Industrial control intrusion detection method based on multi-classification GoogLeNet-LSTM model

A technology of intrusion detection and intrusion detection system, which is applied in the field of security, can solve problems such as inability to perform timing detection, difficulty in intrusion behavior, and high false alarm rate, and achieve the effects of improving timing detection capabilities, high use value, and high detection efficiency
CN110650130AActive Publication Date: 2020-01-03BEIJING UNIV OF TECH
4 Cites 0 Cited by

Patent Information

Authority / Receiving Office
CN · China
Current Assignee / Owner
BEIJING UNIV OF TECH
Publication Date
2020-01-03

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses an industrial control intrusion detection method based on a multi-classification GoogLeNet-LSTM model. The industrial control intrusion detection method comprises the steps: firstly carrying out the classification of network packages for an industrial control communication process employing a Modbus protocol; then, detecting the network packets without information by usinga feature template comparison method; for a network packet carrying information, constructing a time sequence detection sequence by using original network packets, carrying out one-hot coding on eachnetwork packet, carrying out feature extraction by using GoogLeNet, and inputting an obtained feature vector sequence into an LSTM network based on an attention mechanism to carry out time sequence detection to obtain a detection result; and designing a detection result multi-classification method, and outputting specific intrusion categories by using two detection methods. The industrial controlintrusion detection method has universality, and has the characteristics of high detection precision and strong real-time performance for different types of invasion.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention is applied to the security field in the industrial control system, and particularly relates to an industrial control intrusion detection method aimed at the communication process using the Modbus protocol. Background technique

[0002] The industrial control system (Industrial Control System, ICS) is composed of various automatic control components and process control components for real-time data collection and monitoring, and realizes functions such as data collection and processing, monitoring, remote communication and maintenance. With the development of the industrial level and the advancement of informatization, industrial control components are characterized by wide distribution and large quantities. In order to achieve stable communication and centralized management among components, ICS uses more and more public software and communication protocols, which exposes a large number of security holes in the system and faces more and m...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More