English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 18076/20274 (89%)
造訪人次 : 5252253      線上人數 : 1335
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋
    請使用永久網址來引用或連結此文件: https://ir.cnu.edu.tw/handle/310902800/33552


    標題: 一個創新網路位址產生策略強化監控與資料收集系統的動態目標安全機制
    Enhancing Moving Target Defense for Scada with a Novel Network Address Generation Strategy
    作者: 劉川綱
    貢獻者: 嘉藥學校財團法人嘉南藥理大學資訊多媒體應用系
    關鍵字: 資訊安全
    監測與數據收集系統
    網際網路位址第六版
    移動性目標防禦
    information security
    SCADA
    IPv6
    moving target defense
    日期: 2020
    上傳時間: 2022-01-13 16:20:38 (UTC+8)
    摘要: 近年來網路與資訊技術有長足進步,致使物聯網、大數據分析以及AI人工智慧的興起,也增長網路安全攻擊手法有更多的工具可以使用,因此,網路安全上的問題也持續地層出不窮尤其在跟國家有關聯的安全議題上,更是不能馬虎,本計畫內容針對跟國家安全有密切關係的國家基礎設施網路安全進行研究,一個國家基礎設施若被駭客控制,國家安全將立即面臨很大的危機,甚至會癱瘓整體國家運作,因此不可不謂重要,因此保護國家級關鍵基礎建設的安全是最近很重要的資訊安全問題,本計畫研究中,我們會假設駭客攻擊監控與資料收集系統的情況確實會發生,在入侵到這個系統之後就會進行偽造或下達PLC的指令進行破壞性的操作,我們的計畫將這樣的環境下進行研究防禦機制,之前文章發展出一個強化IPv6內動態位置安全的架構],利用IPv6內有支援動態移動IP的機制特性來保護關鍵基礎建設系統的安全,本研究發現這樣的機制依舊可能暴露通訊雙方的永就位址,我們利用無通訊方式進行位址轉移並且利用各種強化方式進行機制內弱點強化,諸如同步以及封包遺失,並且計畫也規劃未來評估方式以及可能的實作,提供未來關鍵基礎建設的安全防護。
    Recently, networking and information technology are getting advanced, which cause the arise of IoT, Big Data and AI. However, the network hacker also can employ these tools to intrude the network easily. Hence, many network security issues in many different scenarios occur. Especially, the security of notional critical infrastructure catches much attention in recent years. These infrastructures are usually monitored and controlled through SCADA. If the hacker can obtain IP of HMI and PLC (the components of SCADA), he/she can alter or forge message to control SCADA, which leads to vital damage to Nation security. Hence, Protecting SCADA becomes much more important. In this project, we observe that the previous research employs moving target defense to achieve the security goal for SCADA. With this novel mechanism, the hacker hardly tracks IP of the target (e.g. PLC and HMI in SCADA). However, we find their research still possibly expose IP to hacker because one end still need to send the HoA(Home of Address) to the other end. Hence, we develop a novel moving target address generation in which two ends do not inform their HoA to each other. We also find some bugs in our opinion and also propose several enhanced methods to improve. We finally plan to implement our opinion in a small scale simulated scenario. The goal of this project is to improve and enhance the security of SCADA.
    關聯: 計畫編號:MOST109-2221-E041-001
    計畫年度:109
    執行起迄:2020-08~2021-07
    顯示於類別:[多媒體與遊戲發展系] 科技部計畫

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML1079檢視/開啟


    在CNU IR中所有的資料項目都受到原著作權保護.

    TAIR相關文章

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回饋