引用本文
  • 王勇,王相,刘丽丽,刘金永,武津园,李双飞.配电网IEC60870-5-104协议的抗中间人攻击算法[J].信息安全学报,2019,4(6):56-66    [点击复制]
  • WANG Yong,WANG Xiang,LIU Lili,LIU Jinyong,WU Jinyuan,LI Shuangfei.An Algorithm for IEC60870-5-104 Protocol of Distribution against Man-in-the-Middle Attack[J].Journal of Cyber Security,2019,4(6):56-66   [点击复制]
【打印本页】 【下载PDF全文】 查看/发表评论下载PDF阅读器关闭

←前一篇|后一篇→

过刊浏览    高级检索

本文已被:浏览 7266次   下载 7857 本文二维码信息
码上扫一扫!
配电网IEC60870-5-104协议的抗中间人攻击算法
王勇1, 王相2,1, 刘丽丽3, 刘金永1, 武津园1, 李双飞4
0
(1.上海电力大学计算机科学与技术学院, 上海 中国 200090;2.国网上海市电力公司c 上海 中国 200122;3.华电电力科学研究院有限公司国家能源分布式能源技术研发(实验)中心, 杭州 中国 310030;4.上海云剑信息技术有限公司, 上海 中国 200433上海电力大学计算机科学与技术学院, 上海 中国 200090)
摘要:
馈线终端单元(Feeder Terminal Unit,FTU)采用IEC60870-5-104协议进行远动信息传输。但是由于该104协议报文采用明文传输,缺乏基于数字签名的认证机制,导致其存在中间人攻击的安全隐患。为了验证104协议通信存在的问题,本文构建了馈线终端FTU与主站的通信系统,验证了中间人攻击截获的104协议数据,为了增强协议安全,提出了一种基于身份认证的(BM-RAP,Bellovin-Merri based RSA&AES Protocol)改进方法,在虚拟机实验环境下,完成一次主从站身份认证时间在20-80毫秒之间,实验结果表明,该方法增强了抵御中间人攻击的能力。
关键词:  馈线终端  104 协议  中间人攻击  ARP 欺骗  身份认证
DOI:10.19363/J.cnki.cn10-1380/tn.2019.11.05
投稿时间:2018-12-28修订日期:2019-03-31
基金项目:本课题得到国家自然科学基金项目(No.61772327);奇安信大数据协同安全国家工程实验室开放课题(No.QAX-201803);浙江大学工业控制技术国家重点实验室开放式基金(No.ICT1800380);智能电网产学研开发中心项目(No.A-0009-17-002-05)资助。
An Algorithm for IEC60870-5-104 Protocol of Distribution against Man-in-the-Middle Attack
WANG Yong1, WANG Xiang2,1, LIU Lili3, LIU Jinyong1, WU Jinyuan1, LI Shuangfei4
(1.College of Computer Science and Technology, Shanghai University of Electric, Shanghai 200090, China;2.State Grid Shanghai Municipal Electric Power Company, Shanghai 200122, China;3.National Energy Distributed Energy Technology Research and Development(experimental) Center, Huadian Electric Power Research Institute Co., LTD., Hangzhou 310030, China;4.Shanghai Yunjian Information Technology Co., Ltd., Shanghai 200433, ChinaCollege of Computer Science and Technology, Shanghai University of Electric, Shanghai 200090, China)
Abstract:
Feeder Terminal Unit (FTU) uses IEC60870-5-104 protocol for telecontrol information transmission. However, since the 104 protocol message is transmitted in plain text, the authentication mechanism based on the digital signature is lacking, which causes a security risk of a man-in-the-middle attack. In order to verify the problem of 104 protocol communication, this paper constructs the communication system between the feeder terminal FTU and the primary station, and verifies the 104 protocol data intercepted by the man-in-the-middle attack. In order to enhance the protocol security, an identity-based authentication (BM-RAP, Bellovin-Merri based RSA & AES Protocol) improved the method of verifying the authentication time of a master-slave station in the virtual machine experiment environment between 20-80 milliseconds. The experimental results show that the method enhances the ability to resist man-in-the-middle attacks.
Key words:  feeder terminal unit  IEC60870-5-104 protocol  man-in-the-middle attack  ARP spoofing  authentication