English  |  正體中文  |  简体中文  |  Items with full text/Total items : 18055/20253 (89%)
Visitors : 24623524      Online Users : 489
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: https://ir.cnu.edu.tw/handle/310902800/33552

    標題: 一個創新網路位址產生策略強化監控與資料收集系統的動態目標安全機制
    Enhancing Moving Target Defense for Scada with a Novel Network Address Generation Strategy
    作者: 劉川綱
    貢獻者: 嘉藥學校財團法人嘉南藥理大學資訊多媒體應用系
    關鍵字: 資訊安全
    information security
    moving target defense
    日期: 2020
    上傳時間: 2022-01-13 16:20:38 (UTC+8)
    摘要: 近年來網路與資訊技術有長足進步,致使物聯網、大數據分析以及AI人工智慧的興起,也增長網路安全攻擊手法有更多的工具可以使用,因此,網路安全上的問題也持續地層出不窮尤其在跟國家有關聯的安全議題上,更是不能馬虎,本計畫內容針對跟國家安全有密切關係的國家基礎設施網路安全進行研究,一個國家基礎設施若被駭客控制,國家安全將立即面臨很大的危機,甚至會癱瘓整體國家運作,因此不可不謂重要,因此保護國家級關鍵基礎建設的安全是最近很重要的資訊安全問題,本計畫研究中,我們會假設駭客攻擊監控與資料收集系統的情況確實會發生,在入侵到這個系統之後就會進行偽造或下達PLC的指令進行破壞性的操作,我們的計畫將這樣的環境下進行研究防禦機制,之前文章發展出一個強化IPv6內動態位置安全的架構],利用IPv6內有支援動態移動IP的機制特性來保護關鍵基礎建設系統的安全,本研究發現這樣的機制依舊可能暴露通訊雙方的永就位址,我們利用無通訊方式進行位址轉移並且利用各種強化方式進行機制內弱點強化,諸如同步以及封包遺失,並且計畫也規劃未來評估方式以及可能的實作,提供未來關鍵基礎建設的安全防護。
    Recently, networking and information technology are getting advanced, which cause the arise of IoT, Big Data and AI. However, the network hacker also can employ these tools to intrude the network easily. Hence, many network security issues in many different scenarios occur. Especially, the security of notional critical infrastructure catches much attention in recent years. These infrastructures are usually monitored and controlled through SCADA. If the hacker can obtain IP of HMI and PLC (the components of SCADA), he/she can alter or forge message to control SCADA, which leads to vital damage to Nation security. Hence, Protecting SCADA becomes much more important. In this project, we observe that the previous research employs moving target defense to achieve the security goal for SCADA. With this novel mechanism, the hacker hardly tracks IP of the target (e.g. PLC and HMI in SCADA). However, we find their research still possibly expose IP to hacker because one end still need to send the HoA(Home of Address) to the other end. Hence, we develop a novel moving target address generation in which two ends do not inform their HoA to each other. We also find some bugs in our opinion and also propose several enhanced methods to improve. We finally plan to implement our opinion in a small scale simulated scenario. The goal of this project is to improve and enhance the security of SCADA.
    關聯: 計畫編號:MOST109-2221-E041-001
    Appears in Collections:[多媒體與遊戲發展系] 科技部計畫

    Files in This Item:

    File Description SizeFormat

    All items in CNU IR are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback