工业控制系统关键组件安全风险综述

doi:10.11959/j.issn.2096-109x.2022030

Abstract

Abstract:

With the rapid development of modern information technology and communication technology, industrial control system has become an important part of national key infrastructure, whose security is related to national strategic security and social stability.The close connection between modern industrial control system and Internet promotes the rapid progress of industrial control technology, meanwhile it brings serious security risks.Since the“Stuxnet” virus incident, attacks on industrial control systems have occurred frequently, which causes huge economic losses to global production enterprises.Besides, it also poses significant impact on the social stability and security to many countries and regions, which has aroused people’s great concern about the security of industrial control systems.Due to the wide variety of automation equipment and proprietary protocols, complex data flow and rapid development in modern industrial control system, it is very difficult to summarize the safety of key components of industrial control.There are few literatures related to this area, and most of them are old and incomplete.To solve the above problems, the mainstream architecture and related components of the current industrial control system were introduced.Then the security vulnerabilities and potential threats in the key industrial control components were analyzed.The attack methods of SCADA control center, programmable logic controller and field equipment were summarized.Furthermore, the preconditions, objects, steps and hazards of the attack in the literature in recent years were also analyzed.The attacks against industrial control network were classified from the perspective of integrity and confidentiality.Finally, the possible development trend of industrial control system attack was given.

Key words: industrial control system, supervisory control and data acquisition, programmable logic controller, attack trend

CLC Number:

TP309

Shijie TANG, Fang YUAN, Jun LI, Yong DING, Huiyong WANG. Review on security risks of key components in industrial control system[J]. Chinese Journal of Network and Information Security, 2022, 8(3): 1-17.

Figures/Tables 13

References 83

[1]	工业和信息化部. 关于印发信息化和工业化融合发展规划(2016—2020年)的通知[EB].
	Ministry of industry and information technology. Notice on printing and distributing the integrated development plan of informatization and industrialization (2016—2020)[EB].
[2]	赛迪顾问. 2019—2021年中国工业控制市场预测与展望数据[EB].
	CCID Consultant. 2019—2021 Forecast and prospect data of China’s industrial control market[EB].
[3]	BABU B , IJYAS T , MUNEER P ,et al. Security issues in SCADA based industrial control systems[C]// 2017 2nd International Conference on Anti-Cyber Crimes (ICACC). 2017: 47-51.
[4]	AYODEJI A , LIU Y , CHAO N ,et al. A new perspective towards the development of robust data-driven intrusion detection for industrial control systems[J]. Nuclear Engineering and Technology, 2020,52(12): 2687-2982.
[5]	HUANG D , SHI X , ZHANG W A . False data injection attack detection for industrial control systems based on both time-and frequency-domain analysis of sensor data[J]. IEEE Internet of Things Journal, 2020,8(1): 585-595.
[6]	MA R , CHENG P , ZHANG Z ,et al. Stealthy attack against redundant controller architecture of industrial cyber-physical system[J]. IEEE Internet of Things Journal, 2019,6(6): 9783-9793.
[7]	XU L D , XU E L , LI L.Industry 4 . 0:state of the art and future trends[J]. International Journal of Production Research, 2018,56(8): 2941-2962.
[8]	SAJID A , ABBAS H , SALEEM K . Cloud-assisted IoT-based SCADA systems security:a review of the state of the art and future challenges[J]. IEEE Access, 2016,(4): 1375-1384.
[9]	ASGHAR M R , HU Q , ZEADALLY S . Cybersecurity in industrial control systems:issues,technologies,and challenges[J]. Computer Networks, 2019,(165).
[10]	UPADHYAY D , SAMPALLI S . SCADA (supervisory control and data acquisition) systems:vulnerability assessment and security recommendations[J]. Computers ＆ Security, 2020,(89).
[11]	NAZIR S , PATEL S , PATEL D . Assessing and augmenting SCADA cyber security:a survey of techniques[J]. Computers ＆ Security, 2017,(70): 436-454.
[12]	YADAV G , PAUL K . Architecture and security of SCADA systems:A review[J]. International Journal of Critical Infrastructure Protection, 2021.
[13]	ALLADI T , CHAMOLA V , ZEADALLY S . Industrial control systems:cyberattack trends and countermeasures[J]. Computer Communications, 2020,155: 1-8.
[14]	冯涛, 鲁晔, 方君丽 . 工业以太网协议脆弱性与安全防护技术综述[J]. 通信学报, 2017,38(Z2): 185-196.
	FENG T , LU Y , FANG J L . Overview of vulnerability and security protection technology of industrial Ethernet protocol[J]. Journal of communications, 2017,38(Z2): 185-196.
[15]	ZIMBA A , WANG Z , CHEN H . Multi-stage crypto ransomware attacks:A new emerging cyber threat to critical infrastructure and industrial control systems[J]. Ict Express, 2018,4(1): 14-18.
[16]	XU Y , YANG Y , LI T ,et al. Review on cyber vulnerabilities of communication protocols in industrial control systems[C]// 2017 IEEE Conference on Energy Internet and Energy System Integration (EI2). 2017: 1-6.
[17]	WAN M , LI J , LIU Y ,et al. Characteristic insights on industrial cyber security and popular defense mechanisms[J]. China Communications, 2021,18(1): 130-150.
[18]	GONZALEZ D , ALHENAKI F , MIRAKHORLI M . Architectural security weaknesses in industrial control systems (ICS) an empirical study based on disclosed software vulnerabilities[C]// 2019 IEEE International Conference on Software Architecture (ICSA). 2019: 31-40.
[19]	黄家辉, 冯冬芹, 王虹鉴 . 基于攻击图的工控系统脆弱性量化方法[J]. 自动化学报, 2016,42(5): 792-798.
	HUANG J H , FENG D Q , WANG H J . Vulnerability quantification method of industrial control system based on attack graph[J]. Journal of Automation, 2016,42(5): 792-798.
[20]	工业互联网产业联盟. 工业互联网安全风险态势报告2019[R].
	Industrial Internet industry alliance. Industrial Internet security risk situation report 2019[R].
[21]	ANI U P D , HE H , TIWARI A . Review of cybersecurity issues in industrial critical infrastructure:manufacturing in perspective[J]. Journal of Cyber Security Technology, 2017,1(1): 32-74.
[22]	KALAM A A E . Securing SCADA and critical industrial systems:From needs to security mechanisms[J]. International Journal of Critical Infrastructure Protection, 2021,(32).
[23]	SERHANE A , RAAD M , RAAD R ,et al. Programmable logic controllers based systems (PLC-BS):vulnerabilities and threats[J]. SN Applied Sciences, 2019,1(8): 1-12.
[24]	WEERATHUNGA P E , CIORACA A . The importance of testing Smart Grid IEDs against security vulnerabilities[C]// 2016 69th Annual Conference for Protective Relay Engineers (CPRE). 2016: 1-21.
[25]	WANG J , SHI D . Cyber-attacks related to intelligent electronic devices and their countermeasures:a review[C]// 2018 53rd International Universities Power Engineering Conference (UPEC). Glasgow,Scotland:IEEE, 2018: 1-6.
[26]	FILLATRE L , NIKIFOROV I , WILLETT P . Security of SCADA systems against cyber–physical attacks[J]. IEEE Aerospace and Electronic Systems Magazine, 2017,32(5): 28-45.
[27]	AHMED I , OBERMEIER S , SUDHAKARAN S ,et al. Programmable logic controller forensics[J]. IEEE Security ＆ Privacy, 2017,15(6): 18-24.
[28]	KLICK J , LAU S , MARZIN D ,et al. Internet-facing PLCs-a new back orifice[J]. Blackhat USA, 2015: 22-26.
[29]	FORMBY D , BEYAH R . Temporal execution behavior for host anomaly detection in programmable logic controllers[J]. IEEE Transactions on Information Forensics and Security, 2019,15: 1455-1469.
[30]	MANSOR H , MARKANTONAKIS K , AKRAM R N ,et al. Don't brick your car:firmware confidentiality and rollback for vehicles[C]// 2015 10th International Conference on Availability,Reliability and Security. 2015: 139-148.
[31]	BETTAYEB M , NASIR Q , TALIB M A . Firmware update attacks and security for IoT devices:Survey[C]// Proceedings of the ArabWIC 6th Annual International Conference Research Track. 2019: 1-6.
[32]	YOO H , AHMED I . Control logic injection attacks on industrial control systems[C]// IFIP International Conference on ICT Systems Security and Privacy Protection. 2019: 33-48.
[33]	GOVIL N , AGRAWAL A , TIPPENHAUER N O . On ladder logic bombs in industrial control systems[M]. Computer Security. Berlin,Heidelberg: Springer, 2017.
[34]	SERHANE A , RAAD M , RAAD R ,et al. PLC code-level vulnerabilities[C]// 2018 International Conference on Computer and Applications (ICCA). 2018: 348-352.
[35]	CERON J M , CHROMIK J J , SANTANNA J ,et al. Online discoverability and vulnerabilities of ICS/SCADA devices in the Netherlands[J]. arXiv preprint arXiv:2011.02019, 2020.
[36]	ROSA L , CRUZ T , SIM?ES P ,et al. Attacking SCADA systems:A practical perspective[C]// 2017 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). 2017: 741-746.
[37]	BIHAM E , BITAN S , CARMEL A ,et al. Rogue7:Rogue engineering-station attacks on S7 Simatic PLCs[J]. Black Hat USA, 2019， 1-21.
[38]	DODSON M , BERESFORD A R , THOMAS D R . When will my PLC support Mirai? The security economics of large-scale attacks against Internet-connected ICS devices[C]// 2020 APWG Symposium on Electronic Crime Research (eCrime). IEEE, 2020: 1-14.
[39]	DRIAS Z , SERHROUCHNI A , VOGEL O . Taxonomy of attacks on industrial control protocols[C]// 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS). 2015: 1-6.
[40]	DRIAS Z , SERHROUCHNI A , VOGEL O . Identity-based cryptography (IBC) based key management system (KMS) for industrial control systems (ICS)[C]// 2017 1st Cyber Security in Networking Conference (CSNet). 2017: 1-10.
[41]	YANG L , SHANG W , CHEN C ,et al. Authentication technology in industrial control system based on identity password[C]// 2020 39th Chinese Control Conference (CCC). 2020: 7677-7684.
[42]	梁耀, 冯冬芹, 徐珊珊 ,等. 加密传输在工控系统安全中的可行性研究[J]. 自动化学报, 2018,44(03): 434-442.
	LIANG Y , FENG D Q , XU S S ,et al. Feasibility study of encrypted transmission in industrial control system security[J]. Journal of automation, 2018,44(03): 434-442.
[43]	ELMRABET Z , ELGHAZI H , KAABOUCH N ,et al. Cyber-security in smart grid:Survey and challenges[J]. Computers ＆Electrical Engineering, 2018,67: 469-482.
[44]	GUNDUZ M Z , DAS R . Cyber-security on smart grid:threats and potential solutions[J]. Computer Networks,2020(169):Article No.107094.
[45]	SILBERSCHATZ A , GALVIN P B , GAGNE G . Operating system concepts[M]. New Jersey: John Wiley ＆ Sons, 2006.
[46]	WEI M , WANG W . Safety can be dangerous:secure communications impair smart grid stability under emergencies[C]// 2015 IEEE Global Communications Conference (GLOBECOM). 2015: 1-6.
[47]	FAURI D , WIJS B D , HARTOG J D ,et al. Encryption in ICS networks:a blessing or a curse?[C]// 2017 IEEE International Conference on Smart Grid Communications (SmartGridComm). 2017: 289-294.
[48]	GREEN B , KNOWLES W , KROTOFIL M ,et al. PCaaD:towards automated determination and exploitation of industrial processes[J]. arXiv preprint arXiv:2102.10049, 2021.
[49]	ADEYANJU I A , EMAKE E D , OLANIYAN O M ,et al. Digital industrial control systems:vulnerabilities and security technologies[J]. Current Applied Science and Technology, 2021: 188-207.
[50]	国家互联网应急中心. 2020年我国互联网网络安全态势综述[R].
	National Internet Emergency Center. Overview on China's Internet network security situation in 2020[R].
[51]	BHAMARE D , ZOLANVARI M , ERBAD A ,et al. Cybersecurity for industrial control systems:a survey[J]. Computers ＆ Security, 2020,89: 101677.
[52]	ZHANG F . Cybersecurity solutions for industrial control systems and key equipment[D]. Knoxiville:University of Tennessee, 2019.
[53]	KLEINMANN A , AMICHAY O , WOOL A ,et al. Stealthy deception attacks against SCADA systems[M]// Computer Security. Berlin Heidelberg: Springer, 2017.
[54]	HU Y , SUN Y , WANG Y ,et al. An enhanced multi-stage semantic attack against industrial control systems[J]. IEEE Access, 2019,7: 156871-156882.
[55]	BASNIGHT Z , BUTTS J , JR J L ,et al. Firmware modification attacks on programmable logic controllers[J]. International Journal of Critical Infrastructure Protection, 2013,6(2): 76-84.
[56]	GARCIA L , BRASSER F , CINTUGLU M H ,et al. Hey,my malware knows physics! attacking plcs with physical model aware rootkit[C]// NDSS. 2017: 1-15.
[57]	LI W , XIE L , DENG Z ,et al. False sequential logic attack on SCADA system and its physical impact analysis[J]. Computers ＆Security, 2016,58: 149-159.
[58]	KALLE S , AMEEN N , YOO H ,et al. Clik on plcs! Attacking control logic with decompilation and virtual plc[C]// Binary Analysis Research (BAR) Workshop,Network and Distributed System Security Symposium (NDSS). 2019: 1-12.
[59]	SENTHIVEL S , DHUNGANA S , YOO H ,et al. Denial of engineering operations attacks in industrial control systems[C]// Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy. 2018: 319-329.
[60]	ABBASI A , HASHEMI M . Ghost in the plc designing an undetectable programmable logic controller RootKit via pin control attack[J]. Black Hat Europe, 2016,2016: 1-35.
[61]	G?NEN S , SAYAN H H , YILMAZ E N ,et al. False data injection attacks and the insider threat in smart systems[J]. Computers ＆Security, 2020,97: 101955.
[62]	ROOMI M M , BISWAS P P , MASHIMA D ,et al. False data injection cyber range of modernized substation system[C]// 2020 IEEE International Conference on Communications,Control,and Computing Technologies for Smart Grids (SmartGridComm). 2020: 1-7.
[63]	SPENNEBERG R , BRüGGEMANN M , SCHWARTKE H . Plc-blaster:A worm living solely in the PLC[J]. Black Hat Asia, 2016,16: 1-16.
[64]	SELVARAJ J , DAYANIKLI G Y , GAUNKAR N P ,et al. Electromagnetic induction attacks against embedded systems[C]// Proceedings of the 2018 on Asia Conference on Computer and Communications Security. 2018: 499-510.
[65]	YLMAZ E N , CIYLAN B , G?NEN S ,et al. Cyber security in industrial control systems:analysis of DoS attacks against PLCs and the insider effect[C]// 2018 6th International Istanbul Smart Grids and Cities Congress and Fair (ICSG). 2018: 81-85.
[66]	HUMAYUN M , JHANJHI N Z , ALSAYAT A ,et al. Internet of things and ransomware:evolution,mitigation and prevention[J]. Egyptian Informatics Journal, 2021,22(1): 105-117.
[67]	ADEPU S , PRAKASH J , MATHUR A . Waterjam:An experimental case study of jamming attacks on a water treatment system[C]// 2017 IEEE International Conference on Software Quality,Reliability and Security Companion (QRS-C). 2017: 341-347.
[68]	ZHANG F , KODITUWAKKU H A D E , HINES J W ,et al. Multilayer data-driven cyber-attack detection system for industrial control systems based on network,system,and process data[J]. IEEE Transactions on Industrial Informatics, 2019,15(7): 4362-4369.
[69]	SAJJAN R S , GHORPADE V R . Ransomware attacks:Radical menace for cloud computing[C]// 2017 International Conference on Wireless Communications,Signal Processing and Networking (WiSPNET). 2017: 1640-1646.
[70]	ZHANG Y , SUN Z , YANG L ,et al. A11 Your PLCs Belong to me:ICS ransomware is realistic[C]// 2020 IEEE 19th International Conference on Trust,Security and Privacy in Computing and Communications (TrustCom). 2020: 502-509.
[71]	PIRAYESH H , SANGDEH P K , ZENG H . Securing ZigBee communications against constant jamming attack using neural network[J]. IEEE Internet of Things Journal, 2020,8(6): 4957-4968.
[72]	PALLETI V R , MISHRA V K , AHMED C M ,et al. Can replay attacks designed to steal water from water distribution systems remain undetected?[J]. ACM Transactions on Cyber-Physical Systems, 2020,5(1): 1-19.
[73]	CHEN S , PANG Z , WEN H ,et al. Automated labeling and learning for physical layer authentication against clone node and sybil attacks in industrial wireless edge networks[J]. IEEE Transactions on Industrial Informatics, 2020,17(3): 2041-2051.
[74]	QIAN J , DU X , CHEN B ,et al. Cyber-physical integrated intrusion detection scheme in SCADA system of process manufacturing industry[J]. IEEE Access, 2020,8: 147471-147481.
[75]	陆冠竹, 刘奕贤, 刘宗晁 ,等. 工业控制系统安全之探讨—— 以西门子 S7 系列为例[J].[C]// TANET 2019. 2019: 715-719.
	LU G Z , LIU Y X , LIU Z C ,et al. Discussion on the safety of industrial control system —— Taking Siemens S7 Series as an example[C]// TANet 2019. 2019: 715-719.
[76]	LI X , XU J , DAI H N ,et al. On modeling eavesdropping attacks in wireless networks[J]. Journal of Computational Science, 2015,11: 196-204.
[77]	URBINA D I , GIRALDO J A , TIPPENHAUER N O ,et al. attacking fieldbus communications in ICS:applications to the SWaT testbed[C]// Proceedings of the Singapore Cyber-Security Conference (SG-CRC). 2016: 75-89.
[78]	DEB D , CHAKRABORTY S R , LAGINENI M ,et al. Security analysis of MITM attack on SCADA network[C]// International Conference on Machine Learning,Image Processing,Network Security and Data Sciences.Abu Dhabi,The United Arab Emirates:Springer. 2020: 501-512.
[79]	LIU D , XU Y HUANG X . Identification of location spoofing in wireless sensor networks in non-line-of-sight conditions[J]. IEEE Transactions on Industrial Informatics, 2017,14(6): 2375-2384.
[80]	PAN X , WANG Z , SUN Y . Review of PLC security issues in industrial control system[J]. Journal of Cybersecurity, 2020,2(2): 69-83.
[81]	DI PINTO A , DRAGONI Y , CARCANO A . TRITON:The first ICS cyber attack on safety instrument systems[C]// Proc.Black Hat. 2018: 1-26.
[82]	AHMED Y A , KOCER B , HUDA S ,et al. A system call refinement-based enhanced minimum redundancy maximum relevance method for ransom ware early detection[J]. Journal of Network and Computer Applications, 2020,167: 102753.
[83]	GAZZAN M , ALQAHTANI A , SHELDON F T . Key factors influencing the rise of current ransom ware attacks on industrial control systems[C]// 2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC). 2021: 1417-1422.

Metrics

Recommended 0

No Suggested Reading articles found!

影响因素	等级细分	说明
SCADA服务器	大	使整个控制系统和管理者的计算机能随时使用来自SCADA远程终端的重要信息
工程师站	中	既安装STEP 7编程组态软件，又安装WinCC监控操作组态软件
操作员站	小	仅需安装WinCC监控操作组态软件
用户机	小	存放传输给管理层的数据
Web服务器	小	提供Web服务的功能，在某些工控系统中不是必需的
MES服务器/数据库	大	存放制造执行层的重要数据
OPC服务器/数据库	大	存放下位机采集的原始现场数据和上位机传来的指令
RTU	大	主要进行数据采集和本地控制，与传输可靠性、主机负担等相关
PLC	大	主要进行过程控制、信息控制和远程控制，是重要的下位机
PAC	小	作为开放型的自动化控制设备，其应用在工控系统中并不常见

开始时间(观察序号)	结束时间(观察序号)	攻击描述
600 s(150)	630 s(158)	网络发现
840 s(210)	1 020 s(255)	利用Ettercap实施中间人攻击
1 020 s(255)	1 020 s(255)	恶意代码注入
1 200 s(300)	2 400 (600)	恶意代码运行LabVIEW模型

攻击类型	参考文献	控制器	攻击的实验
固件修改攻击	文献[55]	ControlLogix L61	伪造了固件的版本号
	文献[6]	NA400-0501 UWNTEK UW5101 FM802 CPU	对3种控制器进行逆向工程并找到所需的漏洞，来攻击冗余控制器
	文献[56]	Allen Bradley PLC	通过修改PLC的固件，在不改变PLC控制逻辑的情况下操作PLC的输入和输出值
有效负载攻击	文献[58]	Schneider Electric Modicon M221 PLC	设计了一个完整的控制逻辑感染攻击链，包括漏洞攻击、反编译、恶意逻辑生成和隐藏感染
	文献[59]	Allen-Bradley Micrologix 1400-B PLC	设计了3种控制逻辑攻击场景，称为DEO（denial of engineering operations）攻击，可能严重影响控制中心操作员的态势感知，以产生安全隐患
	文献[33]	工控系统测试平台	进行了4种LLB的实验及评估
	文献[32]	Modicon M221 MicroLogix 1400	提出了两种新的控制逻辑注入攻击：数据执行攻击；碎片和噪声填充攻击
引脚控制攻击	文献[60]	Wago 750-8202 PLC	通过更改引脚相关寄存器修改引脚的功能和配置，实施引脚控制攻击
虚假数据注入攻击	文献[61]	Schneider M241 PLC	使用错误数据注入进行寄存器操纵
蠕虫病毒攻击	文献[63]	SIMATIC S7-1200	演示了PLC蠕虫的可行性

基本属性	攻击类型	文献	简要描述
可用性	DoS攻击	文献[65]	通过使用Hping、SmootSec IDS和Wireshark等工具对PLC和TIA Portal应用程序进行DoS攻击。作者侧重于检测PLC设备和TIA Portal应用程序的漏洞，并进行安全分析来确定解决方案
	勒索软件攻击	文献[15]	模拟来自CI（critical infrastructure）中3种渗透源的不同加密勒索软件多级攻击。通过静态恶意软件分析说明，勒索软件采用不同的技术，在不同的网络分区传播和攻击CI组件
		文献[66]	对物联网环境中勒索软件的演变、预防和缓解进行了全面调查
	干扰攻击	文献[67]	在安全水处理（SWAT）实验台上实现了对工控系统的网络干扰攻击
完整性	重放攻击	文献[53]	在劫持HMI和PLC之间的通信通道后，在HMI中重放先前获得的消息
		文献[72]	在配水（WADI）工厂试验台发起重放攻击，研究在什么情况下，攻击者/攻击可以在盗窃水时不被发现
	节点复制攻击	文献[73]	利用NIST开放数据集进行汽车装配环境下复制攻击的仿真实验
机密性	窃听攻击	文献[76]	模拟无线网络中的窃听攻击，同时考虑了信道条件和天线模型。分析了路径损失效应、阴影衰落效应与窃听攻击的概率
	中间人攻击	文献[77]	讨论了对ICS现场总线通信的中间人攻击，给出了有关典型拓扑和此类设置中使用协议的详细信息
	位置欺骗攻击	文献[78]	利用COPS SCADA Lab kit、Ettercap、Wireshark等工具对SCADA网络实施中间人攻击
		文献[79]	采用Matlab仿真位置欺骗攻击

Review on security risks of key components in industrial control system

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 13

References 83

Related Articles 15

Metrics

Recommended 0

[1]	Yilong WANG, Zhenyu LI, Daofu GONG, Fenlin LIU. Image double fragile watermarking algorithm based on block neighborhood [J]. Chinese Journal of Network and Information Security, 2023, 9(3): 38-48.
[2]	Renfeng CHEN, Hongbin ZHU. Research on credit card transaction security supervision based on PU learning [J]. Chinese Journal of Network and Information Security, 2023, 9(3): 73-78.
[3]	Guanyun FENG, Cai FU, Jianqiang LYU, Lansheng HAN. Insider threat detection based on operational attention and data augmentation [J]. Chinese Journal of Network and Information Security, 2023, 9(3): 102-112.
[4]	Genlin XIE, Guozhen CHENG, Yawen WANG, Qingfeng WANG. Software diversity evaluating method based on gadget feature analysis [J]. Chinese Journal of Network and Information Security, 2023, 9(3): 161-173.
[5]	Peng HOU, Zhixin LI, Fei ZHANG, Xu SUN, Dan CHEN, Yihao CUI, Hanbing ZHANG, Yinan JIN, Hongfeng CHAI. Technology and practice of intelligent governance for financial data security [J]. Chinese Journal of Network and Information Security, 2023, 9(3): 174-187.
[6]	Min XIAO, Faying MAO, Yonghong HUANG, Yunfei CAO. Anonymous trust management scheme of VANET based on attribute signature [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 33-45.
[7]	Jianlong XU, Jian LIN, Yusen LI, Zhi XIONG. Distributed user privacy preserving adjustable personalized QoS prediction model for cloud services [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 70-80.
[8]	Xunxun CHEN, Mingzhe LI, Ning LYU, Liang HUANG. Intrinsic assurance: a systematic approach towards extensible cybersecurity [J]. Chinese Journal of Network and Information Security, 2023, 9(1): 92-102.
[9]	Jiashuo SONG, Zhenzhen LI, Haiyang DING, Zichen LI. Efficient and fully simulated oblivious transfer protocol on elliptic curve [J]. Chinese Journal of Network and Information Security, 2023, 9(1): 158-166.
[10]	Fenghua LI, Hui LI, Ben NIU, Weidong QIU. Academic connotation and research trends of privacy computing [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 1-8.
[11]	Fei TANG, Ning GAN, Xianggui YANG, Jinyang WANG. Anti malicious KGC certificateless signature scheme based on blockchain and domestic cryptographic SM9 [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 9-19.
[12]	Xue BAI, Baodong QIN, Rui GUO, Dong ZHENG. Two-party cooperative blind signature based on SM2 [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 39-51.
[13]	Jun LIU, Lin YUAN, Zhishang FENG. Survey of key management schemes for cluster networks [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 52-69.
[14]	Min XIAO, Tao YAO, Yuanni LIU, Yonghong HUANG. Dynamic and efficient vehicular cloud management scheme with privacy protection [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 70-83.
[15]	Jiaying LIN, Wenbo ZHOU, Weiming ZHANG, Nenghai YU. Lip forgery detection via spatial-frequency domain combination [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 146-155.