拒绝服务攻击下的信息物理系统安全理论研究

项目名称： 拒绝服务攻击下的信息物理系统安全理论研究

项目编号： No.61503147

项目类型： 青年科学基金项目

立项/批准年度： 2016

项目学科： 自动化技术、计算机技术

项目作者： 张恒

作者单位： 江苏海洋大学

项目金额： 21万元

中文摘要： 信息物理系统（CPS）通过计算、通信、控制技术实现物理空间和信息空间深度融合。CPS给现代生产和生活带来巨大便捷，但不断涌现的安全问题和潜在安全威胁引起国内外政府和社会高度关注，由此引发的安全问题已成为新兴挑战性课题。本项目围绕CPS安全问题，针对能量受限的拒绝服务(DoS)攻击下的系统控制性能，采用理论分析结合仿真实验的方法，深入挖掘系统防御能力，提出有效的系统性能优化方法，从而建立一套针对DoS攻击的机理分析、入侵检测与安全防御的理论。主要研究内容有：分析能量受限的DoS攻击策略，评估攻击策略对系统性能的影响；设计DoS入侵检测机制；研究系统防御机制，提出最优传感器能量调度策略和最优控制策略；搭建CPS安全实验平台，验证理论研究成果。本项目的研究有助于推动网络化系统控制理论与网络安全技术的进一步融合，并在保障系统性能下提高CPS安全性，拓展和强化CPS安全领域的科研和应用。

中文关键词： 信息物理系统；反馈控制；拒绝服务攻击；控制性能；入侵检测

英文摘要： Cyber-Physical Systems (CPS) deeply integrate physical space and cyber space by computing, communication and control technologies. They can bring great convenience for our modern production and daily life. However, the emerging system security issues and potential security threats have put CPS on a high risk, and have become a critical international concern of both governments and societies. The security of CPS is a new and challenging topic. Taking this challenge, this research proposal focuses on a typical network attack, Denial-of-Service (DoS) attack with energy constraint in CPS. Focusing on the system control performance, we deeply dig the system security capability, propose effective methods to optimize the system performances, and finally achieve a suite of theories for DoS attack mechanism analysis, intrusion detection and defending technologies. The main research contents include the following aspects: analyzing DoS attack strategies under energy constraint, and assessing the impact of attack policy on the system performance; designing DoS intrusion detection algorithms for CPS; studying system defending strategies, and proposing optimal sensor’s energy scheduling policy and optimal control strategies; building up CPS platform, and verifying the theoretical achievements on it. Through the proposed project, we expect to not only help to promote further integration of wireless networked control theories and network security technologies, but also effectively protect the security of CPS with the guarantee of system performance, then expand and strengthen research and application of security domain in CPS.

英文关键词： Cyber-Physical Systems;Feedback control;Denial-of-Service attack;Control performance;Intrusion detection