摘要
铁路信号系统的发展随着信息化进程的进一步深化,其各子系统接口的安全性问题逐渐显现,越来越多的通用软件和接口协议的引入使得铁路信号系统专网的安全性备受威胁。从渗透测试中的口令攻击切入,分析了安全数据网某中心设备和交换机的计算机网络中存在的漏洞,并利用口令攻击方式进行了漏洞攻击的测试。测试结果表明,通用的计算机网络漏洞在铁路信号系统中同样存在,需要通过加强系统管理和口令强度或加密等措施提升系统安全性。
As railway signalling system is pushing forward further along with the development of railway informatization,the interface security of railway signalling system is emerging up with security loopholes.The introduction of more and more general-purpose software and interface protocol has imposed threat on the security of railway-signalling-special data network.Started from a password attack in penetration test,we analyze the loopholes in a control centre device and switch network by using password attack to test the loopholes.The results show that there are computer network loopholes in railway signalling system and it is indispensable to enhance system security through stricter security management and encryption.
出处
《铁道通信信号》
2016年第9期63-67,共5页
Railway Signalling & Communication
基金
中国铁路总公司科技研究开发计划:列控系统网络安全检测与评估技术研究(2014X003-J)
中国铁路总公司科技研究开发计划:铁路信号系统信息安全及防护技术研究(2016X008-B)
关键词
铁路信号系统
安全数据网
口令攻击
Railway signalling system
Security data network
Password attack