CN106888185B - industrial network safety protection method based on serial link - Google Patents
industrial network safety protection method based on serial link Download PDFInfo
- Publication number
- CN106888185B CN106888185B CN201510938033.5A CN201510938033A CN106888185B CN 106888185 B CN106888185 B CN 106888185B CN 201510938033 A CN201510938033 A CN 201510938033A CN 106888185 B CN106888185 B CN 106888185B
- Authority
- CN
- China
- Prior art keywords
- message
- messages
- modbus
- rtu
- checked
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
Abstract
the invention discloses an industrial network safety protection method and a device based on a serial link, comprising the following steps: the receiving module, the first screening module, the second screening module and the transmitting module are used for receiving Modbus-RTU request messages, storing the received request messages into a cache region of a firewall, screening messages meeting Modbus-RTU according to the cyclic redundancy check result, the message length and the function code range of the stored request messages, checking parameters of the screened messages according to preset rules, screening the checked messages again according to a white list or a black list rule, and obtaining the screened messages again for transmission, so that data meeting Modbus-RTU protocol can be effectively identified for transmission, malicious information damage can be prevented, misoperation of managers is prevented, and correctness and safety of data transmission are guaranteed.
Description
Technical Field
The invention relates to the technical field of internet, in particular to an industrial network security protection method and device based on a serial link.
background
At present, along with the popularization of the industrial 4.0 concept, intellectualization and interconnection are important trends of development of future industrial control systems, so that more and more industrial control devices can be connected into the internet, and the safety problem of the industrial control devices also becomes an important factor influencing the stable operation of the industrial control systems.
In the prior art, industrial devices of an industrial device control system are updated slowly, a large number of industrial devices are still communicated and managed based on a serial link, and meanwhile, the industrial devices are connected into an Ethernet through a serial port Ethernet converter.
however, the security protection for the industrial network based on the serial link is always in a blank state, and data communicated by the serial link cannot be effectively identified, so that malicious information damage cannot be prevented, and misoperation of a manager cannot be prevented.
Disclosure of Invention
in order to solve the technical problems, the invention provides a safety protection method and a safety protection device for an industrial network based on a serial link, which are used for effectively identifying data communicated by the serial link, preventing malicious information from being damaged and misoperation of management personnel, and ensuring the correctness and safety of data transmission.
In a first aspect, an embodiment of the present invention provides a security protection method for an industrial network based on a serial link, where the method includes:
receiving a Modbus-RTU request message, and storing the received request message to a cache region of a firewall;
Screening out messages conforming to the Modbus-RTU according to the stored cyclic redundancy check result, message length and function code range of the request message;
checking parameters of the screened messages according to a preset rule, and screening the checked messages again according to a white list or black list rule;
And acquiring the message after the second screening and transmitting the message.
In a second aspect, an embodiment of the present invention provides a security protection device for an industrial network based on a serial link, where the security protection device includes: the device comprises a receiving module, a first screening module, a second screening module and a transmitting module;
The receiving module is used for receiving a Modbus-RTU request message and storing the received request message to a cache region of a firewall;
The first screening module is used for screening out messages which accord with Modbus-RTU according to the stored cyclic redundancy check result, message length and function code range of the request message;
the second screening module is used for checking parameters of the screened messages according to a preset rule and screening the checked messages again according to a white list or black list rule;
and the transmission module is used for acquiring the message after the secondary screening and transmitting the message.
The embodiment of the invention provides an industrial network safety protection method and device based on a serial link, which comprises the following steps: the receiving module, the first screening module, the second screening module and the transmitting module are used for receiving Modbus-RTU request messages, storing the received request messages into a cache region of a firewall, screening messages meeting Modbus-RTU according to the cyclic redundancy check result, the message length and the function code range of the stored request messages, checking parameters of the screened messages according to preset rules, screening the checked messages again according to a white list or a black list rule, and obtaining the screened messages again for transmission, so that data meeting Modbus-RTU protocol can be effectively identified for transmission, malicious information damage can be prevented, misoperation of managers is prevented, and correctness and safety of data transmission are guaranteed.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
drawings
the accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the example serve to explain the principles of the invention and not to limit the invention.
Fig. 1 is a schematic flowchart of a first embodiment of a serial link-based industrial network security protection method according to the present invention;
FIG. 2 is a schematic interaction flow diagram of a first embodiment of an industrial network security protection apparatus based on a serial link according to the present invention;
Fig. 3 is a schematic structural diagram of a second embodiment of the industrial network security protection device based on the serial link according to the present invention.
Detailed Description
in order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.
the steps illustrated in the flow charts of the figures may be performed in a computer device such as a set of computer-executable instructions. Also, while a logical order is shown in the flow diagrams, in some cases, the steps shown or described may be performed in an order different than here.
The method related by the embodiment of the invention can be used for an industrial network based on a serial link, and the industrial network can be an intelligent industrial network which is formed by a plurality of industrial devices communicating through RS-232 or RS-485 serial ports and is accessed to the Internet through an Ethernet converter.
the method provided by the embodiment of the invention aims to solve the technical problems that in the prior art, the safety protection of an industrial network based on a serial link is always in a blank state, and the data communicated by the serial link cannot be effectively identified and protected, so that malicious information damage cannot be prevented, and misoperation of a manager cannot be prevented.
The technical solution of the present invention will be described in detail below with specific examples. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments.
fig. 1 is a schematic flow chart of a first embodiment of a method for protecting industrial network security based on a serial link according to the present invention, and this embodiment relates to a specific process of how to screen out Modbus-RTU protocol data on the serial link that meets user requirements. As shown in fig. 1, the method includes:
S101, receiving a Modbus-RTU request message, and storing the received request message to a cache region of a firewall.
specifically, according to a transmission path of data in industrial equipment in an industrial network, an input serial port and an output serial port of a firewall are specified, for example: the input serial port that can appoint the firewall links to each other with the master equipment that supports Modbus-RTU, and the output serial port that the firewall links to each other with the slave unit that supports Modbus-RTU, and wherein, this Modbus-RTU can be Modbus-RTU agreement, this Modbus-RTU agreement is to serial link part in the Modbus communication protocol, then set up the corresponding serial port parameter of the input serial port and the output serial port of firewall respectively, this serial port parameter includes serial port baud rate, data bit, stop bit, check bit etc. but is not limited to this. In addition, in view of various industrial field environments, the serial communication modes and the serial transmission parameters of different industrial devices may be different, for example, the distances and speeds that can be transmitted by the commonly used RS-232 and RS-485 serial communication interfaces and the stability of transmission data are greatly different, so that correct and stable data communication between the serial ports with different communication modes and transmission parameters can be realized by setting the communication modes and parameters of the serial ports respectively.
The input serial port of the firewall receives a Modbus-RTU request message to be transmitted to the master device, where the message includes a plurality of characters, and according to the Modbus-RTU protocol specification, after determining that the transmission time of the characters exceeds 3.5, the received characters are stored as a frame of data in the cache area of the firewall, but the invention is not limited thereto.
and S102, screening out messages conforming to the Modbus-RTU according to the stored cyclic redundancy check result, message length and function code range of the request message.
Specifically, Cyclic Redundancy Check (CRC Check for short) is carried out on the stored messages, the Check can carry out data transmission error detection through polynomial calculation, the obtained result is attached to the back of a frame, the correctness of the CRC Check of the messages and the integrity of the message length and the function code range are confirmed, so that messages meeting Modbus-RTU are screened out, the preset rules of the messages can be set according to the actual requirements of users, the messages meeting the Modbus-RTU specification can be checked according to the preset rules, and misoperation of managers can be prevented.
S103, checking the parameters of the screened messages according to a preset rule, and screening the checked messages again according to a white list or black list rule.
Specifically, the security check policy of the message can be set according to the actual demand of the user, the screened message can be checked by a preset rule, the preset rule can set parameters to be filtered or protected, the parameters of the screened message are checked according to the preset rule, and the checked message is screened again according to a white list or black list rule, so that misoperation of a manager can be prevented.
s104, obtaining the message after the re-screening and transmitting the message.
Specifically, through the effective authentication, the screened message is transmitted through the specified output serial port, so that malicious information damage can be prevented, and the correctness and the safety of data transmission are ensured.
The method comprises the steps of receiving a Modbus-RTU request message, storing the received request message into a cache region of a firewall, screening out messages conforming to the Modbus-RTU according to a cyclic redundancy check result, message length and function code range of the stored request message, checking parameters of the screened messages according to preset rules, screening the checked messages again according to a white list or a black list rule, and obtaining and transmitting the screened messages, so that data conforming to the Modbus-RTU protocol can be effectively identified for transmission, malicious information damage can be prevented, misoperation of managers is prevented, and correctness and safety of data transmission are guaranteed.
Further, on the basis of the above embodiment, the method further includes:
And if the messages which do not accord with the Modbus-RTU are screened out, discarding the non-conforming messages.
specifically, messages which do not conform to the Modbus-RTU are discarded, so that the transmitted messages are guaranteed to be messages which conform to the Modbus-RTU, and the data transmission rate can be improved.
further, on the basis of the above embodiment, the parameters include a device identification number, a function code, a register address, and a range of register values.
specifically, parameters of the screened messages can be checked according to the actual requirements of the user, and the parameters include: the ranges of the equipment identification number, the function code, the register address and the register value can be respectively checked, whether the function code is matched with the user rule or not and whether the register address and the corresponding register value are in the range configured by the user or not, so that only data meeting the user permission condition can access and control the equipment, and the safety of the data can be ensured when the Ethernet and the serial port converter access the industrial equipment.
Further, on the basis of the above embodiment, the white list rule further includes:
If all parameters of the checked message meet preset rules, transmitting the checked message;
And if any one of the parameters of the checked message does not accord with the preset rule, discarding the checked message.
specifically, under the white list rule, as long as the parameters of the message are completely matched with the preset rule, the message is allowed to be sent to the output serial port of the firewall, and on the contrary, as long as one parameter of the message is not matched with the preset rule, the message is completely discarded, for example: assuming that the preset rule is to filter a message carrying a character meaning containing a device identification number of 03, a function code of 01, a register address of AA, and a register machine value in a range of 16 bytes, the message is allowed to be sent only if the ranges of the device identification number, the function code, the register address, and the register machine value are all the same as the preset rule, if the message carries any parameter, such as: the device identification number is different from the preset rule, and even if other parameters are the same or different, the message can be discarded, so that data which do not meet the user requirements or only data which are allowed to meet the user requirements can be discarded, and the user experience is improved.
optionally, on the basis of the foregoing embodiment, the blacklist rule includes:
if all parameters of the checked message do not accord with preset rules, transmitting the checked message;
And if any one of the parameters of the checked message meets the preset rule, discarding the checked message.
Under the blacklist rule, only the message of the rule in the matching is discarded, and other messages are all sent to the output serial port of the firewall, such as: the register address is DF, and if the address matches DF, no transmission is allowed.
specifically, under the blacklist rule, as long as the parameters of the message are not matched with the preset rule, the message is allowed to be sent to the output serial port of the firewall, and on the contrary, as long as the message has a parameter which is checked and then is matched with the preset rule, the messages are discarded, for example: if the preset rule is to protect a message carrying a character meaning containing a device identification number of 03, a function code of 01, a register address of AA, and a register machine value in a range of 16 bytes, the message is allowed to be sent only if the ranges of the device identification number, the function code, the register address, and the register machine value are all different from the preset rule, and if any parameter in the message is, for example: the device identification number is the same as the preset rule, and even if other parameters are the same or different, the message can be discarded, so that data which do not meet the user requirements or only allow data which meet the user requirements can be discarded, and the user experience is improved.
For the setting of the white list or the black list, a user can flexibly configure according to actual conditions, and discard data which do not meet the requirements of the user or only allow data which meet the requirements of the user, so that only the data which meet the permission conditions of the user can access and control equipment, and the safety of the data is further ensured.
Further, fig. 2 is a schematic structural diagram of a first embodiment of an industrial network security protection apparatus based on a serial link according to an embodiment of the present invention, as shown in fig. 2, the apparatus includes: a receiving module 10, a first screening module 20, a second screening module 30 and a transmitting module 40;
The receiving module 10 is configured to receive a Modbus-RTU request packet, and store the received request packet in a cache area of a firewall;
the first screening module 20 is configured to screen out a message that conforms to the Modbus-RTU according to the stored cyclic redundancy check result, message length, and function code range of the request message;
the second screening module 30 is configured to check parameters of the screened messages according to a preset rule, and re-screen the checked messages according to a white list or a black list rule;
And the transmission module 40 is configured to acquire the re-screened message and transmit the message.
The industrial network safety protection device based on the serial link provided by the embodiment of the invention comprises: the receiving module, the first screening module, the second screening module and the transmitting module are used for receiving Modbus-RTU request messages, storing the received request messages into a cache region of a firewall, screening messages meeting Modbus-RTU according to the cyclic redundancy check result, the message length and the function code range of the stored request messages, checking parameters of the screened messages according to preset rules, screening the checked messages again according to a white list or a black list rule, and obtaining the screened messages again for transmission, so that data meeting Modbus-RTU protocol can be effectively identified for transmission, malicious information damage can be prevented, misoperation of managers is prevented, and correctness and safety of data transmission are guaranteed.
Further, fig. 3 is a schematic structural diagram of a second embodiment of the industrial network security protection apparatus based on the serial link, as shown in fig. 3, based on the above embodiment, the discarding module 50:
the discarding module 50 is configured to discard the message if the message that does not conform to the Modbus-RTU is screened out.
The apparatus provided in the embodiment of the present invention may implement the method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
Further, on the basis of the above embodiment, the parameters include:
device identification number, function code, register address, and range of register values.
The apparatus provided in the embodiment of the present invention may implement the method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
Further, on the basis of the above embodiment, the transmission module 40 is further configured to:
If all parameters of the checked message meet preset rules, transmitting the checked message;
Or if all the parameters of the checked message do not accord with the preset rules, transmitting the checked message.
the apparatus provided in the embodiment of the present invention may implement the method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
further, as shown in fig. 3, on the basis of the above embodiment, the discarding module 50 is further configured to:
if any one of the parameters of the checked message does not accord with the preset rule, discarding the checked message;
Or if any one of the parameters of the checked message meets the preset rule, discarding the checked message.
The apparatus provided in the embodiment of the present invention may implement the method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
although the embodiments of the present invention have been described above, the above description is only for the convenience of understanding the present invention, and is not intended to limit the present invention. It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (10)
1. an industrial network safety protection method based on a serial link is characterized by comprising the following steps:
receiving a Modbus-RTU request message, storing the received request message to a cache region of a firewall, connecting an input serial port of the firewall with master equipment supporting the Modbus-RTU, connecting an output serial port of the firewall with slave equipment supporting the Modbus-RTU, and respectively setting a serial port communication mode and serial port parameters corresponding to the input serial port and the output serial port of the firewall;
screening out messages conforming to the Modbus-RTU according to the stored cyclic redundancy check result, message length and function code range of the request message;
Checking parameters of the screened messages according to a preset rule, and screening the checked messages again according to a white list or black list rule;
And acquiring the message after the second screening and transmitting the message.
2. The method according to claim 1, wherein receiving the Modbus-RTU request message and storing the received request message in a cache of a firewall comprises:
And the input serial port of the firewall receives a Modbus-RTU request message needing to be transmitted from the master equipment, wherein the message comprises a plurality of characters, and the received characters are stored into a cache region of the firewall as frame data after the transmission time of the characters exceeds 3.5 is determined.
3. The method of claim 1, wherein the parameters of the packet comprise:
device identification number, function code, register address, and range of register values.
4. The method of claim 1, wherein the white list rule comprises:
if all parameters of the checked message meet preset rules, transmitting the checked message;
And if any one of the parameters of the checked message does not accord with the preset rule, discarding the checked message.
5. the method of claim 1, wherein the blacklist rule comprises:
If all parameters of the checked message do not accord with preset rules, transmitting the checked message;
And if any one of the parameters of the checked message meets the preset rule, discarding the checked message.
6. An industrial network security protection device based on a serial link, the device comprising: the device comprises a receiving module, a first screening module, a second screening module and a transmitting module;
The receiving module is used for receiving Modbus-RTU request messages and storing the received request messages to a cache region of a firewall, an input serial port of the firewall is connected with master equipment supporting the Modbus-RTU, an output serial port of the firewall is connected with slave equipment supporting the Modbus-RTU, and serial port communication modes and serial port parameters corresponding to the input serial port and the output serial port of the firewall are respectively set;
The first screening module is used for screening out messages which accord with Modbus-RTU according to the stored cyclic redundancy check result, message length and function code range of the request message;
the second screening module is used for checking parameters of the screened messages according to a preset rule and screening the checked messages again according to a white list or black list rule;
and the transmission module is used for acquiring the message after the secondary screening and transmitting the message.
7. The apparatus according to claim 6, wherein the receiving module receives Modbus-RTU request messages and stores the received request messages in a cache of a firewall, and the receiving module comprises:
And the input serial port of the firewall receives a Modbus-RTU request message needing to be transmitted from the master equipment, wherein the message comprises a plurality of characters, and the received characters are stored into a cache region of the firewall as frame data after the transmission time of the characters exceeds 3.5 is determined.
8. The apparatus of claim 6, wherein the parameters of the packet comprise:
Device identification number, function code, register address, and range of register values.
9. the apparatus of claim 6, wherein the transfer module is further configured to:
if all parameters of the checked message meet preset rules, transmitting the checked message;
or if all the parameters of the checked message do not accord with the preset rules, transmitting the checked message.
10. The apparatus of claim 6, further comprising a discard module configured to:
If the messages which do not conform to the Modbus-RTU are screened out, discarding the messages;
If any one of the parameters of the checked message does not accord with the preset rule, discarding the checked message;
or if any one of the parameters of the checked message meets the preset rule, discarding the checked message.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510938033.5A CN106888185B (en) | 2015-12-15 | 2015-12-15 | industrial network safety protection method based on serial link |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510938033.5A CN106888185B (en) | 2015-12-15 | 2015-12-15 | industrial network safety protection method based on serial link |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106888185A CN106888185A (en) | 2017-06-23 |
| CN106888185B true CN106888185B (en) | 2019-12-06 |
Family
ID=59173782
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510938033.5A Active CN106888185B (en) | 2015-12-15 | 2015-12-15 | industrial network safety protection method based on serial link |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106888185B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111740997A (en) * | 2020-06-22 | 2020-10-02 | 浙江中控技术股份有限公司 | Safety protection method and device based on ModBusRTU |
| CN112583790A (en) * | 2020-11-05 | 2021-03-30 | 贵州数安汇大数据产业发展有限公司 | Intelligent security threat discovery method based on multiple evidence entities |
| CN114363018B (en) * | 2021-12-20 | 2023-09-22 | 北京六方云信息技术有限公司 | Industrial data transmission method, device, equipment and storage medium |
| CN114666171A (en) * | 2022-05-25 | 2022-06-24 | 杭州云动智能汽车技术有限公司 | Method for realizing vehicle-mounted CAN network firewall |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101262486A (en) * | 2008-04-18 | 2008-09-10 | 清华大学 | Modbus bus analysis system based on built-in platform |
| CN102970177A (en) * | 2012-10-19 | 2013-03-13 | 深圳市计通智能技术有限公司 | Method for analyzing and filtering communication data error codes of computer monitoring system |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130031201A1 (en) * | 2008-04-03 | 2013-01-31 | Electro Industries/Gauge Tech | Intelligent electronic device communication solutions for network topologies |
| CN104702584B (en) * | 2013-12-10 | 2017-11-28 | 中国科学院沈阳自动化研究所 | A kind of Modbus communications access control methods based on self-learning-ruler |
| CN104519065B (en) * | 2014-12-22 | 2018-05-01 | 北京卓越信通电子股份有限公司 | A kind of industry control method of realizing fireproof wall for supporting filtering Modbus Transmission Control Protocol |
-
2015
- 2015-12-15 CN CN201510938033.5A patent/CN106888185B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101262486A (en) * | 2008-04-18 | 2008-09-10 | 清华大学 | Modbus bus analysis system based on built-in platform |
| CN102970177A (en) * | 2012-10-19 | 2013-03-13 | 深圳市计通智能技术有限公司 | Method for analyzing and filtering communication data error codes of computer monitoring system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106888185A (en) | 2017-06-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11949704B2 (en) | Attribute-based policies for integrity monitoring and network intrusion detection | |
| CN109617813B (en) | Enhanced intelligent process control switch port locking | |
| CN106888185B (en) | industrial network safety protection method based on serial link | |
| CN105871811B (en) | Control the method and controller of application program permission | |
| US20080320582A1 (en) | Real-time industrial firewall | |
| CN110971522B (en) | Method, equipment and system for determining route leakage | |
| CN111277602B (en) | Network data packet identification processing method and device, electronic equipment and storage medium | |
| CN112217795B (en) | Method and device for managing communication security of intelligent electric meter | |
| EP2790354A1 (en) | Security management system having multiple relay servers, and security management method | |
| CN114143068A (en) | Electric power internet of things gateway equipment container safety protection system and method thereof | |
| CN105577705B (en) | For the safety protecting method and system of IEC60870-5-104 agreements | |
| CN107241307B (en) | Self-learning network isolation safety device and method based on message content | |
| CN115150209B (en) | Data processing method, industrial control system, electronic device, and storage medium | |
| CN112839049B (en) | Web application firewall protection method and device, storage medium and electronic equipment | |
| CN115150207A (en) | Industrial network equipment identification method and device, terminal equipment and storage medium | |
| CN114244555A (en) | Method for adjusting security policy | |
| NL2020552B1 (en) | Attribute-based policies for integrity monitoring and network intrusion detection | |
| NL2020635B1 (en) | Attribute-based policies for integrity monitoring and network intrusion detection | |
| KR20130100763A (en) | Communication device and communication method | |
| NL2020633B1 (en) | Attribute-based policies for integrity monitoring and network intrusion detection | |
| US20090119753A1 (en) | Connector and method for providing access to a data-processing network for a data-processing device | |
| NL2020632B1 (en) | Attribute-based policies for integrity monitoring and network intrusion detection | |
| CN109274660B (en) | Workshop industrial control data ferrying method, device and system | |
| CN116781498A (en) | Flow analysis system, method and related equipment | |
| CN115694901A (en) | VPN tunnel communication method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |