中圖分類號：TP181；TP393文獻標識碼：ADOI:10.19358/j.issn.2097-1788.2024.09.001
引用格式：趙云龍，霍朝賓，于運濤，等.工業網絡的高級可持續性威脅監測、溯源技術［J］.網絡安全與數據治理，2024，43（09）：1-7.

Advanced persistent threat monitoring and traceability technology for industrial networks

Abstract： Industrial automation control systems often use dedicated communication protocols, and their application scenarios are closely related to production processes. The currently widely used industrial control threat monitoring technology is based on passive defense concepts, which cannot effectively identify intrusion threats targeting industrial infrastructure with complex technology and covert means. Based on the restoration of industrial related files transmitted in industrial networks, a soft PLC simulation platform application level monitoring and analysis, as well as key security feature tracing scheme, is proposed. This scheme can not only comprehensively cover multiple stages of industrial network threat models, but also more fully respond to the technical characteristics of industrial production scene intrusion and interference. It has become one of the effective ways to monitor and trace advanced sustainability threats in industrial networks.

Key words : industrial control system; advanced persistent threat; soft-PLC; traceability