中图分类号：TP181；TP393文献标识码：ADOI:10.19358/j.issn.2097-1788.2024.09.001
引用格式：赵云龙，霍朝宾，于运涛，等.工业网络的高级可持续性威胁监测、溯源技术［J］.网络安全与数据治理，2024，43（09）：1-7.

Advanced persistent threat monitoring and traceability technology for industrial networks

Abstract： Industrial automation control systems often use dedicated communication protocols, and their application scenarios are closely related to production processes. The currently widely used industrial control threat monitoring technology is based on passive defense concepts, which cannot effectively identify intrusion threats targeting industrial infrastructure with complex technology and covert means. Based on the restoration of industrial related files transmitted in industrial networks, a soft PLC simulation platform application level monitoring and analysis, as well as key security feature tracing scheme, is proposed. This scheme can not only comprehensively cover multiple stages of industrial network threat models, but also more fully respond to the technical characteristics of industrial production scene intrusion and interference. It has become one of the effective ways to monitor and trace advanced sustainability threats in industrial networks.

Key words : industrial control system; advanced persistent threat; soft-PLC; traceability