面向工业物联网的敏感信息泄露感知方法研究

With the rapid development of Internet of Things (IoT) and Industry 4.0, the concept of Industry Internet of Things (IIoT) is applied to most scenarios in industry production and processing. However, security threat is becoming more and more serious, especially the advanced persistent threat based on sensitive information theft. Based on traditional architecture of IoT, the characteristic of sensitive information in IIoT is summarized in this project, and target sensitive information is defined. Firstly, sensitive information is discovered and classified based on malware reverse engineering and fuzzing method, secondly, dynamic security level of sensitive information can be evaluated via dynamic sensitivity calculation based on Multi-Attribute Decision-Making (MADM), thirdly, the calculation of sensitivity threshold is designed based on Finite-State Machine (FSM), the leakage scenarios can be detected through transmission from security attribute to sensitivity threshold. Finally, experiments are implemented to verify the feasibility and effectiveness in our method. The research in this project can provide theoretical support and technical reference for detection of sensitive information leakage.

随着物联网及工业4.0相关技术的快速发展，工业物联网的相关技术逐步应用到工业生产等现实场景中，但其所面临的安全威胁也与日俱增，尤其是基于敏感信息窃取的高级可持续攻击愈演愈烈。本项目基于物联网传统结构总结工业物联网环境下敏感信息特征，定义目标敏感信息集合，首先基于恶意样本逆向分析及fuzzing测试方法挖掘并聚类敏感信息，其次基于多属性决策方法计算动态敏感度来评估敏感信息流向的动态安全级别，在此基础上基于有限状态机模型设计敏感度阈值计算方法，通过泄露场景中安全属性值到敏感度阈值的传递过程实时感知敏感信息泄露场景，最终通过实验验证该方法的可行性和有效性。本项目的相关研究成果可为工业物联网中的敏感信息泄露检测提供理论支持和技术参考。

随着物联网及工业4.0相关技术的快速发展，工业物联网的相关技术逐步应用到工业生产等现实场景中，但其所面临的安全威胁也与日俱增，尤其是基于敏感信息窃取的高级可持续攻击愈演愈烈。本项目基于物联网传统结构总结工业物联网环境下敏感信息特征，定义目标敏感信息集合，首先基于恶意样本逆向分析及fuzzing测试方法挖掘并聚类敏感信息，其次基于多属性决策方法计算动态敏感度来评估敏感信息流向的动态安全级别，在此基础上基于有限状态机模型设计敏感度阈值计算方法，通过泄露场景中安全属性值到敏感度阈值的传递过程实时感知敏感信息泄露场景，最终通过实验验证该方法的可行性和有效性。本项目的相关研究成果可为工业物联网中的敏感信息泄露检测提供理论支持和技术参考。