Method, apparatus and system for identifying access device of industrial control network

A technology of industrial control network and access equipment, applied in the field of information security, can solve problems such as obsolete protocol stack and unsupported protocol options, and achieve effective management and convenient supervision

Pending Publication Date: 2017-07-25
BEIJING KUANGEN NETWORK TECH
View PDF0 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, in industrial control networks, the protocol stack may be old and does not support the relevant protocol options

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, apparatus and system for identifying access device of industrial control network
  • Method, apparatus and system for identifying access device of industrial control network
  • Method, apparatus and system for identifying access device of industrial control network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0020] figure 1 It is a block diagram of an industrial control network access device identification system 1000 shown according to an exemplary embodiment, refer to figure 1 , the system can be used in an industrial control network, the industrial control network access device identification system 1000 can include an access device 200; and the industrial control network access device identification device 100 provided in the present disclosure, the industrial control network The access device identification apparatus 100 is connected with the access device 200 . The access device 200 may be a host computer, PLC (Programmable Logic Controller, Programmable Logic Controller) and other equipment, and the industrial control network access device identification device 100 may be connected directly or through a bypass (for example, a switch, etc.) device connection path) is connected to the access device 200 to acquire the device information of the access device.

[0021] Afterwa...

Embodiment 2

[0026] figure 2 It is a flow chart of a method for identifying industrial control network access equipment according to an exemplary embodiment. The method can be applied to the identification device for industrial control network access equipment in the above system, such as figure 2 As shown, the method includes the following steps.

[0027] In step S11, the device information of the access device in the industrial control network is obtained.

[0028] For example, obtain the device information of the access device in the above-mentioned industrial control network, wherein the device information may include the device status data and flow data of the access device, and the device status data may include IP address, MAC address, protocol number, and applications.

[0029] In step S12, it is determined whether the access device is an unknown device according to the device information and the access device sample database.

[0030] For example, according to the above devic...

Embodiment 3

[0033] image 3 It is a flow chart of a method for identifying an industrial control network access device according to an exemplary embodiment, refer to image 3 , in this embodiment 3, an example method step for establishing the access device sample database in step S12 is further provided, which may further include the following steps:

[0034] In step S41, a plurality of sample device information of a plurality of sample access devices in the industrial control network is acquired, and each sample device information includes sample device status data and sample flow data of a sample access device.

[0035] For example, a plurality of sample device state data and sample flow data may be acquired by using deep packet inspection (DPI) technology, and the device state data may include IP address, MAC address, protocol number, and application. For example, the address of the host computer is 192.168.1.2, the mac address is 01:02:03:04:05:06, use http to access the Internet, an...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method, apparatus and system for identifying an access device of an industrial control network, and relates to the technical field of information security. The method for identifying the access device of the industrial control network comprises the following steps: obtaining device information of the access device in the industrial control network; and determining whether the access device is an unknown device according to the device information and an access device sample database. The technical scheme provided by the embodiment of the invention has the following beneficial effects: an access device identification scheme suitable for the industrial control network is provided, on one hand, the access device in the industrial control network can be identified effectively and accurately in real time, thereby improving the security of the industrial control network (for example, avoiding network attack behaviors and the like) on one hand, and on the other hand, the access devices accessing the industrial control network can also be effectively managed for the convenience of supervision.

Description

technical field [0001] The present disclosure relates to the technical field of information security, and in particular to a method for identifying an industrial control network access device, an identification device for an industrial control network access device, and an identification system for an industrial control network access device. Background technique [0002] With the development of information technology, industrial control systems are gradually becoming open, interconnected and universal. Many industrial control protocols are gradually running on industrial Ethernet, and attacks against industrial control systems are more common. At present, the unknown device detection technology in the network mostly uses TCP (Transmission Control Protocol, Transmission Control Protocol) time stamp and other related information to identify the access device, and detects the unknown device according to the correlation between the time stamp and the deviation of the hardware d...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F21/44G06K9/62
CPCH04L63/0876H04L63/1408G06F21/44G06F18/23213G06F18/2411
Inventor 肖俊杰齐权姜炜
Owner BEIJING KUANGEN NETWORK TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap