Automatic establishing method of intrusion detection model based on industrial control network and apparatus thereof

An industrial control network, intrusion detection technology, applied in the direction of character and pattern recognition, instruments, electrical components, etc., can solve the problem of high false positive rate and false negative rate of intrusion detection, to improve the intrusion detection rate, reduce the false positive rate and False negative rate, the effect of reducing complexity
CN106603531AInactive Publication Date: 2017-04-26SHENYANG INST OF AUTOMATION - CHINESE ACAD OF SCI
3 Cites 13 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
SHENYANG INST OF AUTOMATION - CHINESE ACAD OF SCI
Publication Date
2017-04-26
Estimated Expiration
Not applicable · inactive patent

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
Patent Text Reader

Abstract

The invention discloses an automatic establishing method of an intrusion detection model based on an industrial control network. The method comprises the following steps of determining whether a first intrusion detection model accords with a preset detection requirement, and if the first intrusion detection model does not accord with the preset detection requirement, extracting communication behavior flow data in real time; according to the communication behavior flow data, setting a training data set and a test data set; according to the training data set, creating an initial intrusion detection model; and using the test data set to test the initial intrusion detection model, and according to a test result, creating a second intrusion detection model according with a preset detection requirement. Detection precision of the second intrusion detection model is high so that an intrusion detection rate of abnormal behaviors is increased, and a false alarm rate and a missing report rate are reduced.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The application relates to a method and device for automatically establishing an intrusion detection model based on an industrial control network, and belongs to the technical field of industrial control network security protection. Background technique

[0002] Industrial Control Systems (hereinafter referred to as ICS) is an automatic control system composed of computer equipment and industrial process control components. It is widely used in industrial basic fields such as industry, energy, transportation, and petrochemical industry. Since ICS is more and more connected with enterprise network and the Internet, forming an open network environment, the network security protection technology of ICS is of great significance to ensure the safe, reliable and stable operation of ICS.

[0003] At present, intrusion detection technology is mainly used to ensure the network security of ICS. Intrusion detection is an active security protection technology. By...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More