Industrial control system flow anomaly detection method and system based on OCSVM and K-means algorithm

A k-means algorithm, a technology of industrial control systems, applied in computing, computer parts, character and pattern recognition, etc., can solve the problems of low abnormal flow, difficult to obtain, low detection ability, etc., and achieve the effect of good detection effect

Pending Publication Date: 2021-10-19
HUNAN UNIV
View PDF17 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Its purpose is to solve the technical problems of the existing industrial control system traffic anomaly detection method that the abnormal traffic is small or difficult to obtain, as well as the technical problem that only known attack types can be detected, and the detection ability of unknown attack types is low, and its existence Technical Issues with Higher False Positive Rates

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial control system flow anomaly detection method and system based on OCSVM and K-means algorithm
  • Industrial control system flow anomaly detection method and system based on OCSVM and K-means algorithm
  • Industrial control system flow anomaly detection method and system based on OCSVM and K-means algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.

[0056] The basic idea of ​​the present invention is to provide a method and system for detecting traffic anomalies in industrial control systems based on OCSVM and K-means algorithm, which proposes the use of a single-class support vector machine for the lack of data sets with labels in real industrial control environments (One-class support vector machine, referred to as OCSVM) establishes a tr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an industrial control system traffic anomaly detection method based on an OCSVM and a K-means algorithm, and the method comprises the steps: obtaining a normal traffic data set from an industrial control system through a traffic obtaining tool, carrying out the protocol analysis of the traffic data for each piece of traffic data in the traffic data set, so as to obtain the attribute of the traffic data and the attribute value, wherein all attribute values corresponding to the traffic data form attribute value vectors, the attribute value vectors corresponding to all the traffic data form a to-be-detected data matrix with the size of m * n, and dimension reduction processing is performed on the to-be-detected data matrix by using a principal component analysis (PCA) method to obtain a matrix after dimension reduction processing; and inputting each row in the matrix after dimension reduction processing into the trained single-class support vector machine OCSVM detection model to obtain a label value corresponding to the row, wherein the label values corresponding to all rows in the matrix form a label value column vector. According to the invention, the technical problem that the abnormal traffic is less or difficult to obtain in the existing traffic anomaly detection method of the industrial control system can be solved.

Description

technical field [0001] The invention belongs to the technical field of intrusion detection of industrial control systems, and more particularly relates to a method and system for detecting traffic anomalies in industrial control systems based on OCSVM and K-means algorithms. Background technique [0002] Industrial control system is a general term for systems such as monitoring and data acquisition systems, distributed control systems, and energy management systems. Industrial control systems are widely used in important national basic industries such as electric power, oil, natural gas, and water conservancy. Once attacked, it will cause inestimable losses and hidden dangers to the entire country and society. In recent years, attacks on industrial control systems have emerged in an endless stream: in 2010, the first worm virus targeting industrial control systems attacked a nuclear facility in Natanz, Iran; in 2015, a virus named "BlackEnergy" attacked Ukrainian power grid...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06K9/62
CPCG06F18/2135G06F18/23213G06F18/2411
Inventor 李肯立胡由钻杨志邦刘楚波阳王东唐卓廖清
Owner HUNAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap