中图分类号：TP393
文献标识码：A
DOI： 10.19358/j.issn.2096-5133.2020.04.003
引用格式：石永杰，于慧超，吕峰,等.工业控制系统网络安全的主动防御技术研究与实践［J］.信息技术与网络安全，2020,39（5）：13-18.

Research and practice of active defense technology in ICS cyber security

Abstract： The traditional passive security defense of "sealing,blocking,checking,and killing" constituted by security products is difficult to face increasingly serious directed network attacks against the relatively closed industrial control system,and build a businessoriented network security defense system can ensure the availability and stability of the protected industrial control system application environment.We combine technologies such as active threat detection,active threat suppression,and industrial trapping systems to build an active defense system for industrial control systems and deploy it in a real industrial control environment to verify its effectiveness.Our system takes the situation-awareness system for business security operations as the control center,and combines intelligent detection and defense security equipment like industrial firewalls,host security protection systems and industrial control trapping systems that incorporate AI technology to achieve intelligent closed-loop threat control and processing.

Key words : industrial control system；network security；active defense；industrial control trapping system