2018年工控与IOT攻击与取证初探.pdf

《2018年工控与IOT攻击与取证初探.pdf》由会员分享，可在线阅读，更多相关《2018年工控与IOT攻击与取证初探.pdf（41页珍藏版）》请在三个皮匠报告上搜索。

1、工控与工控与IOT 攻击与取证初探攻击与取证初探回到 20142014 ISCCLICK TO ADD SUBHEADINGTypeface:Arial 20Inner textTypeface:Arial 142018 又是震网?当然不是今年是什么?Inner textTypeface:Arial 1461.如何发起针对IOT和工控系统的攻击?（攻击）2.如何找出是谁进行了攻击?(取证)演讲内容：让我们从吸尘器开始Typeface:Arial 14什么类型的攻击?智能吸尘器网络追踪痕迹在哪里?电子取证流程图Smart Vacuum cleanerSmartphoneWi-Fi RouterS

2、mart Vacuum cleaner Network trace那又怎么样!我不用带摄像头的吸尘器机器人手臂会怎样？机器臂 Script of the malicious arm movement Logs看起来很暴力Robotic Arm Logs3.5:0002d05h20m22.919s:2018-08-29 13:35:13.919:-5:C0A0:7:null:1:Program forkprotected starting.(Last saved:2018-08-27 19:40:43):null3.5:0002d06h27m21.104s:2018-08-29 13:35:23

3、.104:-3:C0A0:7:null:1:forkprotected:Program forkprotected started:null3.5:0002d07h00m53.136s:2018-08-29 14:08:55.136:-3:C0A0:7:null:1:forkprotected:Program forkprotected stopped:null3.5:0002d09h37m58.671s:2018-08-29 17:52:48.671:-5:C0A0:7:null:1:Program forkprotected starting.(Last saved:2018-08-27

4、19:40:43):null3.5:0002d09h38m06.591s:2018-08-29 17:52:56.591:-5:C0A0:7:null:1:Program forkprotected starting.(Last saved:2018-08-27 19:40:43):null3.5:0002d10h44m56.832s:2018-08-29 17:52:58.832:-3:C0A0:7:null:1:forkprotected:Program forkprotected started:null3.5:0002d10h47m27.216s:2018-08-29 17:55:29

5、.216:-3:C0A0:7:null:1:forkprotected:Program forkprotected paused:null 程序入口echo movej(-1.5743878523456019,0.0984121561050415,-1.054539982472555,-2.1616690794574183,1.530264973640442,0.9618288278579712,a=3.141592653589793,v=3.141592653589793)|nc xxxx yyyyecho movej(-3.123030487691061,-2.62030488649477

6、2,-0.5577314535724085,-1.4209883848773401,-3.139153782521383,0.9618288278579712,a=3.141592653589793,v=3.141592653589793)|nc xxxx yyyyecho movej(0.04313834384083748,-2.656261746083395,-0.5591471830951136,-1.4209168593036097,-3.139153782521383,0.9618288278579712,a=350.141592653589793,v=4000.1415926535