Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Industrial control abnormal behavior detection method based on multiple machine learning algorithms

A technology of machine learning and detection methods, applied in machine learning, instruments, computing, etc., can solve problems such as single feature, realize single machine learning algorithm, cannot fully describe industrial control system, etc., so as to improve accuracy and accurately detect industrial control anomalies. Behaviour, effect to improve effectiveness and feasibility

Active Publication Date: 2019-10-11
HENAN EPRI GAOKE GRP
View PDF6 Cites 30 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In addition, previous researchers mostly focused on traditional control systems such as SCADA systems and traditional control protocols, and there are still a lot of gaps in the research on abnormal behavior of industrial control networks. The multi-dimensional characteristics of the traffic, although the detection method using the traditional characteristics can achieve good results, but this relatively simple characteristic cannot fully describe the behavior of the industrial control system
At present, although some researchers have introduced its learning algorithm into industrial control malicious traffic detection and classification, most of them are limited to the realization of a single machine learning algorithm.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control abnormal behavior detection method based on multiple machine learning algorithms

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] Such as figure 1 Shown, the present invention comprises the following steps:

[0042] A. Collect and calibrate the flow data of the power generation distributed control system; the collected flow data comes from the normal flow data of the power generation distributed control system under normal conditions and the abnormal flow data during the penetration test process, and the normal flow data is calibrated as normal flow , calibrate the abnormal flow data as abnormal flow;

[0043] B. Use the calibrated flow data to construct a training sample set and a test sample set respectively;

[0044] C. Multi-dimensional feature extraction and vectorization processing of samples: Multi-dimensional feature extraction, standardization processing and vectorization processing are performed on the samples in the training sample set and test sample set to form the feature vector set of the training sample set and the feature vector set of the test sample set , each feature vector i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an industrial control abnormal behavior detection method based on multiple machine learning algorithms. The method comprises the following steps of firstly, collecting and establishing flow data of a power generation distributed control system; respectively constructing a training sample set and a test sample set by adopting the calibrated flow data; carrying out multi-dimensional feature extraction and vectorization processing on the sample; then establishing a classification model based on multiple machine classification learning methods, finally collecting real-timeflow data of the power generation distributed control system and inputting the real-time flow data into the classification model, if an output classification result is malicious flow, judging that anindustrial control abnormal behavior occurs, and otherwise, judging that the industrial control abnormal behavior does not occur. According to the method, samples can be effectively classified and detected, the abnormal behavior problem existing in the industrial control system can be rapidly detected, and potential malicious and abnormal behaviors can be accurately identified.

Description

technical field [0001] The invention relates to the technical field of abnormal network traffic detection of industrial control systems, in particular to a method for detecting abnormal behavior of industrial control based on various machine learning algorithms. Background technique [0002] Industrial control system, referred to as industrial control system. At present, industrial control systems have been widely used in key infrastructures in many industries such as electric power, transportation, energy, intelligent machinery, bioengineering, aerospace, chemical industry, and finance. Industrial control systems have also become an important part of national key infrastructures. Therefore, the industrial control system plays a decisive role in the national economy and the people's livelihood, especially the power grid industrial control system. Every security incident will bring huge impact and harm. What's more serious is that because the industrial control system did no...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06N20/00H04L12/24
CPCH04L63/1425G06N20/00H04L41/145
Inventor 何熹刘涛张黎王伟
Owner HENAN EPRI GAOKE GRP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com