Industrial control network information security monitoring method based on funnel type white list

An industrial control network and information security technology, applied in the direction of electrical components, transmission systems, etc., can solve problems such as Ethernet monitoring and management that cannot be completely solved

Active Publication Date: 2015-12-30
上海三零卫士信息安全有限公司
View PDF4 Cites 33 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although there are many network monitoring products now, due to the limitations of these products, most of them are oriented to traditional information networks, and they cannot completely solve the widespread Ethernet monitoring and management problems, especially most industrial protocols in the field of industrial control. At the same time, many system suppliers adopt a large number of private protocols. Therefore, the network information security technology with industrial control characteristics for the field of industrial control is gradually deepening.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control network information security monitoring method based on funnel type white list

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] Such as figure 1 As shown, the funnel-type whitelist-based industrial control network information security monitoring method described in the embodiment of the present invention consists of the following steps:

[0019] ⑴In-depth analysis of industrial communication data: Master the ability to restore industrial communication protocols. Based on this ability, establish a data analysis list, including source IP, destination IP, source MAC, destination MAC, source port, destination port, general protocol type, industrial control Elements such as the protocol type store the obtained sample information in a list through the learning of a certain period of time, and construct the sequence model of instruction flow and information flow on the basis of network flow.

[0020] (2) Establish a trusted architecture for legal operations in the industrial control network: user assets in the industrial control network need to be trusted, which is reflected in the equipment connected ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an industrial control network information security monitoring method based on a funnel type white list. The industrial control network information security monitoring method comprises the following steps that (1) industrial communication data are deeply parsed; (2) a credible framework is established for legal operation in an industrial control network; and (3) a white list funnel is established based on the credible framework. The beneficial effects of the industrial control network information security monitoring method are that reductive analysis is performed on multiple industrial communication protocols so that abnormal monitoring of the production control behavior can be realized; and the credible framework is established through combination of the industrial control network environment so that the white list funnel with the industrial characteristics is generated, filtering precision is high and the communication behavior in the industrial control network is monitored in real time, early warning time for perception of the unknown threat is enhanced, and thus the industrial control information system environment is stabilized as the core guiding thought and a monitoring system is constructed.

Description

technical field [0001] The invention relates to the field of industrial control network information security, in particular to an industrial control network information security monitoring method based on a funnel-type white list. Background technique [0002] With the promotion of informatization and the acceleration of industrialization, more and more computer and network technologies are applied to industrial control systems, which makes industrial control systems highly integrated with traditional enterprise networks, and has greatly promoted industrial production. At the same time, it also brings security problems such as Trojan horses, viruses, and network attacks. [0003] According to the statistics of RISI, the industrial security incident information database, as of 2011, there have been more than 200 major attacks on industrial control systems in the world, especially after 2000, with the development of common protocols, general hardware and general software in in...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/101
Inventor 李成斌张建军王朝栋栾少群倪华
Owner 上海三零卫士信息安全有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap