,提出在防守准备阶段要从技术、管理和运营等方面自查并优化安全策略,在实战应对阶段加强专项值守、分析研判、运维管理、应急处置等。通过实战演练,可进一步提高演练双方网络安全防护能力。During the attack and defense of cyber security drill organized by the Ministry of Water Resources,both of the attackers and the defenders improved their technical level and confrontation capabilities.This paper introduces the organization model of the attack and defense of cyber security drill as well as the responsibilities and tasks of the red,blue and purple party during the drill.It focuses on describing the most commonly adopted attack strategies and tactics during such three attack phases as intelligence gathering,foothold building and lateral movement of the attacker.Moreover,taking the defensive work of Haihe River Conservancy Commission(HWCC)in attack and defense drills as an example,this paper discusses the countermeasures and arrangement that shall be adopted by the defender during the pre-war stage,the actual combat stage and the summary stage.It especially proposes that during the pre-war stage,the defender should conduct self-examination from various aspects such as technology,management and operation based on current safe operation work.While in the stage of actual combat,the defender shall strengthen itself with respect to special guard,analysis and judgment,operation and maintenance and emergency disposal and so on.

关 键 词:水利网络安全 攻防演练 海委防守应对 组织模式 攻防阶段 

分 类 号:TP393.081[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象