工业控制系统终端渗透测试应用研究  被引量：1

作　　者：冯兆文 马彦慧 曹国彦[1] Feng Zhao wen;Ma Yanhui;Cao Guoyan(School of Cybersecurity,Northwestern Polytechnical University,Xi'an 710072;Aviation Industry Development Research Center of China,Beijing 100029)

机构地区：[1]西北工业大学网络空间安全学院,西安710072 [2]中国航空工业发展研究中心,北京100029

出　　处：《信息安全研究》2023年第4期313-320,共8页Journal of Information Security Research

基　　金：“核高基”国家科技重大专项基金项目(2017ZX01030-201);航空科学基金项目(2018ZD53045)。

摘　　要：随着工业互联网的发展,设备终端自身的安全问题越来越突出.如何对工业控制系统终端进行有效的安全测试已成为亟待研究和解决的关键问题.依据渗透测试流程,以输入验证错误漏洞渗透为例,研究工业控制系统终端的渗透测试应用方法.该方法从信息收集和渗透工具入手,对系统输入验证进行深入了解.在漏洞挖掘阶段,提出利用敏感测试输入对该漏洞的形式进行建模,并设计适用于工控程序的种子变异模式.该方法能够有效检测工控系统终端的输入验证错误漏洞,并发现大多数工控系统终端都存在同样的问题.实验中同时发现了由输入验证漏洞所产生的数据篡改、拒绝服务、权限获取和恶意脚本注入等安全威胁.最后为工控系统终端安全保护和设备防护提供了安全防护建议.The security of industrial control system terminals is getting crucial with the development of the industrial Internet,How to conduct effective safety tests for industrial control system terminals has become a key problem to be studied and solved urgently.In this paper,the general process of penetration testing is firstly introduced,then the application of penetration testing for industrial control system terminals is examined using improper input validation vulnerability as an example.The method starts from information collection and penetration tools to deeply understand the system input verification.Then,during the stage of the vulnerability discovery,the modeling of the vulnerability to sensitive input is proposed,as well as the seed mutation pattern for the industrial control programs is designed,The experiment demonstrates the effectiveness of the proposed method and the vulnerability widely existed in the industrial control systems,This method also discovers the security threats such as data tampering,denial of service,permission access and malicious script injection caused by the input validation vulnerability.At last,this work provides security suggestions for industrial control network security protection and equipment protection.

关 键 词：工业控制系统 终端安全 渗透测试 输入验证错误漏洞 种子变异模式 

分 类 号：TP309[自动化与计算机技术—计算机系统结构] TN915.08[自动化与计算机技术—计算机科学与技术]