Industrial internet intrusion detection method based on Gaussian process

An industrial Internet and Gaussian process technology, applied in the field of industrial Internet intrusion detection, can solve the problems of high false negative rate, limited effect, low false positive rate of detection model, etc. Effect

Pending Publication Date: 2022-03-01
码客工场工业科技北京有限公司
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The detection model has a low false positive rate but a high false positive rate
For known attacks, this method can report attack types in detail and accurately, but it has limited effect on unknown attacks, and the signature database needs to be continuously updated

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Industrial internet intrusion detection method based on Gaussian process
  • Industrial internet intrusion detection method based on Gaussian process
  • Industrial internet intrusion detection method based on Gaussian process

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0062] The present invention will be described in detail through specific embodiments below in conjunction with the accompanying drawings, but it does not constitute a limitation to the present invention.

[0063] A Gaussian process-based industrial Internet intrusion detection method, in this embodiment, includes: flow data preprocessing and building a CGWO-GP model. Among them, the CGWO-GP model is divided into two parts: the gray wolf optimization algorithm combined with the Cauchy mutation operator, and the Gaussian process. The framework diagram of CGWO-GP model is as follows figure 1 shown.

[0064] Specifically include the following steps:

[0065] Step (1): Deploy traffic monitoring nodes in the industrial Internet to obtain industrial control traffic data continuously.

[0066] In this embodiment, acquiring traffic data: simulating multiple attack modes to attack an industrial control system using the Modbus / TCP protocol to acquire traffic data. Modbus / TCP is a de...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an industrial internet intrusion detection method based on a Gaussian process, and the method comprises the steps: carrying out the dimension reduction of selected features through employing a Laplacian feature mapping algorithm, selecting an optimal hyper-parameter through employing a gray wolf optimization algorithm fused with a Cauchy mutation operator, and detecting the abnormal flow through the Gaussian process, the industrial control traffic comprises three types of important characteristics: time series, data packet headers and data content information. The invention provides a novel industrial internet intrusion detection method, which can discover intrusion behaviors in the industrial internet in advance and perform defense so as to prevent equipment from being attacked and damaged.

Description

technical field [0001] The invention belongs to the technical field of industrial Internet intrusion detection, relates to a Gaussian process method, and is specifically a CGWO optimization-based method for identifying abnormal traffic. Background technique [0002] Currently, intrusion detection models can be divided into misuse detection models and anomaly detection models (Zhu B, SastryS. SCADA-specific intrusion detection / prevention systems; a survey and taxonomy, Proc of the 1st Workshop on Secure Control Systems. 2010). Misuse detection models achieve intrusion detection by matching with known anomalous behaviors. The detection model has a low false positive rate but a high false positive rate. For known attacks, this method can report attack types in detail and accurately, but it has limited effect on unknown attacks, and the signature database needs to be continuously updated. Anomaly detection models achieve intrusion detection by matching with normal behavior. S...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40G06N3/00
CPCH04L63/1416G06N3/006
Inventor 白宏钢赵欣
Owner 码客工场工业科技北京有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap