Abstract
Vulnerability mining technology is used for protecting the security of industrial control systems and their network protocols. Traditionally, vulnerability mining methods have the shortcomings of poor vulnerability mining ability and low reception rate. In this study, a test case generation model for vulnerability mining of the Modbus TCP based on an anti-sample algorithm is proposed. Firstly, a recurrent neural network is trained to learn the semantics of the protocol data unit. The softmax function is used to express the probability distribution of data values. Next, the random variable threshold and the maximum probability are compared in the algorithm to determine whether to replace the current data value with the minimum probability data value. Finally, the Modbus application protocol (MBAP) header is completed according to the protocol specification. Experiments using the anti-sample fuzzer show that it not only improves the reception rate of test cases and the ability to exploit vulnerabilities, but also detects vulnerabilities of industrial control protocols more quickly.
Highlights
In the era of “Internet +”, the impact of AI, IOT, 5G, cloud computing, and other technologies on industrial activities has become increasingly significant [1]
In order to improve the performance of the test case generation method, we propose an anti-sample algorithm to generate test cases automatically for vulnerability mining of the Modbus TCP
Test case generation needed to be changed randomly to ensure that the generated test case met the characteristics of the high coverage rate and high reception rate of the industrial control equipment
Summary
In the era of “Internet +”, the impact of AI, IOT, 5G, cloud computing, and other technologies on industrial activities has become increasingly significant [1] These technologies have greatly improved productivity and have expanded creativity in the use of industrial control systems (ICS) [2,3,4], but these benefits bring additional network security risks. Developed by Rockwell Automation [5], resulting in denial of service attacks, equipment configuration tampering, and other security breaches In another cybersecurity incident, the website of the Ministry of Energy and Industry of Ukraine was attacked by hackers [6], encrypting the files on the host and causing the website to become inaccessible. The Modbus TCP [8,9,10] is the most widely used industrial control network protocol, which uses a master/slave configuration protocol to Sensors 2020, 20, 2040; doi:10.3390/s20072040 www.mdpi.com/journal/sensors
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
