A Method of Industrial Communication Anomaly Detection Based on Dual Similarity Measures
A similarity measurement and industrial communication technology, applied in the field of industrial communication anomaly detection based on double similarity measurement, can solve the problems of lack of comprehensive consideration of industrial communication characteristics and limited ability of anomaly detection, so as to improve the ability of anomaly detection, Feature Detection Comprehensive Effect
Active Publication Date: 2021-08-24
沈阳邦粹科技有限公司
View PDF9 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0005] The above-mentioned industrial anomaly detection methods often only provide anomaly detection capabilities from a certain aspect of industrial network communication. For example, many statistical-based methods use the CUSUM algorithm to calculate abnormal change points of Changes in industrial activities (such as changes in function codes) to achieve anomaly discovery lack comprehensive consideration of all industrial communication characteristics, and its anomaly detection capabilities are limited. At the same time, the adoption of anomaly detection engine methods is also one-sided.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0059] Embodiment 1: The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, not all of them. Example. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
An industrial communication anomaly detection method based on dual similarity measures. This method analyzes the communication data in the industrial control network and extracts the industrial communication behavior characteristics according to the industrial communication interaction mode and the industrial protocol specification. Based on these characteristics, the behavior characteristic tree is constructed, respectively. Intra-tree similarity measurement and inter-tree similarity measurement, so as to discover abnormal communication conditions in industrial control networks. Through the above method, the present invention can comprehensively consider general network behavior characteristics and industrial protocol semantic characteristics, and detect industrial communication abnormalities caused by malicious attacks or misoperations and generate alarms through real-time analysis and abnormal judgment of industrial communication data to ensure Industrial control system security.
Description
technical field [0001] The invention relates to the technical field of industrial control system network security, and more particularly to an industrial communication anomaly detection method based on double similarity measurement. Background technique [0002] At present, the hidden dangers of information security risks in my country's industrial control systems are particularly prominent, and the situation is very serious. According to the security report of the Industrial Control System Cyber Emergency Response Team under the U.S. Department of Homeland Security, information security incidents targeting industrial control systems have shown a step-by-step growth trend in recent years, among which energy, manufacturing and other industries account for the largest proportions. Especially in recent years, the integration of the Internet and industrial control systems has broken the original inherent closedness of industrial systems, and the information security problems h...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1441
Inventor 万明宋岩景源王俊陆刘允
Owner 沈阳邦粹科技有限公司
PatSnap Eureka turns technology decisions into work you can execute. Powered by our Innovation Knowledge Graph, it runs expert workflows across engineering, life sciences, materials and intellectual property. Get your review-ready output in minutes.
