《计算机应用》唯一官方网站 ›› 2024, Vol. 44 ›› Issue (4): 1018-1026.DOI: 10.11772/j.issn.1001-9081.2023050584

• 第九届全国智能信息处理学术会议(NCIIP 2023) • 上一篇    下一篇

基于 α-截集三角模糊数和攻击树的CTCS网络安全风险评估方法

姚洪磊1,2, 刘吉强1, 童恩栋1, 牛温佳1()   

  1. 1.北京交通大学 计算机与信息技术学院,北京 100044
    2.中国铁道科学研究院集团有限公司 电子计算技术研究所,北京 100081
  • 收稿日期:2023-05-15 修回日期:2023-10-13 接受日期:2023-10-17 发布日期:2024-04-22 出版日期:2024-04-10
  • 通讯作者: 牛温佳
  • 作者简介:姚洪磊(1983—),男,黑龙江牡丹江人,高级工程师,硕士,主要研究方向:网络安全、风险评估
    刘吉强(1973—),男,山东海阳人,教授,博士生导师,博士,CCF高级会员,主要研究方向:可信计算、隐私保护、云计算安全
    童恩栋(1986—),男,山东聊城人,讲师,博士,CCF会员,主要研究方向:人工智能安全、强化学习
    牛温佳(1982—),男,宁夏银川人,教授,博士,CCF高级会员,主要研究方向:网络与信息安全、人工智能安全。niuwj@bjtu.edu.cn
  • 基金资助:
    中国国家铁路集团有限公司重点课题(K2022W010)

Network security risk assessment method for CTCS based on α-cut triangular fuzzy number and attack tree

Honglei YAO1,2, Jiqiang LIU1, Endong TONG1, Wenjia NIU1()   

  1. 1.School of Computer and Information Technology,Beijing Jiaotong University,Beijing 100044,China
    2.Institute of Computing Technology,China Academy of Railway Sciences Corporation Limited,Beijing 100081,China
  • Received:2023-05-15 Revised:2023-10-13 Accepted:2023-10-17 Online:2024-04-22 Published:2024-04-10
  • Contact: Wenjia NIU
  • About author:YAO Honglei, born in 1983, M. S., senior engineer. His research interests include network security, risk assessment.
    LIU Jiqiang, born in 1973, Ph. D., professor. His research interests include trusted computing, privacy protection, cloud computing security.
    TONG Endong, born in 1986, Ph. D., lecturer. His research interests include artificial intelligent security, reinforcement learning.
    NIU Wenjia, born in 1982, Ph. D., professor. His research interests include network and information security, artificial intelligent security.
  • Supported by:
    Key Projects of China State Railway Group Corporation Limited(K2022W010)

摘要:

针对工业控制系统网络安全风险评估影响因素的不确定性和指标量化困难问题,提出一种基于模糊理论和攻击树的方法评估工业控制系统风险,并将它应用于中国列车控制系统(CTCS)的风险评估。首先,基于CTCS可能面临的网络安全威胁和系统自身的脆弱性建立攻击树模型,使用 α-截集三角模糊数(TFN)计算攻击树叶节点和攻击路径的区间概率;其次,利用层次分析法(AHP)建立安全事件损失数学模型,最终得出风险评估值。实验结果表明,所提方法可以有效评估系统风险,预测攻击路径,降低主观因素对风险评估过程的影响,使评估结果更契合实际,为安全防护策略的选择提供参考和依据。

关键词: 攻击树, α-截集三角模糊数, 层次分析法, 中国列车控制系统, 风险评估

Abstract:

To solve the problems of uncertain influence factors and indicator quantification difficulty in the risk assessment of industrial control networks, a method based on fuzzy theory and attack tree was proposed, and the proposed method was tested and verified on Chinese Train Control System (CTCS). First, an attack tree model for CTCS was constructed based on network security threats and system vulnerability. α-cut Triangular Fuzzy Number (TFN) was used to calculate the interval probabilities of leaf nodes and attack paths. Then, Analytic Hierarchy Process (AHP) was adopted to establish the mathematical model for security event losses and get the final risk assessment result. Finally, the experimental result demonstrates that the proposed method implements system risk assessment effectively, predicts the attack paths successfully and reduces the influence of subjective factors. By taking advantage of the proposed method, the risk assessment result would be more realistic and provides reference and basis for the selection of security protection strategies.

Key words: attack tree, α-cut Triangular Fuzzy Number (TFN), Analytic Hierarchy Process (AHP), Chinese Train Control System (CTCS), risk assessment

中图分类号: