Chinese Journal on Internet of Things ›› 2022, Vol. 6 ›› Issue (4): 149-157.doi: 10.11959/j.issn.2096-3750.2022.00292
• Theory and Technology • Previous Articles Next Articles
Ya YU1,2, Yusun FU2,3,4
Revised:
2022-08-04
Online:
2022-12-30
Published:
2022-12-01
Supported by:
CLC Number:
Ya YU, Yusun FU. Research on trust measurement method for initial access of industrial internet edge terminals[J]. Chinese Journal on Internet of Things, 2022, 6(4): 149-157.
"
设备名称 | 漏洞编号 | 危害等级 | CVSS评分 | 漏洞描述 |
ABB工业机器人示教器 | CNVD-2020-49104 | 中 | 5 | 存在加密算法漏洞,攻击者可利用漏洞破解出ABB工业机器人的用户密码 |
ACSSpiiPlusEC-08运动控制器 | CNVD-2020-75690 | 高 | 7.8 | 存在拒绝服务漏洞,攻击者可利用该漏洞发起拒绝服务攻击 |
CC-PCNT02控制器 | CNVD-2020-62870 | 中 | 6.1 | 存在拒绝服务漏洞,攻击者可利用该漏洞造成拒绝服务 |
Siemens S7-200控制器 | CNVD-2019-40162 | 中 | 6.6 | 攻击者可以通过伪造数据绕过身份认证从而任意篡改PLC寄存器的值 |
Bit defender BOX智能家居安全控制设备 | CNVD-2020-15145 | 高 | 7.6 | 存在安全漏洞,源于网络系统或产品的代码开发过程中存在设计或实现不当的问题 |
Cisco 809 Industrial ISRs工业路由器 | CNVD-2020-31825 | 高 | 10 | 存在缓冲区溢出漏洞,源于错误的边界检查。远程攻击者可通过发送恶意的数据包利用该漏洞造成系统崩溃并重新加载 |
"
指标 | 指标值 | 数值 |
攻击向量AV | 网络 | 0.85 |
局域 | 0.62 | |
本地 | 0.55 | |
物理 | 0.2 | |
攻击复杂性AC | 低 | 0.77 |
高 | 0.44 | |
未超出影响范围的所需权限PR | 无 | 0.85 |
( privileges required/unchanged scope) | 低 | 0.62 |
高 | 0.27 | |
超出影响范围时的所需权限PR | 无 | 0.85 |
(privileges required/changed scope) | 低 | 0.68 |
高 | 0.5 | |
用户交互UI | 无要求 | 0.85 |
(user interaction) | 有要求 | 0.62 |
机密性影响CF、完整性影响I、可用 | 无 | 0 |
性影响 A、可见性影响 V、可控性影响CT | 中 | 0.22 |
高 | 0.56 |
[1] | 陶永, 蒋昕昊, 刘默 ,等. 智能制造和工业互联网融合发展初探[J]. 中国工程科学, 2020,22(4): 24-33. |
TAO Y , JIANG X H , LIU M ,et al. A preliminary study on the integra-tion of intelligent manufacturing and industrial internet[J]. Strategic Study of CAE, 2020,22(4): 24-33. | |
[2] | 陶利民 . 开放网络环境下基于不确定性理论的主观信任管理研究[D]. 杭州:浙江工业大学, 2013. |
TAO L M . Research on subjective trust management based on uncer-tainty theory under open network environment[D]. Hangzhou:Zhe-jiang University of Technology, 2013. | |
[3] | 冯玉翔 . 大规模分布式环境下动态信任管理机制的研究[D]. 广州:华南理工大学, 2013. |
FENG Y X . Research on dynamic trust management for large scale distributed environment[D]. Guangzhou:South China University of Technology, 2013. | |
[4] | 边缘计算产业联盟,工业互联网产业联盟. 边缘计算与云计算协同白皮书2.0[R]. 2007. |
Edge Computing Consortium (ECC),Alliance of Industrial Internet (AII). Edge computing and cloud computing collaboration white paper 2.0[R]. 2007. | |
[5] | 董悦, 王志勤, 田慧蓉 ,等. 工业互联网安全技术发展研究[J]. 中国工程科学, 2021,23(2): 65-73. |
DONG Y , WANG Z Q , TIAN H R ,et al. Development of industrial internet security technology in China[J]. Strategic Study of CAE, 2021,23(2): 65-73. | |
[6] | CLEMENS J , PAL R , PHILIP P . Poster abstract:extending trust and attestation to the edge[C]// Proceedings of 2016 IEEE/ACM Symposium on Edge Computing (SEC). Piscataway:IEEE Press, 2016: 101-102. |
[7] | SHAPSOUGH S , ALOUL F , ZUALKERNAN I A . Securing low-resource edge devices for IoT systems[C]// Proceedings of 2018 International Symposium in Sensing and Instrumentation in IoT Era (ISSI). Piscataway:IEEE Press, 2018: 1-4. |
