A fingerprint identification method of industrial control scanner based on honeynet data

A fingerprint recognition and scanner technology, applied in the field of network security, can solve the problem of not being able to effectively identify new types of scanning activities

Active Publication Date: 2018-12-21
NORTHEASTERN UNIV
View PDF6 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Most of the existing technologies use honeypot network access traffic or timing characteristics to identify scanners, and cannot effectively identify new types of scanning activities

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A fingerprint identification method of industrial control scanner based on honeynet data
  • A fingerprint identification method of industrial control scanner based on honeynet data
  • A fingerprint identification method of industrial control scanner based on honeynet data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The present invention will be described in further detail below in conjunction with the accompanying drawings and specific embodiments, but not as a limitation to the technical solution of the present invention.

[0026] In recent years, tremendous changes have taken place in the field of cyberspace security. With the deepening of the integration of industrialization and industrialization, industrial control systems have become inseparable from the Internet. After the integration of industrialization and industrialization, the information security of IT systems has also been integrated into the security of industrial control systems. At present, the industrial control scanner fingerprint recognition system can analyze and classify traffic, which plays a vital role in the intrusion of network attackers. The industrial control scanner fingerprint recognition system can classify the known traffic of the system, and can also Unknown traffic is marked, and then judged accord...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a fingerprint identification method of an industrial control scanner based on honeynet data, comprising the following steps: scanning data captured through a honeypot network system in an industrial control network and an existing industrial control scanner are analyzed to obtain fingerprint information and a multi-classifier model of scanning data based on a CART decision tree is constructed. The multi-classification classifier model can effectively identify the specific scanning tools that initiate the scanning traffic and output the judgment probability of various scanner tags. After that, the output of the multi-classification classifier model will be used as the input data of the clustering algorithm. The clustering algorithm can discover the deeper relationshipbetween different scanning entities and form clustering. At the same time, the clustering algorithm can effectively extract scanning features of different clusters, form new scanner tags, and updatethem to the previous multi-classification decision tree, thereby improving the judgment ability of the invention for the novel scanner data.

Description

technical field [0001] The invention belongs to the technical field of network security, and relates to a fingerprint identification method for industrial control scanners based on honeynet data. Background technique [0002] In recent years, great changes have taken place in the field of cyberspace security, and industrial control systems have become one of the new main battlefields of cyberspace security. After the integration of industrialization and industrialization, the information security of IT systems has also been integrated into the security of industrial control systems. At present, the network security situation faced by my country's critical information infrastructure is severe and complex. According to data from the network security team of Northeastern University's "Ting Ting" network, there are a large number of industrial control systems exposed to the Internet in the world, and a large proportion of them include the power industry, petroleum and petrochem...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06N3/00
CPCG06N3/006H04L63/1408H04L63/20
Inventor 姚羽盛川刘昕蕊李东彪李桢梓王禹博金白澈
Owner NORTHEASTERN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap