Method and device of identifying OPC (OLE for Process Control) traffic

A technology of traffic and purpose, applied in the field of identifying OPC traffic, which can solve the problems of high misrecognition rate, accurate statistics of unfavorable traffic, hidden danger of data transmission, etc.

Active Publication Date: 2019-03-15
BEIJING QIANXIN TECH
View PDF7 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The present invention aims to solve the problem that the existing identification method for OPC traffic is only based on the DCOM service and MSRPC protocol header characteristics, and the misidentification rate is high, which makes data transmission have potential safety hazards and is not conducive to accurate statistics of traffic.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device of identifying OPC (OLE for Process Control) traffic
  • Method and device of identifying OPC (OLE for Process Control) traffic
  • Method and device of identifying OPC (OLE for Process Control) traffic

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0027] figure 1 is a schematic flowchart of a method for identifying OPC traffic provided in this embodiment, see figure 1 , the method includes:

[0028] 101: After detecting that the server and the terminal establish a communication connection, obtain a target data packet transmitted through the communication connection;

[0029] 102: If...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a method and a device of identifying OPC traffic. According to the method, a transmitted target data packet is acquired after a server and a terminal establish a communication connection, if it is judged that the target data packet is transmitted by calling a DCOM sub-connection negotiation interface, a dynamic interface and a protocol interface of transmission of the target data packet are detected after it is detected that a sub-connection is created on the basis of the communication connection, and if the dynamic interface transmitting the target data packet is a dynamic interface of the sub-connection and the protocol interface is also a protocol interface belonging to OPC, it is determined that traffic generated by the target data packet is the OPC traffic. According to the method, the characteristics of OPC communication service are fully considered, the dynamic interface created in a communication process and the protocol interface usedin the communication process are combined for judging whether the traffic generated by the transmitted data packet belongs to OPC traffic, precise identification on the OPC traffic is realized, security hidden-troubles existing in data transmission are eliminated, and a guarantee is also provided for accurate counting of the OPC traffic.

Description

technical field [0001] Embodiments of the present invention relate to the technical field of industrial control network security, in particular to a method and device for identifying OPC traffic. Background technique [0002] With the continuous advancement of the integration of IT (Information Technology) and OT (Operation Technology), the original closed industrial control intranet is increasingly connected with the enterprise IT network. Industrial control automation and informatization have brought a lot of convenience to enterprises, but at the same time they have also brought security risks. At present, the prevention of potential safety hazards is mainly to deploy industrial security network equipment at the border of IT and industrial control networks to properly isolate network risks. [0003] OPC (OLE for Process Control, OLE for process control, is a kind of industrial standard. OPC in this application refers to OPC-Classic) protocol is based on Microsoft's DCOM ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/851H04L29/08H04L29/06
CPCH04L47/2483H04L67/14H04L69/22H04L67/133
Inventor 白岩
Owner BEIJING QIANXIN TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap