A Method of Industrial Communication Anomaly Detection Based on Dual Similarity Measures

A similarity measurement and industrial communication technology, applied in the field of industrial communication anomaly detection based on double similarity measurement, can solve the problems of lack of comprehensive consideration of industrial communication characteristics and limited ability of anomaly detection, so as to improve the ability of anomaly detection, Feature Detection Comprehensive Effect
CN110266680BActive Publication Date: 2021-08-24沈阳邦粹科技有限公司
9 Cites 0 Cited by

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
沈阳邦粹科技有限公司
Publication Date
2021-08-24

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

An industrial communication anomaly detection method based on dual similarity measures. This method analyzes the communication data in the industrial control network and extracts the industrial communication behavior characteristics according to the industrial communication interaction mode and the industrial protocol specification. Based on these characteristics, the behavior characteristic tree is constructed, respectively. Intra-tree similarity measurement and inter-tree similarity measurement, so as to discover abnormal communication conditions in industrial control networks. Through the above method, the present invention can comprehensively consider general network behavior characteristics and industrial protocol semantic characteristics, and detect industrial communication abnormalities caused by malicious attacks or misoperations and generate alarms through real-time analysis and abnormal judgment of industrial communication data to ensure Industrial control system security.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to the technical field of industrial control system network security, and more particularly to an industrial communication anomaly detection method based on double similarity measurement. Background technique

[0002] At present, the hidden dangers of information security risks in my country's industrial control systems are particularly prominent, and the situation is very serious. According to the security report of the Industrial Control System Cyber ​​Emergency Response Team under the U.S. Department of Homeland Security, information security incidents targeting industrial control systems have shown a step-by-step growth trend in recent years, among which energy, manufacturing and other industries account for the largest proportions. Especially in recent years, the integration of the Internet and industrial control systems has broken the original inherent closedness of industrial systems, and the information security problems h...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More