[go: up one dir, main page]

CN115766210A - Power monitoring network security training method, device and system based on token attack - Google Patents

Power monitoring network security training method, device and system based on token attack Download PDF

Info

Publication number
CN115766210A
CN115766210A CN202211422729.9A CN202211422729A CN115766210A CN 115766210 A CN115766210 A CN 115766210A CN 202211422729 A CN202211422729 A CN 202211422729A CN 115766210 A CN115766210 A CN 115766210A
Authority
CN
China
Prior art keywords
token
attack
password
random number
power monitoring
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202211422729.9A
Other languages
Chinese (zh)
Other versions
CN115766210B (en
Inventor
宋新新
潘志远
赵义术
李宏伟
赵吉祥
张正茂
任玉保
刘海客
刘朝阳
刘书阁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid of China Technology College
Shandong Electric Power College
Original Assignee
State Grid of China Technology College
Shandong Electric Power College
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid of China Technology College, Shandong Electric Power College filed Critical State Grid of China Technology College
Priority to CN202211422729.9A priority Critical patent/CN115766210B/en
Publication of CN115766210A publication Critical patent/CN115766210A/en
Application granted granted Critical
Publication of CN115766210B publication Critical patent/CN115766210B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses an electric power monitoring network ampere training method, device and system based on token attack, wherein the electric power monitoring network ampere training method comprises the steps of receiving an encrypted token sent by a captain or a team member through a token transmission channel, wherein the token only contains the current calling times of random numbers of the captain or the team member and the next team member IP address for obtaining the token; and decrypting the received token, fetching the attack password and the password from the attack dictionary according to a decryption result, and performing trial login on the attack target machine based on the attack password and the password. The invention changes the one-to-one password attack and defense in the prior art into many-to-one password attack and defense, and the flow of multi-person attack is the same as that of one-person attack, thereby increasing the difficulty of the defender in perceiving the attack.

Description

基于令牌攻击的电力监控网安培训方法、装置及系统Power monitoring network security training method, device and system based on token attack

技术领域technical field

本发明属于电力系统安全技术领域,具体涉及一种基于令牌攻击的电力监控网安培训方法、装置及系统。The invention belongs to the technical field of power system security, and in particular relates to a token attack-based power monitoring network security training method, device and system.

背景技术Background technique

电力监控网络分为生产区和信息服务区,生产区与信息服务区通过正反向安全隔离装置进行物理隔离,在生产区又根据安全等级分为I区和II区,这两区之间继续通过正反向安全隔离装置进行物理隔离,同时采用国产商用密码算法实现通信链路的双向身份认证和数据加密,保证了链路通信安全。可以看出,现有技术中的电力监控网安培训多侧重于对各区内成员间的安全能力的提升,特别是口令密码的选取能力的提升。The power monitoring network is divided into the production area and the information service area. The production area and the information service area are physically separated by forward and reverse safety isolation devices. The production area is divided into I area and II area according to the safety level. Physical isolation is carried out through forward and reverse safety isolation devices, and domestic commercial encryption algorithms are used to realize two-way identity authentication and data encryption of communication links, ensuring link communication security. It can be seen that the power monitoring network security training in the prior art mostly focuses on the improvement of the security capabilities of members in each area, especially the improvement of the ability to select passwords.

密码攻防能力的培训首先需要提高攻方的能力,当前攻击密码的手段多是单点对单点的反复攻击,很容易被防守方发现。The training of password attack and defense capabilities first needs to improve the ability of the attacker. The current methods of attacking passwords are mostly point-to-point repeated attacks, which are easy to be discovered by the defender.

令牌技术在当前网络中被广泛使用,比如服务器进行身份验证时,服务器发送身份验证令牌,此令牌也存储在数据库中。当后续请求由同一用户发送时,不是发送用户名和密码,而是在请求包中发送该认证令牌,该令牌针对存储在数据库中的令牌的有效性和真实性进行验证。还有许多基于令牌的身份验证,如JSON Web令牌(JWT)和OAuth令牌的机制。然而现有令牌只是一定格式的数据报文,是明码信息,很容易被网络攻击者所破译,从而能伪造相应的令牌,对信息通讯进行破坏。Token technology is widely used in the current network, such as when a server is authenticated, the server sends an authentication token, which is also stored in the database. When a subsequent request is sent by the same user, instead of sending the username and password, this authentication token is sent in the request packet, which is verified against the validity and authenticity of the token stored in the database. There are also many mechanisms for token-based authentication such as JSON Web Tokens (JWT) and OAuth tokens. However, the existing tokens are only data messages in a certain format, which is clear code information, which can be easily deciphered by network attackers, so that corresponding tokens can be forged to destroy information communication.

发明内容Contents of the invention

针对上述问题,本发明提出一种基于令牌攻击的电力监控网安培训方法、装置及系统,将现有技术中的一对一的密码攻防演变成多对一的密码攻防,且多人攻击的流程与一人攻击流程相同,增加了防守方察觉被攻击的难度。In view of the above problems, the present invention proposes a token attack-based power monitoring network security training method, device and system, which evolves the one-to-one password attack and defense in the prior art into a many-to-one password attack and defense, and multiple people attack The process is the same as the one-person attack process, which increases the difficulty for the defender to detect the attack.

