CN115380505A - 工业网络行为分析方法、装置、系统和计算机可读介质 - Google Patents
工业网络行为分析方法、装置、系统和计算机可读介质 Download PDFInfo
- Publication number
- CN115380505A CN115380505A CN202080099460.8A CN202080099460A CN115380505A CN 115380505 A CN115380505 A CN 115380505A CN 202080099460 A CN202080099460 A CN 202080099460A CN 115380505 A CN115380505 A CN 115380505A
- Authority
- CN
- China
- Prior art keywords
- time window
- control
- time
- control instruction
- executed
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B19/00—Programme-control systems
- G05B19/02—Programme-control systems electric
- G05B19/418—Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS], computer integrated manufacturing [CIM]
- G05B19/4185—Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS], computer integrated manufacturing [CIM] characterised by the network communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B2219/00—Program-control systems
- G05B2219/20—Pc systems
- G05B2219/23—Pc programming
- G05B2219/23317—Safe mode, secure program, environment in case of error, intrusion
Abstract
一种工业网络行为分析方法、装置、系统和计算机可读介质,该工业网络行为分析方法包括:针对目标工业控制系统确定至少一个第一时间窗(101);分别确定每一个第一时间窗内目标工业控制器中各控制指令的执行概率偏差(102);采集目标工业控制系统中被执行的控制指令(103);根据采集到的控制指令,确定至少一个第二时间窗(104);计算该控制指令在第二时间窗内的被执行概率(105);判断该控制指令的被执行概率是否满足目标执行概率偏差(106);如果是则确定该控制指令为合法控制指令(107),否则确定该控制指令为可疑控制指令(108)。
Description
PCT国内申请,说明书已公开。
Claims (15)
- PCT国内申请,权利要求书已公开。
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2020/088460 WO2021217636A1 (zh) | 2020-04-30 | 2020-04-30 | 工业网络行为分析方法、装置、系统和计算机可读介质 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115380505A true CN115380505A (zh) | 2022-11-22 |
Family
ID=78331656
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202080099460.8A Pending CN115380505A (zh) | 2020-04-30 | 2020-04-30 | 工业网络行为分析方法、装置、系统和计算机可读介质 |
Country Status (4)
Country | Link |
---|---|
US (1) | US11829122B2 (zh) |
EP (1) | EP4131881A4 (zh) |
CN (1) | CN115380505A (zh) |
WO (1) | WO2021217636A1 (zh) |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2299650A1 (de) | 2009-09-21 | 2011-03-23 | Siemens Aktiengesellschaft | Verfahren zur Anomalie-Erkennung in einem Kontrollnetzwerk |
CN103235882B (zh) | 2013-04-23 | 2016-04-20 | 湖南工学院 | 核电厂数字化主控室操作员监视行为可靠性判定方法 |
US10536530B2 (en) | 2016-03-02 | 2020-01-14 | Dig.Y.Sol Llc | Networked gate machines gaging the condition of unmanned platforms |
CN109144023A (zh) | 2017-06-27 | 2019-01-04 | 西门子(中国)有限公司 | 一种工业控制系统的安全检测方法和设备 |
CN110224970B (zh) * | 2018-03-01 | 2021-11-23 | 西门子公司 | 一种工业控制系统的安全监视方法和装置 |
EP3588206B1 (en) * | 2018-06-21 | 2024-01-10 | Siemens Aktiengesellschaft | A safe guard detection for unexpected operations in a mes system |
-
2020
- 2020-04-30 US US17/921,863 patent/US11829122B2/en active Active
- 2020-04-30 WO PCT/CN2020/088460 patent/WO2021217636A1/zh unknown
- 2020-04-30 EP EP20933508.2A patent/EP4131881A4/en active Pending
- 2020-04-30 CN CN202080099460.8A patent/CN115380505A/zh active Pending
Also Published As
Publication number | Publication date |
---|---|
EP4131881A4 (en) | 2024-01-10 |
US11829122B2 (en) | 2023-11-28 |
US20230119829A1 (en) | 2023-04-20 |
EP4131881A1 (en) | 2023-02-08 |
WO2021217636A1 (zh) | 2021-11-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106828362B (zh) | 汽车信息的安全测试方法及装置 | |
KR101538709B1 (ko) | 산업제어 네트워크를 위한 비정상 행위 탐지 시스템 및 방법 | |
CN109684833B (zh) | 使程序危险行为模式适应用户计算机系统的系统和方法 | |
CN111600880A (zh) | 异常访问行为的检测方法、系统、存储介质和终端 | |
CN112114995A (zh) | 基于进程的终端异常分析方法、装置、设备及存储介质 | |
CN111970229B (zh) | 一种针对多种攻击方式的can总线数据异常检测方法 | |
CN113032792A (zh) | 系统业务漏洞检测方法、系统、设备及存储介质 | |
RU2587429C2 (ru) | Система и способ оценки надежности правила категоризации | |
CN113114690A (zh) | 威胁事件识别方法、装置、设备及存储介质 | |
CN112565278A (zh) | 一种捕获攻击的方法及蜜罐系统 | |
CN109743339B (zh) | 电力厂站的网络安全监测方法和装置、计算机设备 | |
CN111800432A (zh) | 一种基于日志分析的防暴力破解方法及装置 | |
CN114329452A (zh) | 一种异常行为检测方法、装置及相关设备 | |
US11539730B2 (en) | Method, device, and computer program product for abnormality detection | |
CN107463493B (zh) | 一种面向主机防病毒产品的测试系统和测试方法 | |
CN113556335A (zh) | 车载总线安全测试方法和系统 | |
CN117240522A (zh) | 基于攻击事件模型的漏洞智能挖掘方法 | |
CN112182579A (zh) | 进程名单生成方法及装置、异常进程检测方法及装置 | |
CN115380505A (zh) | 工业网络行为分析方法、装置、系统和计算机可读介质 | |
CN111651760A (zh) | 一种设备安全状态综合分析的方法及计算机可读存储介质 | |
CN112578694A (zh) | 针对一个工业控制器的监测系统、方法、装置和计算机可读介质 | |
CN114205146B (zh) | 一种多源异构安全日志的处理方法及装置 | |
KR101621959B1 (ko) | 로그패턴추출장치, 로그패턴분석장치 및 그 방법 | |
CN111935089B (zh) | 基于大数据和边缘计算的数据处理方法及人工智能服务器 | |
US11843639B2 (en) | Industrial control system security analysis method and apparatus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |