Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Rapid feature matching industrial network DDoS intrusion detection method

A feature matching, industrial network technology, applied in electrical components, transmission systems, etc., can solve the problems of low detection efficiency, failure of normal transmission of production data, messages, and instructions, high false positive rate and high false negative rate, and achieve excellent quality. , reduce query time, improve matching efficiency and accuracy

Inactive Publication Date: 2018-08-21
CHONGQING UNIV OF POSTS & TELECOMM
View PDF7 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The general target of DDoS attacks is the core facilities of the network. In the field of industrial control, the targets that can be attacked include core switches, data servers, etc. Once the network stops serving, various production data, messages, and instructions cannot be transmitted normally. The damage caused on site will be incalculable
At present, the research on this type of intrusion detection system for industrial networks is still in its infancy at home and abroad. The currently applied solution is to use the anomaly detection system to monitor system parameters, such as CPU usage, login failure times, etc. The defects of this scheme The false alarm rate and false negative rate are high; in addition, an attack feature database is established to analyze and match inbound data. This method consumes system resources and the detection efficiency is low. This is an industrial network with high real-time requirements. is not allowed in

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Rapid feature matching industrial network DDoS intrusion detection method
  • Rapid feature matching industrial network DDoS intrusion detection method
  • Rapid feature matching industrial network DDoS intrusion detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0057] The present invention proposes a fast feature matching industrial network DDoS intrusion detection method. The method first extracts data packet features, constructs a feature matrix, and then inputs the feature matrix into a deep learning model for detection, thereby realizing an efficient intrusion detection system. The present invention will be described in further detail below in conjunction with the accompanying drawings and specific embodiments.

[0058] figure 1 The flow chart of data packet feature screening of the present invention is provided, specifically implemented in this way:

[0059] 1. After extracting the feature value, calculate the information gain and correlation of each feature;

[0060] Calculate the empirical entropy H(D) of the training data set D:

[0061] Select the empirical conditional entropy H(D|A) of feature A:

[0062] Calculate information gain: g(D,A)=H(D)-H(D|A)

[0063] Where D is the training data set, |D| is the sample size...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a rapid feature matching industrial network DDoS intrusion detection method, relates to the field of industrial network communication and belongs to the aspect of information security. According to the method, a traditional database lookup feature matching model for intrusion detection is replaced through utilization of a deep learning model, thereby finishing designing theintrusion detection system in an industrial network. According to the method, data packet features are extracted; features are screened; a feature matrix is established; the feature matrix is input into the deep learning model for judgment; and the model is trained by a KDD99 data set, and the model has a very high identification rate for a DDoS attack type. According to the method, the defect that the traditional database lookup feature matching speed is low is improved, a system does not need to waste time for waiting for the looking up in a database, a matching rate is greatly improved, thematching precision is high, a false alarm rate is low, the deployment is convenient, the use of system resources is effectively reduced, and a demand of the industrial network for network timelinessis satisfied.

Description

technical field [0001] The invention relates to the field of industrial network communication, and belongs to the aspect of information security, in particular to an industrial network DDoS intrusion detection method for rapid feature matching. Background technique [0002] Industrial network refers to a digital, two-way, multi-station communication system installed in the manufacturing environment. With the development of the times, industrial networks have become more and more closely and frequently connected with external networks. In the past, there was usually no physical connection between industrial networks and the external Internet, and they only existed as isolated LANs. But now, the industrial network not only connects internal manufacturing equipment, but also connects to all parts of the world through the Internet to achieve tasks such as remote monitoring, remote software upgrades, unified resource allocation, and collaborative division of labor. However, whil...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425H04L63/1458
Inventor 罗志勇许申声赵杰罗蓉李凯凯张柔季良缘夏文彬
Owner CHONGQING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com