A Data Graph Detection Method for Malicious Data Attacks in Industrial Control Systems

An industrial control system, malicious data attack technology, applied in electrical digital data processing, instrument, platform integrity maintenance, etc., can solve the problems of "Stuxnet" virus injection attack, complex model

Active Publication Date: 2018-06-19
SHANGHAI YUNJIAN INFORMATION TECH CO LTD
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Existing typical intrusion detection systems, such as detection schemes based on state estimators, can detect abnormal phenomena reflected by input quantities that are vulnerable to network attacks. The core idea is to use principal component analysis to separate power flow changes into conventional and unconventional Subspace, by analyzing the unconventional subspace to determine whether the data of the power SCADA system is under attack, but the model is relatively complex; the model based on the Bloom filter is suitable for the field equipment of the SCADA system with resource constraints in the smart grid, and adopts The data structure can effectively save memory, and the misjudgment rate depends on the selected hash function and other Bloom filter parameters, but it is powerless when attacking a certain type of special control component by malware, and cannot meet the detection requirements such as "Stuxnet" virus injection attack

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Data Graph Detection Method for Malicious Data Attacks in Industrial Control Systems
  • A Data Graph Detection Method for Malicious Data Attacks in Industrial Control Systems
  • A Data Graph Detection Method for Malicious Data Attacks in Industrial Control Systems

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The present invention will be further described below in conjunction with the accompanying drawings.

[0038] Such as figure 1 As shown, this is a schematic diagram of the SCADA system, giving the main components and conventional configuration of the SCADA system. The control center includes SCADA server (MTU) and communication router, also includes HMI, engineer station and data logging server, these devices communicate through LAN connection. The invention allows users to customize the subset of system variables, and also provides another way to automatically extract independent component information from the SCADA system. Collect a set of such system variables using the above method to A total of 6 different variables are represented. The detection process of the present invention is as figure 2 shown.

[0039] The next step is to process the data, that is, to find out the internal relationship of the data. According to the relationship between variables at d...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention is a data graph detection method for malicious data attacks in industrial control systems. The method first needs to be trained in a certain normal industrial control system to generate the relationship graph of the data in the industrial system and the status graph G at running time. The method is to generate a runtime state graph G' for the detected industrial control system of the same type. If the nodes or directed edges of the state graph G' do not exist in the state graph G, it can be judged when there is a malicious data attack. Compared with the existing intrusion detection technology, this invention does not belong to feature and behavior detection, does not need to establish feature codes, and does not need to filter data packets. It can judge the moment when malicious data attacks occur only by relying on the data relationship in the monitoring room. It has the advantage of not affecting the real-time performance of the industrial control system.

Description

technical field [0001] The invention discloses a malicious data injection attack inspection method of an industrial control system, which belongs to the technical field of industrial control system security and intrusion detection. Background technique [0002] The tampering of the data collected in the industrial control system will lead to serious security incidents. The current intrusion detection methods mainly include feature detection and behavior detection, but they cannot detect such data attacks. The present invention differs from signature and behavior detection, but is able to detect when malicious data attacks an industrial control system. [0003] The information security problems faced by industrial control systems usually originate from malicious threats that attempt to destroy the operation of the control system. Therefore, industrial control systems, especially power SCADA systems, need to detect and prevent false data injection attacks in real time, so as ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/566G06F2221/033
Inventor 王勇刘蔚胡宗帅
Owner SHANGHAI YUNJIAN INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap