| Industrial Control System(ICS)is a generic term for the computer control systems used in industrial production processes.It is widely used in manufacturing,energy,transportation,water and electricity industries,and is an important infrastructure that affects the people’s livelihood.Industrial Control Protocol(ICP)is a network protocol used for industrial control systems to exchange and collect real-time data,configure core parameters,monitor the real-time operating status of the system,execute instructions and many other functions in a special environment,and its security issues determine whether the industrial control system can operate reliably and stably in the long term.While the development of industrial information technology and the integration of industrial production with the Internet has been advancing by leaps and bounds in recent years,the number of attacks on ICS has increased dramatically,causing serious and irreversible damage,and the security of ICP,as the core of communication and interaction in this special environment,has received increasing attention from all parties,but due to the uniqueness of the industrial production environment,it is difficult for security personnel to develop common rules and methods Vulnerability mining of ICPs to identify possible risks to the system,and to fix and prevent them in advance.Fuzzing,as one of the mainstream vulnerability mining methods in recent years,is also widely used for network protocols,but industrial control network protocols are characterised by a large number of types,specialised and private characteristics that are difficult to parse,and operate in a closed environment,making it difficult to directly apply reverse engineering to construct protocol syntax rules for testing.In this thesis,after briefly outlining the characteristics of industrial control protocols and summarising the current security issues and attack patterns faced by industrial control protocols,we propose a protocol fuzzing test method based on Sequence Generative Adversarial Network(Seq GAN)to address these difficulties.We first capture a large amount of protocol communication data of the system to be tested,then input the pre-processed data into the generator and discriminator models of the designed and constructed generative adversarial network for training,use the generated new messages as test cases for fuzzing test of the system to be tested,observe the operation status of the target,and record all data frames that lead to abnormalities in the system for subsequent analysis.Based on the above approach,we designed a generic fuzzing test tool for industrial control protocols,which can effectively perform vulnerability mining work on industrial control protocols.The final experimental results prove the effectiveness and reliability of our approach and tool,which can effectively learn the characteristics of the target protocol without requiring the specific structure of the protocol,releasing the dependence on the protocol specification.The final test cases generated have good results in testing,successfully triggering system operation exceptions and achieving the expected results.The generated test cases were found to be effective in testing and successfully triggered exceptions,achieving the expected results.The test cases performed better in terms of effectiveness and the number of exceptions triggered than the traditional GAN-based approach,and have good scalability for future application to other ICP tests. |
PDF Full Text Request