[8] | 张鑫, 杨晓元, 朱率率 ,等. 物联网环境下移动节点可信接入认证协议[J]. 计算机应用, 2016,36(11): 3108-3112. |
ZHANG X , YANG X Y , ZHU S S ,et al. Trusted access authentication protocol for mobile nodes in Internet of Things[J]. Journal of Comput-er Applications, 2016,36(11): 3108-3112. | |
[9] | 张玉婷, 严承华, 魏玉人 . 基于节点认证的物联网感知层安全性问题研究[J]. 信息网络安全, 2015(11): 27-32. |
ZHANG Y T , YAN C H , WEI Y R . Research on security of IoT per-ception layer based on node authentication[J]. Netinfo Security, 2015(11): 27-32. | |
[10] | 钱明茹 . 物联网中基于属性的安全访问控制研究[D]. 沈阳:辽宁大学, 2013. |
QIAN M R . Research on security attribute-based access control in the Internet of Things[D]. Shenyang:Liaoning University, 2013. | |
[11] | GUIN U , CUI P C , SKJELLUM A . Ensuring proof-of-authenticity of IoT edge devices using blockchain technology[C]// Proceedings of 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber,Physical and Social Computing (CPSCom) and IEEE Smart Data. Piscataway:IEEE Press, 2018: 1042-1049. |
[12] | 向宏, 夏晓峰 . 轻量级密码在资源受限设备安全中的应用简析[J]. 自动化博览, 2018,35(S2): 72-75. |
XIANG H , XIA X F . Overview on the application of lightweight cryptography in resource-constrained system security[J]. Automation Panorama, 2018,35(S2): 72-75. | |
[13] | LOU X , TELLABI A . Cybersecurity threats,vulnerability and analysis in safety critical industrial control system (ICS)[C]// Recent Developments on Industrial Control Systems Resilience. Cham:Springer, 2020: 75-97. |
[14] | 徐震, 周晓军, 王利明 ,等. PLC 攻防关键技术研究进展[J]. 信息安全学报, 2019,4(3): 48-69. |
XU Z , ZHOU X J , WANG L M ,et al. Recent advances in PLC attack and protection technology[J]. Journal of Cyber Security, 2019,4(3): 48-69. | |
[15] | 荆琦, 唐礼勇, 陈钟 . 无线传感器网络中的信任管理[J]. 软件学报, 2008,19(7): 1716-1730. |
JING Q , TANG L Y , CHEN Z . Trust management in wireless sensor networks[J]. Journal of Software, 2008,19(7): 1716-1730. | |
[16] | 夏辉, 张三顺, 孙运传 ,等. 车载自组网中基于信任管理的安全组播协议设计[J]. 计算机学报, 2019,42(5): 961-979. |
XIA H , ZHANG S S , SUN Y C ,et al. Design of trust-based secure multicast routing protocol in VANETs[J]. Chinese Journal of Comput-ers, 2019,42(5): 961-979. | |
[17] | JAYASINGHE U . Trust evaluation in the IoT environment[D]. Liverpool John Moores University. 2018. |
[18] | 梁洪泉, 吴巍 . 基于动态贝叶斯网络的可信度量模型研究[J]. 通信学报, 2013,34(9): 68-76. |
LIANG H Q , WU W . Research of trust evaluation model based on dynamic Bayesian network[J]. Journal on Communications, 2013,34(9): 68-76. | |
[19] | JAYASINGHE U , LEE G M , UM T W ,et al. Machine learning based trust computational model for IoT services[J]. IEEE Transactions on Sustainable Computing, 2019,4(1): 39-52. |
[20] | WANG Y B , WEN J H , ZHOU W ,et al. A novel dynamic cloud service trust evaluation model in cloud computing[C]// Proceedings of 2018 17th IEEE International Conference on Trust,Security and Privacy In Computing and Communications/ 12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE). Piscataway:IEEE Press, 2018: 10-15. |
[21] | WU D X , SHEN G H , HUANG Z Q ,et al. A trust-aware task offloading framework in mobile edge computing[J]. IEEE Access, 2019,7: 150105-150119. |
[22] | WANG T , LUO H , JIA W J ,et al. MTES:an intelligent trust evaluation scheme in sensor-cloud-enabled industrial Internet of Things[J]. IEEE Transactions on Industrial Informatics, 2020,16(3): 2054-2062. |
[23] | LI W J , MENG W Z , KWOK L F ,et al. Enhancing collaborative intrusion detection networks against insider attacks using supervised intrusion sensitivity-based trust management model[J]. Journal of Network and Computer Applications, 2017,77: 135-145. |
[24] | JIA C H , LIN K , DENG J . A multi-property method to evaluate trust of edge computing based on data driven capsule network[C]// Proceedings of IEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops. Piscataway:IEEE Press, 2020: 616-621. |
[25] | 蒋伟进, 许宇胜, 郭宏 ,等. 网络在线交易动态信任计算模型与信誉管理机制[J]. 中国科学:信息科学, 2014,44(9): 1084-1101. |
JIANG W J , XU Y S , GUO H ,et al. Dynamic trust calculation model and credit management mechanism of online trading[J]. Scientia Sini-ca (Informationis), 2014,44(9): 1084-1101. | |
[26] | FRIEDMAN E J , RESNICK P . The social cost of cheap pseudonyms[J]. Journal of Economics & Management Strategy, 2001,10(2): 173-199. |
[27] | 胡建理, 周斌, 吴泉源 ,等. P2P 网络环境下基于信誉的分布式抗攻击信任管理模型[J]. 计算机研究与发展, 2011,48(12): 2235-2241. |
HU J L , ZHOU B , WU Q Y ,et al. A reputation-based attack-resistant distributed trust management model for P2P networks[J]. Journal of Computer Research and Development, 2011,48(12): 2235-2241. | |
[28] | 付才, 洪帆, 洪亮 ,等. 基于信任保留的移动Ad Hoc网络安全路由协议TPSRP[J]. 计算机学报, 2007,30(10): 1853-1864. |
FU C , HONG F , HONG L ,et al. Mobile ad hoc secure routing proto-col based on trust preserving[J]. Chinese Journal of Computers, 2007,30(10): 1853-1864. | |
[29] | GAO Z P , ZHAO W S , XIA C X ,et al. A credible and lightweight multidimensional trust evaluation mechanism for service-oriented IoT edge computing environment[C]// Proceedings of 2019 IEEE International Congress on Internet of Things. Piscataway:IEEE Press, 2019: 156-164. |
[30] | FIGUEROA L S , A?ORGA J , ARRIZABALAGA S . A survey of IIoT protocols:A measure of vulnerability risk analysis based on CVSS[J]. ACM Computing Surveys, 2021,53(2): 44. |
[31] | 陶耀东, 贾新桐, 吴云坤 . 一种工业控制系统漏洞风险评估方法[J]. 小型微型计算机系统, 2020,41(3): 603-609. |
TAO Y D , JIA X T , WU Y K . Industry control system vulnerability risk assessment method[J]. Journal of Chinese Computer Systems, 2020,41(3): 603-609. | |
[32] | 魏志强, 周炜, 任相军 ,等. 普适计算环境中防护策略的信任决策机制研究[J]. 计算机学报, 2012,35(5): 871-882. |
WEI Z Q , ZHOU W , REN X J ,et al. A strategy-proof trust based decision mechanism for pervasive computing environments[J]. Chi-nese Journal of Computers, 2012,35(5): 871-882. |
[1] | Lin HU, Jiabing FAN, Hong WEN, Jie TANG, Qianbin CHEN. Interference alignment based secure transmission scheme in multi-user interference networks [J]. Chinese Journal on Internet of Things, 2023, 7(2): 98-108. |
[2] | Weijin JIANG, Tiantian LUO, Ying YANG, En LI, Wenying ZHOU. Private data access control model based on block chain technology in the internet of things environment [J]. Chinese Journal on Internet of Things, 2022, 6(4): 169-182. |
[3] | Jun SUN, Shangweikang ZHAO. Energy-saving computation offloading scheme based on Sarsa algorithm in industrial internet of things [J]. Chinese Journal on Internet of Things, 2022, 6(3): 82-90. |
[4] | Nuo HUANG, Weijie LIU, Chen GONG. Industrial IoT oriented petahertz communication [J]. Chinese Journal on Internet of Things, 2022, 6(3): 37-46. |
[5] | Jin QI, Wei WANG, Mengxi CHEN, Bin XU, Zhenjiang DONG, Yanfei SUN. Concept, architecture and key technologies of industrial internet [J]. Chinese Journal on Internet of Things, 2022, 6(2): 38-49. |
[6] | Yangqun LI, Dengyin ZHANG. Research and application of Web of things resource management framework [J]. Chinese Journal on Internet of Things, 2022, 6(2): 50-64. |
[7] | Yigong ZHANG, Qian YI, Jian LI, Congbo LI, Aijun YIN, Shuping YI. User authentication of industrial internet based on HHT transform of mouse behavior [J]. Chinese Journal on Internet of Things, 2022, 6(2): 77-87. |
[8] | Wei WANG, Renqian GU, Li3 PENG, Jijun ZHAO, Zhongcheng WEI, Cunxi CHANG. Robust optimization of air based relay for internet of things based on UAV [J]. Chinese Journal on Internet of Things, 2022, 6(1): 101-112. |
[9] | Yu JIANG, Siqing CHEN, Wen SUN. Research on LoRa network security schemes based on RF fingerprint [J]. Chinese Journal on Internet of Things, 2021, 5(4): 17-25. |
[10] | Jinying CAI, Feng XIANG, Ying ZUO, Lei ZHONG, Ping ZHOU. Research on a lightweight framework of industrial Internet-oriented manufacturing service collaboration level agreement [J]. Chinese Journal on Internet of Things, 2021, 5(3): 49-55. |
[11] | Manzhu WANG, Ziqi LI, Yifei CHEN, Gaofeng HONG, Wei SU. Research and implementation of safety authentication technology in Internet of vehicles [J]. Chinese Journal on Internet of Things, 2021, 5(3): 106-114. |
[12] | Siqi SUN. Analysis and prospects of the development of the industrial Internet in the petrochemical industry [J]. Chinese Journal on Internet of Things, 2021, 5(3): 126-132. |
[13] | Meng LI,Chengxiang SI,Liehuang ZHU. Secure vehicular digital forensics system based on blockchain [J]. Chinese Journal on Internet of Things, 2020, 4(2): 49-57. |
[14] | Shipeng CHEN,Bin CHEN,Mingjun DAI,Hui WANG. Blockchain-based IoT architecture [J]. Chinese Journal on Internet of Things, 2020, 4(2): 78-83. |
[15] | Peng ZHOU,Jincheng XU,Bo YANG. Cross-domain task offloading and computing resource allocation for edge computation in industrial Internet of things [J]. Chinese Journal on Internet of Things, 2020, 4(2): 96-104. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|