摘要
工业网络控制系统安全问题受到广泛重视,本文针对Modbus TCP协议模糊测试过程中,由于缓冲区设置难以与实际情况吻合进而导致经常出现的溢出漏洞,提出了一种改进的应用数据单元(IADU)格式,避免了报文长度变化导致的长度信息丢失,并采用主成分分析(PCA)方法处理数据相关性导致重复信息大量出现问题,降低了维数爆炸的风险。进一步采用概率神经网络(PNN)对待输入畸形数据引发漏洞可能性进行匹配和判断,从而提高模糊测试的效率。实验分析结果表明,本文方法能减少8.6%的畸形数据输入量。
The security of network control system has captured worldwide attention.For the frequent overflow caused by the disparity between buffer setting and practical requirement in the Modbus TCP protocol fuzzing test,a new data structure of improved application data unit capable to preventing the message length information from being lost is presented in this paper.Then principal component analysis(PCA)is used to reduce the dimensionality explosion risk aroused by the massive identical information which comes from the data relativity.At last,a probabilistic neural network(PNN)is deployed to estimate the vulnerabilities detecting possibility of the malformed data to be input,which makes the fuzzing test more efficient.The analysis and comparison to the experiment result denote that the input data is reduced by 8.60%via using the method presented in this paper.
作者
任蒲军
付敬奇
Ren Pujun;Fu Jingqi(School of Mechatronic Engineering and Automation,Shanghai University,Shanghai 200444,China)
出处
《电子测量技术》
2019年第7期7-12,共6页
Electronic Measurement Technology
基金
上海市科委项目(17511107002)资助
关键词
MODBUS
TCP
模糊测试
概率神经网络
主成分分析
Modbus TCP
fuzzing test
probabilistic neural network(PNN)
principal component analysis(PCA)
