Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

CIP asset detection method and device, computer equipment and readable storage medium

A detection method and asset technology, applied in digital transmission systems, electrical components, transmission systems, etc., can solve problems such as inability to obtain industrial control equipment, unfavorable industrial control environment analysis and targeted protection, and unfavorable industrial control equipment statistics and management.

Active Publication Date: 2021-03-09
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF5 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] An object of the present invention is to propose a detection method, device, computer equipment and readable storage medium for CIP assets, so as to solve the problem that the existing industrial control protection system cannot obtain industrial control equipment based on CIP protocol communication in the current environment, which is not conducive to The statistics and management of PLC and other industrial control equipment are not conducive to the analysis and targeted protection of the industrial control environment

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • CIP asset detection method and device, computer equipment and readable storage medium
  • CIP asset detection method and device, computer equipment and readable storage medium
  • CIP asset detection method and device, computer equipment and readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0059] This embodiment provides a method for detecting CIP assets. figure 1 is a flow chart of a method for detecting CIP assets according to an embodiment of the present application, such as figure 1 As shown, the process includes the following steps S101-S109:

[0060] Step S101, collecting network traffic and performing network image analysis to obtain an IP-MAC relationship pair, and obtaining a preset MAC address from the IP-MAC relationship pair;

[0061] Wherein, after the step of collecting network traffic and performing network image analysis to obtain an IP-MAC relationship pair, and taking a preset MAC address from the IP-MAC relationship pair, the method also includes:

[0062] Query whether there is an ARP response message in the database;

[0063] If yes, update the preset MAC address according to the response message information.

[0064] Step S102, judging whether the preset MAC address is unique in the database.

[0065] Wherein, after the step of judging ...

Embodiment 2

[0120] image 3 is a structural block diagram of a detection device for CIP assets according to an embodiment of the present application, such as image 3 As shown, the device includes:

[0121] Traffic analysis module: used to collect network traffic and perform network image analysis to obtain an IP-MAC relationship pair, and obtain a preset MAC address from the IP-MAC relationship pair;

[0122] MAC address uniqueness query module: used to determine whether the preset MAC address is unique in the database;

[0123] Network card manufacturer information query module: for if so, then query the OUI file of IEEE according to the preset MAC address to obtain network card manufacturer information;

[0124] Network card manufacturer judgment module: used to judge whether the network card manufacturer corresponding to the network card manufacturer information is an automation equipment manufacturer;

[0125] CIP protocol judging module: for if not, judging whether the device to ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a CIP asset detection method and device, computer equipment and a readable storage medium, and the method comprises the steps: collecting network flow, carrying out the networkmirror image analysis to obtain an IPMAC relation pair, and taking a preset MAC address from the IPMAC relation pair; judging whether the preset MAC address is unique in a database or not; if so, querying an OUI file of the IEEE according to a preset MAC address to obtain network card manufacturer information; judging whether a network card manufacturer corresponding to the network card manufacturer information is an automatic equipment manufacturer or not; if not, judging whether the equipment to which the preset MAC address belongs is subjected to CIP protocol communication or not; if so, judging that the equipment to which the preset MAC address belongs is receiving equipment for receiving the instruction; and setting the equipment information with the nearest MAC distance as the equipment information of the receiving equipment. Based on deep analysis of the Ethernet / IP-CIP protocol, the CIP assets are identified in combination with the acquired message characteristics of the CIP protocol, statistics and management of industrial control equipment such as a PLC and a DCS are facilitated, and the method is used for performing analysis and targeted protection for the industrial control environment.

Description

technical field [0001] The invention relates to the field of industrial control, in particular to a detection method, device, computer equipment and readable storage medium of CIP assets. Background technique [0002] At present, with the development of the Internet and the reduction of the difficulty and cost of network attacks, industrial control systems have become the targets of today's cyber forces, hackers, and extremist forces, and these have also posed a huge threat to the security of our country. Therefore, in order to protect the industrial control system, it is necessary to carry out basic identification and statistics on the industrial control assets in the industrial environment through the management operation and maintenance personnel. [0003] However, in industrial networks, due to the complexity of production scenarios and the particularity of industrial protocols, there is no relevant protection system that can identify and count assets of the Ethernet / IP-...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L29/12
CPCH04L43/065H04L43/12H04L61/103
Inventor 张大磊范渊
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com