Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A cloud-network-end collaborative defense method and system based on device-side edge computing

An edge computing and collaborative defense technology, applied in computing, transmission systems, computing models, etc., can solve problems such as the false alarm rate and detection rate are not very good, and the real-time performance cannot be guaranteed, so as to eliminate data fragmentation and prevent harm. Effect

Active Publication Date: 2021-10-19
NORTH CHINA ELECTRIC POWER UNIV (BAODING) +3
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The defect of this detection method is: the detection of abnormality is only for packet comparison on the port mirroring switch, only the number, length, and protocol of the communication data packets can be compared, and the data packets are not analyzed according to the cloud platform, and the communication is obtained through training. The characteristics of the data packet, the false positive rate and the detection rate are not very good
However, the industrial control system requires low latency and real-time network control. With the increase of computing business, the cloud computing center also uses the service mode to process the massive data generated by the industrial control system equipment in real time. Due to the massive data generated by the industrial control system equipment, all the data is given to cloud computing. Central computing analysis cannot guarantee real-time performance, and needs to work collaboratively based on edge computing and cloud computing platforms. However, such a solution has not been proposed in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A cloud-network-end collaborative defense method and system based on device-side edge computing
  • A cloud-network-end collaborative defense method and system based on device-side edge computing
  • A cloud-network-end collaborative defense method and system based on device-side edge computing

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The technical solution of the present invention will be further described below in conjunction with the accompanying drawings.

[0033] With the rapid development of intelligent power industrial control systems, the security problems of the power industrial control systems themselves are becoming increasingly severe, and the "eye" terminal data acquisition equipment of the power industrial control systems has become the target of attackers. The present invention sets up an edge computing center at the edge of the industrial control system to process authentication and flow detection tasks of end-side terminal equipment in real time, and the cloud computing center trains the flow detection model through machine learning, based on which, the safe and stable operation of the electric power industrial control system is ensured.

[0034] refer to figure 1 , the present invention focuses on the dynamic authentication and communication flow detection of the data collection ter...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a cloud-network-end collaborative defense method and system based on end-side edge computing, and relates to information security of an electric power industrial control system. The method includes: setting up an edge computing center on the terminal side, collecting terminal equipment information and communication flow information of the industrial control system, using device fingerprints to define and identify attribute characteristics of power industrial control terminals, using Nmap scanning method to automatically collect fingerprints of power industrial control terminal equipment, and making decisions The tree algorithm establishes the training model to realize the dynamic authentication of terminal device fingerprints; through the setting of switch mirroring, intelligent monitoring of host flow control, and cloud computing center training flow baseline, the abnormal detection of industrial control terminal device flow is realized, and the "cloud" collaborative defense technology based on edge computing is realized . Through traffic data collection, information entropy quantification, preprocessing of traffic characteristic attributes, and improved semi-supervised clustering K-means algorithm training, the abnormal traffic detection of the power industrial control intranet is realized, and the "cloud network" real-time defense based on abnormal traffic detection is realized.

Description

technical field [0001] The invention relates to information security protection of an electric power industrial control system, in particular to a cloud-network-end collaborative defense method and system based on end-side edge computing. Background technique [0002] With the rapid development of the smart grid, the security problems of the power industrial control system itself are becoming more and more serious. In recent years, frequent security incidents in power industrial control systems, especially the emergence of APT attacks such as "Stuxnet", "Flame" and "Poison Zone", fully reflect the seriousness of the situation faced by industrial control system information security. [0003] Due to the location at the edge of the industrial control system, the variety of forms, and the complexity of features, the terminal equipment of the industrial control system often becomes the primary target of attackers, who use illegally accessed industrial control terminals to attack ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06G06K9/62G06N20/00
CPCH04L63/0876H04L63/1425H04L63/0218H04L63/20G06N20/00G06F18/23213G06F18/24
Inventor 张晓良石进吴克河杨文蔡军飞张伟
Owner NORTH CHINA ELECTRIC POWER UNIV (BAODING)
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products