为了实现上述技术目的,达到上述技术效果,本发明通过以下技术方案实现:In order to achieve the above-mentioned technical purpose and achieve the above-mentioned technical effect, the present invention is realized through the following technical solutions:

第一方面,本发明提供了一种基于令牌攻击的电力监控网安培训方法,包括:In the first aspect, the present invention provides a token attack-based power monitoring network security training method, including:

接收队长或队员通过令牌传输通道发送的加密后的令牌,所述令牌含且仅包含队长或队员的随机数当前调用的次数以及下一个获得此令牌的队员IP地址;Receive the encrypted token sent by the captain or team member through the token transmission channel, the token contains and only includes the number of current calls of the captain or team member's random number and the IP address of the next player to obtain this token;

对接收到的令牌进行解密,并根据解密结果从攻击字典取到攻击口令和密码,基于所述攻击口令和密码对攻击目标机进行试探登录。The received token is decrypted, and the attack password and password are obtained from the attack dictionary according to the decryption result, and the attack target machine is tentatively logged in based on the attack password and password.

可选地,所述电力监控网安培训方法还包括:Optionally, the power monitoring network security training method also includes:

若试探登录失败,则将队长或队员的随机数当前调用次数加1后的值作为自身的随机数当前调用次数,根据本机IP地址在令牌传输通道内进行地址配对,找到下一个获得此令牌的队员IP地址,进而生成加密后的令牌,并发送至对应的队员。If the tentative login fails, add 1 to the current random number calls of the captain or team member as the current random number calls, and perform address pairing in the token transmission channel according to the local IP address to find the next one to obtain this The IP address of the team member of the token, and then generate the encrypted token and send it to the corresponding team member.

可选地,所述电力监控网安培训方法还包括:Optionally, the power monitoring network security training method also includes:

若试探登录失败,则完成对攻击目标机的攻击。If the tentative login fails, the attack on the target machine is completed.

可选地,所述令牌传输通道为循环队列,包括队长以及各队员的IP地址,各IP地址按序排列。Optionally, the token transmission channel is a circular queue, including the captain and the IP addresses of each team member, and each IP address is arranged in sequence.

可选地,所述攻击口令和密码的获取方法包括:Optionally, the method for obtaining the attack password and password includes:

对接收到的令牌进行解密,获得令牌中的随机数当前调用次数和下一个获得此令牌的队员IP地址;Decrypt the received token to obtain the current call times of the random number in the token and the IP address of the next team member to obtain this token;

利用本机IP地址与所述下一个获得此令牌的队员IP地址进行比对;Utilize the IP address of this machine to compare with the IP address of the next team member who obtains the token;

当比对结果为二者一致时,利用令牌中的随机数当前调用次数减去自身的随机数当前调用次数,得到需要连续调用rand函数的次数RnWhen the comparison result is that the two are consistent, use the current number of calls of the random number in the token to subtract the current number of calls of the random number itself to obtain the number of times R n that needs to call the rand function continuously;

基于随机数种子,连续调用rand函数Rn+1次后,得到随机数A;队长及各队员的随机数种子相同;Based on the random number seed, after calling the rand function R n + 1 times continuously, a random number A is obtained; the random number seeds of the team leader and each team member are the same;

对随机数A进行求余处理,取攻击字典的个数为模,获得作为攻击字典的索引,并从攻击字典取到攻击口令和密码。Perform remainder processing on the random number A, take the number of the attack dictionary as the modulus, obtain the index of the attack dictionary, and obtain the attack password and password from the attack dictionary.

可选地,所述加密后的令牌通过以下步骤获得:Optionally, the encrypted token is obtained through the following steps:

选取离散高斯分布参数μ和σ构建离散高斯分布曲线,μ为均值,σ为方差;Select the discrete Gaussian distribution parameters μ and σ to construct the discrete Gaussian distribution curve, where μ is the mean and σ is the variance;

依次取令牌的每个字节,以取到的字节的值加上离散高斯分布参数σ的值作为亚高斯随机变量的值,实现将令牌的每个字节映射到离散高斯随机向量上,获得每个字节对应离散高斯分布曲线上的离散实数点;Take each byte of the token in turn, and use the value of the obtained byte plus the value of the discrete Gaussian distribution parameter σ as the value of the sub-Gaussian random variable to map each byte of the token to a discrete Gaussian random vector On, obtain the discrete real number points on the discrete Gaussian distribution curve corresponding to each byte;

将各离散实数点构成的存储序列作为加密后的令牌。The storage sequence composed of each discrete real number point is used as the encrypted token.

可选地,对接收到的令牌进行解密包括以下步骤:Optionally, decrypting the received token includes the following steps:

选离散高斯分布参数μ和σ构建离散高斯分布曲线;Select the discrete Gaussian distribution parameters μ and σ to construct the discrete Gaussian distribution curve;

基于所述离散高斯分布曲线,得到存储序列中的各离散实数点对应的X轴上的坐标离散点,以坐标离散点减去离散高斯分布参数σ,还原出令牌中的随机数当前调用次数。Based on the discrete Gaussian distribution curve, the coordinate discrete point on the X-axis corresponding to each discrete real number point in the storage sequence is obtained, and the discrete Gaussian distribution parameter σ is subtracted from the coordinate discrete point to restore the current call times of the random number in the token .

可选地,所述σ>150。Optionally, the σ>150.

第二方面,本发明提供了一种基于令牌攻击的电力监控网安培训装置,包括:In a second aspect, the present invention provides a token attack-based power monitoring network security training device, comprising:

接收模块,用于接收队长或队员通过令牌传输通道发送的加密后的令牌,所述令牌含且仅包含队长或队员的随机数当前调用的次数以及下一个获得此令牌的队员IP地址;The receiving module is used to receive the encrypted token sent by the captain or team member through the token transmission channel. The token contains and only includes the number of times the captain or player’s random number is currently called and the IP of the next player who gets the token address;

攻击模块,用于对接收到的令牌进行解密,并根据解密结果从攻击字典取到攻击口令和密码,基于所述攻击口令和密码对攻击目标机进行试探登录。The attack module is used to decrypt the received token, and obtain the attack password and password from the attack dictionary according to the decryption result, and perform tentative login to the attack target machine based on the attack password and password.

第三方面,本发明提供了一种基于令牌攻击的电力监控网安培训系统,包括存储介质和处理器;In a third aspect, the present invention provides a token attack-based power monitoring network security training system, including a storage medium and a processor;

所述存储介质用于存储指令;The storage medium is used to store instructions;

所述处理器用于根据所述指令进行操作以执行根据第一方面中任一项所述方法。The processor is configured to operate according to the instructions to perform the method according to any one of the first aspects.

与现有技术相比,本发明的有益效果:Compared with prior art, the beneficial effect of the present invention:

本发明将现有技术中的一对一的密码攻防演变成多对一的密码攻防,且多人攻击的流程与一人攻击流程相同,增加了防守方察觉被攻击的难度,不仅提高了密码攻防演练中的进攻水平,也向密码防守方提出了技术上的挑战。The present invention evolves the one-to-one password attack and defense in the prior art into many-to-one password attack and defense, and the process of multi-person attack is the same as that of one-person attack, which increases the difficulty for the defender to detect being attacked, and not only improves the password attack and defense The level of offense in the exercise also presents technical challenges to password defenders.

附图说明Description of drawings

为了使本发明的内容更容易被清楚地理解,下面根据具体实施例并结合附图,对本发明作进一步详细的说明,其中:In order to make the content of the present invention easier to understand clearly, the present invention will be described in further detail below according to specific embodiments in conjunction with the accompanying drawings, wherein:

图1为本发明一种实施例的基于令牌攻击的电力监控网安培训方法的流程图。FIG. 1 is a flowchart of a token attack-based power monitoring network security training method according to an embodiment of the present invention.

具体实施方式Detailed ways

为了使本发明的目的、技术方案及优点更加清楚明白,以下结合实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明的保护范围。In order to make the object, technical solution and advantages of the present invention more clear, the present invention will be further described in detail below in conjunction with the examples. It should be understood that the specific embodiments described here are only used to explain the present invention, and are not intended to limit the protection scope of the present invention.

下面结合附图对本发明的应用原理作详细的描述。The application principle of the present invention will be described in detail below in conjunction with the accompanying drawings.

实施例1Example 1

本发明实施例中提供了一种基于令牌攻击的电力监控网安培训方法,包括以下步骤:An embodiment of the present invention provides a token attack-based power monitoring network security training method, including the following steps:

(1)接收队长或队员通过令牌传输通道发送的加密后的令牌,所述令牌含且仅包含队长或队员的随机数当前调用的次数以及下一个获得此令牌的队员IP地址;(1) Receive the encrypted token sent by the captain or team member through the token transmission channel, the token contains and only includes the number of times the captain or team member’s random number is currently called and the IP address of the next player to obtain this token;

(2)对接收到的令牌进行解密,并根据解密结果从攻击字典取到攻击口令和密码,基于所述攻击口令和密码对攻击目标机进行试探登录。(2) Decrypt the received token, and obtain the attack password and password from the attack dictionary according to the decryption result, and perform tentative login to the attack target machine based on the attack password and password.

在本发明实施例的一种具体实施方式中,所述电力监控网安培训方法还包括:In a specific implementation manner of the embodiment of the present invention, the power monitoring network security training method further includes:

若试探登录失败,则将队长或队员的随机数当前调用次数加1后的值作为自身的随机数当前调用次数,根据本机IP地址在令牌传输通道内进行地址配对,找到下一个获得此令牌的队员IP地址,进而生成加密后的令牌,并发送至对应的队员。If the tentative login fails, add 1 to the current random number calls of the captain or team member as the current random number calls, and perform address pairing in the token transmission channel according to the local IP address to find the next one to obtain this The IP address of the team member of the token, and then generate the encrypted token and send it to the corresponding team member.

若试探登录失败,则完成对攻击目标机的攻击。If the tentative login fails, the attack on the target machine is completed.

在本发明实施例的一种具体实施方式中,所述令牌传输通道为循环队列,包括队长以及各队员的IP地址,各IP地址按序排列。In a specific implementation manner of the embodiment of the present invention, the token transmission channel is a circular queue, including the captain and the IP addresses of each team member, and each IP address is arranged in sequence.

在本发明实施例的一种具体实施方式中,所述攻击口令和密码的获取方法包括:In a specific implementation manner of the embodiments of the present invention, the method for obtaining the attack password and password includes:

对接收到的令牌进行解密,获得令牌中的随机数当前调用次数和下一个获得此令牌的队员IP地址;Decrypt the received token to obtain the current call times of the random number in the token and the IP address of the next team member to obtain this token;

利用本机IP地址与所述下一个获得此令牌的队员IP地址进行比对;Utilize the IP address of this machine to compare with the IP address of the next team member who obtains the token;

当比对结果为二者一致时,利用令牌中的随机数当前调用次数减去自身的随机数当前调用次数,得到需要连续调用rand函数的次数RnWhen the comparison result is that the two are consistent, use the current number of calls of the random number in the token to subtract the current number of calls of the random number itself to obtain the number of times R n that needs to call the rand function continuously;

基于随机数种子,连续调用rand函数Rn+1次后,得到随机数A;队长及各队员的随机数种子相同;Based on the random number seed, after calling the rand function R n + 1 times continuously, a random number A is obtained; the random number seeds of the team leader and each team member are the same;

对随机数A进行求余处理,取攻击字典的个数为模,获得作为攻击字典的索引,并从攻击字典取到攻击口令和密码。Perform remainder processing on the random number A, take the number of the attack dictionary as the modulus, obtain the index of the attack dictionary, and obtain the attack password and password from the attack dictionary.

在本发明实施例的一种具体实施方式中,所述加密后的令牌通过以下步骤获得:In a specific implementation manner of the embodiments of the present invention, the encrypted token is obtained through the following steps:

选取离散高斯分布参数μ和σ构建离散高斯分布曲线,μ为均值,σ为方差;在具体实施过程中,因为一个字节的所表示的范围是0--255,取大于150后,以此值为中心,左最小为150-125,右最大为150+125,可分布在斜率最陡峭的这段内,为此,所述σ>150;Select the discrete Gaussian distribution parameters μ and σ to construct the discrete Gaussian distribution curve, μ is the mean value, and σ is the variance; in the specific implementation process, because the range represented by a byte is 0--255, after taking it greater than 150, use this The value is the center, the left minimum is 150-125, and the right maximum is 150+125, which can be distributed in the section with the steepest slope. For this reason, the σ>150;

依次取令牌的每个字节,以取到的字节的值加上离散高斯分布参数σ的值作为亚高斯随机变量的值,实现将令牌的每个字节映射到离散高斯随机向量上,获得每个字节对应离散高斯分布曲线上的离散实数点;Take each byte of the token in turn, and use the value of the obtained byte plus the value of the discrete Gaussian distribution parameter σ as the value of the sub-Gaussian random variable to map each byte of the token to a discrete Gaussian random vector On, obtain the discrete real number points on the discrete Gaussian distribution curve corresponding to each byte;

将各离散实数点构成的存储序列作为加密后的令牌。The storage sequence composed of each discrete real number point is used as the encrypted token.

在本发明实施例的一种具体实施方式中,对接收到的令牌进行解密包括以下步骤:In a specific implementation manner of the embodiments of the present invention, decrypting the received token includes the following steps:

选离散高斯分布参数μ和σ构建离散高斯分布曲线;Select the discrete Gaussian distribution parameters μ and σ to construct the discrete Gaussian distribution curve;

基于所述离散高斯分布曲线,得到存储序列中的各离散实数点对应的X轴上的坐标离散点,以坐标离散点减去离散高斯分布参数σ,还原出令牌中的随机数当前调用次数。Based on the discrete Gaussian distribution curve, the coordinate discrete point on the X-axis corresponding to each discrete real number point in the storage sequence is obtained, and the discrete Gaussian distribution parameter σ is subtracted from the coordinate discrete point to restore the current call times of the random number in the token .

下面结合一具体实施方式对本发明实施例红的基于令牌攻击的电力监控网安培训方法进行详细说明。The token attack-based electric power monitoring network security training method of the embodiment of the present invention will be described in detail below in conjunction with a specific implementation manner.

针对电力监控网络的安全培训先在局域网了构建I区,II区和III区的网络环境。在I区或II区采用组队协同攻击II区或I区的某个节点,具体攻击过程如图1所示:For the security training of the power monitoring network, the network environments of Zone I, Zone II and Zone III are constructed in the local area network. In Zone I or Zone II, a team is used to attack a node in Zone II or Zone I cooperatively. The specific attack process is shown in Figure 1:

1.队长创建战队1. Captain creates a team

队长先为此次协同攻击创建训练攻击名,并订阅以攻击名为主题的消息;The captain first creates a training attack name for this coordinated attack, and subscribes to the message with the subject of the attack name;

从网上下载包含大量攻击字典的资料,先存放于队长的本机内存中,而不存到公共数据库,以防泄露。Download data containing a large number of attack dictionaries from the Internet, and store them in the captain's local memory instead of the public database to prevent leakage.

将“固定参考的数值”作为参数来调用srand函数,完成随机数种子的设置,并置随机数当前调用的次数为0。Use the "fixed reference value" as a parameter to call the srand function to complete the setting of the random number seed, and set the number of times the random number is currently called to 0.

2.队员加入战队2. Players join the team

队员程序启动后,发布以攻击名为主题的上线消息,同时订阅以攻击字典名为主题的消息,以及以“固定参考的数值”为主题的消息。After the player program is started, publish the online message with the subject of attack, and subscribe to the message with the subject of the attack dictionary and the message with the subject of "fixed reference value".

将“固定参考的数值”作为参数来调用srand函数,完成随机数种子的设置,以确保队员与队长具备相同的随机数种子,并置随机数当前调用的次数为0。Use the "fixed reference value" as a parameter to call the srand function to complete the setting of the random number seed to ensure that the team members and the captain have the same random number seed, and set the number of times the random number is currently called to 0.

3.构建令牌传输通道3. Build a token transfer channel

队员每当发布上线消息,队长就通过订阅而获得队员上线的信息,并将队员的IP地址存入内存池中,当所有对员都完成上线后,基于所有队员的IP生成令牌传输通道。Whenever a team member publishes an online message, the team leader obtains the online information of the team member by subscribing, and stores the team member's IP address in the memory pool. When all the team members are online, a token transmission channel is generated based on the IP addresses of all the team members.

当所有对员都完成上线后,队长通过以攻击字典名为主题的消息,将本机内存中的攻击字典发布出去;并继续以令牌传输通道为主题的消息来发布令牌传输通道。队员通过订阅这以攻击字典名为主题的消息,以及以令牌传输通道为主题的消息,来接收这两份数据,在本机内存中构建出与队长相同的攻击字典的资料,以及令牌传输通道。When all players are online, the team leader publishes the attack dictionary in the local memory through a message with the theme of the attack dictionary; and continues to publish the token transmission channel with a message with the theme of the token transmission channel. Team members receive these two pieces of data by subscribing to the message with the subject of the attack dictionary and the message with the subject of the token transmission channel, and construct the same attack dictionary data as the captain in the local memory, as well as the token transmission channel.

4.令牌生成过程4. Token Generation Process

由队长先通过程序创建令牌,令牌包含且仅包含随机数当前调用的次数以及下一个获得此令牌的IP地址。并由队长选择令牌加密和解密的离散高斯分布参数μ和σ(大于150)的值,以“离散高斯分布参数”为主题的发布出去。各队员以“离散高斯分布参数”为主题来接收这两个参数。The captain first creates a token through the program. The token contains and only contains the number of times the random number is currently called and the next IP address to obtain this token. And the captain selects the value of the discrete Gaussian distribution parameters μ and σ (greater than 150) for token encryption and decryption, and releases them with the theme of "Discrete Gaussian distribution parameters". Each team member receives these two parameters under the theme of "Discrete Gaussian Distribution Parameters".

5.令牌传输过程5. Token transfer process

5.1令牌传输发送过程5.1 Token transfer sending process

先根据本机IP地址在令牌传输通道内进行地址配对(从数据结构上看,令牌传输通道是一个循环队列),找到后将其后面的IP地址与本机的随机数当前调用次数合成为8字节的字节串,再调用令牌加密函数。First perform address pairing in the token transmission channel according to the local IP address (from the perspective of the data structure, the token transmission channel is a circular queue), and after finding it, combine the subsequent IP address with the current number of calls of the local random number is an octet string of 8 bytes, and then call the token encryption function.

5.2令牌接收过程5.2 Token Receiving Process

在令牌在队长和队员组成的战队内循环传输的过程中,每当一成员接收到令牌后,先调用令牌解密函数将令牌解密,获得发送者的随机数当前调用次数,由它减去自己的随机数当前调用次数来得到需要连续调用rand函数的次数Rn。当连续调用rand函数Rn+1次后,将最后返回的随机数进行求余处理,取攻击字典的个数为模,获得作为本机内存中攻击字典的索引,从攻击字典取到攻击口令和密码。最后将发送者的随机数当前调用次数加1后的值做为自己的随机数当前调用次数。During the cyclic transmission of the token in the team composed of the captain and the team members, each time a member receives the token, he first calls the token decryption function to decrypt the token, and obtains the current number of calls of the sender's random number. Subtract the current calling times of your own random number to get the number of times R n that needs to call the rand function continuously. After calling the rand function R n + 1 times in a row, the last returned random number is processed as a remainder, and the number of attack dictionaries is taken as the modulus to obtain the index of the attack dictionary in the local memory, and the attack password is obtained from the attack dictionary and password. Finally, add 1 to the sender's current number of calls to the random number as the current number of calls to the sender's random number.

在具体实施过程中,令牌由8个字节构成,前四个字节存储随机数当前调用次数,后四个字节存储下一个获得此令牌的队员IP地址;In the specific implementation process, the token is composed of 8 bytes, the first four bytes store the current call times of the random number, and the last four bytes store the IP address of the next team member who gets the token;

令牌加密过程可以通过以下方式来实现:The token encryption process can be implemented in the following ways:

选取中心点μ和σ构建对应的离散高斯分布曲线,取分布的右半边(即正轴上)的曲线作为映射曲线;Select the center points μ and σ to construct the corresponding discrete Gaussian distribution curve, and take the curve on the right half of the distribution (that is, on the positive axis) as the mapping curve;

对令牌的8个字节依次取每个字节,以取到的字节的值加上σ的值作为亚高斯随机变量的值,从而将这8个字节映射到了离散高斯随机向量上(向量长度为8),由此获得8个离散高斯分布曲线上的离散实数点,将此8个离散实数点构成的存储序列(8个元素的实数数组)作为加密后的令牌进行发送。Take each byte of the 8 bytes of the token in turn, and use the value of the obtained byte plus the value of σ as the value of the sub-Gaussian random variable, thus mapping these 8 bytes to a discrete Gaussian random vector (the length of the vector is 8), thereby obtaining discrete real number points on 8 discrete Gaussian distribution curves, and sending the storage sequence (real number array of 8 elements) formed by these 8 discrete real number points as encrypted tokens.

令牌解密过程可以通过以下方式来实现:The token decryption process can be implemented in the following ways:

当接收方接到加密后的令牌后,选取中心点μ和σ构建对应的离散高斯分布曲线,从这8个元素的实数数组(即离散高斯分布曲线上的8个点)获得对应的X轴上的坐标离散点以xi,以xi减去σ的值来还原出发送者的原始令牌数据。After receiving the encrypted token, the receiver selects the center points μ and σ to construct the corresponding discrete Gaussian distribution curve, and obtains the corresponding X The coordinates of discrete points on the axis are x i , and the value of σ is subtracted from x i to restore the sender's original token data.

结合上述离散高斯分布的曲线特点,当X轴取μ+σ值时,其附近的曲线斜率较高,可以很好地离散化,从而使X轴的整数点所对应的Y轴点之间的差值较大,可以用Y轴值进行浮点数比较(比如在误差0.00000000001之内,则认为两浮点数是相等的),找出对应的X轴的整数点。又因对加密和解密的对象是一个字节,其取值范围是S[0,255],当取σ大于150时,将范围S内的值的分布曲线映射到[μ+σ-125,μ+σ+125]区间。Combined with the curve characteristics of the above-mentioned discrete Gaussian distribution, when the X-axis takes the value of μ+σ, the slope of the nearby curve is relatively high, which can be well discretized, so that the Y-axis points corresponding to the integer points of the X-axis If the difference is large, you can use the Y-axis value to compare the floating-point numbers (for example, if the error is within 0.00000000001, the two floating-point numbers are considered equal), and find the corresponding integer point on the X-axis. And because the object of encryption and decryption is a byte, its value range is S[0,255], when σ is greater than 150, the distribution curve of the value in the range S is mapped to [μ+σ-125, μ+ σ+125] interval.

6.攻击过程6. Attack process

将接收到令牌的队员激活,使其进入攻击态,由该队员通过解密令牌并获得攻击口令和密码(即登录信息),对攻击目标机进行试探地登录。若成功则攻击成功,否则该队员启动令牌生产过程和令牌传输过程,而后自己从激活态进入就绪等待态。The player who receives the token is activated to enter the attack state, and the player logs in tentatively to the attack target machine by decrypting the token and obtaining the attack password and password (that is, login information). If successful, the attack is successful, otherwise the team member starts the token production process and the token transmission process, and then enters the ready waiting state from the active state.

实施例2Example 2

基于与实施例1相同的发明构思,本发明实施例中提供了一种基于令牌攻击的电力监控网安培训装置,包括:Based on the same inventive concept as in Embodiment 1, the embodiment of the present invention provides a token attack-based power monitoring network security training device, including:

接收模块,用于接收队长或队员通过令牌传输通道发送的加密后的令牌,所述令牌含且仅包含队长或队员的随机数当前调用的次数以及下一个获得此令牌的队员IP地址;The receiving module is used to receive the encrypted token sent by the captain or team member through the token transmission channel. The token contains and only includes the number of times the captain or player’s random number is currently called and the IP of the next player who gets the token address;

攻击模块,用于对接收到的令牌进行解密,并根据解密结果从攻击字典取到攻击口令和密码,基于所述攻击口令和密码对攻击目标机进行试探登录。The attack module is used to decrypt the received token, and obtain the attack password and password from the attack dictionary according to the decryption result, and perform tentative login to the attack target machine based on the attack password and password.

其余部分均与实施例1相同。All the other parts are the same as in Example 1.

实施例3Example 3

基于与实施例1相同的发明构思,本发明实施例中提供了一种基于令牌攻击的电力监控网安培训系统,包括存储介质和处理器;Based on the same inventive concept as in Embodiment 1, the embodiment of the present invention provides a token attack-based power monitoring network security training system, including a storage medium and a processor;

所述存储介质用于存储指令;The storage medium is used to store instructions;

所述处理器用于根据所述指令进行操作以执行根据实施例1中任一项所述方法。The processor is configured to operate according to the instructions to execute the method according to any one of Embodiment 1.

以上显示和描述了本发明的基本原理和主要特征和本发明的优点。本行业的技术人员应该了解,本发明不受上述实施例的限制,上述实施例和说明书中描述的只是说明本发明的原理,在不脱离本发明精神和范围的前提下,本发明还会有各种变化和改进,这些变化和改进都落入要求保护的本发明范围内。本发明要求保护范围由所附的权利要求书及其等效物界定。The basic principles and main features of the present invention and the advantages of the present invention have been shown and described above. Those skilled in the industry should understand that the present invention is not limited by the above-mentioned embodiments. What are described in the above-mentioned embodiments and the description only illustrate the principle of the present invention. Without departing from the spirit and scope of the present invention, the present invention will also have Variations and improvements are possible, which fall within the scope of the claimed invention. The protection scope of the present invention is defined by the appended claims and their equivalents.

Claims (10)

1. An ampere training method for a power monitoring network based on token attack is characterized by comprising the following steps:
receiving an encrypted token sent by a captain or a team member through a token transmission channel, wherein the token only contains the current calling times of the random number of the captain or the team member and the next IP address of the team member for obtaining the token;
and decrypting the received token, fetching the attack password and the password from the attack dictionary according to a decryption result, and performing trial login on the attack target machine based on the attack password and the password.
2. The method for Ampere training of the power monitoring network based on the token attack as claimed in claim 1, wherein: the electric power monitoring network ampere training method further comprises the following steps:
if the trial login fails, taking the value obtained by adding 1 to the current calling times of the random number of the team leader or the team member as the current calling times of the random number of the team member, carrying out address pairing in a token transmission channel according to the IP address of the machine, finding the next team member IP address for obtaining the token, further generating the encrypted token, and sending the encrypted token to the corresponding team member.
3. The method for Ampere training of a Power monitoring network based on token attack according to claim 1 or 2, wherein: the ampere training method for the power monitoring network further comprises the following steps:
and if the tentative login fails, completing the attack on the attack target machine.
4. The method for Ampere training of the power monitoring network based on the token attack as claimed in claim 1, wherein: the token transmission channel is a circular queue and comprises a queue length and IP addresses of all the team members, and all the IP addresses are arranged in sequence.
5. The method for Ampere training of the power monitoring network based on the token attack as claimed in claim 1, wherein: the method for acquiring the attack password and the password comprises the following steps:
decrypting the received token to obtain the current calling times of the random number in the token and the next team member IP address for obtaining the token;
comparing the IP address of the local machine with the IP address of the next team member for obtaining the token;
when the comparison result shows that the random number and the random number are consistent, subtracting the current calling frequency of the random number from the current calling frequency of the random number in the token to obtain the frequency R of continuously calling the rand function n
Continuously calling rand function R based on random number seed n Obtaining a random number A after +1 times; the captain and the random number seeds of all the team members are the same;
and (4) carrying out remainder processing on the random number A, taking the number of the attack dictionary as a modulus, obtaining an index serving as the attack dictionary, and taking the attack password and the password from the attack dictionary.
6. The method for Ampere training of the power monitoring network based on the token attack as claimed in claim 1, wherein: the encrypted token is obtained by the following steps:
selecting discrete Gaussian distribution parameters mu and sigma to construct a discrete Gaussian distribution curve, wherein mu is a mean value, and sigma is a variance;
sequentially taking each byte of the token, and mapping each byte of the token to a discrete Gaussian random vector by taking the value of the taken byte plus the value of the discrete Gaussian distribution parameter sigma as the value of a sub-Gaussian random variable to obtain a discrete real number point on a discrete Gaussian distribution curve corresponding to each byte;
and taking the storage sequence formed by the discrete real number points as the encrypted token.
7. The method for Ampere training of a Power monitoring network based on token attack according to claim 6, wherein: decrypting the received token comprises the steps of:
selecting discrete Gaussian distribution parameters mu and sigma to construct a discrete Gaussian distribution curve;
and obtaining a coordinate discrete point on an X axis corresponding to each discrete real number point in the storage sequence based on the discrete Gaussian distribution curve, and reducing the current calling times of the random number in the token by subtracting a discrete Gaussian distribution parameter sigma from the coordinate discrete point.
8. The method for Ampere training of a Power monitoring network based on token attack according to claim 6, wherein: the σ >150.
9. An electric power monitoring network ampere training device based on token attack is characterized by comprising:
the receiving module is used for receiving the encrypted token sent by the captain or the team member through the token transmission channel, wherein the token only contains the current calling times of the random number of the captain or the team member and the next IP address of the team member for obtaining the token;
and the attack module is used for decrypting the received token, fetching an attack password and a password from the attack dictionary according to a decryption result, and performing trial login on the attack target machine based on the attack password and the password.
10. The utility model provides a power monitoring network ampere training system based on token attacks which characterized in that: comprising a storage medium and a processor;
the storage medium is used for storing instructions;
the processor is configured to operate in accordance with the instructions to perform the steps of the method according to any one of claims 1-8.
CN202211422729.9A 2022-11-15 2022-11-15 Token attack-based power monitoring network ampere training method, device and system Active CN115766210B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211422729.9A CN115766210B (en) 2022-11-15 2022-11-15 Token attack-based power monitoring network ampere training method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211422729.9A CN115766210B (en) 2022-11-15 2022-11-15 Token attack-based power monitoring network ampere training method, device and system

Publications (2)

Publication Number Publication Date
CN115766210A true CN115766210A (en) 2023-03-07
CN115766210B CN115766210B (en) 2025-07-22

