Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Industrial control network security detection system and detection method

A security detection and industrial control network technology, applied in the transmission system, digital transmission system, data exchange network, etc., can solve the problems of not being able to know the root cause of the security vulnerability of the industrial control network, industrial process out of control, device downtime, etc.

Pending Publication Date: 2017-03-08
BEIJING KUANGEN NETWORK TECH
View PDF0 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In addition, most of the application layer protocols and fieldbus protocols of industrial control networks use clear code transmission protocols such as MODBUS / TCP and CAN, which have unavoidable vulnerabilities such as no strict identification and easy forgery of messages.
Therefore, the industrial control network is vulnerable to attacks by attackers using vulnerabilities. Serious attack consequences can even completely paralyze the industrial control network, resulting in loss of control of the industrial process or shutdown of the device
[0003] At present, when detecting industrial control network security vulnerabilities, technologies such as port service scanning and vulnerability feature scanning rely heavily on the industrial control network security vulnerability database. However, there is very little security vulnerability information in the public industrial control network security vulnerability database. In-depth and comprehensive detection of security vulnerabilities cannot be realized; scanning technologies and mechanisms based on public vulnerabilities cannot effectively discover unknown security vulnerabilities, and will always lag behind unknown security vulnerabilities exploited by attackers in time
It can be seen that at present, when detecting industrial control network security vulnerabilities, it is impossible to conduct in-depth detection of industrial control network security vulnerabilities, and it is impossible to effectively discover unknown security vulnerabilities, and it is impossible to know the root cause of industrial control network security vulnerabilities, which in turn leads to industrial control network security. Security protection is difficult

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control network security detection system and detection method
  • Industrial control network security detection system and detection method
  • Industrial control network security detection system and detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] Below, combine figure 1 The industrial control network security detection system of the present invention and the method for detecting the detection target (equipment or system to be detected) by using the industrial control network security detection system are described in detail.

[0027] Such as figure 1 As shown, the industrial control network security detection system of the present invention includes a test case module 1, a fuzzy test engine 2, a monitor 3, a root cause analysis module 4, a report generation engine 5 and an intermediate relay module (not shown in the figure).

[0028] The test case module 1 is connected with the fuzzy test engine 2, and provides the fuzzy test engine 2 with test cases for safety detection of the detection target 6 according to the industrial control protocol of the detection target 6. Preferably, the test case module 1 includes a data model submodule 11 , a state model submodule 12 and a test parameter submodule 13 . Among them...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the field of industrial control network security vulnerability detection. In order to achieve thorough and comprehensive detection of industrial control network security vulnerabilities, effectively discover unknown security vulnerabilities, and find out a root cause of the industrial control network security vulnerabilities, the invention provides an industrial control network security detection system, wherein a test case module provides test cases for a fuzzy test engine; the fuzzy test engine generates a test data packet and performs security detection on a detection target, and obtains test results including "normal", "other" and "suspected vulnerabilities"; a monitor monitors the state of the detection target in real time; a root cause analysis module drives the fuzzy test engine to perform attack replay, after the vulnerability verification is successful, performs abnormality analysis on an abnormal data packet, and obtains the root cause of the security vulnerabilities; and a report generation engine generates a test report. The industrial control network security detection system provided by the invention is used for carrying out security detection, and the detection is thorough and comprehensive, which can effectively find the unknown security vulnerabilities and obtain the root cause of the security vulnerabilities.

Description

technical field [0001] The invention relates to the field of detection of security loopholes in industrial control networks, in particular to an industrial control network security detection system and method for detecting security loopholes in industrial control networks. Background technique [0002] In recent years, industrial control systems have emphasized openness, and a large number of general-purpose IT products have been introduced into industrial control networks, such as Windows operating systems, relational databases, etc., and Ethernet and TCP / IP protocols have been widely used, resulting in a large number of IT vulnerabilities being introduced into In the industrial control network. In addition, most of the application layer protocols and fieldbus protocols of industrial control networks use clear code transmission protocols such as MODBUS / TCP and CAN, which have unavoidable vulnerabilities such as no strict identification and easy forgery of messages. Therefo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L12/26
CPCH04L43/06H04L43/08H04L63/1416H04L63/1433
Inventor 叶长吴玲花
Owner BEIJING KUANGEN NETWORK TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com