Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A depth packet detection platform based on industrial SCADA system

A technology of deep packet inspection and deep packet analysis, which is applied in the platform field of detecting the system state by a method, can solve problems such as damage, lack of information, feature analysis and extraction, and limitation of detection effects, etc., to achieve good authenticity and test The effect of convenience, good flexibility and realizability

Active Publication Date: 2019-01-08
ZHEJIANG UNIV
View PDF5 Cites 27 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The deep packet inspection methods currently used in most research work have high requirements for the application target scene and protocol environment. A small number of commonly used fields are analyzed on the network data stream or the existing field information is directly used as the data set. The information is directly used as the characteristics of the network data flow to establish a system state model, which lacks a complete feature analysis and extraction of the information contained in the network data flow, and can only have a relatively ideal effect when the abnormal behavior involves commonly used fields.
In addition, most of the existing research work modifies and destroys the system state through several known common attacks, and constructs corresponding data sets. There is almost no work that can well simulate various abnormal states that may occur in the field scene, and the detection effect has certain limitations

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A depth packet detection platform based on industrial SCADA system
  • A depth packet detection platform based on industrial SCADA system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] The present invention will be described in further detail below in conjunction with the accompanying drawings and specific embodiments.

[0041] The deep packet inspection platform of the industrial SCADA system provided by the present invention is mainly aimed at power system scenarios, and common protocols in the system environment include Modbus / Tcp and IEC 60870-5-104 protocols. The detection platform consists of four parts: industrial SCADA system simulation platform, deep packet analysis module, anomaly detection module, and intrusion module. The detection platform realizes the key communication process in the field environment by simulating the typical interaction mode of the process monitoring layer and the field control layer in the industrial SCADA system. The main process of detection is that the deep packet analysis module captures the network data flow through the switch deployed between the two layers, and obtains the complete and real system status inform...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a depth packet detection platform based on an industrial SCADA system. The detection platform can be used for detecting the system state by means of Modbus / Tcp and IEC 60870-5-104 protocol which are commonly used in a power system. The detection platform includes four parts: an industrial SCADA system simulation platform, a depth packet analysis module, an abnormity detection module and an intrusion module. Based on the typical interactive mode of periodic polling in SCADA system, the detection platform simulates the normal network data flow in power system, and simulates the abnormal state of the system and the corresponding network data flow by protocol vulnerability analysis and message variation. Feature analysis and extraction of the message field information,through the machine learning method to build a system state model, to achieve the integrity of the system state, in-depth detection.

Description

technical field [0001] The present invention relates to the field of industrial control systems, in particular to protocol analysis and anomaly detection in the communication environment of industrial SCADA systems, constructing positive / abnormal data sets based on protocol formats and vulnerabilities, and detecting system states through machine learning methods platform. Background technique [0002] The industrial control system is composed of various automation control components and process control components for collecting and monitoring real-time data. It is a business process control system that ensures the automatic operation, process control and monitoring of industrial technical facilities. Its core components include data collection and Monitoring system (SCADA), distributed control system (DCS), programmable logic controller (PLC), remote terminal (RTU), intelligent electronic device (IED) and the interface technology to ensure the communication of each component,...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425H04L63/1491
Inventor 程鹏王法仁陈积明王文海孙优贤王晓鹏
Owner ZHEJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com