Key path analysis method for large-scale industrial control network

oleh: ZHANG Yaofang,QU Haikuo, WANG Zibo, WANG Bailing, ZHANG Zheyu, ZHANG Ge

Format: Article
Diterbitkan: POSTS&TELECOM PRESS Co., LTD 2021-04-01

Deskripsi

In order to solve the problem of high time-consuming and resource-consuming quantitative calculation of large-scale industrial control network attack graphs, a key path analysis method for large-scale industrial control networks was proposed. Firstly, the idea of cut set was used to calculate the key nodes set of Bayesian attack graph by combining the atomic attack income in industrial control network, which solved the problem that the current cut set algorithm only considers the key nodes in graph structure. Secondly, a dynamic updating strategy of Bayesian attack graph which only updated the attack probability of key nodes was proposed to efficiently calculate the attack probability of the whole graph and analyze the key path of attack graph. The experimental results show that the proposed method can not only ensure the reliability of the calculation results of large-scale industrial control attack graphs, but also can significantly reduce the time consumption and have a significant improvement in the calculation efficiency.