Detection and protection method and system for abnormal network behaviors of industrial control network
An industrial control network and network technology, which is applied in transmission systems, digital transmission systems, data exchange networks, etc., can solve the problems of industrial control protocols that do not consider information security and network security, so as to alleviate network security risks, wide application scope, Avoid further worsening effects
Inactive Publication Date: 2020-11-13
物耀安全科技(杭州)有限公司
View PDF3 Cites 3 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0002] Since the industrial control system was initially designed as a system physically isolated from the outside world, the traditional industrial control protocols did not consider the issues of information security and network security.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0042]The present invention provides many applicable inventive concepts that can be embodied in numerous specific contexts. The specific examples described in the following embodiments of the present invention are only used as illustrations of specific embodiments of the present invention, and are not intended to limit the scope of the present invention.
[0043] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.
[0044] figure 1 It is a schematic diagram of a specific embodiment of a system environment when the present invention is deployed in an industrial control system, and the system environment includes a field network 110 , a control network 130 , an enterprise management network 150 and the Internet 170 . Among them, the field network 110 includes an industrial switch 112, several controllers 114, and several field devices 116 under the control of the controller; the control network 130 includ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a detection and protection method and system for abnormal network behaviors of an industrial control network. The method comprises the following steps: acquiring a specific field from a transmission data packet; acquiring a specific protocol vector based on the specific field of the data packet; generating a numerical value based on a specific protocol vector indication ofa network behavior state; maintaining a network behavior state machine, wherein a transfer counter performs counting based on the numerical value, the transfer probability is determined according to the transfer counter, and the transfer probability refers to the estimation probability from the first network state to the subsequent second network state in normal network operation; establishing anestimation probability threshold for the network behavior benchmark, and determining a series of network behavior state occurrence transition probabilities obtained from a specific network data packetflow; when the transition probability of a series of network behavior states is lower than the estimation probability threshold, representing the abnormal condition; and if the determined transitionprobability of the occurrence of the series of network behavior states is lower than the estimated probability threshold, executing a protection measure.
Description
technical field [0001] The invention relates to the technical field of industrial control security, in particular to a method and system for preventing abnormal behavior of an industrial control system. Background technique [0002] Since the industrial control system is originally designed as a system that is physically isolated from the outside world, the traditional industrial control protocols do not consider the issues of information security and network security. With the widespread application of standard network and Internet technologies in industrial control systems, the security threats faced by industrial control systems are increasing day by day. For example, in order to cause damage to industrial control systems, viruses can pretend to be programmable logic controllers to send traffic; Implement code injection on the human-machine interface (HMI) for important infrastructure communications; use industrial control system protocols such as MODBUS and DNP3; malicio...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08H04L12/24
CPCH04L63/1408H04L63/1425H04L41/06H04L41/145H04L67/12
Inventor 李冀
Owner 物耀安全科技(杭州)有限公司