Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Machine learning based intrusion detection method of industrial control system

An industrial control system and intrusion detection technology, applied in transmission systems, electrical components, platform integrity maintenance, etc., can solve key industrial control process damage, unauthorized access to industrial system functions, core data theft, etc., to improve The effect of communication security

Inactive Publication Date: 2017-08-29
四川电科智造科技有限公司
View PDF5 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the past few years, industrial control systems have begun to widely adopt information technology to make factories more intelligent. However, due to the great difference between industrial control systems and traditional IT systems, industrial control systems still have many deficiencies in terms of security. , and due to insufficient protection will cause many serious problems, including the theft of core data, the destruction of key industrial control processes, unauthorized access to industrial system functions, and even the shutdown of factories, etc., so increasing the protection function of industrial control systems is helpful very important

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Machine learning based intrusion detection method of industrial control system
  • Machine learning based intrusion detection method of industrial control system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0024] figure 1 It is a topological structure diagram of the machine learning-based industrial control system intrusion detection of the present invention.

[0025] In this example, if figure 1 As shown, all communication traffic between the control end and the execution end will pass through the firewall, and the intrusion detection module is inside the firewall, which includes an intrusion detection module and a deep packet analysis module.

[0026] Combine below figure 1 A machine learning-based industrial control system intrusion detection method of the present invention is described in detail, which specifically includes the following steps:

[0027] S1. Detect, identify and analyze the data packets of the communication of the industrial control system to be detected;

[0028] It is assumed that there are M groups of control terminal and execution terminal combinations in the industrial control system, and the communication cycle is divided into X unit time;

[0029] ...

example

[0040] Use the control software as the client, execute the software server, and set it to read data every 1 minute.

[0041] For a period of communication, the legal sample value we selected is:

[0042] x 1 =(19216810147,10036,19216810133,502,011008,30)

[0043] x 2 =(19216810147,10098,19216810133,502,011009,45)

[0044] x 3 =(19216810147,10023,19216810133,502,011010,50)

[0045] x 4 =(19216810125,10211,19216810133,502,011010,19)

[0046] Choose an illegal sample value:

[0047] x 1 =(19216810147,10036,19216810133,502,011008,100)

[0048] x 2 =(19216810147,10098,19216810133,502,011009,10)

[0049] x 3 =(19216810147,10023,19216810133,502,011010,198)

[0050] x 4 =(19216810125,10211,19216810133,502,011010,201)

[0051] Output result: For this model, when the data obtained by the intrusion detection module is (19216810147, 10036, 19216810133, 502, 011008, 30), input the intrusion detection model, normally the source IP address is 19216810147, the source port numbe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a machine learning based intrusion detection method of an industrial control system. Machine learning is carried out in a practical industrial environment, the IPs, port numbers and the like of control and execution ends are recorded, a model is established according to characteristics corresponding to data flow and time, and intrusion detection is carried out via the established model. If it is found that an unknown IP or port implements communication or the communication flow in certain period is greatly higher or lower than a threshold of a learning phase, alarming is carried out, and the communication security of the system is improved greatly; and the method can be suitable for intrusion detection in different industrial network environments, manual configuration is not needed, and abnormity detection can be realized via automatic learning.

Description

technical field [0001] The invention belongs to the technical field of intrusion detection, and more specifically relates to an intrusion detection method of an industrial control system based on machine learning. Background technique [0002] Industrial control system information security has a very wide range of applications in the security protection of controllers, such as electric power, oil and gas, and large-scale manufacturing industries. In the past few years, industrial control systems have begun to widely adopt information technology to make factories more intelligent. However, due to the great difference between industrial control systems and traditional IT systems, industrial control systems still have many deficiencies in terms of security. , and insufficient protection will cause many serious problems, including the theft of core data, the destruction of key industrial control processes, unauthorized access to industrial system functions, and even the shutdown...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06F21/56
Inventor 郑宏邹见效辛晓帅何建
Owner 四川电科智造科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products