可信工业控制系统中信任冷启动方法研究

项目名称： 可信工业控制系统中信任冷启动方法研究

项目编号： No.61502293

项目类型： 青年科学基金项目

立项/批准年度： 2016

项目学科： 自动化技术、计算机技术

项目作者： 周鹏

作者单位： 上海大学

项目金额： 20万元

中文摘要： 随着工业化和信息化的不断融合，现代工业控制系统表现出设备异构与边界模糊的特征，安全隐患日趋严重。通过行为建模的方式建立可信工业控制系统是解决其安全问题的一个重要研究方向。然而，现有的信任启动与建模方法存在防御滞后，启动缓慢以及行为数据利用率低等缺陷，不能很好的满足现代工业系统对实时性和安全性的要求。为了解决这一系列缺陷，本课题将研究全新的信任冷启动方法。该方法基于可迁移学习理论和深度学习理论建立异质设备属性与可信度之间的跨域关联模型，从而可以在异构设备运行的任何时刻通过设备属性直接估计其可信度(即信任冷启动)。用于关联模型训练的行为样本将通过病毒动态分析技术和工业蜜罐技术来获取。本课题在工业控制、信息安全和机器学习等多学科交叉的背景下，针对可信工业控制系统构建的薄弱环节，探索切实有效的解决方案，为保障现代工业控制系统的运行安全奠定必要的方法和实验基础。

中文关键词： 信任管理模型；信任管理系统；工业控制系统安全

英文摘要： With the integration of industrial and information techniques, Industrial Control Systems (ICSs) are now exhibiting the characteristics of device heterogeneity and boundary uncertainty, which is consequently inducing serious security risks. Building a trusted ICS via historical behavior modeling is a promising research direction for ICS security. However, existing trust models suffer from various shortcomings such as delayed protection, slow bootstrapping of trust and low utilization of behavior data, hence being unable to adapt well to the ICS environment which requires a higher quality of security and real-time response. To address these problems, we propose a novel fast-building-up method for trust establishment coined as cold bootstrapping. The basic idea is to apply transfer learning theory and deep learning theory, and thereby build a cross-domain model to capture the correlation between visible features of devices and the corresponding trustworthiness. This model is then used to estimate the trustworthiness for any devices through their visible features, without the need of direct historical behavior data for these devices (i.e., trust cold bootstrapping). Virus dynamic analysis and industrial honeypot technique are employed to collect behavior samples for model training. This is a multidisciplinary project that is related to industrial control, information security and machine learning. The proposed method solves the key problem that hinders the design of an effective trusted ICS for modern industries.

英文关键词： Trust management model;Trust management system;Industrial control system security