Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

FCM-GASVM-based industrial control system intrusion detection method

An industrial control system, intrusion detection technology, applied in general control systems, control/regulation systems, adaptive control and other directions, can solve problems such as loss, inability to detect attacks, inability to effectively reduce system security risks, and reduce training time, The effect of improving classification accuracy

Inactive Publication Date: 2019-01-04
SHENYANG INST OF AUTOMATION - CHINESE ACAD OF SCI
View PDF9 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, with the rapid development of industrial informatization and network technology, more and more general-purpose hardware and general-purpose software are used in industrial control systems. The openness of industrial control systems is increasing day by day, and system security vulnerabilities and defects are easily exploited by viruses. It is also used in various large-scale manufacturing industries such as electric power, transportation, petroleum, heating, and pharmaceuticals in the country. Once attacked, it will bring huge losses. Therefore, effective methods are needed to ensure the network security of industrial control systems.
[0003] There are many ways to protect the network security of industrial control systems. The most commonly used methods are firewalls, log processing and other linkage methods. However, firewalls are based on third-party routing access control and cannot detect attacks from within the system. They can only filter them. function, unable to effectively reduce the security risk of the system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • FCM-GASVM-based industrial control system intrusion detection method
  • FCM-GASVM-based industrial control system intrusion detection method
  • FCM-GASVM-based industrial control system intrusion detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0052] The present invention will be further described in detail below in conjunction with the examples.

[0053] The industrial control intrusion detection method based on FCM-SVM includes the following steps:

[0054] Step 1: First, use wireshark to capture the Modbus / TCP communication traffic data packets. There are multiple attributes for each ModbusTCP / IP protocol, and extract the attributes that best reflect the data characteristics.

[0055] Step 2: According to the intrusion mode, construct the basic characteristics of the industry, the number of function code requests within 10 seconds, the number of visits to the address within 20 seconds, and the number of connections to the same device within 10 seconds.

[0056] Step 3: Sort the extracted and constructed data packets in chronological order, randomly divide them into different sequences, remove redundant data, normalize the data, and use the minimum and maximum normalization method to normalize the data of differen...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an FCM-GASVM-based industrial control system intrusion detection method, in particular, a CM-GASVM-based industrial control system application layer network intrusion detection method. According to the method, unsupervised fuzzy C-mean clustering and a supervised support vector machine are combined so as to extract the communication traffic data of the Modbus / TCP of an industrial control system; FCM clustering is performed on the communication data; and a part of the data, which meet a threshold condition, are classified through a genetic algorithm optimized-support vector machine. Since unsupervised learning and supervised learning are combined together, training time can be effectively reduced with category labels not required to be known in advance, and classification accuracy can be improved.

Description

technical field [0001] The invention relates to an FCM-GASVM-based intrusion detection method for an industrial control system, which uses a fuzzy C-mean value and a genetic algorithm-optimized support vector machine to detect abnormal behavior, and belongs to the field of industrial control network security. Background technique [0002] The traditional industrial control system is generally based on the factory area, which is independent of each other and has no physical connection with the outside world. However, with the rapid development of industrial informatization and network technology, more and more general-purpose hardware and general-purpose software are used in industrial control systems. The openness of industrial control systems is increasing day by day, and system security vulnerabilities and defects are easily exploited by viruses. It is also used in various large-scale manufacturing industries such as electric power, transportation, petroleum, heating, and ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G05B13/04
CPCG05B13/042
Inventor 尚文利赵剑明万明崔君荣刘贤达曾鹏于海斌
Owner SHENYANG INST OF AUTOMATION - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products