检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:朱振乾 张周晶 马慧慧 魏黎明 ZHU Zhenqian;ZHANG Zhoujing;MA Huihui;WEI Liming(China Electronics Technology Cyber Security Co.,Ltd.,Chengdu Sichuan 610041,China)
机构地区:[1]中国电子科技网络信息安全有限公司,四川成都610041
出 处:《通信技术》2021年第3期716-726,共11页Communications Technology
摘 要:基于对工业控制系统的现状分析,结合Wireshark与Nmap在工业控制系统中漏洞挖掘的应用,提出了一种基于Wireshark与Nmap的工业控制系统安全分析与漏洞挖掘的解决方案。在整合Wireshark与Nmap源码的基础上,进一步开发了资产管理模块,通过资产列表针对性地分析工业控制系统所有资产,查找问题设备与攻击源,实现了Wireshark分析Nmap漏洞挖掘的无缝衔接,同时扩展了Wireshark报文分析插件与Nmap漏洞扫描插件,集成了自主研发的报文分析插件与扫描探测脚本,为工业控制系统安全与漏洞分析提供了更深层次的分析与漏洞挖掘能力。By analyzing the current situation of industrial control system,combined with Wireshark and Nmap to discovering vulnerability in the industrial control system application,a solution of industrial vulnerability discovering based on Wireshark and Nmap is proposed.Based on the integration of Wireshark and Nmap source code,the asset management module is further developed.Through the asset list,all the assets of the industrial control system are analyzed,and the problem devices and attack sources are easy to be found,so as to realize the seamless connection of Wireshark analysis and Nmap vulnerability mining.At the same time,the Wireshark message analysis plug-in and Nmap vulnerability scanning plug-in are extended,and the independently developed message analysis plug-in and scanning detection script are integrated to provide deeper analysis and vulnerability mining capabilities for industrial control system security and vulnerability analysis.
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.158