论文信息 - Vulnerability and Protocol Association of Device Firmware in Power Grid

Vulnerability and Protocol Association of Device Firmware in Power Grid

The intelligent power grid is composed of a large number of industrial control equipment, and most of the industrial control equipment has security holes, which are vulnerable to malicious attacks and affect the normal operation of the power grid. By analyzing the security vulnerability of the firmware of industrial control equipment, the vulnerability can be detected in advance and the power grid's ability to resist attack can be improved. In this paper, a kind of industrial control device firmware protocol vulnerabilities associated technology, through the technology of information extraction from the mass grid device firmware device attributes and extract the industrial control system, the characteristics of the construction of industrial control system device firmware and published vulnerability information correlation, faster in the industrial control equipment safety inspection found vulnerabilities.

Jiye Wang | Limin Sun | Yuyan Sun | Zhiqiang Shi | Siwei Miao

[1] Alan M. Frieze,et al. Min-Wise Independent Permutations , 2000, J. Comput. Syst. Sci..

[2] Karl Trygve Kalleberg,et al. Finding software license violations through binary code clone detection , 2011, MSR '11.

[3] Rainer Koschke,et al. Reverse Engineering Variability in Source Code Using Clone Detection: A Case Study for Linux Variants of Consumer Electronic Devices , 2012, 2012 19th Working Conference on Reverse Engineering.

[4] Yaniv David,et al. Tracelet-based code search in executables , 2014, PLDI.

[5] Aurélien Francillon,et al. A Large-Scale Analysis of the Security of Embedded Firmwares , 2014, USENIX Security Symposium.

[6] Gran Vía,et al. GRAPHS, ENTROPY AND GRID COMPUTING: AUTOMATIC COMPARISON OF MALWARE , 2008 .

[7] Christian Rossow,et al. Cross-Architecture Bug Search in Binary Executables , 2015, 2015 IEEE Symposium on Security and Privacy.

[8] Christian Rossow,et al. Leveraging semantic signatures for bug search in binary programs , 2014, ACSAC.

[9] Arun Lakhotia,et al. Fast location of similar code fragments using semantic 'juice' , 2013, PPREW '13.