Industrial control system communication flow online monitoring method based on SARIMA

A technology for industrial control systems and communication traffic, which is applied in transmission systems, digital transmission systems, electrical components, etc., and can solve problems such as high algorithm complexity and unrealistic deployment.

Active Publication Date: 2021-01-05
ZHEJIANG UNIV
View PDF4 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is to solve the problem of dynamic modeling of ICS communication traffic collected in real time without prior knowledge, and the existing ICS communication traffic anomaly detection algorithm is too dependent on prior knowledge and the algorithm complexity is too high to be practically deployed proposed a comprehensive analysis method; the generated dynamic ICS communication traffic threshold model has guiding significance for the network security protection and anomaly detection of major national industrial infrastructures

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control system communication flow online monitoring method based on SARIMA
  • Industrial control system communication flow online monitoring method based on SARIMA
  • Industrial control system communication flow online monitoring method based on SARIMA

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0062] The purpose and effects of the present invention will become more apparent by referring to the accompanying drawings in detail of the present invention. figure 1 is a flow chart of the method of the present invention; figure 2 is a concise schematic diagram of a single small cycle of the algorithm of the present invention; image 3 It is a concise schematic diagram of multiple small cycle iterations of the online algorithm of the present invention.

[0063] In the early stage of the experiment, the communication network traffic of an ICS shooting range combining virtual reality at Zhejiang University was collected. The laboratory is equipped with industrial PLC controllers, industrial Ethernet switches and industrial control hosts. Among them, the communication protocol of TCP / IP is adopted between the upper computer and the PLC. The industrial Modbus protocol is adopted between the PLC and the field device layer. The actual ICS communication network traffic is co...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an industrial control system (ICS) communication flow online monitoring method based on SARIMA. The method comprises the following steps: carrying out small-period SARIMA(p, d,q)x(P, D, Q)s modeling analysis on an industrial control network flow sequence; and generating a flow threshold model based on different confidence coefficients according to the training and prediction step length defined by the small period and the confidence interval. The monitoring host collects communication flow data from the industrial switch in real time, operates a plurality of small-period SARIMA models in a distributed manner, generates a real-time threshold interval, and carries out anomaly detection analysis on the communication flow collected in real time at present. According tothe invention, experimental analysis is carried out by using a target range test board combining industrial control safety virtuality and reality in Zhejiang Province, and detailed algorithm description is provided for test data; and finally, field deployment and application is performed in a certain chemical group in Zhejiang Province to verify the reliability and accuracy of the algorithm.

Description

technical field [0001] The invention relates to network flow prediction of an industrial control system, in particular to a SARIMA-based method for on-line monitoring of communication flow of an industrial control system, which belongs to the field of industrial information security detection. Background technique [0002] Key infrastructure such as energy, refining and transportation is the nerve center for the stable operation of the country, and it is the top priority of my country's network security. With the advancement of automation, interconnection, and intelligent construction of large-scale national infrastructure (smart substations, intelligent chemical process industrial systems, and industrial distributed control systems), the issue of cyberspace security has become increasingly prominent. In recent years, a series of cyber-attacks against the country's critical infrastructure have caused enormous national economic losses and irreversible damage to society. Thes...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L12/26H04L29/06
CPCH04L41/0823H04L41/145H04L43/0876H04L63/1408
Inventor 杨强郝唯杰杨涛阮伟王文海
Owner ZHEJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap