Industrial control network abnormal behavior detection method based on a trusted model

A technology of industrial control network and detection method, applied in the direction of electrical components, transmission systems, etc.

Active Publication Date: 2019-05-17
SICHUAN UNIV
View PDF3 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] "A method for detecting abnormal behavior of industrial control network based on trustworthy model" is an invention proposed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control network abnormal behavior detection method based on a trusted model
  • Industrial control network abnormal behavior detection method based on a trusted model
  • Industrial control network abnormal behavior detection method based on a trusted model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0017] The detection method of the present invention can detect various network attacks against industrial control systems, including general attack behaviors and advanced attack behaviors, including denial of service attacks, command injection attacks, sequence attacks, and time sequence attacks. The present invention will be further described below in conjunction with the drawings. The present invention only provides a network attack detection method for industrial control systems. On the basis of in-depth analysis of the characteristics of industrial control network traffic, an abnormal behavior detection method based on a trusted model is established to efficiently and accurately identify damage to industrial production Cyber ​​attacks.

[0018] figure 1 Is an architecture diagram describing the method of the invention

[0019] Such as figure 1 Shown is an architecture diagram describing the method of the present invention. Each layer is a processing unit. After one layer is ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the technical field of industrial control system network flow detection, and aims to provide an industrial control network abnormal behavior detection method based on a trusted model. According to the method, on the basis of fully analyzing the network flow of the industrial control system, a detection model is established based on a timed automaton algorithm. Through analysis, the network data packet transmitted by adopting the industrial control protocol has the characteristics that the control channel is fixed, the length of the data packet is fixed, the data packetstate machine is fixed, and the transmitted data packet conforms to a certain time rule. In the detection process, once a strange channel, a strange data packet type and a data packet which does notconform to time constraint appear, an alarm is given. The method is different from a traditional detection method based on signatures and white lists, the characteristic vector of the time dimension is introduced, and higher-level attack behaviors can be detected. The invention provides a new solution for detecting the abnormal behavior in the industrial control system.

Description

Technical field [0001] The present invention relates to the technical field of industrial control system network flow detection. The core is to use normal historical flow data to learn a credible model, especially the introduction of a credible model constrained by the time automata model, which can find more advanced industrial control network Aggressive behavior. Background technique [0002] Industrial control systems have been widely used in all aspects related to national people's livelihood (such as power systems, rail transit systems, petroleum and petrochemical systems, etc.), and the safety of industrial control can no longer be ignored. In recent years, industrial control systems have risen to the height of national security, and major industrial control companies have also begun routine inspections of their own control systems and information systems to eliminate potential safety hazards as soon as possible. The current detection methods are mainly divided into two ty...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
Inventor 刘嘉勇郑荣锋刘亮周安民
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap