高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

能源关键基础设施网络安全威胁与防御技术综述

李建华

李建华. 能源关键基础设施网络安全威胁与防御技术综述[J]. 电子与信息学报, 2020, 42(9): 2065-2081. doi: 10.11999/JEIT191055
引用本文: 李建华. 能源关键基础设施网络安全威胁与防御技术综述[J]. 电子与信息学报, 2020, 42(9): 2065-2081. doi: 10.11999/JEIT191055
Jianhua LI. Overview of Cyber Security Threats and Defense Technologies for Energy Critical Infrastructure[J]. Journal of Electronics & Information Technology, 2020, 42(9): 2065-2081. doi: 10.11999/JEIT191055
Citation: Jianhua LI. Overview of Cyber Security Threats and Defense Technologies for Energy Critical Infrastructure[J]. Journal of Electronics & Information Technology, 2020, 42(9): 2065-2081. doi: 10.11999/JEIT191055

能源关键基础设施网络安全威胁与防御技术综述

doi: 10.11999/JEIT191055
基金项目: 国家自然科学基金(61431008)
详细信息
    作者简介:

    李建华:男,1965年生,教授,博士生导师,研究方向为网络安全技术与应用

    通讯作者:

    李建华 lijh888@sjtu.edu.cn

  • 中图分类号: TN915.08; TP393

Overview of Cyber Security Threats and Defense Technologies for Energy Critical Infrastructure

Funds: The National Natural Science Foundation of China (61431008)
  • 摘要: 在信息技术飞速发展的背景下,能源关键基础设施得到了变革性的飞速发展,与人工智能、大数据、物联网等新技术深度融合。信息技术在显著优化能源关键基础设施的效率和性能的同时,也带来了更加具有持续性和隐蔽性的新型安全威胁。如何针对能源关键基础设施建立体系化、智能化的安全防御体系是亟需解决的问题。该文从能源关键基础设施本身的发展趋势入手,对其面对的传统和新型安全威胁的机理进行了分析。在此基础上,对能源关键基础设施的防御技术演进进行深入的研究和分析。
  • 图  1  能源关键基础设施基本架构

    图  2  能源关键基础设施的网络安全威胁演进

    图  3  BlackEnergy的APT攻击流程

    图  4  能源基础设施的信息安全防御技术

    表  1  国内外现有智能电网安全相关标准与规范

    国际标准与规范
    标准、建议、规定、指南制订单位
    Smart Grid Cyber Security Strategy and Requirements (DRAFT NIST 7628)National Institute of Standards and Technology (NIST)
    IEEE 21451 -- Standard for a Smart Transducer Interface for Sensors, and ActuatorsShanghai Jiao Tong University (NIST)
    Good Practice Guide, Process Control and SCADA SecurityCentre for the Protection ofNational Infrastructure (CPNI)
    ANSI/ISA-99 Manufacturing and Control Systems Security’ Part 1: Concepts, Models and Terminology (2007) Part2: Establishing a Manufacturing and Control Systems Security Program (2009)The International Society of Automation (ISA)
    21 steps to Improve Cyber Security of SCADA NetworksU.S. Department of Energy (DOE)
    Guide to Industrial Control Systems (ICS) Security (NIST SP 800-82)National Institute of Standards and Technology (NIST)
    Recommended Security Controls for Federal Information Systems (including those for Bulk Power System) (NIST SP 800-53)National Institute of Standards and Technology (NIST)
    Advanced Metering Infrastructure (AMI) System Security RequirementsAdvanced Security Acceleration Project (ASAP) – Smart Grid
    Security Profile for Advanced Metering InfrastructureAdvanced Security Acceleration Project (ASAP) – Smart Grid
    Utility AMI Home Area Network System Requirements SpecificationUtility AMI
    IEC 62351 1-8, Power System Control and Associated Communications – Data and Communication SecurityInternational Electrotechnical Commission (IEC)
    IEEE 1686-2007, IEEE Standard for Substation Intelligent Electronic Devices (IED) Cyber Security CapabilitiesIEEE
    CIP-002, 003-009North American Electric Reliability Corporation (NERC)
    Cyber Security Procurement Language for Control SystemsDepartment of Homeland Security (DHS)
    System Protection Profile - Industrial Control SystemsNational Institute of Standards and Technology (NIST)
    Catalog of Control Systems Security: Recommendations for Standards DevelopersDepartment of Homeland Security (DHS)
    Wireless Standards (ISA SP100)ISA
    国内标准与规范
    电力监控系统安全防护规定发改委
    信息安全技术安全可控信息系统电力系统安全指标体系中国电力科学研究院
    电力系统管理及其信息交换数据和通信安全全国电力系统管理及其信息交换标准化技术委员会
    下载: 导出CSV
  • SATO T, KAMMEN D M, DUAN B, et al. Smart Grid Standards: Specifications, Requirements, and Technologies[M]. Singapore: John Wiley & Sons, 2015.
    AKINGENEYE I and WU Jingxian. Low latency detection of sparse false data injections in smart grids[J]. IEEE Access, 2018, 6: 58564–58573. doi: 10.1109/ACCESS.2018.2873981
    张钧, 黄翰, 张义斌. 国外智能电网顶层技术路线对比分析[J]. 华北电力大学学报: 社会科学版, 2015(4): 25–30.

    ZHANG Jun, HUANG Han, and ZHANG Yibin. Comparative analysis of foreign smart grid top-level roadmaps[J]. Journal of North China Electric Power University:Social Sciences, 2015(4): 25–30.
    WANG Kuan, LI Jianhua, WU Jun, et al. QoS-predicted energy efficient routing for information-centric smart grid: A network calculus approach[J]. IEEE Access, 2018, 6: 52867–52876. doi: 10.1109/ACCESS.2018.2870929
    LIGHTNER E M and WIDERGREN S E. An orderly transition to a transformed electricity system[J]. IEEE Transactions on Smart Grid, 2010, 1(1): 3–10. doi: 10.1109/TSG.2010.2045013
    RADOGLOU-GRAMMATIKIS P I and SARIGIANNIDIS P G. Securing the smart grid: A comprehensive compilation of intrusion detection and prevention systems[J]. IEEE Access, 2019, 7: 46595–46620. doi: 10.1109/ACCESS.2019.2909807
    BUSH G W. Address to a joint session of congress and the American people[R]. 2001: xviii.
    FANG Xi, MISRA S, XUE Guoliang, et al. Smart grid—The new and improved power grid: A survey[J]. IEEE Communications Surveys & Tutorials, 2012, 14(4): 944–980.
    BERA S, MISRA S, and RODRIGUES J J P C. Cloud computing applications for smart grid: A survey[J]. IEEE Transactions on Parallel and Distributed Systems, 2015, 26(5): 1477–1494. doi: 10.1109/TPDS.2014.2321378
    TANYINGYONG V, OLSSON R, CHO J W, et al. IoT-grid: IoT communication for smart DC grids[C]. 2016 IEEE Global Communications Conference, Washington, USA, 2016: 1–7.
    YOUSSEF N E H B, BAROUNI Y, KHALFALLAH S, et al. Mixing SDN and CCN for content-centric Qos aware smart grid architecture[C]. The 25th IEEE/ACM International Symposium on Quality of Service, Vilanovaila Geltru, 2017: 1–5.
    LI Gaolei, WU Jun, GUO Longhua, et al. SDN based dynamic and autonomous bandwidth allocation as ACSI services of IEC61850 communications in smart grid[C]. 2016 IEEE Smart Energy Grid Engineering, Oshawa, 2016: 342–346.
    KUMAR N, ZEADALLY S, and RODRIGUES J J P C. Vehicular delay-tolerant networks for smart grid data management using mobile edge computing[J]. IEEE Communications Magazine, 2016, 54(10): 60–66. doi: 10.1109/MCOM.2016.7588230
    AHSAN U and BAIS A. Distributed big data management in smart grid[C]. The 26th Wireless and Optical Communication Conference, Newark, 2017: 1–6.
    LIU Keyan, SHENG Wanxing, LIU Yuan, et al. Optimal sitting and sizing of DGs in distribution system considering time sequence characteristics of loads and DGs[J]. International Journal of Electrical Power & Energy Systems, 2015, 69: 430–440.
    AMIN S, LITRICO X, SASTRY S S, et al. Cyber security of water SCADA systems—Part II: Attack detection using enhanced hydrodynamic models[J]. IEEE Transactions on Control Systems Technology, 2013, 21(5): 1679–1693. doi: 10.1109/TCST.2012.2211874
    NTALAMPIRAS S. Detection of integrity attacks in cyber-physical critical infrastructures using ensemble modeling[J]. IEEE Transactions on Industrial Informatics, 2015, 11(1): 104–111. doi: 10.1109/TII.2014.2367322
    LIU Xuan and LI Zuyi. Trilevel modeling of cyber attacks on transmission lines[J]. IEEE Transactions on Smart Grid, 2017, 8(2): 720–729.
    NI Jianbing, ALHARBI K, LIN Xiaodong, et al. Security-enhanced data aggregation against malicious gateways in smart grid[C]. 2015 IEEE Global Communications Conference, San Diego, 2015: 1–6.
    伊胜伟, 张翀斌, 谢丰, 等. 基于Peach的工业控制网络协议安全分析[J]. 清华大学学报: 自然科学版, 2017, 57(1): 50–54.

    YI Shengwei, ZHANG Chongbin, XIE Feng, et al. Security analysis of industrial control network protocols based on Peach[J]. Journal of Tsinghua University:Science and Technology, 2017, 57(1): 50–54.
    OOZEER M I and HAYKIN S. Cognitive risk control for mitigating cyber-attack in smart grid[J]. IEEE Access, 2019, 7: 125806–125826. doi: 10.1109/ACCESS.2019.2939089
    ALOUL F, AL-ALI A R, AL-DALKY R, et al. Smart grid security: Threats, vulnerabilities and solutions[J]. International Journal of Smart Grid and Clean Energy, 2012, 1(1): 1–6.
    GUAN Zhitao, LI Jing, ZHU Liehuang, et al. Toward delay-tolerant flexible data access control for smart grid with renewable energy resources[J]. IEEE Transactions on Industrial Informatics, 2017, 13(6): 3216–3225. doi: 10.1109/TII.2017.2706760
    SHENG Wanxing, LIU Keyan, CHENG Sheng, et al. A trust region SQP method for coordinated voltage control in smart distribution grid[J]. IEEE Transactions on Smart Grid, 2016, 7(1): 381–391. doi: 10.1109/TSG.2014.2376197
    ABHINAV S, MODARES H, LEWIS F L, et al. Synchrony in networked microgrids under attacks[J]. IEEE Transactions on Smart Grid, 2018, 9(6): 6731–6741. doi: 10.1109/TSG.2017.2721382
    吴聪, 唐巍, 白牧可, 等. 基于能源路由器的用户侧能源互联网规划[J]. 电力系统自动化, 2017, 41(4): 20–28.

    WU Cong, TANG Wei, BAI Muke, et al. Energy router based planning of energy internet at user side[J]. Automation of Electric Power Systems, 2017, 41(4): 20–28.
    孟晓丽, 高君, 盛万兴, 等. 含分布式电源的配电网日前两阶段优化调度模型[J]. 电网技术, 2015, 39(5): 1294–1300.

