参考文献
[1]赖英旭, 刘增辉, 蔡晓田, 等. 工业控制系统入侵检测研究综述[J]. 通信学报, 2017, 38(2): 143156[2]赵贵成. 基于工业控制网络流量分析的入侵检测平台与算法研究[D]. 杭州: 浙江大学, 2019[3]马骏维. 工业控制系统以太网入侵检测方法研究与设计[D]. 北京: 北京邮电大学, 2016[4]Nguyen T D, Austin S C, Irvine C E. A strategy for security testing industrial firewalls[C] Proc of the 5th Annual Industrial Control System Security (ICSS) Workshop. New York: ACM, 2019: 3847[5]Patel H J, Temple M, Baldwin R O. Improving ZigBee device network authentication using ensemble decision tree classifiers with radio frequency distinct native attribute fingerprinting[J]. IEEE Trans on Reliability, 2015, 64(1): 221233[6]曹国彦, 潘泉, 刘勇, 等, 工业控制系统信息安全[M]. 西安: 西安电子科技大学出版社, 2019[7]国家市场监督管理总局、中国国家标准化管理委员会. GBT 37044—2018 信息安全技术 物联网安全参考模型及通用要求[S]. 北京: 中国质检出版社, 2018[8]周伟平, 杨维永, 王雪华, 等. 面向工业控制系统的渗透测试工具研究[J]. 计算机工程, 2019, 45(8): 92101[9]Zonouz S, Rrushi J, Mclaughlin S. Detecting industrial control malware using automated PLC code analytics[J]. IEEE Security & Privacy, 2015, 12(6): 4047[10]王航, 张帅, 杜君, 等. 工控系统认证绕过漏洞实证分析[J]. 网络空间安全, 2018, 9(3): 813[11]USANSI. ANSIISA 99.00.012007 Security for Industrial Automation and Control Systems Part 1: Terminology, Concepts, and Models[S]. New York: USANSI, 2007[12]Li Y, Liu X M, Tian H R, et al. Research of industrial control system device firmware vulnerability mining technology based on taint analysis[C] Proc of the IEEE Int Conf on Software Engineering and Service Sciences. Piscataway, NJ: IEEE, 2019: 607610[13]石加玉, 彭双和, 石福升, 等. 基于动态污点分析的程序脆弱性检测工具设计与实现[J].信息安全研究, 2022, 8(3): 301310[14]Group of Information Security Practitioners from all Areas of the Industry. PTES penetration testing standard[EBOL]. (20140816) [20211220]. http:www.penteststandard.orgindex.phpMain_Page[15]Pirc J, DeSanto D, Davison I, et al. Threat forecasting: Leveraging big data for predictive analysis[EBOL]. Cambridge, MA: Syngress, 2016[20211220]. https:eds.s.ebscohost.comedsdetaildetail?vid=3&sid=dc58db 3eca5944fdbc9a0d19f2913a79%40redis&bdata=Jmxhb mc9emgtY24mc2l0ZT1lZHMtbGl2ZQ%3d%3d#[16]Mishra S. Efficacy of unconventional penetration testing practices[J]. Intelligent Automation and Soft Computing, 2021, 31(1): 223239[17]贾培养, 孙鸿宇, 曹婉莹, 等. 开源软件漏洞库综述[J]. 信息安全研究, 2021, 7(6): 566574[18]张甫华. Web应用中输入验证研究综述[J]. 现代计算机, 2021 (12): 7477
|