Industrial control intrusion detection method for hierarchical dependency relationship modeling

A dependency and intrusion detection technology, applied in the direction of neural learning methods, transmission systems, biological neural network models, etc., can solve problems such as narrow detection range, unsatisfactory detection effect, and failure to consider multiple dependencies of traffic flow, etc., to achieve expansion Range, the effect of improving accuracy

Active Publication Date: 2020-06-05
TAIYUAN UNIV OF TECH
View PDF5 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] However, these industrial control intrusion detection algorithms for traffic have the problem that the detection range is too narrow, and they do not take into account the multiple dependencies within the traffic flow, which easily leads to unsatisfactory detection results

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control intrusion detection method for hierarchical dependency relationship modeling
  • Industrial control intrusion detection method for hierarchical dependency relationship modeling
  • Industrial control intrusion detection method for hierarchical dependency relationship modeling

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] In order to have a clearer understanding of the technical features, purposes and effects of the present invention, the specific implementation manners of the present invention will now be described in detail with reference to the accompanying drawings.

[0036] like figure 1As shown, the industrial control intrusion detection method of a kind of hierarchical dependency modeling of the present invention comprises steps:

[0037] S110: Set a switch traffic mirroring port in the industrial control system, and deploy a sniffer to monitor traffic.

[0038] S120: The sniffer analyzes the traffic monitored in real time in the form of a data packet window, and extracts characteristics of a traffic layer, a data packet layer, and a content layer respectively.

[0039] S130: Using the analysis results of the sniffer, input the characteristics of the traffic layer, data packet layer and content layer into the LSTM neural network respectively, predict the characteristics of the tr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an industrial control intrusion detection method for hierarchical dependency relationship modeling. The communication traffic is monitored in a data packet window mode, features are extracted from three aspects of a traffic layer, a data packet layer and a content layer, and dependency relationships of the three dimensions are respectively constructed through a parallel LSTM neural network in order to convert the relationship features of each single aspect into a multilayer dependency relationship model; and the outputs of different LSTM neural networks are integratedthrough a depth auto-encoder to form a final abnormal value output result. The attack traffic with different dependency relationships can be detected by analyzing the network flow sequence of the given data packet windows, and the implicit relationship of the traffic is analyzed from multiple dimensions and side surfaces, so that the range of traditional traffic detection is expanded, and the accuracy of attack traffic detection is improved; and the long-sequence learning capability of the LSTM neural networks is utilized to the maximum extent, and the change of the data flow is explained fromthe perspective of time dimension.

Description

technical field [0001] The invention relates to the technical field of industrial control system security, in particular to an industrial control intrusion detection method based on layered dependency modeling. Background technique [0002] With the development of the industrial Internet, the connection between the industrial control system and the external network is more frequent, and these phenomena make the security problems faced by the industrial control system more severe. Emerging attacks such as Stuxnet, PLC Blaster, PLC Inject, SABOT, LadderLogic Bomb, Dynamic Payloads, and Click pose a great threat to PLC security. [0003] In order to solve these problems, an intrusion detection system is proposed. By deploying the intrusion detection system on the key nodes of the network to monitor the incoming and outgoing traffic, it is possible to detect whether there is an attack or even establish the corresponding attack type, so as to carry out emergency response. In th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06N3/04G06N3/08
CPCH04L63/1408H04L63/1416H04L63/1425G06N3/08H04L69/22G06N3/044G06N3/045
Inventor 陈永乐马垚高波杨玉丽于丹张壮壮
Owner TAIYUAN UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap