CN112394683B - File transmission method using industrial control system - Google Patents
File transmission method using industrial control system Download PDFInfo
- Publication number
- CN112394683B CN112394683B CN202011334177.7A CN202011334177A CN112394683B CN 112394683 B CN112394683 B CN 112394683B CN 202011334177 A CN202011334177 A CN 202011334177A CN 112394683 B CN112394683 B CN 112394683B
- Authority
- CN
- China
- Prior art keywords
- file
- main program
- industrial control
- transmission
- digital signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 47
- 230000005540 biological transmission Effects 0.000 title claims abstract description 46
- 230000007246 mechanism Effects 0.000 claims abstract description 15
- 230000004044 response Effects 0.000 claims abstract description 14
- 230000008569 process Effects 0.000 claims abstract description 9
- 238000012795 verification Methods 0.000 claims description 9
- 238000005192 partition Methods 0.000 description 5
- 241000700605 Viruses Species 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000009434 installation Methods 0.000 description 3
- 230000008439 repair process Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000003860 storage Methods 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 229940060321 after-bug Drugs 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000005265 energy consumption Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000009776 industrial production Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000001629 suppression Effects 0.000 description 1
- 230000026676 system process Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/04—Programme control other than numerical control, i.e. in sequence controllers or logic controllers
- G05B19/05—Programmable logic controllers, e.g. simulating logic interconnections of signals according to ladder diagrams or function charts
- G05B19/058—Safety, monitoring
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B2219/00—Program-control systems
- G05B2219/10—Plc systems
- G05B2219/14—Plc safety
- G05B2219/14006—Safety, monitoring in general
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Automation & Control Theory (AREA)
- Information Transfer Between Computers (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a file transmission method using an industrial control system, which comprises the steps of firstly writing a set IP address into a computer or a PLC controller through assembly language; then, adding the downloaded main program as a starting item in a registry, simultaneously releasing a drive file and a check file, generating and checking whether a digital signature exists, and sending a corresponding first response and a corresponding second response to an agent end; then, searching all servers in the local area network by adopting an exploration mechanism with the square increasing, and avoiding the servers outside the local area network; meanwhile, dynamically selecting a transmission file, and transmitting the transmission file to a corresponding proxy server by adopting a dynamic threshold signature algorithm and a double encryption method; and finally, rewriting the file header information twice, unloading the main program, and starting a plurality of threads through a timing system to cause process congestion, so that the safety of the equipment can be improved.
Description
Technical Field
The invention relates to the technical field of network space security, in particular to a file transmission method by using an industrial control system.
Background
At present, the social informatization is developed at a high speed, the traditional industrial control is developed to the networking step by taking the combination of computer technology as a target, and a brand-new industrial production manufacturing system is promoted and formed through the comprehensive interconnection of people, machines and objects. Security requirements such as confidentiality, integrity, identity verification and the like are not considered at the beginning of industrial control system design, and problems of not strict control of authorized access equipment, insufficient configuration and maintenance, outdated encryption algorithm and the like cause various potential safety hazards. Meanwhile, the personal computer based on the Windows platform is also widely applied to the industrial Internet system. And are therefore susceptible to viruses.
CNVD recording industrial control systems increase year by year, and the difficulty of bug repair is too great because normal operation of an industrial line must be ensured in the repair process, and normal production cannot be affected by compatibility problems after bug repair. The mechanism based on virus library searching and killing also has limitation on the industrial internet, and through some plug-and-play storage devices such as a U disk and the like, viruses are easier to spread, so that industrial data faces security threats such as loss, leakage and tampering, and the security of the device is reduced.
Disclosure of Invention
The invention aims to provide a file transmission method by utilizing an industrial control system, which improves the safety of equipment.
In order to achieve the above object, the present invention provides a file transmission method using an industrial control system, comprising the steps of:
writing the set IP address into a memory module of a computer or a PLC controller through assembly language;
downloading a main program by a computer of an industrial control Internet, setting the main program as a starting item, simultaneously generating a digital signature, and verifying whether the main program is the starting item or not and whether the digital signature still exists;
searching all servers in a local area network by adopting an exploration mechanism with increasing square, and avoiding the servers outside the local area network;
the method comprises the steps that proxy server side software or man-made dynamic selection is used for transmitting files, and a dynamic threshold signature algorithm and a double encryption method are adopted for transmitting the transmission files to a random proxy server;
the file header information is rewritten twice, and a plurality of threads are started through a timing system to cause process congestion.
After dynamically selecting a transmission file and transmitting the transmission file to a random proxy server by adopting a dynamic threshold signature algorithm and a double encryption method, the method further comprises the following steps:
and deleting all check files outside the system directory.
Wherein, the computer of industrial control internet sets up to the start item after downloading the main program, generates digital signature simultaneously to whether still exist to check whether this main program is start item and digital signature, include:
and adding the downloaded main program as a starting item in a registry, simultaneously releasing a drive file and a verification file, then generating a digital signature by using the drive file, and judging whether the main program is the starting item or not and whether the digital signature exists or not by using the verification file.
Wherein, the computer of industrial control internet sets up to the start item after downloading the main program, generates digital signature simultaneously to whether still exist to check whether this main program is start item and digital signature, still include:
and if the main program is not a starting item and the digital signature does not exist, sending a first response to the agent end, re-executing the setting starting item by using the verification file, generating the digital signature and sending a second response to the agent end.
The method comprises the following steps of searching all servers in a local area network by adopting an exploration mechanism with an increasing square, and avoiding the servers outside the local area network, wherein the exploration mechanism comprises the following steps:
and connecting a plurality of random IP addresses according to the acquired corresponding network numbers, scanning all computers in the local area network by adopting an exploration mechanism with an increasing square, and judging whether any computer in the current local area network is connected to a server or not, wherein the server comprises an operation station server, a real-time data server and a historical data server.
The method comprises the following steps that proxy server side software or man-made dynamic selection of transmission files is adopted, and the transmission files are transmitted to a random proxy server by adopting a dynamic threshold signature algorithm and a double encryption method, and comprises the following steps:
transmitting the desktop screenshot to a proxy server, and selecting a corresponding transmission file according to the file name type, wherein if the file name is a random name, all files are returned; and if the file name is a specific name, transmitting the file containing the keywords to the proxy server through the remote desktop.
The method comprises the following steps that proxy server side software or man-made dynamic selection is carried out on a transmission file, the transmission file is transmitted to a random proxy server by adopting a dynamic threshold signature algorithm and a double encryption method, and the method further comprises the following steps:
dividing a private key into a plurality of different proxy servers, modifying the header information of the transmission file, and changing the file extension name into encryption;
and deleting redundant head information until all the transmission files are transmitted to the proxy server, decrypting the transmission files and restoring the initial files.
The invention relates to a file transmission method using an industrial control system, which comprises the steps of firstly writing a set IP address into a memory module of a computer or a PLC (programmable logic controller) through an assembly language; then, adding the downloaded main program as a starting item in a registry, simultaneously releasing a drive file and a check file, generating and checking whether a digital signature exists, and sending a corresponding first response and a corresponding second response to an agent end; then, searching all servers in the local area network by adopting an exploration mechanism with the square increasing, and avoiding the servers outside the local area network; meanwhile, dynamically selecting a transmission file, and transmitting the transmission file to a corresponding proxy server by adopting a dynamic threshold signature algorithm and a double encryption method; and finally, writing the file header information twice, unloading the main program, starting a plurality of threads through a timing system to cause process congestion, and sending packets to each other among computers to occupy network resources, so that the safety of equipment can be improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic step diagram of a file transmission method using an industrial control system according to the present invention.
FIG. 2 is a block diagram of a modern industrial control system architecture provided by the present invention.
Fig. 3 is a schematic diagram of industrial internet security protection provided by the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative and intended to be illustrative of the invention and are not to be construed as limiting the invention.
In the description of the present invention, "a plurality" means two or more unless specifically defined otherwise.
Referring to fig. 1 to 3, the present invention provides a file transmission method using an industrial control system, including the following steps:
and S101, writing the set IP address into a memory module of a computer or a PLC (programmable logic controller) through assembly language.
Specifically, as shown in fig. 3, in a modern industrial internet architecture, a PLC controller and a DCS controller are widely applied to various industrial control systems, and some enterprises merge the two. In the present invention, the computer existing in the DCS and the memory module existing in the PLC are written in the assembly language (i.e., x86 architecture or arm architecture), which becomes the entry point in the present invention. That is, there is a certain special storage space in the memory, and only a few instructions related to the system execution operation are stored, including the interrupt vector as the interrupt handler, and these interrupt handlers usually do not use all the memory addresses of this part, and reserve some extra address space for adding new operations in the later use process. In the initial stage, a specific IP address is written into the memory of the computer through assembly language, and the IP address is mainly used for the main function of software to be used after downloading. Because most industrial control devices used by enterprises run for a long time and are not shut down or restarted as far as possible, written assembly source codes can directly run in the devices after the memory devices are powered on, the program can be directly mirrored into a computer of an industrial control internet from a server, and the downloading operation does not occupy a large amount of memory resources and network speed.
S102, the computer of the industrial control Internet downloads the main program and sets the main program as a starting item, meanwhile, a digital signature is generated, and whether the main program is the starting item or not and whether the digital signature still exists are verified.
Specifically, after the main program or the corresponding software is downloaded, no redundant information is actively generated, but two operations are executed, the first is that for an operating system, the software is added as a starting item in a registry, so that the software can be automatically loaded after the equipment is powered off and restarted; the second is to release a driver file and check file, the driver file is mainly used to generate digital signature, so that the software can be treated as normal software in the later stage of "intrusion". And the verification file is mainly used for judging whether the software is used as a starting item and whether the digital signature still exists, if not, sending a first response error-01 to the agent end, then, the verification file re-executes the setting of the starting item and generates digital signature information, and sending a new second response correct-02 to the agent end. The check file can not be directly installed in the operating system directory, at the moment, whether the computer has a hard disk partition or not is judged, if the computer has the hard disk partition, a certain partition is randomly selected, a hidden folder is created, the check file is installed in the partition, if the computer does not have the partition, the folder is directly installed in the operating system installation directory, the folder is automatically created, the attribute of the folder is set to be hidden, the check file has a specific operation period, and the module can not operate and occupy the memory within a period of time.
S103, searching all servers in the local area network by adopting an exploration mechanism with the square increasing, and avoiding the servers outside the local area network.
Specifically, after the installation of the check file is completed, the remaining modules are all installed in the system directory, and no operation is performed after the installation is completed. But the first check is carried out, and after the check is finished, if the agent end receives the second response of correct-02, the next operation is executed. The software firstly judges the network where the software is located, most of equipment in a local area network obtains an IP address through a DHCP protocol so as to be connected to the Internet, so that the software can judge the network number according to the IP address of the local computer and a subnet mask, try the connection of 1 to 10 random IP addresses after obtaining the network number, and scan a computer with a remote control vulnerability by adopting an increasing square exploration mechanism, wherein the specific steps are as follows: after the first scanning is finished, the software can rest for a period of time; then, the number of attempted IP addresses is scanned in a doubled number, at this time, the rest time is also doubled until the operations of all controllable computers in the local area network are completed, all servers controlled in the local area network are installed with software, at this time, whether a computer is connected to an operation station server or a data server (including a real-time data server and a history data server) is judged, as shown in fig. 2, the software in each computer sends a check data packet to the internet, if the computer responds, the data packet is discarded and an ICMP data packet is sent, the response type is set as source suppression, and the IP address is recorded, so that the avoidance can be performed at the next sending time. If the local area network is not connected with a computer of the server, judging IP addresses of other local area networks in the enterprise, and then continuing to adopt an exploration mechanism with increasing square to perform scanning operation; if the server exists in the local area network, the agent end can execute the next operation.
And S104, the proxy server side software or man-made dynamic selection is used for transmitting the file, and the transmission file is transmitted to the random proxy server by adopting a dynamic threshold signature algorithm and a double encryption method.
Specifically, for data in a computer, the agent end does not require the server to transmit all files, firstly, the desktop screenshot is transmitted to the agent server, then the agent end can select information contained in the file name required by the agent end, and if the file names are random names, all files are transmitted back. If the name is specific, the agent end can directly select a file containing the keyword through the remote desktop, then the file is transmitted to the agent server, and before the transmission operation is completed, the software unloads the computer USB drive and backups the computer USB drive at the remote server. In the transmission process, the invention utilizes the dynamic threshold signature algorithm based on the asymmetric encryption algorithm, and in the transmission process, the private key is divided into different proxy servers, and the private key cannot be decrypted for a single server. In this process, neither the original private key nor the partial private key on each proxy server can be revealed. And meanwhile, double encryption is adopted, namely, file header information is modified before each file is transmitted, the extension name of each modified file is changed into 'encry', after the file reaches a proxy server end, redundant header information is deleted again, and the file can be decrypted and the initial file is restored only when all the files reach each proxy server.
And S105, duplicating the file header information twice, and starting a plurality of threads through a timing system to cause process congestion.
Specifically, when the agent no longer receives any data, the software is shifted to the next layer of operation, the data file in the computer is locally changed, header information of docx, xlsx, pptx and the like is rewritten, so that the header information of various files in the computer is rewritten twice, and letters are added after extension of each file, so that the operation of additionally encrypting the data is achieved. After the data is encrypted locally, the relevant contents of all data transmission modules are unloaded, and all check files outside the system directory are deleted.
The program in the system directory judges to start the third operation. Firstly, a timing system is set by software, after the timing system is finished, the software can establish a plurality of threads by a random naming method, during the execution period, the threads can not execute any operation, and the threads are in a sleep state in the execution process, so that a computer in an industrial control system can not give execution right to other programs, and thread blocking is caused; secondly, the program occupies network resources during the running process, and because each device in the local area network is loaded with the software, the computers can also act as servers, so that the computers mutually transmit ICMP protocol packets and utilize the router to transmit broadcast information so as to occupy the network resources.
By adopting a bottom-up design method, a specific memory address field at the bottom layer of the equipment is operated, then a proxy server downloads a main program to the equipment, and different observation mechanisms are provided for different operating systems by using information of each module; even in subsequent work, the invention can complete the reconnaissance of the industrial control equipment with lower energy consumption and better adaptation, and prevent the loss caused by safety problems of equipment, control, network, data and the like.
The invention relates to a file transmission method using an industrial control system, which comprises the steps of firstly writing a set IP address into a memory module of a computer or a PLC (programmable logic controller) through an assembly language; then, adding the downloaded main program as a starting item in a registry, simultaneously releasing a drive file and a check file, generating and checking whether a digital signature exists, and sending a corresponding first response and a corresponding second response to an agent end; then, searching all servers in the local area network by adopting an exploration mechanism with the square increasing, and avoiding the servers outside the local area network; meanwhile, dynamically selecting a transmission file, and transmitting the transmission file to a corresponding proxy server by adopting a dynamic threshold signature algorithm and a double encryption method; and finally, writing the file header information twice, unloading the main program, starting a plurality of threads through a timing system to cause system process blockage, and simultaneously, each computer can be used as a server to mutually send an ICMP (Internet control protocol) packet to cause network resource occupation, so that the safety of equipment can be improved.
While the invention has been described with reference to a preferred embodiment, it will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (7)
1. A file transmission method using an industrial control system is characterized by comprising the following steps:
writing the set IP address into a memory module of a computer or a PLC controller through assembly language;
downloading a main program by a computer of an industrial control Internet, setting the main program as a starting item, simultaneously generating a digital signature, and verifying whether the main program is the starting item or not and whether the digital signature still exists;
searching all servers in a local area network by adopting an exploration mechanism with increasing square, and avoiding the servers outside the local area network;
the method comprises the steps that proxy server side software or man-made dynamic selection is used for transmitting files, and a dynamic threshold signature algorithm and a double encryption method are adopted for transmitting the transmission files to a random proxy server;
the file header information is rewritten twice, and a plurality of threads are started through a timing system to cause process congestion.
2. The method for file transfer using industrial control system according to claim 1, wherein the computer of the industrial control internet downloads a main program and sets the main program as a startup item, and generates a digital signature, and after checking whether the main program is the startup item and whether the digital signature still exists, the method further comprises:
and deleting all check files outside the system directory.
3. The file transmission method using industrial control system according to claim 1, wherein the computer of industrial control internet downloads a main program and sets it as a start item, and generates a digital signature, and checks whether the main program is the start item and whether the digital signature still exists, including:
and adding the downloaded main program as a starting item in a registry, simultaneously releasing a drive file and a verification file, then generating a digital signature by using the drive file, and judging whether the main program is the starting item or not and whether the digital signature exists or not by using the verification file.
4. The file transmission method using industrial control system according to claim 3, wherein the computer of the industrial control internet downloads a main program and sets it as a startup item, and generates a digital signature, and verifies whether the main program is the startup item and whether the digital signature still exists, further comprising:
and if the main program is not a starting item and the digital signature does not exist, sending a first response to the agent end, re-executing the setting starting item by using the verification file, generating the digital signature and sending a second response to the agent end.
5. The file transfer method using industrial control system according to claim 1, wherein searching all servers in the local area network using an incremental square exploration mechanism and avoiding servers outside the local area network comprises:
and connecting a plurality of random IP addresses according to the acquired corresponding network numbers, scanning all computers in the local area network by adopting an exploration mechanism with an increasing square, and judging whether any computer in the current local area network is connected to a server or not, wherein the server comprises an operation station server, a real-time data server and a historical data server.
6. The file transmission method using industrial control system according to claim 1, wherein the proxy server software or man-made dynamically selects the transmission file, and transmits the transmission file to the random proxy server by using dynamic threshold signature algorithm and double encryption method, comprising:
transmitting the desktop screenshot to a proxy server, and selecting a corresponding transmission file according to the file name type, wherein if the file name is a random name, all files are returned; and if the file name is a specific name, transmitting the file containing the keywords to the proxy server through the remote desktop.
7. The file transmission method using industrial control system according to claim 6, wherein the proxy server software or man-made dynamically selects the transmission file and transmits the transmission file to the random proxy server by using dynamic threshold signature algorithm and double encryption method, further comprising:
dividing a private key into a plurality of different proxy servers, modifying the header information of the transmission file, and changing the file extension name into encryption;
and deleting redundant head information until all the transmission files are transmitted to the proxy server, decrypting the transmission files and restoring the initial files.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011334177.7A CN112394683B (en) | 2020-11-24 | 2020-11-24 | File transmission method using industrial control system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011334177.7A CN112394683B (en) | 2020-11-24 | 2020-11-24 | File transmission method using industrial control system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112394683A CN112394683A (en) | 2021-02-23 |
| CN112394683B true CN112394683B (en) | 2022-03-11 |
Family
ID=74606247
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011334177.7A Active CN112394683B (en) | 2020-11-24 | 2020-11-24 | File transmission method using industrial control system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112394683B (en) |
Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101059778A (en) * | 2007-03-16 | 2007-10-24 | 北京天天宽广网络科技有限公司 | General series bus interface mobile memory method and its device |
| CN101262405A (en) * | 2008-04-11 | 2008-09-10 | 华南理工大学 | High-speed secure virtual private network channel based on network processor and its realization method |
| CN101304407A (en) * | 2007-05-09 | 2008-11-12 | 华为技术有限公司 | Method, system and apparatus for authentication of source address |
| CN102467401A (en) * | 2010-11-08 | 2012-05-23 | 泰商泰达电子公司 | Firmware update method and system for micro-controller unit in power supply unit |
| CN103595703A (en) * | 2013-03-08 | 2014-02-19 | 重庆城市管理职业学院 | Linux safety file transmission system based on OpenSSL and Linux safety file transmission method based on OpenSSL |
| KR20140089195A (en) * | 2013-01-04 | 2014-07-14 | 주식회사 윈스 | Pattern matching system and the method for network security equipment |
| CN104267997A (en) * | 2014-09-30 | 2015-01-07 | 珠海市君天电子科技有限公司 | Terminal device and starting method of application software in same |
| CN105074721A (en) * | 2012-10-15 | 2015-11-18 | 依兰蒂思研究室有限责任公司 | Method for signing electronic documents with an analog-digital signature with additional verification |
| CN109753788A (en) * | 2017-11-03 | 2019-05-14 | 厦门雅迅网络股份有限公司 | Integrity checking method and computer readable storage medium when kernel is run |
| CN110099072A (en) * | 2019-05-21 | 2019-08-06 | 唯伊云(武汉)科技有限公司 | A kind of safety protecting method being directed to industrial data transmission of internet of things |
| CN110149633A (en) * | 2019-05-16 | 2019-08-20 | 桂林电子科技大学 | It is a kind of to support batch Secure authentication method and system of verifying |
| CN110912921A (en) * | 2019-11-29 | 2020-03-24 | 广东工业大学 | Safety data verification system and method for industrial control system |
| CN111030824A (en) * | 2019-11-29 | 2020-04-17 | 国核自仪系统工程有限公司 | Industrial control device identification system, method, medium, and electronic device |
| CN111092735A (en) * | 2019-12-20 | 2020-05-01 | 杭州涂鸦信息技术有限公司 | Device authorization off-line verification method and system based on elliptic curve algorithm |
| CN111726343A (en) * | 2020-06-11 | 2020-09-29 | 桂林电子科技大学 | Electronic official document safe transmission method based on IPFS and block chain |
| CN111770092A (en) * | 2020-06-29 | 2020-10-13 | 华中科技大学 | Numerical control system network security architecture and secure communication method and system |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102109971A (en) * | 2010-12-14 | 2011-06-29 | 桂林电子科技大学 | Slide projector showing system capable of wirelessly transmitting plotting information |
| US8955092B2 (en) * | 2012-11-27 | 2015-02-10 | Symantec Corporation | Systems and methods for eliminating redundant security analyses on network data packets |
| US10097529B2 (en) * | 2015-05-01 | 2018-10-09 | Samsung Electronics Co., Ltd. | Semiconductor device for controlling access right to server of internet of things device and method of operating the same |
| US10135861B2 (en) * | 2015-10-20 | 2018-11-20 | Sophos Limited | Mitigation of anti-sandbox malware techniques |
| US11210653B2 (en) * | 2017-10-26 | 2021-12-28 | Mastercard International Incorporated | Method and system for prevention of fraudulent gift cards via blockchain |
| CN109474606B (en) * | 2018-12-04 | 2022-12-30 | 平安科技(深圳)有限公司 | File transmission method and device, computer equipment and storage medium |
| CN110099064B (en) * | 2019-05-08 | 2021-07-09 | 广州创想云科技有限公司 | File processing method, device, equipment and storage medium based on Internet of things |
-
2020
- 2020-11-24 CN CN202011334177.7A patent/CN112394683B/en active Active
Patent Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101059778A (en) * | 2007-03-16 | 2007-10-24 | 北京天天宽广网络科技有限公司 | General series bus interface mobile memory method and its device |
| CN101304407A (en) * | 2007-05-09 | 2008-11-12 | 华为技术有限公司 | Method, system and apparatus for authentication of source address |
| CN101262405A (en) * | 2008-04-11 | 2008-09-10 | 华南理工大学 | High-speed secure virtual private network channel based on network processor and its realization method |
| CN102467401A (en) * | 2010-11-08 | 2012-05-23 | 泰商泰达电子公司 | Firmware update method and system for micro-controller unit in power supply unit |
| CN105074721A (en) * | 2012-10-15 | 2015-11-18 | 依兰蒂思研究室有限责任公司 | Method for signing electronic documents with an analog-digital signature with additional verification |
| KR20140089195A (en) * | 2013-01-04 | 2014-07-14 | 주식회사 윈스 | Pattern matching system and the method for network security equipment |
| CN103595703A (en) * | 2013-03-08 | 2014-02-19 | 重庆城市管理职业学院 | Linux safety file transmission system based on OpenSSL and Linux safety file transmission method based on OpenSSL |
| CN104267997A (en) * | 2014-09-30 | 2015-01-07 | 珠海市君天电子科技有限公司 | Terminal device and starting method of application software in same |
| CN109753788A (en) * | 2017-11-03 | 2019-05-14 | 厦门雅迅网络股份有限公司 | Integrity checking method and computer readable storage medium when kernel is run |
| CN110149633A (en) * | 2019-05-16 | 2019-08-20 | 桂林电子科技大学 | It is a kind of to support batch Secure authentication method and system of verifying |
| CN110099072A (en) * | 2019-05-21 | 2019-08-06 | 唯伊云(武汉)科技有限公司 | A kind of safety protecting method being directed to industrial data transmission of internet of things |
| CN110912921A (en) * | 2019-11-29 | 2020-03-24 | 广东工业大学 | Safety data verification system and method for industrial control system |
| CN111030824A (en) * | 2019-11-29 | 2020-04-17 | 国核自仪系统工程有限公司 | Industrial control device identification system, method, medium, and electronic device |
| CN111092735A (en) * | 2019-12-20 | 2020-05-01 | 杭州涂鸦信息技术有限公司 | Device authorization off-line verification method and system based on elliptic curve algorithm |
| CN111726343A (en) * | 2020-06-11 | 2020-09-29 | 桂林电子科技大学 | Electronic official document safe transmission method based on IPFS and block chain |
| CN111770092A (en) * | 2020-06-29 | 2020-10-13 | 华中科技大学 | Numerical control system network security architecture and secure communication method and system |
Non-Patent Citations (3)
| Title |
|---|
| Transformation of VRML-files into graph structures in order to detect similarities and build clusters;R. Roj;《2017 IEEE 21st International Conference on Intelligent Engineering Systems (INES)》;20171123;全文 * |
| 工业控制环境计算节点安全防护技术研究;吴欢;《中国优秀硕士学位论文全文数据库信息科技辑》;20170315(第3期);全文 * |
| 支持第三方仲裁的智能电网数据安全聚合方案;丁勇;《电子学报》;20200225;第48卷(第2期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112394683A (en) | 2021-02-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8474032B2 (en) | Firewall+ storage apparatus, method and system | |
| KR101122787B1 (en) | Security-related programming interface | |
| JP6678548B2 (en) | Relay device, relay method and program | |
| EP1918843B1 (en) | Method and apparatus for centrally managed encrypted partition | |
| US8528057B1 (en) | Method and apparatus for account virtualization | |
| US20150248287A1 (en) | System and methods for remote maintenance in an electronic network with multiple clients | |
| US20060101517A1 (en) | Inventory management-based computer vulnerability resolution system | |
| US9275238B2 (en) | Method and apparatus for data security reading | |
| US8281038B2 (en) | Thin client terminal, operation program and method thereof, and thin client system | |
| WO2013080659A1 (en) | Sensitive information leakage prevention system, sensitive information leakage prevention method, and computer-readable recording medium | |
| US9330266B2 (en) | Safe data storage method and device | |
| CN112394683B (en) | File transmission method using industrial control system | |
| US10120986B2 (en) | Controlling execution of a software application on an execution platform in a local network | |
| KR20200132521A (en) | Apparatus for guaranteeing integrity of state database in blockchain-based environment and method thereof | |
| CN113238762B (en) | Remote deployment method, device and equipment for java application | |
| US20220182224A1 (en) | Using keys for selectively preventing execution of commands on a device | |
| US11240268B1 (en) | Dynamic honeypots for computer program execution environments | |
| CN110443051B (en) | Method for preventing confidential documents from spreading on Internet | |
| CN113765913A (en) | Method for configuring access to blacklist by Tomcat server, storage medium and Tomcat server | |
| KR20220097037A (en) | Data leak prevention system | |
| CN111581660A (en) | Method and apparatus for preventing trojan from destroying shared file, medium and electronic device | |
| JP2008083886A (en) | Confidential information leakage prevention method and system | |
| CN117610089B (en) | Encryption method, system, equipment and storage medium of multi-core heterogeneous chip | |
| CN114584556B (en) | File transmission method and device | |
| US8271623B2 (en) | Performing configuration in a multimachine environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20210223 Assignee: Guilin Weisichuang Technology Co.,Ltd. Assignor: GUILIN University OF ELECTRONIC TECHNOLOGY Contract record no.: X2023980046257 Denomination of invention: A File Transfer Method Using Industrial Control Systems Granted publication date: 20220311 License type: Common License Record date: 20231108 |