Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Industrial Internet intrusion detection method based on flow feature map and perception hash

A technology of industrial Internet and traffic characteristics, applied in the field of industrial Internet intrusion detection, can solve the problems of algorithm time complexity not meeting real-time requirements, poor adaptability, low intrusion detection performance, etc., achieve good intrusion detection performance, meet robust performance, improve the effect of hash digest matching method

Inactive Publication Date: 2017-08-18
LANZHOU UNIVERSITY OF TECHNOLOGY
View PDF2 Cites 26 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] To sum up, in view of the problems of low intrusion detection performance, poor adaptability, and algorithm time complexity that do not meet real-time requirements in existing industrial Internet intrusion detection methods, in order to mine the characteristics of traffic data between two pairs of attributes, image processing Research on the intrusion detection problem from the perspective of the method, and provide a real-time and efficient intrusion detection method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial Internet intrusion detection method based on flow feature map and perception hash
  • Industrial Internet intrusion detection method based on flow feature map and perception hash
  • Industrial Internet intrusion detection method based on flow feature map and perception hash

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] The invention is an industrial Internet intrusion detection method based on traffic characteristic graph and perceptual hash, and its steps include two stages of normal behavior modeling and perceptual hash intrusion detection.

[0034] (1) Normal behavior modeling stage;

[0035] Using traffic feature map technology based on multiple correlation analysis, the traditional text traffic information of the industrial Internet is transformed into a traffic feature map, and the traditional research on the relationship within attributes is extended to the research on the relationship between attributes, and traffic features are mined from different angles. Specific steps are as follows:

[0036] (1a) Obtain the standard test experimental data set of the industrial Internet field network, perform preprocessing operations on the experimental data, and eliminate incomplete traffic data records;

[0037] (1b) Calculate the information entropy of each attribute of the experimenta...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an industrial Internet intrusion detection method based on a flow feature map and perception hash for mainly solving the problems of low detection performance and poor adaptability of the existing industrial Internet intrusion detection method. The industrial Internet intrusion detection method draws lessons from an image processing method and comprises the following steps: firstly obtaining a standard test bed experimental data set, performing feature selection by using an information entropy method to construct a flow feature vector, and performing a normalization operation on a part of attributes; then, converting the flow feature vector into a triangle area mapping matrix by using a multivariate correlation analysis method to construct the flow feature map; and finally, obtaining a hash abstract of the flow feature map by using an image perception hash algorithm based on discrete cosine transform SVD and singular value decomposition SVD, and generating an intrusion detection rule set in the form of a binary character string. Moreover, hash matching is performed by using an accurate matching method based on character strings, a similarity measurement method based on a normalized Hamming distance and a clustering analysis method based on a Euclidean distance so as to detect abnormal flow and malicious intrusion in the industrial Internet.

Description

technical field [0001] The invention belongs to the field of industrial Internet intrusion detection, and in particular relates to an industrial Internet intrusion detection method based on a traffic feature map and image perception hash, which is mainly used for intrusion detection of malicious attacks and abnormalities in the industrial Internet. Background technique [0002] Traditional industrial control systems (Industrial Control Network, ICS) are widely used in petrochemical, power and water conservancy, industrial production, nuclear energy and transportation and many other national key infrastructures. According to the ICS-CERT 2015 Security Situation Report analysis and statistics, more than 80% of the country's critical infrastructure relies on ICS to automate the production process. ICS plays a very important role in people's production and life, and the security of ICS directly affects national security and economic development. From the "Stuxnet" virus attacki...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/142H04L41/145H04L63/1416
Inventor 董瑞洪吴东方张秋余周亮闫厚华葛子贤李改莉冯玉春张涛王前乔思斌
Owner LANZHOU UNIVERSITY OF TECHNOLOGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products