强激光与粒子束, 2019, 31 (10): 103215, 网络出版: 2019-10-14  

物理隔离网络电磁漏洞研究

Research on electromagnetic vulnerability of air-gapped network
作者单位
1 成都新欣神风电子科技有限公司, 成都 611731
2 中国电子科技网络信息安全有限公司, 成都 610041
摘要
物理隔离网络的电磁攻击手段, 其主要目标是建立与外部互联网的隐蔽连接通道。近年来跨越物理隔离网络的方法和工具被陆续公开, 相应的分析方法和检测手段也逐步被国内外安全团队提出。掌握漏洞才能掌握网络安全的主动权, 对比网络安全漏洞, 电磁漏洞定义为能对设备或系统造成损害的电磁因素。以物理隔离网络为例, 电磁漏洞主要指的是网络的硬件和系统缺陷, 利用这些缺陷可以直接建立或通过植入恶意软件建立能突破物理隔离的电磁信号的信息收、发隐蔽通道。通过广泛的漏洞挖掘与验证, 从物理信号类型、信息传递方向、信号生成与作用机理、漏洞利用方式以及漏洞检测方法上提出物理隔离网络电磁漏洞分类方法; 通过综合借鉴网络安全漏洞、电磁信息安全检测、物理隔离隐蔽通道等领域的研究方法, 提出电磁漏洞的研究方法; 从深化主动检测、群智漏洞挖掘、网络电磁安全融合、大数据监测等角度, 提出了物理隔离网络电磁漏洞库的建立方法。
Abstract
The main objective of the air-gapped network electromagnetic attack means is to establish a hidden connection channel with the external Internet. In recent years, the methods and tools which connect air-gapped network to Internet have been disclosed, and the corresponding analysis methods and detection methods have gradually been proposed by security teams at home and abroad. Comparing with network security vulnerabilities, electromagnetic vulnerabilities are defined as electromagnetic factors that can cause effect or damage to devices or systems. Taking physically isolated network as an example, electromagnetic vulnerabilities mainly refer to the hardware and system defects of the network. Using these defects, a covert channel through the implantation of malware can be established directly, which can break through physical isolation by sending and receiving electromagnetic signals. Through extensive vulnerability mining and verification, the classification method of electromagnetic vulnerabilities in air-gapped network is proposed from the aspects of physical signal type, information transmission direction, signal generation mechanism, vulnerability utilization mode and vulnerability detection method. The comprehensive reference of network security vulnerabilities, electromagnetic information security detection and air-gapped covert communication is provided. From the perspectives of deepening active detection, group intelligence vulnerability mining, network electromagnetic security integration, and big data monitoring, the establishment method of electromagnetic vulnerability database for air-gapped network is proposed.

刘文斌, 丁建锋, 寇云峰, 王梦寒, 宋滔. 物理隔离网络电磁漏洞研究[J]. 强激光与粒子束, 2019, 31(10): 103215. Liu Wenbin, Ding Jianfeng, Kou Yunfeng, Wang Menghan, Song Tao. Research on electromagnetic vulnerability of air-gapped network[J]. High Power Laser and Particle Beams, 2019, 31(10): 103215.

关于本站 Cookie 的使用提示

中国光学期刊网使用基于 cookie 的技术来更好地为您提供各项服务,点击此处了解我们的隐私策略。 如您需继续使用本网站,请您授权我们使用本地 cookie 来保存部分信息。
全站搜索
您最值得信赖的光电行业旗舰网络服务平台!