Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Data diagram detection method for industrial control system malicious data attack

A technology for industrial control systems and malicious data attacks. It is applied in the fields of electrical digital data processing, instruments, and platform integrity maintenance. It can solve problems such as the inability to meet the "Stuxnet" virus injection attack, complex models, etc.

Active Publication Date: 2015-09-09
SHANGHAI YUNJIAN INFORMATION TECH CO LTD
View PDF3 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Existing typical intrusion detection systems, such as detection schemes based on state estimators, can detect abnormal phenomena reflected by input quantities that are vulnerable to network attacks. The core idea is to use principal component analysis to separate power flow changes into conventional and unconventional Subspace, by analyzing the unconventional subspace to determine whether the data of the power SCADA system is under attack, but the model is relatively complex; the model based on the Bloom filter is suitable for the field equipment of the SCADA system with resource constraints in the smart grid, and adopts The data structure can effectively save memory, and the misjudgment rate depends on the selected hash function and other Bloom filter parameters, but it is powerless when attacking a certain type of special control component by malware, and cannot meet the detection requirements such as "Stuxnet" virus injection attack

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data diagram detection method for industrial control system malicious data attack
  • Data diagram detection method for industrial control system malicious data attack
  • Data diagram detection method for industrial control system malicious data attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The present invention will be further described below in conjunction with the accompanying drawings.

[0038] Such as figure 1 As shown, this is a schematic diagram of the SCADA system, giving the main components and conventional configuration of the SCADA system. The control center includes SCADA server (MTU) and communication router, also includes HMI, engineer station and data logging server, these devices communicate through LAN connection. The invention allows users to customize the subset of system variables, and also provides another way to automatically extract independent component information from the SCADA system. Collect a set of such system variables using the above method to A total of 6 different variables are represented. The detection process of the present invention is as figure 2 shown.

[0039] The next step is to process the data, that is, to find out the internal relationship of the data. According to the relationship between variables at dif...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention is a data diagram detection method for industrial control system malicious data attack. The method comprises the steps: first training in a certain normal industrial control system to generate a relation diagram of data in the industrial system and an operating time state transition diagram G, then utilizing the same method to generate an operating time state transition diagram G' for a detected same type industrial control system, and if the nodes or the directed edges of the state transition diagram G' do not exist in the state transition diagram G, judging that the time of malicious data attack exists. Compared with the existing intrusion detection technology, the data diagram detection method provided by the invention does not belong to characteristic and behavior detection, does not require characteristic code establishment and data packet filtration, can rely merely on the data relation in a monitor room to judge whether the time of the malicious data attack exists, and has the advantage that the real-time performance of the industrial control system is not influenced.

Description

technical field [0001] The invention discloses a malicious data injection attack inspection method of an industrial control system, which belongs to the technical field of industrial control system security and intrusion detection. Background technique [0002] The tampering of the data collected in the industrial control system will lead to serious security incidents. The current intrusion detection methods mainly include feature detection and behavior detection, but they cannot detect such data attacks. The present invention differs from signature and behavior detection, but is able to detect when malicious data attacks an industrial control system. [0003] The information security problems faced by industrial control systems usually originate from malicious threats that attempt to destroy the operation of the control system. Therefore, industrial control systems, especially power SCADA systems, need to detect and prevent false data injection attacks in real time, so as ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/56
CPCG06F21/566G06F2221/033
Inventor 王勇刘蔚胡宗帅
Owner SHANGHAI YUNJIAN INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com