A fast detection and identification method for industrial control equipment in cyberspace
A technology of industrial control and identification method, which is applied in the direction of data exchange network, digital transmission system, electrical components, etc., and can solve problems such as time-consuming, inability to know the model of industrial control equipment, and unrealistic infrastructure security guarantee
Active Publication Date: 2019-04-16
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF5 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
First of all, the entire IPv4 network space, including 4 billion address spaces, will consume years of time to search for industrial control equipment in such a huge space, which is unrealistic for the security of national infrastructure
Secondly, there are many types of industrial control equipment, and the existing methods cannot know the model of the specific industrial control equipment
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0033] The system design of the rapid discovery algorithm for industrial control equipment in cyberspace based on the two-stage process, below we describe the specific implementation details.
[0034] a) The detector first adds the IP address of the detection space to the detection list
[0035] b) After (a), perform random number processing on each IP address in the detection list to obtain a new IP list.
[0036] c) After (b), send a TCP detection packet with a SYN field to each IP address.
[0037] d) After (c), if the destination address feeds back the probe, then add the IP address to the candidate set.
[0038] e) In (d) in the candidate set, sequentially select units, thereby establishing a complete TCP connection, and sending a data packet in the S7COTP field of the industrial control protocol.
[0039] f) After (e), try several times, if feedback is obtained, identify the industrial control device according to the feedback, otherwise delete the IP address.
[0040] g...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a rapid detection and identification method for industrial control equipment in cyberspace. The method is: 1) the detector sends the network transport layer TCP detection packet with the SYN field to each IP address in the IPv4 address space, if there is an IP address reply, then the IP address is added to the candidate set; 2) the detector Each IP address sequence in the candidate set is used as a candidate destination IP address, and the detection packet with the industrial control S7 protocol field and the detection packet with the industrial control Modbus protocol field are sent respectively, if the destination IP address returns with For the feedback of the industrial control S7 protocol field, the destination IP address is identified as an industrial control device running the S7 protocol, and if the feedback with the industrial control Modbus protocol field is returned, the destination IP address is identified as an industrial control device running Modbus . The invention greatly improves the equipment identification efficiency.
Description
technical field [0001] The invention relates to a fast network space industrial control equipment detection method, which belongs to the fields of computer network and internet of things. Background technique [0002] The Internet of Things is an important part of my country's strategic emerging industries. It has led a new round of information technology revolution after computers, the Internet and mobile communications. It is the commanding height of future technological competition and an important driving force for industrial upgrading. Catalyst for information integration. The Internet of Things is not only closely related to national economic construction and social development, but also a driving force to improve people's quality of life and level, and an important embodiment of my country's innovation-driven development strategy. To ensure the security of the Internet of Things is to ensure the security construction of national infrastructure. [0003] Physical enti...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/24H04L12/26H04L29/06H04L29/12
CPCH04L41/0823H04L43/08H04L69/16H04L69/18H04L69/22H04L61/5007
Inventor 孙利民李强丰轩刘燕
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI