CN111343169A - System and method for gathering security resources and sharing information under industrial control environment - Google Patents
System and method for gathering security resources and sharing information under industrial control environment Download PDFInfo
- Publication number
- CN111343169A CN111343169A CN202010102754.3A CN202010102754A CN111343169A CN 111343169 A CN111343169 A CN 111343169A CN 202010102754 A CN202010102754 A CN 202010102754A CN 111343169 A CN111343169 A CN 111343169A
- Authority
- CN
- China
- Prior art keywords
- side platform
- data
- evidence obtaining
- attack detection
- central
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
- H04L67/025—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Abstract
The invention discloses a system and a method for gathering and sharing safety resources and information under an industrial control environment, which comprises the following steps: building a station side platform and a central side platform; the plant station side platform acquires data of equipment in each safety partition, and transmits a part of data to the central side platform directly to form a basic database on the central side platform; the station side platform receives an attack detection rule issued by the center side platform, performs edge calculation on the acquired data based on the attack detection rule, and returns an attack detection result to the center side platform; and the station side platform receives a traceability evidence obtaining instruction issued by the center side platform, performs edge calculation on the acquired data based on the traceability evidence obtaining instruction, and returns the evidence obtaining data to the center side platform. The invention designs a center side platform in an industrial control safety guarantee system, carries out safety communication with a station side platform, carries out big data analysis by designing the center side platform, carries out two-way communication with the station side platform, and realizes data aggregation and sharing and utilization of information rules.
Description
Technical Field
The invention relates to the technical field of industrial control systems, in particular to a system and a method for gathering safety resources and sharing information in an industrial control environment.
Background
The industrial control environment of China adopts the requirement of safety partition, for example, an electric power system is generally divided into a control area, a non-control area and an information management area; with the high incidence of the current industrial control security events, the attack threat also presents the obvious characteristics of rapid directional accuracy improvement, complicated technical means, specialization and organized attack behaviors. In order to cope with the multi-step and multi-level attacks and the complex and changeable security challenges of the national level, an all-round security guarantee system is constructed, the effective utilization of attack rules and threat information is realized, the network attack event can be discovered and traced at the first time to obtain evidence, and the attack range and damage are further expanded, so that the method has great value and significance for the network security of an industrial control system. How to design the convergence of the security big data and realize the sharing and utilization of threat information becomes the key point of research.
The method finds out through searching domestic and foreign papers, academic conferences, scientific and technical documents, patents and other databases: the whole aggregation and shared utilization of the safety resources of the industrial control environment at the present stage are still in an exploration stage: firstly, a sharing mechanism is established for how the safety resources and threat information of the industrial control environment are effectively gathered; secondly, how the gathered resources and information are utilized in each station is utilized to discover security threats and research and judge risks; and thirdly, tracing the source of the discovered security threat in a correlation way and still in an exploration phase.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a system and a method for gathering security resources and sharing information in an industrial control environment.
The invention discloses a system for gathering and sharing safety resources and information under an industrial control environment, which comprises: a plant station side platform and a central side platform;
the station side platform is used for:
collecting data of equipment in each safety partition, and directly transmitting a part of data to the central side platform;
receiving an attack detection rule, performing edge calculation on the acquired data based on the attack detection rule, and returning an attack detection result to the center side platform;
receiving a source tracing evidence obtaining instruction, performing edge calculation on the acquired data based on the source tracing evidence obtaining instruction, and returning evidence obtaining data to the central side platform;
the center side platform is used for:
receiving data directly transmitted by the station side platform to form a basic database;
issuing the attack detection rule and receiving an attack detection result returned by the station side platform;
and issuing the tracing evidence obtaining instruction and receiving evidence obtaining data returned by the station side platform.
As a further improvement of the present invention, the plant-side platform comprises:
the collector is arranged corresponding to each safety partition and used for collecting data of each safety partition;
and the analysis server is used for receiving the data of each safety partition and carrying out edge calculation based on the matched attack detection rule or the source tracing evidence obtaining instruction.
As a further improvement of the present invention, the center side platform comprises:
the rule generating module is used for receiving threat information and comprehensively gathering the threat information based on a linkage sharing mechanism to form an attack detection rule;
and the analysis module is used for comprehensively analyzing the basic database and the threat information to form a source tracing evidence obtaining instruction, and researching and judging the attack threat degree based on the received evidence obtaining data to restore the complete attack process.
As a further improvement of the invention, bidirectional data interaction is carried out between the plant station side platform and the central side platform, and the transmitted data is encrypted by adopting a longitudinal encryption device supporting a national encryption algorithm.
As a further improvement of the invention, the factory station side platform and the center side platform are subjected to bidirectional identity authentication before data transmission, and subsequent data interaction is performed after the authentication is passed.
The invention also discloses a method for gathering and sharing the safety resources and the information under the industrial control environment, which comprises the following steps:
building a station side platform and a central side platform;
the plant station side platform acquires data of equipment in each safety partition, and directly transmits a part of data to the central side platform to form a basic database on the central side platform;
the plant station side platform receives an attack detection rule issued by the central side platform, performs edge calculation on the acquired data based on the attack detection rule, and returns an attack detection result to the central side platform;
and the plant station side platform receives a source tracing evidence obtaining instruction issued by the central side platform, performs edge calculation on the acquired data based on the source tracing evidence obtaining instruction, and returns evidence obtaining data to the central side platform.
As a further improvement of the invention, the plant station side platform acquires data of each safety partition through the collectors arranged corresponding to each safety partition;
and the plant station side platform receives the data of each safety partition through the analysis server and carries out edge calculation based on the matched attack detection rule or the source tracing evidence obtaining instruction.
As a further improvement of the invention, the central side platform receives threat information and comprehensively converges the threat information based on a linkage sharing mechanism to form an attack detection rule;
and the central side platform comprehensively analyzes the basic database and the threat information to form a source tracing evidence obtaining instruction, and researches and judges the attack threat degree based on the received evidence obtaining data to restore the complete attack process.
As a further improvement of the invention, bidirectional data interaction is carried out between the plant station side platform and the central side platform, and the transmitted data is encrypted by adopting a longitudinal encryption device supporting a national encryption algorithm.
As a further improvement of the invention, the factory station side platform and the center side platform are subjected to bidirectional identity authentication before data transmission, and subsequent data interaction is performed after the authentication is passed.
Compared with the prior art, the invention has the beneficial effects that:
the invention designs a center side platform in an industrial control safety guarantee system, carries out safety communication with a plant station side platform, gathers the safety big data of the plant station side platform, gathers and updates various detection attack rules and traceability evidence-obtaining instructions in real time, issues the rules or the instructions to the plant station side, gathers and shares and utilizes the safety big data and threat information, and builds the all-round guarantee of the industrial control network safety.
Drawings
FIG. 1 is a system framework diagram of security resource aggregation and intelligence sharing in an industrial control environment according to an embodiment of the present invention;
fig. 2 is a flowchart of a method for secure resource aggregation and intelligence sharing in an industrial control environment according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, are within the scope of the present invention.
The invention is described in further detail below with reference to the attached drawing figures:
aiming at the defects of the prior art that a method for integrally gathering security resources and threat information under an industrial control environment, a method for issuing, sharing and effectively utilizing security rules and threat information and a method for effectively tracing and obtaining evidence of security events are lacked; in order to ensure the convergence sharing and the effective utilization of the safety big data and threat information, the invention provides a system and a method for the convergence sharing and the information sharing of safety resources under an industrial control environment.
Specifically, the method comprises the following steps:
as shown in fig. 1, the present invention discloses a system for gathering and sharing security resources in an industrial control environment, which comprises: a plant station side platform and a central side platform; wherein the content of the first and second substances,
the plant side platform of the invention is used for:
(1) collecting data of equipment in each safety partition, and directly transmitting a part of data to a central side platform; according to the invention, all collected data are not transmitted to the central side platform during data transmission, but a part of preset public data or important data (generally referred to as safety big data) is directly transmitted to the central side platform without being influenced by a detection rule, and a basic database is formed on the central side platform.
(2) Receiving an attack detection rule, performing edge calculation on the acquired data based on the attack detection rule, and returning an attack detection result to the central side platform, so that the central side platform can judge whether each device in the security partition is attacked or not according to the attack detection result;
(3) and receiving a source tracing evidence obtaining instruction, performing edge calculation on the acquired data based on the source tracing evidence obtaining instruction, and returning the evidence obtaining data to the central side platform, so that the central side platform can judge the attack threat degree based on the received evidence obtaining data, and the complete attack process is restored.
Furthermore, in order to realize data acquisition of each safety partition in the industrial control environment by the station side platform, a plurality of collectors (acquisition devices) are arranged on the station side platform independent of the safety partitions corresponding to each safety partition, and each collector is used for acquiring data of each safety partition.
Furthermore, in order to realize the edge calculation of each safety partition under the industrial control environment by the platform at the factory station side, a safety area independent of the partition where each collector is located is newly built on the platform at the factory station side independent of the safety partition, an analysis server is arranged on the safety partition, the analysis server adopts series connection (the data of the collectors corresponding to the control area, the non-control area and the information management large area are sent step by step, for example, the collector data of the control area is sent into the collector of the non-control area, the collector of the non-control area sends the data of the control area and the data of the non-control area into the collector of the information management large area, the collector of the information management large area sends the data of the non-control area and the data of the information management large area into the analysis server) or parallel connection (the data of the collectors corresponding to the control area, the non-control area and the information management large area, for example, the control area collector directly sends the data of the control area to the analysis server, the non-control area collector directly sends the data of the non-control area to the analysis server, and the information management large area collector directly sends the data of the information management large area to the analysis server), obtains the data of each safety partition, and directly transmits part of the obtained important data to the center side platform, or performs edge calculation based on the matched attack detection rule or the source tracing evidence obtaining instruction, and transmits the attack detection result or the evidence obtaining data back to the center side platform for the center side platform to perform relevant correlation analysis.
The center side platform of the invention is used for:
(1) receiving data directly transmitted by a station side platform to form a basic database, wherein the basic database can be matched with threat intelligence to generate an attack detection rule;
(2) issuing an attack detection rule and receiving an attack detection result returned by the station side platform;
(3) and issuing a source tracing evidence obtaining instruction and receiving evidence obtaining data returned by the station side platform.
Further, in order to generate an attack detection rule for detecting whether each device is attacked or not in the industrial control environment, the center side platform comprises a rule generation module, and the rule generation module is used for receiving threat information and comprehensively gathering the threat information based on a linkage sharing mechanism to form the attack detection rule.
Furthermore, in order to realize the source tracing and evidence obtaining of each attacked device in the industrial control environment, the center side platform comprises an analysis module, wherein the analysis module is used for comprehensively analyzing the basic database and the threat information to form a source tracing and evidence obtaining instruction, and researching and judging the attack threat degree based on the received evidence obtaining data to restore the complete attack process.
The factory side of the invention finishes the acquisition and edge calculation of various kinds of original data of the industrial control production environment. The core of data acquisition is plant station side full flow data, the full flow data is matched with a detection rule issued by a center side through edge calculation, a traceability evidence obtaining instruction issued by the center side is received, and corresponding data is returned. And the behavior associated audit of related operations and the backtracking of operation paths are supported. The first event discovery of the network attack threat is realized, and the original flow is locally reserved for source tracing and evidence obtaining.
And the center side and the station side perform bidirectional data interaction. The central side issues a detection rule to the plant station side, and the evidence obtaining data of the plant station side is inquired; and the plant station side reports the edge calculation result data to the center side. Data bidirectional interaction complies with specific requirements and standard specifications.
The plant station side and the center side carry out bidirectional data interaction in a safe and reliable communication mode, and transmitted data are encrypted by longitudinal encryption equipment supporting national encryption algorithms (SM1, SM2, SM3 and SM 4); the center side and the station side should perform bidirectional identity authentication before data transmission, and subsequent data communication can be performed only after the authentication is passed.
As shown in fig. 2, based on the system shown in fig. 1, the present invention provides a method for gathering and sharing security resources in an industrial control environment, which includes:
building a station side platform and a central side platform;
the plant station side platform acquires data of equipment in each safety partition, and transmits a part of data to the central side platform directly to form a basic database on the central side platform;
the station side platform receives an attack detection rule issued by the center side platform, performs edge calculation on the acquired data based on the attack detection rule, and returns an attack detection result to the center side platform;
and the station side platform receives a traceability evidence obtaining instruction issued by the center side platform, performs edge calculation on the acquired data based on the traceability evidence obtaining instruction, and returns the evidence obtaining data to the center side platform.
