Journal of Information Security Reserach ›› 2022, Vol. 8 ›› Issue (2): 182-.

Previous Articles     Next Articles

Vulnerability Detection System of Transformer Substation Host Based on Port Scanning

  

  • Online:2022-02-05 Published:2022-01-23

基于端口扫描的变电站主机漏洞检测系统

颜天佑;卢灏;   

  1.  (广东电网有限责任公司广州供电局, 广州 中国 510000) 
  • 通讯作者: 颜天佑 硕士研究生,高级工程师,主要研究方向为电力系统安全、变电站二次设备智能运维 yty4214@126.com
  • 作者简介:颜天佑 硕士研究生,高级工程师,主要研究方向为电力系统安全、变电站二次设备智能运维 yty4214@126.com 卢灏 工科学士,助理工程师,主要研究方 向为电力系统安全、变电站二次设备 智能运维 1163445603@qq.com

Abstract: With the deep integration of Internet technology, the automation and intelligent construction of power systems are becoming more perfect. It can not only monitor the entire power network in real time, but also detect faults and make corresponding decisions and treatments. However, it also induced many privacy leaks and malicious attacks. Vulnerability detection of transformer substation hosts has become the top priority of the entire power grid system. This paper designed a vulnerability detection system for transformer substation hosts based on port scanning. It used TCP/UDP connection to detect the open status of the port, and used third-party tools to detect whether there are potential or existing vulnerabilities in the open port service. The main method is to test the response of the port by simulating attack and then compare it with the existing vulnerability database, and finally generate a vulnerability scanning report in HTML format. Experiments have verified the availability and robustness of the system.

Key words: grid system, port scan, vulnerability detection, substation host , safety, simulated attack

摘要: 随着与互联网技术的深度融合,电力系统自动化、智能化建设愈加完善。智能变配电系统的应用不仅能对整个电力网络进行实时监测管理,更能及时发现故障并做出相应决策和处理。但是这也诱发了层出不穷的隐私泄露、恶意攻击等问题,变电站主机的漏洞检测成为整个电网系统的重中之重。为此,文章设计并实现了一个基于端口扫描的变电站主机漏洞检测系统。该系统能够利用TCP/UDP连接来检测端口的开放状态,借助第三方工具检测处于开放的端口服务中是否会存在潜在或已有的漏洞。文章通过模拟攻击的方式测试端口的响应,然后与已有的漏洞库进行匹配,最后生成一份HTML格式的漏洞扫描报告供使用者阅读。最后经过实验验证了该系统的可用性和健壮性。

关键词: 电网系统, 端口扫描, 漏洞检测, 变电站主机安全, 模拟攻击