摘要随着工业化和信息化的融合,工业控制系统的开放性与复杂性逐步增强,所面临的网络安全风险和入侵威胁不断加深。论文为提高工控系统对网络异常数据的检测能力,研究了基于IEC60870-5系列协议工控系统的网络数据异常检测技术,设计了IEC60870-5网络通信数据监测系统。论文所开展主要工作如下:82942
(1)结合实例阐述目前电力工业所受到的安全威胁,介绍当前国内外在电力系统网电安全威胁的研究现状。
(2)研究电力工业系统中广泛应用的IEC60870-5-104协议和IEC60870-5-103协议,并分析这两种协议的网络安全方面的脆弱性。
(3)基于Libcap的网络数据捕获和解析,对数据包解析模块的设计进行了阐述。
(4)基于PHP和MySQL的IEC60870协议的在线监测系统设计,并对系统总体设计,系统数据库设计和监测系统服务器端设计进行阐述。
论文最后对全文所做的工作进行总结,并对未来值得进一步研究的问题进行展望。
毕业论文关键词 工控网络安全 IEC60870-5系列协议 网络数据异常检测 异常数据分类 报文结构
毕业设计说明书外文摘要
Title Vulnerability analysis of IEC60870-5 protocol and development of network data analysis software
Abstract With the integration of industrialization and informatization, the openness and complexity of industrial control system (ICS) gradually increased, deepening facing network security risks and threats of invasion。 In order to improve the industrial control system on network anomaly data detection capability, the network data anomaly detection technology based on IEC60870-5 series protocol industrial control system is studied, IEC60870-5 network communication data anomaly detection system is designed。 The main work of this paper is as follows。
(1) Combined with an example, this paper expounds the security threats of power industry at present, and the present research status at home and abroad is introduced。
(2)IEC60870-5-104 protocol and IEC60870-5-103 protocol in industrial control system are introduced, and the vulnerability of the two protocols are analyzed。
(3) Based on the Libcap data capture and analysis, the design of the data packet analysis module is described in this paper。
(4) On line monitoring system design of IEC60870 protocol based on PHP and MySQL, and the system design, system database design and monitoring system server design are described。
Finally, the full text of the work done is summarized, and the next question is worth further study were discussed。
Keywords ICS network security IEC60870-5 series protocol Anomaly detection of network data Abnormal data classification Message structure
目 录
1 绪论 1
1。1 研究背景与意义 1
1。2 电力系统网电安全的威胁调查现状 3
1。3 国内外研究现状 3
2 IEC60870-5通信规约及其脆弱性分析 5
2。1 IEC60870-5系列通信规约 5
2。2 IEC104协议与IEC103协议的数据帧结构 7
2。3 IEC104协议与IEC103协议脆弱性分析 11
2。4 本章小结 13
3 基于Libcap的网络数据捕获和解析 15
3。1 数据包捕获原理