Unlock instant, AI-driven research and patent intelligence for your innovation.

Honeypot identification method and device for industrial control system

An industrial control system and identification method technology, applied in transmission systems, digital transmission systems, security communication devices, etc., can solve problems such as uncertainty, incompleteness of honeypot identification technology, inaccurate analysis and identification, etc.

Pending Publication Date: 2022-05-10
INNER MONGOLIA UNIV OF TECH
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, the existing honeypot identification is mainly based on a single feature. For example, the data capture tool Sebek is a kernel-based data capture mechanism, which is often used to build high-interaction honeypots. Therefore, the traditional honeypot identification technology is incomplete. and uncertainty lead to inaccurate analysis and identification

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Honeypot identification method and device for industrial control system
  • Honeypot identification method and device for industrial control system
  • Honeypot identification method and device for industrial control system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0044] In order to make the above objects, features and advantages of the present invention more comprehensible, specific embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0045]It should be noted that the terms "first" and "second" in the specification and claims of the present invention and the above-mentioned drawings are used to distinguish similar objects, but not necessarily used to describe a specific order or sequence; It is to be understood that the data so used are interchangeable under appropriate circumstances such that the embodiments of the invention described herein can be practiced in sequences other than those illustrated or described herein.

[0046] In the description of the present invention, it should be noted that, unless otherwise clearly specified and limited, the terms "setting", "installation", "connection" and "connection" should be understood in a broad sense, for example, it can b...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technical field of industrial control system attack and defense, and provides a honeypot identification method and device for an industrial control system, and the method comprises the following steps: obtaining honeypot equipment and industrial control equipment data; preprocessing the data of the honeypot equipment and the industrial control equipment to obtain a data attribute column; building a Bayesian network structure model according to the data attribute column, and determining a corresponding relation between honeypot features and node states of the Bayesian network structure model; parameter learning is carried out on the Bayesian network structure model, and honeypot first probability values of the Bayesian network model in different node states are obtained; and inputting feature evidence, performing calculation by using a Bayesian network reasoning algorithm, and obtaining the probability of identifying the honeypot according to the first probability value of the honeypot. According to the method, the problem of uncertainty is solved by matching Bayesian network parameter modeling with honeypot recognition, and the accuracy of honeypot recognition can be greatly improved by combining the Bayesian network inference algorithm.

Description

technical field [0001] The invention relates to the technical field of industrial control system attack and defense, in particular to a honeypot identification method and device for an industrial control system. Background technique [0002] In the era of the Industrial Internet, more and more industrial control devices that were originally in an isolated environment are exposed to the public Internet and can be discovered by anyone, which brings great risks and challenges to the security of the industrial control system; at present, industrial control At the beginning of the design of the system and the corresponding communication protocol, network and communication security issues were hardly considered. As a result, many industrial control systems and their fragility, especially those exposed to the public network, are facing increasingly serious attack threats. [0003] In a special period, the intensity and severity of national-level cyber attacks have increased, and cr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/40G06N7/00
CPCH04L63/1491G06N7/01
Inventor 王钢张立芳姚旭孙叶
Owner INNER MONGOLIA UNIV OF TECH