Unlock instant, AI-driven research and patent intelligence for your innovation.

On-line monitoring method of communication flow in industrial control system based on sarima

A technology for industrial control systems and communication traffic, applied in transmission systems, digital transmission systems, data exchange networks, etc., can solve the problems of high algorithm complexity and impractical deployment, and achieve the effect of efficient and accurate typical network attacks

Active Publication Date: 2021-10-08
ZHEJIANG UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is to solve the problem of dynamic modeling of ICS communication traffic collected in real time without prior knowledge, and the existing ICS communication traffic anomaly detection algorithm is too dependent on prior knowledge and the algorithm complexity is too high to be practically deployed proposed a comprehensive analysis method; the generated dynamic ICS communication traffic threshold model has guiding significance for the network security protection and anomaly detection of major national industrial infrastructures

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • On-line monitoring method of communication flow in industrial control system based on sarima
  • On-line monitoring method of communication flow in industrial control system based on sarima
  • On-line monitoring method of communication flow in industrial control system based on sarima

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0062] The purpose and effects of the present invention will become more apparent by referring to the accompanying drawings in detail of the present invention. figure 1 is a flow chart of the method of the present invention; figure 2 is a concise schematic diagram of a single small cycle of the algorithm of the present invention; image 3 It is a concise schematic diagram of multiple small cycle iterations of the online algorithm of the present invention.

[0063] In the early stage of the experiment, the communication network traffic of an ICS shooting range combining virtual reality at Zhejiang University was collected. The laboratory is equipped with industrial PLC controllers, industrial Ethernet switches and industrial control hosts. Among them, the communication protocol of TCP / IP is adopted between the upper computer and the PLC. The industrial Modbus protocol is adopted between the PLC and the field device layer. The actual ICS communication network traffic is col...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for on-line monitoring of communication flow of an industrial control system (ICS) based on SARIMA. In this method, SARIMA(p,d,q)x(P,D,Q) s Modeling analysis; and from the training and prediction step size and confidence interval defined by the small period, a traffic threshold model based on different confidence levels is generated. The monitoring host collects communication traffic data in real time from the industrial switch, and runs multiple small-period SARIMA models in a distributed manner, and generates real-time threshold intervals to perform anomaly detection and analysis on the current real-time collected communication traffic. The present invention conducts experimental analysis on a shooting range test bench that combines virtual reality with industrial control safety in Zhejiang Province, and provides a detailed algorithm description for the test data; finally, it is deployed and applied in a chemical group in Zhejiang Province to verify the reliability and accuracy of the algorithm sex.

Description

technical field [0001] The invention relates to network flow prediction of an industrial control system, in particular to a SARIMA-based method for on-line monitoring of communication flow of an industrial control system, which belongs to the field of industrial information security detection. Background technique [0002] Key infrastructure such as energy, refining and transportation is the nerve center for the stable operation of the country, and it is the top priority of my country's network security. With the advancement of automation, interconnection, and intelligent construction of large-scale national infrastructure (smart substations, intelligent chemical process industrial systems, and industrial distributed control systems), the issue of cyberspace security has become increasingly prominent. In recent years, a series of cyber-attacks against the country's critical infrastructure have caused enormous national economic losses and irreversible damage to society. Thes...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/24H04L12/26H04L29/06
CPCH04L41/0823H04L41/145H04L43/0876H04L63/1408
Inventor 杨强郝唯杰杨涛阮伟王文海
Owner ZHEJIANG UNIV