Network communication data detection method, device and machine-readable storage medium

A technology of communication data and detection methods, applied in the field of network security, can solve problems such as low model accuracy, non-public private protocols that cannot be analyzed and extracted, and low work efficiency

Active Publication Date: 2020-12-18
北京六方云信息技术有限公司 +1
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

It has three defects: one is manual protocol analysis and "feature word" extraction, which leads to low work efficiency
Second, it is impossible to analyze and extract accurate formats for non-public private protocols, which affects the accuracy of subsequent anomaly detection
The disadvantage is that the accuracy of the model based on these statistical features is not high, and it is easy to be deceived by forged malicious messages

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network communication data detection method, device and machine-readable storage medium
  • Network communication data detection method, device and machine-readable storage medium
  • Network communication data detection method, device and machine-readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The specific implementation manners of the embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings. It should be understood that the specific implementation manners described here are only used to illustrate and explain the embodiments of the present invention, and are not intended to limit the embodiments of the present invention.

[0030] figure 1 It is a method for detecting communication data of an industrial control system network provided by an embodiment of the present invention. Such as figure 1 As shown, the method includes:

[0031] Step S11, receiving communication data, where the communication data includes a data message with a payload;

[0032]Step S12, based on at least one data detection model, sequentially match the length of the payload, the fixed fields of the payload and the variable fields of the payload, and judge the datagram when any matching is unsuccessful The text is abnormal.

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention belongs to the technical field of network security, and provides a communication data detection method and device for a network, and a machine-readable storage medium.The method comprises the following steps: receiving communication data, wherein the communication data comprises a data message with an effective load; and sequentially carrying out matching on the length of the effective load, a fixed field of the effective load and a variable field of the effective load based on at least one data detection model, and determining that the data message is abnormalwhen the matching on any of the above items fails. The communication data detection method and device for the network and the machine-readable storage medium have the advantage that communication data abnormalities can be detected in a real-time manner without network protocol pre-analysis.

Description

technical field [0001] The invention relates to network security technology, in particular to a network communication data detection method, device and machine-readable storage medium. Background technique [0002] Industrial Control System (Industrial Control System, ICS) is a general term for a class of control systems used in industrial production. It includes supervisory control and data acquisition systems (Supervisory Control and DataAcquisition, SCADA), distributed control systems and other small control systems (such as programmable logic controllers, etc.) commonly found in industrial sectors and critical infrastructure. In recent years, there are more and more intrusion attack technologies in the industrial control system network, so the detection and alarm technology for attack data packets in the industrial control network has also attracted more and more attention from the industry. [0003] There are two commonly used techniques now. One is an intrusion detec...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06G06F16/28
CPCH04L63/1425
Inventor 王高杰李思齐王智民何志福
Owner 北京六方云信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap