Industrial control network brute force cracking flow detection method based on random forest

A random forest and industrial control network technology, applied in the field of network security, can solve the problem of few applications

Inactive Publication Date: 2020-01-14
CHINA ELECTRONICS TECH CYBER SECURITY CO LTD
View PDF6 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In recent years, emerging technologies such as cloud computing and network security protection based on big data theory have been applied to the field of traditional information security. These new technologies can effectively identify malicious files on terminals, but these technologies are rarely used in the field of industrial control systems.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control network brute force cracking flow detection method based on random forest
  • Industrial control network brute force cracking flow detection method based on random forest
  • Industrial control network brute force cracking flow detection method based on random forest

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] A random forest-based industrial control network brute force cracking traffic detection method of the present invention mainly includes two parts:

[0025] First, train the brute force detection model based on random forest;

[0026] First of all, it is necessary to prepare the training set, obtain the industrial control network traffic data after brute force cracking by simulating the industrial control network environment, filter out the data that cannot extract the complete traffic characteristics, and then extract the multi-dimensional traffic characteristics from the industrial control simulated traffic data after data cleaning as training set;

[0027] Secondly, use the training set to train the random forest; the nodes on the decision tree of the random forest represent the traffic characteristics, and the value range of the traffic characteristics represents the category of the network traffic data is brute force or normal. The decision trees in the random fore...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an industrial control network brute force cracking flow detection method based on a random forest. The industrial control network brute force cracking flow detection method mainly comprises two parts: 1, training a brute force cracking detection model based on the random forest; and 2, carrying out brute force cracking detection on the real-time network flow data by using the brute force cracking detection model. The brute force cracking detection model is generated based on the random forest algorithm, brute force cracking can be detected in real time, brute force cracking flow can be recognized in the first time, and real-time response is made according to the provided solution.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a random forest-based traffic detection method for brute force cracking of an industrial control network. Background technique [0002] The challenges facing industrial control network security include the invasion of new types of Trojan horses and worms. For example, the "Mirai" virus that caused the large-scale Internet paralysis in the eastern United States made full use of the hardware coding loopholes in existing smart terminal devices such as network cameras and smart switches. The way of breaking through the access control authority of related devices, thus forming a botnet of hundreds of thousands of devices. [0003] Industrial control network information security protection has its particularity. First, the subject of protection and attack is special. Unlike traditional network attacks, industrial intruders are not traditional hackers, but are likel...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425
Inventor 张鑫李鹏许爱东郭晓玲徐砚
Owner CHINA ELECTRONICS TECH CYBER SECURITY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap