Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Industrial control operation system active defense method with self-learning characteristic

An operating system and active defense technology, applied in platform integrity maintenance, instruments, electrical digital data processing, etc., can solve problems such as difficulty in updating industrial control system patches, inapplicability to industrial control environments, and poor business adaptability, etc., to meet business needs, Good compatibility, the effect of resisting hacker attacks

Inactive Publication Date: 2017-12-19
NANJING NARI GROUP CORP +2
View PDF5 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For the security requirements of industrial control operating systems, although SELinux is powerful, it is not suitable for industrial control environments, especially microkernel scenarios, due to its large overall architecture and large performance impact.
In addition, the security model is responsible and the business adaptability is poor
It is relatively difficult to update the patch of the industrial control system, and it is necessary to introduce active defense

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control operation system active defense method with self-learning characteristic
  • Industrial control operation system active defense method with self-learning characteristic
  • Industrial control operation system active defense method with self-learning characteristic

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] Such as figure 1 Shown, a kind of industrial control operating system active defense method with self-learning characteristic, this method is realized based on Linux LSM, comprises the following steps:

[0026] Step 1: Determine whether the program can be executed according to the trusted policy, monitor business behavior if it is executable, and complete deterministic security policy learning based on the detected subject-object access operations. The security policy library described here includes several rules, which define the access control rules of the subject to the object, and the trusted measurement value of the application.

[0027] For this type of event, in addition to its own access to the corresponding object, the main program will call other executable programs for resource access in most cases. The final resource access sequence forms a tree structure. The initial subject is the root node of the tree. Leaf nodes represent the objects that are actually...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an industrial control operation system active defense method with a self-learning characteristic. The method comprises the following steps of: 1, judging whether a program is executable or not according to a credible strategy, and if the program is executable, monitoring a business behavior and accessing an operation according to a detected subject and a detected object; 2, monitoring a log generated via business call according to the step 1 so as to realize uncertain security policy learning; 3, monitoring a behavior of system call in a Linux kernel layer, collecting corresponding system call information, and judging whether the system call is allowed or rejected according to security policies generated in the steps 1 and 2; and 4, constructing an industrial control operation system active defense system by taking self-learning system forced access control as basis and utilizing application credibility measurement according to the steps 1 and 2. The method is still immune to attacks under the condition that loopholes exist, and has the characteristics of being automatic in learning, simple to apply and low in business influence.

Description

technical field [0001] The invention relates to the technical field of industrial control operating system security, in particular to an active defense method for an industrial control operating system with self-learning characteristics. Background technique [0002] Operating system security is the foundation of information security. Attacks and threats to computer systems often take the operating system as the main target. Security products, if not built on top of a security operating system, are like buildings built on sand. Although business applications often have their own security measures such as identity authentication and access control, due to the lack of strict formal design, the security mechanism cannot ensure security. If application security integrates the security mechanism of the operating system that has undergone certain formal verification on the basis of its own security guarantee, it will fundamentally solve the problem of information security to a ce...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06F21/57
CPCG06F21/552G06F21/577
Inventor 郭建成刘苇许洪强陶洪铸周劼英祁龙云吕小亮魏兴慎宋子锋韩勇程长春杨维永朱世顺
Owner NANJING NARI GROUP CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products