Family

ID=85370628

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211422729.9A Active CN115766210B (en) 2022-11-15 2022-11-15 Token attack-based power monitoring network ampere training method, device and system

Country Status (1)

Country Link
CN (1) CN115766210B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040153667A1 (en) * 2002-05-22 2004-08-05 Georg Kastelewicz Method for registering a communication terminal
CN105282170A (en) * 2015-11-04 2016-01-27 国网山东省电力公司电力科学研究院 Information security offense and defense drill competition system for power industry
WO2017182747A1 (en) * 2016-04-18 2017-10-26 Orange Method for obtaining a security token by a mobile terminal
CN111431698A (en) * 2020-04-23 2020-07-17 兰州交通大学 Vector space data encryption method using Haar transform and Gaussian distribution
CN113037490A (en) * 2019-12-24 2021-06-25 中兴通讯股份有限公司 WEB access verification method, WEB access method, computer device, and storage medium
CN114301640A (en) * 2021-12-15 2022-04-08 中电信数智科技有限公司 Method and system for attack and defense drilling based on SRv6 network protocol
CN115080181A (en) * 2022-05-17 2022-09-20 浙江木链物联网科技有限公司 Dynamic flag implementation method, device, equipment and medium

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040153667A1 (en) * 2002-05-22 2004-08-05 Georg Kastelewicz Method for registering a communication terminal
CN105282170A (en) * 2015-11-04 2016-01-27 国网山东省电力公司电力科学研究院 Information security offense and defense drill competition system for power industry
WO2017182747A1 (en) * 2016-04-18 2017-10-26 Orange Method for obtaining a security token by a mobile terminal
CN113037490A (en) * 2019-12-24 2021-06-25 中兴通讯股份有限公司 WEB access verification method, WEB access method, computer device, and storage medium
CN111431698A (en) * 2020-04-23 2020-07-17 兰州交通大学 Vector space data encryption method using Haar transform and Gaussian distribution
CN114301640A (en) * 2021-12-15 2022-04-08 中电信数智科技有限公司 Method and system for attack and defense drilling based on SRv6 network protocol
CN115080181A (en) * 2022-05-17 2022-09-20 浙江木链物联网科技有限公司 Dynamic flag implementation method, device, equipment and medium

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
乐成利: "基于Perti网的移动Ad Hoc网络改进攻击网建模方法研究", 《兵器装备工程学报》, 30 April 2020 (2020-04-30) *
周蓉;: "基于强口令认证的变电站实时数据通信安全", 中国电力教育, no. 1, 20 June 2008 (2008-06-20) *
孙献璞, 张艳玲: "一种新的令牌传递算法", 西安邮电学院学报, no. 02, 15 April 2005 (2005-04-15), pages 122 - 125 *
实战攻防演习之红队-渗透测试中心: "实战攻防演习之红队-渗透测试中心", pages 1 - 8, Retrieved from the Internet <URL:https://www.cnblogs.com/backlion/p/11435746.html> *

Also Published As

Publication number Publication date
CN115766210B (en) 2025-07-22

Similar Documents

Publication Publication Date Title
Li et al. A provably secure and practical PUF-based end-to-end mutual authentication and key exchange protocol for IoT
Yang et al. A secure authentication framework to guarantee the traceability of avatars in metaverse
Farash et al. A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security
KR101486782B1 (en) One-time password authentication with infinite nested hash chains
Amin et al. Cryptanalysis and enhancement of anonymity preserving remote user mutual authentication and session key agreement scheme for e-health care systems
CN108965338B (en) Three-factor identity authentication and key agreement method under multi-server environment
Jarecki et al. Device-enhanced password protocols with optimal online-offline protection
Alzahrani et al. An improved lightweight authentication protocol for wireless body area networks
Alotaibi Registration center based user authentication scheme for smart E-governance applications in smart cities
Li et al. Towards Smart Card Based Mutual Authentication Schemes in Cloud Computing.
Khan et al. Performance Evaluation of a new one-time password (OTP) scheme using stochastic petri net (SPN)
Chang et al. A Smart Card-based Authentication Scheme Using User Identify Cryptography.
CN109040060A (en) Terminal-Matching and system, computer equipment
Yang et al. Provably Secure Client‐Server Key Management Scheme in 5G Networks
Corman et al. A secure event agreement (SEA) protocol for peer-to-peer games
Xu et al. A computationally efficient authentication and key agreement scheme for multi-server switching in WBAN
Chang et al. A robust and efficient dynamic identity‐based multi‐server authentication scheme using smart cards
Luo et al. Provably Secure ECC‐Based Three‐Factor Authentication Scheme for Mobile Cloud Computing with Offline Registration Centre
CN114499854A (en) Identity authentication method, system and electronic device based on wireless sensor network
CN115766210A (en) Power monitoring network security training method, device and system based on token attack
CN107070869A (en) An Anonymous Authentication Method Based on Secure Hardware
Li et al. A simple and robust anonymous two‐factor authenticated key exchange protocol
CN116170144A (en) Smart grid anonymous authentication method, electronic equipment and storage medium
JP2014132753A (en) Reverse authorized syn cookie
CN112511544A (en) Optimization method for authentication protocol in multi-server environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant