| 物理隔离网络电磁漏洞研究 |
| |
| 引用本文: | 刘文斌,丁建锋,寇云峰,王梦寒,宋滔.物理隔离网络电磁漏洞研究[J].强激光与粒子束,2019,31(10):103215-1-103215-5. |
| |
| 作者姓名: | 刘文斌 丁建锋 寇云峰 王梦寒 宋滔 |
| |
| 作者单位: | 1.成都新欣神风电子科技有限公司, 成都 611731 |
| |
| 基金项目: | 四川省青年科技创新研究团队专项计划项目2016TD0029 |
| |
| 摘 要: | 物理隔离网络的电磁攻击手段, 其主要目标是建立与外部互联网的隐蔽连接通道。近年来跨越物理隔离网络的方法和工具被陆续公开, 相应的分析方法和检测手段也逐步被国内外安全团队提出。掌握漏洞才能掌握网络安全的主动权, 对比网络安全漏洞, 电磁漏洞定义为能对设备或系统造成损害的电磁因素。以物理隔离网络为例, 电磁漏洞主要指的是网络的硬件和系统缺陷, 利用这些缺陷可以直接建立或通过植入恶意软件建立能突破物理隔离的电磁信号的信息收、发隐蔽通道。通过广泛的漏洞挖掘与验证, 从物理信号类型、信息传递方向、信号生成与作用机理、漏洞利用方式以及漏洞检测方法上提出物理隔离网络电磁漏洞分类方法; 通过综合借鉴网络安全漏洞、电磁信息安全检测、物理隔离隐蔽通道等领域的研究方法, 提出电磁漏洞的研究方法; 从深化主动检测、群智漏洞挖掘、网络电磁安全融合、大数据监测等角度, 提出了物理隔离网络电磁漏洞库的建立方法。
|
| 关 键 词: | 物理隔离网络 信息安全 电磁泄漏 主动检测 漏洞库 |
| 收稿时间: | 2019-04-26 |
Research on electromagnetic vulnerability of air-gapped network |
| |
| Affiliation: | 1.Chengdu Xinxinshenfeng Electronic Technology Co, Ltd, Chengdu 611731, China2.China Cyber Security Co, Ltd, Chengdu 610041, China |
| |
| Abstract: | The main objective of the air-gapped network electromagnetic attack means is to establish a hidden connection channel with the external Internet.In recent years, the methods and tools which connect airgapped network to Internet have been disclosed, and the corresponding analysis methods and detection methods have gradually been proposed by security teams at home and abroad.Comparing with network security vulnerabilities, electromagnetic vulnerabilities are defined as electromagnetic factors that can cause effect or damage to devices or systems.Taking physically isolated network as an example, electromagnetic vulnerabilities mainly refer to the hardware and system defects of the network.Using these defects, a covert channel through the implantation of malware can be established directly, which can break through physical isolation by sending and receiving electromagnetic signals.Through extensive vulnerability mining and verification, the classification method of electromagnetic vulnerabilities in air-gapped network is proposed from the aspects of physical signal type, information transmission direction, signal generation mechanism, vulnerability utilization mode and vulnerability detection method.The comprehensive reference of network security vulnerabilities, electromagnetic information security detection and air-gapped covert communication is provided.From the perspectives of deepening active detection, group intelligence vulnerability mining, network electromagnetic security integration, and big data monitoring, the establishment method of electromagnetic vulnerability database for air-gapped network is proposed. |
| |
| Keywords: | |
| 本文献已被 CNKI 等数据库收录! |
| 点击此处可从《强激光与粒子束》浏览原始摘要信息 |
|
点击此处可从《强激光与粒子束》下载全文 |
|
