Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A Deep Packet Inspection Platform Based on Industrial Scada System

A technology of deep packet inspection and deep packet analysis, which is applied in the platform field of detecting the system state by a method, can solve problems such as damage, lack of information, feature analysis and extraction, and limitation of detection effects, etc., to achieve good authenticity and test The effect of convenience, good flexibility and realizability

Active Publication Date: 2020-05-19
ZHEJIANG UNIV
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The deep packet inspection methods currently used in most research work have high requirements for the application target scene and protocol environment. A small number of commonly used fields are analyzed on the network data stream or the existing field information is directly used as the data set. The information is directly used as the characteristics of the network data flow to establish a system state model, which lacks a complete feature analysis and extraction of the information contained in the network data flow, and can only have a relatively ideal effect when the abnormal behavior involves commonly used fields.
In addition, most of the existing research work modifies and destroys the system state through several known common attacks, and constructs corresponding data sets. There is almost no work that can well simulate various abnormal states that may occur in the field scene, and the detection effect has certain limitations

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Deep Packet Inspection Platform Based on Industrial Scada System
  • A Deep Packet Inspection Platform Based on Industrial Scada System
  • A Deep Packet Inspection Platform Based on Industrial Scada System

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] The present invention will be described in further detail below in conjunction with the accompanying drawings and specific embodiments.

[0041] The deep packet inspection platform of the industrial SCADA system provided by the present invention is mainly aimed at power system scenarios, and common protocols in the system environment include Modbus / Tcp and IEC 60870-5-104 protocols. The detection platform consists of four parts: industrial SCADA system simulation platform, deep packet analysis module, anomaly detection module, and intrusion module. The detection platform realizes the key communication process in the field environment by simulating the typical interaction mode of the process monitoring layer and the field control layer in the industrial SCADA system. The main process of detection is that the deep packet analysis module captures the network data flow through the switch deployed between the two layers, and obtains the complete and real system status inform...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Disclosed is an industrial SCADA system-based deep packet inspection platform. The inspection platform is capable of inspecting the system state for the common protocol environment of Modbus / Tcp and IEC 60870-5-104 of an electric power system, and comprises an industrial SCADA system simulation platform, a deep packet parsing module, an abnormality detection module, and an intrusion module. The inspection platform simulates the normal network data stream in the electric power system on the basis of a typical cyclic polling interaction mode in the SCADA system, detects the system exception state, and performs comprehensive simulation on the corresponding network data stream by means of protocol vulnerability analysis and packet mutation.Feature analysis and extraction is performed on packet field information, and a system state model is created by a machine learning method so as to comprehensively and deeply detect the system state.

Description

technical field [0001] The present invention relates to the field of industrial control systems, in particular to protocol analysis and anomaly detection in the communication environment of industrial SCADA systems, constructing positive / abnormal data sets based on protocol formats and vulnerabilities, and detecting system states through machine learning methods platform. Background technique [0002] The industrial control system is composed of various automation control components and process control components for collecting and monitoring real-time data. It is a business process control system that ensures the automatic operation, process control and monitoring of industrial technical facilities. Its core components include data collection and Monitoring system (SCADA), distributed control system (DCS), programmable logic controller (PLC), remote terminal (RTU), intelligent electronic device (IED) and the interface technology to ensure the communication of each component,...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425H04L63/1491
Inventor 程鹏王法仁陈积明王文海孙优贤王晓鹏
Owner ZHEJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com