The invention has the advantages that:
the invention designs a center side platform in an industrial control safety guarantee system, carries out safety communication with a plant station side platform, gathers the safety big data of the plant station side platform, gathers and updates various detection attack rules and traceability evidence-obtaining instructions in real time, issues the rules or the instructions to the plant station side, gathers and shares and utilizes the safety big data and threat information, and builds the all-round guarantee of the industrial control network safety.
The above is only a preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes will occur to those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A system for gathering and sharing safety resources and information under industrial control environment is characterized by comprising: a plant station side platform and a central side platform;
the station side platform is used for:
collecting data of equipment in each safety partition, and directly transmitting a part of data to the central side platform;
receiving an attack detection rule, performing edge calculation on the acquired data based on the attack detection rule, and returning an attack detection result to the center side platform;
receiving a source tracing evidence obtaining instruction, performing edge calculation on the acquired data based on the source tracing evidence obtaining instruction, and returning evidence obtaining data to the central side platform;
the center side platform is used for:
receiving data directly transmitted by the station side platform to form a basic database;
issuing the attack detection rule and receiving an attack detection result returned by the station side platform;
and issuing the tracing evidence obtaining instruction and receiving evidence obtaining data returned by the station side platform.
2. The system of claim 1, wherein the plant-side platform comprises:
the collector is arranged corresponding to each safety partition and used for collecting data of each safety partition;
and the analysis server is used for receiving the data of each safety partition and carrying out edge calculation based on the matched attack detection rule or the source tracing evidence obtaining instruction.
3. The system of claim 1, wherein the center side platform comprises:
the rule generating module is used for receiving threat information and comprehensively gathering the threat information based on a linkage sharing mechanism to form an attack detection rule;
and the analysis module is used for comprehensively analyzing the basic database and the threat information to form a source tracing evidence obtaining instruction, and researching and judging the attack threat degree based on the received evidence obtaining data to restore the complete attack process.
4. The system of claim 1, wherein the plant-side platform and the central-side platform perform bidirectional data interaction, and transmission data is encrypted by using a vertical encryption device supporting a national encryption algorithm.
5. The system of claim 1, wherein the plant-side platform and the central-side platform should perform bidirectional identity authentication before data transmission, and perform subsequent data interaction after authentication is passed.
6. A method for gathering security resources and sharing information in an industrial control environment is characterized by comprising the following steps:
building a station side platform and a central side platform;
the plant station side platform acquires data of equipment in each safety partition, and directly transmits a part of data to the central side platform to form a basic database on the central side platform;
the plant station side platform receives an attack detection rule issued by the central side platform, performs edge calculation on the acquired data based on the attack detection rule, and returns an attack detection result to the central side platform;
and the plant station side platform receives a source tracing evidence obtaining instruction issued by the central side platform, performs edge calculation on the acquired data based on the source tracing evidence obtaining instruction, and returns evidence obtaining data to the central side platform.
7. The method of claim 6, wherein the plant side platform collects data of each safety partition through collectors arranged corresponding to each safety partition;
and the plant station side platform receives the data of each safety partition through the analysis server and carries out edge calculation based on the matched attack detection rule or the source tracing evidence obtaining instruction.
8. The method of claim 6, wherein the central side platform receives threat intelligence and synthetically aggregates the threat intelligence to form attack detection rules based on a linkage sharing mechanism;
and the central side platform comprehensively analyzes the basic database and the threat information to form a source tracing evidence obtaining instruction, and researches and judges the attack threat degree based on the received evidence obtaining data to restore the complete attack process.
9. The method of claim 6, wherein bidirectional data interaction is performed between the plant-side platform and the central-side platform, and the transmitted data is encrypted by using a vertical encryption device supporting a national encryption algorithm.
10. The method of claim 6, wherein the plant-side platform and the central-side platform should perform bidirectional identity authentication before data transmission, and perform subsequent data interaction after authentication is passed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010102754.3A CN111343169B (en) | 2020-02-19 | 2020-02-19 | System and method for gathering security resources and sharing information under industrial control environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010102754.3A CN111343169B (en) | 2020-02-19 | 2020-02-19 | System and method for gathering security resources and sharing information under industrial control environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111343169A true CN111343169A (en) | 2020-06-26 |
| CN111343169B CN111343169B (en) | 2022-02-11 |
Family
ID=71186983
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010102754.3A Active CN111343169B (en) | 2020-02-19 | 2020-02-19 | System and method for gathering security resources and sharing information under industrial control environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111343169B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113872958A (en) * | 2021-09-24 | 2021-12-31 | 中能融合智慧科技有限公司 | Intelligent network recognition tool based on industrial control security situation perception |
| CN114401197A (en) * | 2021-12-29 | 2022-04-26 | 南方电网数字电网研究院有限公司 | Network security analysis method based on edge calculation |
| CN114584366A (en) * | 2022-03-01 | 2022-06-03 | 南方电网数字电网研究院有限公司 | Power monitoring network safety detection system and method |
| CN115134131A (en) * | 2022-06-20 | 2022-09-30 | 中能融合智慧科技有限公司 | Situation awareness-based Internet of things communication transmission system |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060031938A1 (en) * | 2002-10-22 | 2006-02-09 | Unho Choi | Integrated emergency response system in information infrastructure and operating method therefor |
| CN106060018A (en) * | 2016-05-19 | 2016-10-26 | 中国电子科技网络信息安全有限公司 | Network threat information sharing model |
| CN106777222A (en) * | 2016-12-26 | 2017-05-31 | 中国电子科技集团公司第三十研究所 | Safety means based on lightweight domain body threaten intelligence sharing method |
| CN107046543A (en) * | 2017-04-26 | 2017-08-15 | 国家电网公司 | A kind of threat intelligence analysis system traced to the source towards attack |
| CN207283594U (en) * | 2017-09-09 | 2018-04-27 | 广西电网有限责任公司电力科学研究院 | Power transmission and transformation equipment state monitoring system based on network security subregion |
| CN108055261A (en) * | 2017-12-11 | 2018-05-18 | 中车青岛四方机车车辆股份有限公司 | Industrial network security system deployment method and security system |
| CN108259511A (en) * | 2018-02-28 | 2018-07-06 | 公安部第研究所 | A kind of cyberspace threatens intelligence sharing system and method |
| CN108650111A (en) * | 2018-03-29 | 2018-10-12 | 中国电力科学研究院有限公司 | Information security electric power semi-physical emulation platform building method and system |
| US20180324207A1 (en) * | 2017-05-05 | 2018-11-08 | Servicenow, Inc. | Network security threat intelligence sharing |
| CN109547479A (en) * | 2018-12-27 | 2019-03-29 | 国网浙江省电力有限公司电力科学研究院 | Information integration system and method are threatened in a kind of industrial environment |
-
2020
- 2020-02-19 CN CN202010102754.3A patent/CN111343169B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060031938A1 (en) * | 2002-10-22 | 2006-02-09 | Unho Choi | Integrated emergency response system in information infrastructure and operating method therefor |
| CN106060018A (en) * | 2016-05-19 | 2016-10-26 | 中国电子科技网络信息安全有限公司 | Network threat information sharing model |
| CN106777222A (en) * | 2016-12-26 | 2017-05-31 | 中国电子科技集团公司第三十研究所 | Safety means based on lightweight domain body threaten intelligence sharing method |
| CN107046543A (en) * | 2017-04-26 | 2017-08-15 | 国家电网公司 | A kind of threat intelligence analysis system traced to the source towards attack |
| US20180324207A1 (en) * | 2017-05-05 | 2018-11-08 | Servicenow, Inc. | Network security threat intelligence sharing |
| CN207283594U (en) * | 2017-09-09 | 2018-04-27 | 广西电网有限责任公司电力科学研究院 | Power transmission and transformation equipment state monitoring system based on network security subregion |
| CN108055261A (en) * | 2017-12-11 | 2018-05-18 | 中车青岛四方机车车辆股份有限公司 | Industrial network security system deployment method and security system |
| CN108259511A (en) * | 2018-02-28 | 2018-07-06 | 公安部第研究所 | A kind of cyberspace threatens intelligence sharing system and method |
| CN108650111A (en) * | 2018-03-29 | 2018-10-12 | 中国电力科学研究院有限公司 | Information security electric power semi-physical emulation platform building method and system |
| CN109547479A (en) * | 2018-12-27 | 2019-03-29 | 国网浙江省电力有限公司电力科学研究院 | Information integration system and method are threatened in a kind of industrial environment |
Non-Patent Citations (2)
| Title |
|---|
| 康荣保: "工业控制系统信息安全防护技术研究", 《通信技术》 * |
| 张宏斌: "工控网络安全检测与防护体系研究", 《信息技术与网络安全》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113872958A (en) * | 2021-09-24 | 2021-12-31 | 中能融合智慧科技有限公司 | Intelligent network recognition tool based on industrial control security situation perception |
| CN113872958B (en) * | 2021-09-24 | 2023-07-28 | 中能融合智慧科技有限公司 | Intelligent network identification tool based on industrial control security situation awareness |
| CN114401197A (en) * | 2021-12-29 | 2022-04-26 | 南方电网数字电网研究院有限公司 | Network security analysis method based on edge calculation |
| CN114584366A (en) * | 2022-03-01 | 2022-06-03 | 南方电网数字电网研究院有限公司 | Power monitoring network safety detection system and method |
| CN115134131A (en) * | 2022-06-20 | 2022-09-30 | 中能融合智慧科技有限公司 | Situation awareness-based Internet of things communication transmission system |
| CN115134131B (en) * | 2022-06-20 | 2023-10-20 | 中能融合智慧科技有限公司 | Internet of things communication transmission system based on situation awareness |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111343169B (en) | 2022-02-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111343169B (en) | System and method for gathering security resources and sharing information under industrial control environment | |
| Chin et al. | Energy big data security threats in IoT-based smart grid communications | |
| CN208227074U (en) | Electric power monitoring system network security monitors terminal | |
| CN104811433B (en) | The distributed Internet of things system and implementation method of a kind of C/S frameworks | |
| CN102594620B (en) | Linkable distributed network intrusion detection method based on behavior description | |
| CN103391185A (en) | Cloud security storage and processing method and system for rail transit monitoring data | |
| CN113536376B (en) | Enterprise financial data security management system and method thereof | |
| CN116974490A (en) | Big data storage method and system based on multi-terminal cloud computing cluster | |
| Tao et al. | A survey of network security situation awareness in power monitoring system | |
| Shi et al. | New progress in artificial intelligence algorithm research based on big data processing of IOT systems on intelligent production lines | |
| CN111082995A (en) | Ethernet workshop network behavior analysis method, corresponding storage medium and electronic device | |
| CN115118525B (en) | Internet of things safety protection system and protection method thereof | |
| Liu et al. | Research on Cyber Security Defense Technology of Power Generation Acquisition Terminal in New Energy Plant | |
| CN110457897A (en) | A kind of database security detection method based on communication protocol and SQL syntax | |
| Hu et al. | Classification of Abnormal Traffic in Smart Grids Based on GACNN and Data Statistical Analysis | |
| Peng et al. | Research on abnormal detection technology of real-time interaction process in new energy network | |
| Jing et al. | Alarm association rules mining based on run log for civil aviation information system | |
| Blazek et al. | Development of cyber-physical security testbed based on IEC 61850 architecture | |
| Liu et al. | Large-scale multiobjective federated neuroevolution for privacy and security in the internet of things | |
| Li et al. | Research on Efficiency Evaluation Model of Electric Power Information System | |
| Lysenko et al. | Botnet Detection Approach Based on DNS. | |
| CN111126762A (en) | Intelligent workflow engine for electric power cloud security | |
| CN117278109B (en) | Satellite in-orbit security anomaly identification method, system and computer readable storage medium | |
| Pashaei et al. | Detection Anomaly of Network Datasets with Honeypots at Industrial Control System | |
| Li et al. | Architecture Design and Key Technologies of Electric Vehicle Charging Network Operation Service System Based on Cloud Computing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |