Research On Risk Assessment Method Of Information Security In Communication-Based Train Control Systems Based On Attack-defense Game

Communication-Based Train Control(CBTC)systems are critical facilities to the safe and efficient operation of trains.As information attack methods are constantly updated and strengthened,the degree of openness and interconnection of the CBTC system has deepened,and the information security problems faced by the system have become more and more severe.Information security risk assessment can quantitatively evaluate the information security status of the CBTC system,support managers to formulate security protection strategies,and improve the information security level of the system.The existing information security risk assessment methods of CBTC systems have some problems,such as few considered factors,excessive subjective factors,and high difference from the real scenarios.Therefore,the research on the theories and methods of information security risk assessment for CBTC systems is very significant both for theoretical guidance and practical application.This dissertation studies the information security risk assessment method of CBTC systems based on the attack-defense game,which comprehensively considers the impact of attacks-defense behaviors on the CBTC system and the dynamic interaction of decision-making,evaluates the information security risks of CBTC system under attack-defense confrontation.Generalized stochastic Petri net(GSPN)is utilized to model the decision process,the confrontation process,and the change of system states.Based on the game theory and multi-agent deep reinforcement learning method,the attack-defense behaviors are predicted to assist GSPN model solving.The system performance is quantitatively analyzed.Consequently,the information security risk of CBTC systems is evaluated.The main work of this dissertation are as follows:(1)Research on the attack-defense process of CBTC systems.This dissertation studies the types of existing information attacks,analyzes the vulnerability of the CBTC system,selects the attack and defense methods suitable for the CBTC system,and designs three typical attack-defense scenarios according to the occurrence conditions of attack-defense behaviors and the implementation environment.And the impact of attack-defense behaviors on the physical process and operational performance of CBTC systems is studied.(2)An attack-defensive confrontation model of CBTC systems based on GSPN is established.According to the characteristics of attack-defense behaviors in the designed scenarios,the implementation environment,and the steps required to achieve the final goal,the three types of attack-defense scenarios are integrated into a multi-stage attack-defense confrontation process of CBTC systems.The GSPN model is used to describe the strategy selection process,dynamic behaviors interaction process,and the transformation process of the system states under attack-defense behaviors in CBTC systems.(3)An optimal strategy selection method based on attack-defense game and multi-agent deep reinforcement learning is proposed.Based on the attack defense confrontation model of the CBTC system,the strategy set is extracted,and the multi-stage game model of CBTC systems is constructed.And in this dissertation,Wolf-PHC and multi-agent deep reinforcement learning methods are used to solve the optimal attack and defense strategy.(4)Based on GSPN and the game model,the information security risk assessment method of the CBTC system is proposed.The attack-defense game is used to obtain the optimal strategy.And then,the GSPN model is solved to obtain the probabilities of different system states.The system performance in different states is quantitatively analyzed,and the information security risk of CBTC systems is evaluated.(5)The hardware in loop simulation platform of the laboratory is used to build the verification environment.The effectiveness of the proposed information security risk assessment method of CBTC systems is analyzed and compared with the existing method.The evaluation results of the proposed method and the comparison with the results of the existing method show that the proposed method can more realistically evaluate the information security risk of CBTC systems,which is very significant both for theoretical research and practical application.