    MENG Xiaoli, GAO Jun, SHENG Wanxing, et al. A day-ahead two-stage optimal scheduling model for distribution network containing distributed generations[J]. Power System Technology, 2015, 39(5): 1294–1300.
    WANG Yufei, ZHANG Bo, LIN Weimin, et al. Smart grid information security - a research on standards[C]. 2011 International Conference on Advanced Power System Automation and Protection, Beijing, China, 2011: 1188–1194.
    BASSO T, HAMBRICK J, and DEBLASIO D. Update and review of IEEE P2030 Smart Grid Interoperability and IEEE 1547 interconnection standards[C]. 2012 IEEE PES Innovative Smart Grid Technologies, Washington, USA, 2012: 1–7.
    SRIKANTHA P and KUNDUR D. Denial of service attacks and mitigation for stability in cyber-enabled power grid[C]. 2015 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference, Washington, USA, 2015: 1–5.
    ZHANG Zhenghao, GONG Shuping, DIMITROVSKI A D, et al. Time synchronization attack in smart grid: Impact and analysis[J]. IEEE Transactions on Smart Grid, 2013, 4(1): 87–98. doi: 10.1109/TSG.2012.2227342
    LIU Yao, NING Peng, and REITER M K. False data injection attacks against state estimation in electric power grids[J]. ACM Transactions on Information and System Security, 2011, 14(1): 13.
    YAN Jun, HE Haibo, ZHONG Xiangnan, et al. Q-learning-based vulnerability analysis of smart grid against sequential topology attacks[J]. IEEE Transactions on Information Forensics and Security, 2017, 12(1): 200–210.
    XIANG Yingmeng, DING Zhilu, ZHANG Yichi, et al. Power system reliability evaluation considering load redistribution attacks[J]. IEEE Transactions on Smart Grid, 2017, 8(2): 889–901.
    LIU Shan, KUNDUR D, ZOURNTOS T, et al. Coordinated variable structure switching attack in the presence of model error and state estimation[C]. The 3rd IEEE International Conference on Smart Grid Communications, Tainan, China, 2012: 318–323.
    SANKAR L, RAJAGOPALAN S R, MOHAJER S, et al. Smart meter privacy: A theoretical framework[J]. IEEE Transactions on Smart Grid, 2013, 4(2): 837–846. doi: 10.1109/TSG.2012.2211046
    XU Ruzhi, WANG Rui, GUAN Zhitao, et al. Achieving efficient detection against false data injection attacks in smart grid[J]. IEEE Access, 2017, 5: 13787–13798. doi: 10.1109/ACCESS.2017.2728681
    YE Hongxing, GE Yinyin, LIU Xuan, et al. Transmission line rating attack in two-settlement electricity markets[J]. IEEE Transactions on Smart Grid, 2016, 7(3): 1346–1355. doi: 10.1109/TSG.2015.2426418
    TEN C W, HONG J, and LIU C C. Anomaly detection for cybersecurity of the substations[J]. IEEE Transactions on Smart Grid, 2011, 2(4): 865–873. doi: 10.1109/TSG.2011.2159406
    SALMERON J, WOOD K, and BALDICK R. Analysis of electric grid security under terrorist threat[J]. IEEE Transactions on Power Systems, 2004, 19(2): 905–912. doi: 10.1109/TPWRS.2004.825888
    ALSHAMRANI A, MYNENI S, CHOWDHARY A, et al. A survey on advanced persistent threats: Techniques, solutions, challenges, and research opportunities[J]. IEEE Communications Surveys & Tutorials, 2019, 21(2): 1851–1877.
    SRIVASTAVA A, MORRIS T, ERNSTER T, et al. Modeling cyber-physical vulnerability of the smart grid with incomplete information[J]. IEEE Transactions on Smart Grid, 2013, 4(1): 235–244. doi: 10.1109/TSG.2012.2232318
    李中伟, 佟为明, 金显吉. 智能电网信息安全防御体系与信息安全测试系统构建乌克兰和以色列国家电网遭受网络攻击事件的思考与启示[J]. 电力系统自动化, 2016, 40(8): 147–151.

    LI Zhongwei, TONG Weiming, and JIN Xianji. Construction of cyber security defense hierarchy and cyber security testing system of smart grid: Thinking and enlightenment for network attack events to national power grid of Ukraine and Israel[J]. Automation of Electric Power Systems, 2016, 40(8): 147–151.
    STELLIOS I, KOTZANIKOLAOU P, and PSARAKIS M. Advanced persistent threats and zero-day exploits in industrial internet of things[M]. ALCARAZ C. Security and Privacy Trends in the Industrial Internet of Things. Cham: Springer, 2019: 47–68.
    BERRUETA E, MORATO D, MAGAÑA E, et al. A survey on detection techniques for cryptographic ransomware[J]. IEEE Access, 2019, 7: 144925–144944. doi: 10.1109/ACCESS.2019.2945839
    AL-RIMY B A S, MAAROF M A, and SHAID S Z M. Ransomware threat success factors, taxonomy, and countermeasures: A survey and research directions[J]. Computers & Security, 2018, 74: 144–166.
    LEE K, LEE S Y, and YIM K. Machine learning based file entropy analysis for ransomware detection in backup systems[J]. IEEE Access, 2019, 7: 110205–110215. doi: 10.1109/ACCESS.2019.2931136
    PAUDEL S, SMITH P, and ZSEBY T. Attack models for advanced persistent threats in smart grid wide area monitoring[C]. The 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, Pittsburgh, 2017: 61–66.
    SKOPIK F, FRIEDBERG I, and FIEDLER R. Dealing with advanced persistent threats in smart grid ICT networks[C]. ISGT 2014, Washington, 2014: 1–5.
    WANG Zhiwei. An identity-based data aggregation protocol for the smart grid[J]. IEEE Transactions on Industrial Informatics, 2017, 13(5): 2428–2435. doi: 10.1109/TII.2017.2705218
    FOUDA M M, FADLULLAH Z M, and KATO N. Assessing attack threat against ZigBee-based home area network for smart grid communications[C]. 2010 International Conference on Computer Engineering & Systems, Cairo, Egypt, 2010: 245–250.
    ISMAIL Z, LENEUTRE J, BATEMAN D, et al. A game theoretical analysis of data confidentiality attacks on smart-grid AMI[J]. IEEE Journal on Selected Areas in Communications, 2014, 32(7): 1486–1499. doi: 10.1109/JSAC.2014.2332095
    FARRAJ A K, HAMMAD E M, AL DAOUD A, et al. A game-theoretic control approach to mitigate cyber switching attacks in smart grid systems[C]. 2014 IEEE International Conference on Smart Grid Communications, Venice, Italy, 2014: 958–963.
    GIANI A, BITAR E, GARCIA M, et al. Smart grid data integrity attacks[J]. IEEE Transactions on Smart Grid, 2013, 4(3): 1244–1253. doi: 10.1109/TSG.2013.2245155
    KOSUT O, JIA Liyan, THOMAS R J, et al. Malicious data attacks on the smart grid[J]. IEEE Transactions on Smart Grid, 2011, 2(4): 645–658. doi: 10.1109/TSG.2011.2163807
    MASTER N, MOUNZER J, and BAMBOS N. Distributed smart grid architecture for delay and price sensitive power management[C]. 2014 IEEE International Conference on Communications, Sydney, 2014: 3670–3675.
    AYDEGER A, AKKAYA K, CINTUGLU M H, et al. Software defined networking for resilient communications in smart grid active distribution networks[C]. 2016 IEEE International Conference on Communications, Kuala Lumpur, Malaysia, 2016: 1–6.
    RANA M M, LI Li, and SU S W. An adaptive-then-combine dynamic state estimation considering renewable generations in smart grids[J]. IEEE Journal on Selected Areas in Communications, 2016, 34(12): 3954–3961. doi: 10.1109/JSAC.2016.2611963
    ROSSEBØ J E Y, WOLTHUIS R, FRANSEN F, et al. An enhanced risk-assessment methodology for smart grids[J]. Computer, 2017, 50(4): 62–71. doi: 10.1109/MC.2017.106
    ZHANG Shanghua, LI Qiang, WU Jun, et al. A security mechanism for software-defined networking based communications in vehicle-to-grid[C]. 2016 IEEE Smart Energy Grid Engineering, Oshawa, 2016: 386–391.
    谢永, 李香, 张松松. 一种可证安全的车联网无证书聚合签名改进方案[J]. 电子与信息学报, 2020, 42(5): 1125–1131. doi: 10.11999/JEIT190184

    XIE Yong, LI Xiang, ZHANG Songsong, et al. An improved provable secure certificateless aggregation signature scheme for vehicular Ad Hoc NETworks[J]. Journal of Electronics &Information Technology, 2020, 42(5): 1125–1131. doi: 10.11999/JEIT190184
    LI Gaolei, WU Jun, LI Jianhua, et al. Battery status sensing software-defined multicast for V2G regulation in smart grid[J]. IEEE Sensors Journal, 2017, 17(23): 7838–7848. doi: 10.1109/JSEN.2017.2731971
    邵苏杰, 郭少勇, 邱雪松, 等. 基于加权队列的无线智能电网通信网采集数据流量调度算法[J]. 电子与信息学报, 2014, 36(5): 1209–1214.

    SHAO Sujie, GUO Shaoyong, QIU Xuesong, et al. Traffic scheduling algorithm based on weighted queue for meter data collection in wireless smart grid communication network[J]. Journal of Electronics &Information Technology, 2014, 36(5): 1209–1214.
    CHEN Pinyu, CHENG S M, and CHEN K C. Smart attacks in smart grid communication networks[J]. IEEE Communications Magazine, 2012, 50(8): 24–29. doi: 10.1109/MCOM.2012.6257523
    JOHNSON R E. Survey of SCADA security challenges and potential attack vectors[C]. 2010 International Conference for Internet Technology and Secured Transactions, London, 2010: 1–5.
    YANG Yi, XU Haiqing, GAO Lei, et al. Multidimensional intrusion detection system for IEC 61850-based SCADA networks[J]. IEEE Transactions on Power Delivery, 2017, 32(2): 1068–1078. doi: 10.1109/TPWRD.2016.2603339
    DO V L, FILLATRE L, NIKIFOROV I, et al. Security of SCADA systems against cyber–physical attacks[J]. IEEE Aerospace and Electronic Systems Magazine, 2017, 32(5): 28–45. doi: 10.1109/MAES.2017.160047
    ZHANG Jiexin, GAN Shaoduo, LIU Xiaoxue, et al. Intrusion detection in SCADA systems by traffic periodicity and telemetry analysis[C]. 2016 IEEE Symposium on Computers and Communication, Messina, Italy, 2016: 318–325.
    PAN Zhiwen, HARIRI S, and PACHECO J. Context aware intrusion detection for building automation systems[J]. Computers & Security, 2019, 85: 181–201.
    YILMAZ E N and GÖNEN S. Attack detection/prevention system against cyber attack in industrial control systems[J]. Computers & Security, 2018, 77: 94–105.
    LIANG Gaoqi, ZHAO Junhua, LUO Fengji, et al. A review of false data injection attacks against modern power systems[J]. IEEE Transactions on Smart Grid, 2017, 8(4): 1630–1638. doi: 10.1109/TSG.2015.2495133
    YU Shucheng, REN Kui, and LOU Wenjing. FDAC: Toward fine-grained distributed data access control in wireless sensor networks[J]. IEEE Transactions on Parallel and Distributed Systems, 2011, 22(4): 673–686. doi: 10.1109/TPDS.2010.130
    WU Jun, DONG Mianxiong, OTA K, et al. Cross-domain fine-grained data usage control service for industrial wireless sensor networks[J]. IEEE Access, 2015, 3: 2939–2949. doi: 10.1109/ACCESS.2015.2504541
    KIM Y, KOLESNIKOV V, and THOTTAN M. Resilient end-to-end message protection for cyber-physical system communications[J]. IEEE Transactions on Smart Grid, 2018, 9(4): 2478–2487. doi: 10.1109/TSG.2016.2613545
    ELATTAR M. Reliable Communications Within Cyber-Physical Systems Using the Internet (RC4CPS)[M]. Berlin, Heidelberg: 2020.
    GUAN Zhitao, LI Jing, WU Longfei, et al. Achieving efficient and secure data acquisition for cloud-supported internet of things in smart grid[J]. IEEE Internet of Things Journal, 2017, 4(6): 1934–1944. doi: 10.1109/JIOT.2017.2690522
    MARKHAM T and PAYNE C. Security at the network edge: A distributed firewall architecture[C]. DARPA Information Survivability Conference and Exposition II. DISCEX’01, Anaheim, 2001, 1: 279–286.
    MONTERO D, YANNUZZI M, SHAW A, et al. Virtualized security at the network edge: A user-centric approach[J]. IEEE Communications Magazine, 2015, 53(4): 176–186. doi: 10.1109/MCOM.2015.7081092
    MONTERO D and SERRAL-GRACIÀ R. Offloading personal security applications to the network edge: A mobile user case scenario[C]. 2016 International Wireless Communications and Mobile Computing Conference, Paphos, Cyprus, 2016: 96–101.
    ESPOSITO C, CASTIGLIONE A, POP F, et al. Challenges of connecting edge and cloud computing: A security and forensic perspective[J]. IEEE Cloud Computing, 2017, 4(2): 13–17. doi: 10.1109/MCC.2017.30
    SHAH G A, GUNGOR V C, and AKAN O B. A cross-layer QoS-aware communication framework in cognitive radio sensor networks for smart grid applications[J]. IEEE Transactions on Industrial Informatics, 2013, 9(3): 1477–1485. doi: 10.1109/TII.2013.2242083
    SUN Mingyang, KONSTANTELOS I, and STRBAC G. A deep learning-based feature extraction framework for system security assessment[J]. IEEE Transactions on Smart Grid, 2019, 10(5): 5007–5020. doi: 10.1109/TSG.2018.2873001
    ZAFAR S, JANGSHER S, BOUACHIR O, et al. QoS enhancement with deep learning-based interference prediction in mobile IoT[J]. Computer Communications, 2019, 148: 86–97. doi: 10.1016/j.comcom.2019.09.010
    关志涛, 徐月, 伍军. 传感器网络中基于三元多项式的密钥管理方案[J]. 通信学报, 2013, 34(12): 71–78. doi: 10.3969/j.issn.1000-436x.2013.12.008

    GUAN Zhitao, XU Yue, and WU Jun. Ternary polynomial based key management scheme for wireless sensor network[J]. Journal on Communications, 2013, 34(12): 71–78. doi: 10.3969/j.issn.1000-436x.2013.12.008
    LUO Shibo, DONG Mianxiong, OTA K, et al. A security assessment mechanism for software-defined networking-based mobile networks[J]. Sensors, 2015, 15(12): 31843–31858. doi: 10.3390/s151229887
    SAXENA N, CHUKWUKA V, XIONG Leilei, et al. CPSA: A cyber-physical security assessment tool for situational awareness in smart grid[C]. The 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, Dallas, 2017: 69–79.
    WU Jun, OTA K, DONG Mianxiong, et al. Big data analysis-based security situational awareness for smart grid[J]. IEEE Transactions on Big Data, 2018, 4(3): 408–417. doi: 10.1109/TBDATA.2016.2616146
    李建华. 网络空间威胁情报感知、共享与分析技术综述[J]. 网络与信息安全学报, 2016, 2(2): 16–29. doi: 10.11959/j.issn.2096-109x.2016.00028

    LI Jianhua. Overview of the technologies of threat intelligence sensing, sharing and analysis in cyber space[J]. Chinese Journal of Network and Information Security, 2016, 2(2): 16–29. doi: 10.11959/j.issn.2096-109x.2016.00028
    柴争义, 白浩, 张浩军. 一种容侵的CA私钥签名方案[J]. 河北师范大学学报: 自然科学版, 2008, 32(3): 310–312.

    CHAI Zhengyi, BAI Hao, and ZHANG Haojun. An intrusion tolerant signature scheme of CA private key[J]. Journal of Hebei Normal University:Natural Science Edition, 2008, 32(3): 310–312.
    AJTAI M. Generating hard instances of lattice problems (extended abstract)[C]. The 28th Annual ACM Symposium on Theory of Computing, Philadelphia, 1996: 99–108.
    CHEN L, JORDAN S, LIU Yikai, et al. Report on post-quantum cryptography[R]. NISTIR 8105, 2016.
    邬江兴. 拟态计算与拟态安全防御的原意和愿景[J]. 电信科学, 2014, 30(7): 2–7. doi: 10.3969/j.issn.1000-0801.2014.07.001

    WU Jiangxing. Meaning and vision of mimic computing and mimic security defense[J]. Telecommunications Science, 2014, 30(7): 2–7. doi: 10.3969/j.issn.1000-0801.2014.07.001
    HEYDARI V, KIM S I, and YOO S M. Scalable anti-censorship framework using moving target defense for Web servers[J]. IEEE Transactions on Information Forensics and Security, 2017, 12(5): 1113–1124. doi: 10.1109/TIFS.2016.2647218
    HUANG Lina, LI Gaolei, WU Jun, et al. Software-defined QoS provisioning for fog computing advanced wireless sensor networks[C]. 2016 IEEE SENSORS, Orlando, 2016: 1–3.
    XIAO Liang, XU Dongjin, XIE Caixia, et al. Cloud storage defense against advanced persistent threats: A prospect theoretic study[J]. IEEE Journal on Selected Areas in Communications, 2017, 35(3): 534–544. doi: 10.1109/JSAC.2017.2659418
    张浩, 王丽娜, 谈诚, 等. 云环境下APT攻击的防御方法综述[J]. 计算机科学, 2016, 43(3): 1–7, 43. doi: 10.11896/j.issn.1002-137X.2016.03.001

    ZHANG Hao, WANG Lina, TAN Cheng, et al. Review of defense methods against advanced persistent threat in cloud environment[J]. Computer Science, 2016, 43(3): 1–7, 43. doi: 10.11896/j.issn.1002-137X.2016.03.001
    付钰, 李洪成, 吴晓平, 等. 基于大数据分析的APT攻击检测研究综述[J]. 通信学报, 2015, 36(11): 1–14. doi: 10.11959/j.issn.1000-436x.2015184

    FU Yu, LI Hongcheng, WU Xiaoping, et al. Detecting APT attacks: A survey from the perspective of big data analysis[J]. Journal on Communications, 2015, 36(11): 1–14. doi: 10.11959/j.issn.1000-436x.2015184
    HONG K F, CHEN C C, CHIU Y T, et al. Ctracer: Uncover C&C in advanced persistent threats based on scalable framework for enterprise log data[C]. 2015 IEEE International Congress on Big Data, New York, 2015: 551–558.
    WANG Xu, ZHENG Kangfeng, NIU Xinxin, et al. Detection of command and control in advanced persistent threat based on independent access[C]. 2016 IEEE International Conference on Communications, Kuala Lumpur, Malaysia, 2016: 1–6.
    刘彩霞, 胡鑫鑫, 刘树新, 等. 基于Lowe分类法的5G网络EAP-AKA’协议安全性分析[J]. 电子与信息学报, 2019, 41(8): 1800–1807.

    LIU Caixia, HU Xinxin, LIU Shuxin, et al. Security analysis of 5G network EAP-AKA’ protocol based on Lowe’s taxonomy[J]. Journal of Electronics &Information Technology, 2019, 41(8): 1800–1807.
    张小松, 牛伟纳, 杨国武, 等. 基于树型结构的APT攻击预测方法[J]. 电子科技大学学报, 2016, 45(4): 582–588. doi: 10.3969/j.issn.1001-0548.2016.04.011

    ZHANG Xiaosong, NIU Weina, YANG Guowu, et al. Method for APT prediction based on tree structure[J]. Journal of University of Electronic Science and Technology of China, 2016, 45(4): 582–588. doi: 10.3969/j.issn.1001-0548.2016.04.011
    姚苏, 关建峰, 潘华, 等. 基于APT潜伏攻击的网络可生存性模型与分析[J]. 电子学报, 2016, 44(10): 2415–2422. doi: 10.3969/j.issn.0372-2112.2016.10.020

    YAO Su, GUAN Jianfeng, PAN Hua, et al. Modeling and analysis for network survivability of APT latent attack[J]. Acta Electronsica Sinica, 2016, 44(10): 2415–2422. doi: 10.3969/j.issn.0372-2112.2016.10.020
  • 加载中
图(4) / 表(1)
计量
  • 文章访问数:  2484
  • HTML全文浏览量:  1802
  • PDF下载量:  307
  • 被引次数: 0
出版历程
  • 收稿日期:  2019-12-31
  • 修回日期:  2020-08-05
  • 网络出版日期:  2020-08-06
  • 刊出日期:  2020-09-27

目录

    /

    返回文章
    返回