Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Scheme for mining abnormal behaviour of industrial internet

An industrial Internet and behavioral technology, applied to electrical components, transmission systems, etc., can solve problems that cannot be prevented in time, and achieve fast calculation speed, high classification accuracy, and good robustness

Inactive Publication Date: 2016-12-14
STATE GRID QINGHAI ELECTRIC POWER +1
View PDF0 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Abnormal behaviors in the mobile industrial control network, especially new abnormal behaviors, cannot be prevented in time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Scheme for mining abnormal behaviour of industrial internet
  • Scheme for mining abnormal behaviour of industrial internet
  • Scheme for mining abnormal behaviour of industrial internet

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] The behavior of malware in industrial control networks in the mobile Internet environment has different characteristics at each infection stage, so the classification of its behavior helps to improve the accuracy of monitoring. Abnormal behaviors of mobile terminals in industrial control networks in the mobile Internet environment may include:

[0020] ·Attacks on mobile industrial control systems by malicious programs such as mobile terminal zombies, Trojan horses and viruses, and artificial attacks on mobile industrial control systems. These malicious attacks have the characteristics of great harm and heavy losses. Attackers can control the core operation of the mobile industrial control system through malicious instructions, or maliciously download confidential information in the industrial control system.

[0021] ·Infected terminals spread malicious codes to other terminals in various ways. Due to the strong communication capabilities of mobile terminals, infecte...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

According to data behaviour characteristics in an industrial control network in a mobile internet environment, the invention provides an improved hybrid multi-classification naive Bayesian algorithm and a mass data incremental learning algorithm based on two-step screening, and is applied to abnormal behaviour mining and analysis of a mobile industrial control system. An abnormal behaviour mining scheme is formed by abnormal behaviour classification and mining algorithm design: a suspicious behaviour classification method and a data mining process are included, and in the industrial control network in the mobile internet environment, behaviour data mining is divided into two stages including a classifier learning stage and a network behaviour monitoring stage; and, after all kinds of behaviour classifiers are obtained, malicious software behaviour data mining enters the second stage, namely the network behaviour monitoring stage. On the premise that classification categories are independent, the naive Bayesian classification algorithm has the characteristics of high calculation speed and classification accuracy, good robustness and the like, and are widely applied.

Description

technical field [0001] The invention relates to a mining scheme, in particular to a mining scheme for abnormal behavior of the industrial Internet. Background technique [0002] Security protection against abnormal behavior of industrial control systems in the mobile Internet environment mainly includes two aspects, network side protection and terminal side protection. [0003] 1. Network side protection [0004] Network side protection usually refers to the use of feature matching engines to analyze the network traffic of industrial control systems in the mobile Internet environment, mainly referring to specific industrial control protocols, such as OPC, DNP3, etc., and also includes abnormal behaviors and samples of various mobile terminals. files etc. for analysis. The intrusion detection technology of the industrial control system realizes the monitoring of abnormal behavior in the industrial control network by using the bypass mode. [0005] 2. Terminal side protecti...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1416
Inventor 俞海国刘文泉马先张洪平张海宁刘世良苏生平尚西元李楠芳刘忠魁赵明明林亮成任凤伟王迎鹤
Owner STATE GRID QINGHAI ELECTRIC POWER
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com