CN115776415A - Intelligent network gate equipment management system and method based on industrial protocol - Google Patents

Intelligent network gate equipment management system and method based on industrial protocol Download PDF

Info

Publication number
CN115776415A
CN115776415A CN202310105860.0A CN202310105860A CN115776415A CN 115776415 A CN115776415 A CN 115776415A CN 202310105860 A CN202310105860 A CN 202310105860A CN 115776415 A CN115776415 A CN 115776415A
Authority
CN
China
Prior art keywords
data
gatekeeper
monitoring
unit
database
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202310105860.0A
Other languages
Chinese (zh)
Other versions
CN115776415B (en
Inventor
刘智勇
陈敏超
黄荣杰
黄勇建
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhuhai Hongrui Information Technology Co Ltd
Original Assignee
Zhuhai Hongrui Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhuhai Hongrui Information Technology Co Ltd filed Critical Zhuhai Hongrui Information Technology Co Ltd
Priority to CN202310105860.0A priority Critical patent/CN115776415B/en
Publication of CN115776415A publication Critical patent/CN115776415A/en
Application granted granted Critical
Publication of CN115776415B publication Critical patent/CN115776415B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Abstract

The invention discloses an intelligent management system and method of a network gate device based on an industrial protocol, wherein the management method comprises the following steps: s1: acquiring real-time state data of the gatekeeper equipment through a data monitoring module; s2: monitoring transmission data of the gatekeeper equipment through a data acquisition module, and acquiring related data; s3: analyzing the data obtained in the S1 and the S2 through an analysis and prediction module, and predicting output data at two ends of the gateway equipment for data exchange; s4: according to the prediction result, managing the corresponding area of the gatekeeper equipment through a data regulation and control module; by monitoring the real-time running state of the gatekeeper equipment, the synchronism of data of the two parties is ensured, and the safe running of the gatekeeper equipment is ensured; the output data of two ends of data exchange are predicted through the gatekeeper equipment, so that the processing time from the instruction receiving to the data transmission completion of the gatekeeper equipment is reduced, and the data transmission speed of the gatekeeper equipment is improved.

Description

Intelligent network gate equipment management system and method based on industrial protocol
Technical Field
The invention relates to the technical field of intelligent management of gatekeeper equipment, in particular to an intelligent management system and method of gatekeeper equipment based on an industrial protocol.
Background
The network gate is called as an information exchange and safety isolation system, is used for realizing safety isolation between networks with different safety levels, is enterprise-level information safety protection equipment with high safety degree, enables attacks to lose carriers by blocking communication connection, provides a software and hardware system with proper safety data exchange, provides higher-level safety protection capability for an information network, isolates the network safety threats with harm, ensures that data information can safely interact in a credible network, realizes safety isolation between networks with different safety levels while finishing data exchange, greatly enhances the anti-attack capability of the information network, and effectively prevents the occurrence of information leakage events.
With the development of the times, the connection between the industrial production network and the internet enables the industrial production network to face potential threats from the vast internet, and the data exchange between the industrial production network and the internet is realized while physical isolation is carried out through a gatekeeper technology; however, data in the industrial production network is complex, and when the gatekeeper exchanges data through a transmission file, the data is transmitted in a single direction through the ferry switch, the two network data buffers are sequentially connected to read the data, and then the data is written into the buffer corresponding to the target network.
Therefore, an intelligent gatekeeper management system and method based on industrial protocols are needed to solve the above problems.
Disclosure of Invention
The invention aims to provide an intelligent gatekeeper management system and method based on an industrial protocol, so as to solve the problems in the background technology.
In order to solve the technical problems, the invention provides the following technical scheme: an intelligent gatekeeper management system based on industrial protocols, the system comprising: the system comprises a gatekeeper equipment monitoring module, a data acquisition module, an analysis and prediction module, a data regulation and control module and a database;
the gatekeeper equipment monitoring module is used for monitoring the real-time running state of the gatekeeper equipment and monitoring to obtain gatekeeper state related data; the method comprises the steps of working state information of a production network and external network equipment; judging the safe operation condition of the network gate equipment; the safety of the network gate equipment is detected, so that the protection of an industrial network is improved;
the data acquisition module is used for acquiring transmission data of the gatekeeper equipment;
the analysis and prediction module is used for analyzing the acquired transmission data, analyzing the relevance of other data in the database according to the current transmission data and predicting the output data in the database by a big data technology;
the data regulation and control module is used for intelligently managing related data in the database according to the analysis and prediction result, sequencing queues according to the association degree and performing reading and buffering in advance;
the database comprises a production network database and an external network database.
Furthermore, the gatekeeper equipment monitoring module comprises a gatekeeper switch monitoring unit, a database monitoring unit, a user authority monitoring unit and a gatekeeper system monitoring unit;
the network brake switch monitoring unit is used for monitoring a network brake interface and an isolation switch; the database monitoring unit is used for monitoring a production network database and an external network database, including database synchronization conditions, verifying the database and judging the database synchronization conditions; the user authority monitoring unit is used for carrying out authentication detection on the user sending the data exchange request and judging the user authority; the gatekeeper system monitoring unit is used for monitoring the gatekeeper system and comprises a system log and system configuration.
Further, the data acquisition module comprises a transmission monitoring unit and a data acquisition unit;
the transmission monitoring unit is used for monitoring real-time data transmitted through the gatekeeper;
the data acquisition unit is used for acquiring the related data of the monitored transmission data.
Further, the analysis prediction module comprises a data analysis unit and a data prediction unit;
the data analysis unit is used for performing relevance analysis on other data in the database according to the related data acquired by the data acquisition unit; and the data prediction unit is used for performing output prediction on other data in the database according to the relevance analysis result of the data analysis unit.
Furthermore, the data regulation and control module comprises an intelligent regulation and control unit, a queue management unit and a data updating unit;
the intelligent control unit is used for controlling the gatekeeper equipment according to the monitoring data of the data monitoring module;
the queue management unit is used for sorting the predicted output data according to the prediction result of the data prediction unit and inputting the queue into the data buffer area;
the data updating unit is used for tracking the actual output result of the prediction output and updating the related data in the analysis prediction module according to the actual output result so as to improve the accuracy of prediction.
An intelligent network gate equipment management method based on an industrial protocol comprises the following steps:
s1: acquiring real-time state data of the gatekeeper equipment through a data monitoring module;
s2: monitoring transmission data of the gatekeeper equipment through a data acquisition module, and acquiring related data;
s3: analyzing the data obtained in the S1 and the S2 through an analysis and prediction module, and predicting output data at two ends of the gateway equipment for data exchange;
s4: and managing the corresponding area of the gatekeeper equipment through a data regulation and control module according to the prediction result.
Further, in step S1, the connection state of the gatekeeper interface and the isolation switch is monitored by the gatekeeper switch monitoring unit to obtain the actual state of the gatekeeper switch; when the network brake switch is monitored to be in an opening state, the system is operated; whether the network states of both sides of the gatekeeper are smooth or not is confirmed, and the occupation of limited resources in idle time is reduced;
the database monitoring unit is used for monitoring the synchronization condition of the production network database and the external network database so as to prevent production loss caused by the asynchronization of the databases; carrying out data verification on the database and judging the synchronization condition of the database; when the data of the databases of the two parties are not synchronized, the system sends out corresponding instructions through the intelligent regulation and control unit to synchronously update the databases;
judging a user side which sends a data exchange request through a user authority monitoring unit, checking user authority, and acquiring user information; according to the obtained user tag, historical operation data of the user on the gatekeeper system can be checked; and monitoring the configuration and the log record of the gatekeeper system by the gatekeeper system monitoring unit to obtain the historical operating data of the gatekeeper system.
Further, in step S2, the transmission monitoring unit monitors transmission data of the gatekeeper device, the data acquisition unit performs related data acquisition on the monitored transmission data, and acquires a data set a of current transmission data, where a includes { a } a 1 ,A 2 ,...,A n In which A 1 ,A 2 ,...,A n The data sets a respectively represent the 1 st, 2 nd, and n th data items of the currently transmitted data.
Further, in step S3, the correlation analysis is performed on the data acquired in step S1 and step S2, and the process of predicting the output data specifically includes:
s3-1: the user information data and the historical operation data of the gatekeeper system acquired in the step S1 are sorted, and a transaction data set W corresponding to a user h is established h W is as described h Includes { w 1 ,w 2 ,...,w n In which w 1 ,w 2 ,...,w n Respectively representing usersh transaction data set W h 1, 2, m transactions, wherein one transaction represents a historical usage data record of a user for the gatekeeper system;
s3-2: for transaction data set W h Mining to obtain a frequent item set L, wherein the L comprises { L 1 ,L 2 ,...,L z In which L is 1 ,L 2 ,...,L z Respectively representing the 1 st, 2 nd and z th frequent items in the frequent item set L;
the frequent item set in step S3-2 is obtained based on a FP tree construction method, and when the FP tree is constructed, a desire that does not satisfy the minimum support degree is deleted, so that the storage space and the calculation amount are reduced, and the method specifically includes the following steps:
p1: scanning the transaction data set, customizing the minimum support degree of the data items, and deleting the items smaller than the minimum support degree;
wherein the support is the frequency of occurrence of the data item in the transaction data set;
p2: sorting the items in the data set after the first screening based on the descending order of the support degree;
p3: performing second scanning, and constructing a tree structure according to the sequencing result of the P2, wherein the root node is null;
p4: searching a condition mode base from bottom to top from a leaf node of the tree, recursively calling a tree structure, and deleting items smaller than the minimum support degree;
p5: repeatedly executing P4 until the tree structure only contains a single path, and enumerating all path combinations to obtain a frequent item set;
s3-3: analyzing and obtaining a corresponding association rule according to the frequent item set L of the user h obtained in the S3-2, wherein the method specifically comprises the following steps:
s3-3-1: calculating a currently transmitted data set A i With other data sets B in the frequent item set L q Degree of support of (A) i B q ) Wherein A is i ∈A,B q ∈L;
Degree of support S (A) i B q ) = contains A i And B q The number of aggregate records/total number of aggregate records of (a); namely:
S(A i B q )=P(A i ∪B q );
s3-3-2: calculating the current transmission data A i With other data sets B in the frequent item set L q Confidence of (A) i B q ) Wherein, the confidence coefficient C (A) i B q ) = contains A i And comprises B q The number of the collection records/containing A i The number of collection records of; namely:
C(A i B q )=P(B q |A i );
s3-3-3: setting association rule parameters according to the calculation results in the two steps of S3-3-1 and S3-3-2, and establishing an association rule between the two data sets, namely the minimum support degree S min And minimum confidence C min
S3-3-4: calculating a currently transmitted data set A i With other data sets B in the frequent item set L q Degree of lift T (A) i B q ) Wherein the degree of lift T (A) i B q ) = transmission data a i With other data sets B in the frequent item set L q Other data sets B in the confidence/frequent item set L q The degree of support of (c); namely:
T(A i B q )=P(B q |A i )/P(B q );
obtaining a current transmission data set A by calculating the lifting degree i With other data sets B in the frequent item set L q According to the correlation analysis result, an operator sets a threshold t of the lifting degree in a self-defined way according to the actual situation, and when the lifting degree is reached>When t is, consider A i And B q The data item sets meeting the relevance requirement are screened and added into a candidate area;
s3-4: according to the association rule in S3-3, the data item sets in the candidate area are sorted through the queue management unit, and the queue D is obtained according to the sorting of the lifting degree values of the data item sets from high to low η η represents the number of sets of data items in the queue; then queue D η To be based on the currently transmitted data set A i And predicting a target data set in the database to be called by the user h.
Wherein the content of the first and second substances,for queue D η The queue length can be set by self-definition;
further, in step S4, according to the prediction result of step S3, the target queue D after the sorting process is performed by the intelligent control unit η Outputting, and inputting the queue into a data buffer area of a corresponding network for queuing preparation; so as to reduce the processing time from the instruction receiving to the data transmission completion of the network gate equipment and improve the data transmission speed of the network gate equipment;
the actual output result of the prediction output is tracked through the data updating unit, the transaction data set W corresponding to each user is updated according to the actual output result, and the historical use data record of the user on the gatekeeper system is increased, so that the accuracy of prediction is improved.
Wherein, the data updating unit carries out the current transmission data set A according to the tracked calling operation of the user to the database i Updating is performed, i.e. a new data set is subjected to correlation analysis, and further, an output queue is updated.
Compared with the prior art, the invention has the following beneficial effects:
on the basis of ensuring safety isolation, the invention realizes data exchange between the production network and the external network, effectively prevents information leakage and malicious attack, supports various mainstream industrial protocols, can carry out safety detection on the industrial protocols and improves the protection performance on the industrial network; by monitoring the real-time running state of the network gate equipment, when the network gate equipment is abnormal, a worker can receive early warning prompt in time, and the safe and reliable running of the network gate equipment is guaranteed; predicting output data of two ends for data exchange through the gatekeeper according to the actual running state of the gatekeeper; and according to the prediction result, managing the corresponding area of the gatekeeper equipment through the data regulation and control module so as to reduce the processing time from the receiving of the data transmission instruction to the completion of the data transmission of the gatekeeper equipment and improve the data transmission speed of the gatekeeper equipment.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a schematic block diagram of an intelligent gatekeeper management system and method according to an industrial protocol;
fig. 2 is a schematic method flow diagram of the system and method for intelligently managing gatekeeper devices based on industrial protocols according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1 and 2, the present invention provides a technical solution: an intelligent gatekeeper management system based on industrial protocols, the system comprising: the system comprises a gatekeeper equipment monitoring module, a data acquisition module, an analysis and prediction module, a data regulation and control module and a database;
the gatekeeper equipment monitoring module is used for monitoring the real-time running state of the gatekeeper equipment and monitoring to obtain gatekeeper state related data; the method comprises the steps of working state information of a production network and external network equipment; judging the safe operation condition of the network gate equipment; the gatekeeper equipment monitoring module comprises a gatekeeper switch monitoring unit, a database monitoring unit, a user authority monitoring unit and a gatekeeper system monitoring unit;
the network brake switch monitoring unit is used for monitoring the network brake interface and the isolation switch; the database monitoring unit is used for monitoring a production network database and an external network database, including database synchronization conditions, performing data verification on the databases, such as associated field value verification and the like, and judging the database synchronization conditions; the user authority monitoring unit is used for carrying out authentication detection on the user sending the data exchange request and judging the user authority; the gatekeeper system monitoring unit is used for monitoring the gatekeeper system and comprises a system log and system configuration.
The data acquisition module is used for acquiring transmission data of the gatekeeper equipment; the data acquisition module comprises a transmission monitoring unit and a data acquisition unit; the transmission monitoring unit is used for monitoring the real-time data transmitted through the gatekeeper; the data acquisition unit is used for acquiring the related data of the monitored transmission data.
The analysis and prediction module is used for analyzing the acquired transmission data, performing relevance analysis on other data in the database according to the current transmission data and predicting the output data in the database through a big data technology; the analysis prediction module comprises a data analysis unit and a data prediction unit;
the data analysis unit is used for performing relevance analysis on other data in the database according to the related data acquired by the data acquisition unit; and the data prediction unit is used for performing output prediction on other data in the database according to the relevance analysis result of the data analysis unit.
The data regulation and control module is used for intelligently managing related data in the database according to the analysis and prediction result, sequencing queues according to the association degree and performing reading and buffering in advance; the data regulation and control module comprises an intelligent regulation and control unit, a queue management unit and a data updating unit;
the intelligent regulation and control unit is used for controlling the gatekeeper equipment according to the monitoring data of the data monitoring module; the queue management unit is used for sorting the predicted output data according to the prediction result of the data prediction unit and inputting the queue into the data buffer area; the data updating unit is used for tracking the actual output result of the prediction output and updating the related data in the analysis prediction module according to the actual output result so as to improve the accuracy of prediction.
The database comprises a production network database and an external network database.
An intelligent network gate equipment management method based on an industrial protocol comprises the following steps:
s1: acquiring real-time state data of the gatekeeper equipment through a data monitoring module;
in the step S1, monitoring the connection state of a network gate interface and an isolation exchange switch through a network gate switch monitoring unit to obtain the actual state of the network gate switch; when the network brake switch is monitored to be in an opening state, the system is operated; whether the network states of both sides of the gatekeeper are smooth or not is confirmed, and occupation of limited resources in idle time is reduced;
the database monitoring unit is used for monitoring the synchronization condition of the production network database and the external network database so as to prevent production loss caused by the asynchronization of the databases; when the data of the databases of the two parties are not synchronized, the system sends out corresponding instructions through the intelligent regulation and control unit to synchronously update the databases;
judging a user side which sends a data exchange request through a user authority monitoring unit, checking user authority, and acquiring user information; according to the obtained user tag, historical operation data of the user on the gatekeeper system can be checked; and monitoring the configuration and the log record of the gatekeeper system by the gatekeeper system monitoring unit to obtain the historical operating data of the gatekeeper system.
S2: monitoring transmission data of the gatekeeper equipment through a data acquisition module, and acquiring related data;
in step S2, the transmission monitoring unit monitors transmission data of the gatekeeper device, the data acquisition unit performs related data acquisition on the monitored transmission data, and acquires a data set a of current transmission data, where a includes { a } a 1 ,A 2 ,...,A n In which A 1 ,A 2 ,...,A n The 1 st, 2 nd, n th data items in data set a representing currently transmitted data, respectively.
S3: analyzing the data obtained in the S1 and the S2 through an analysis and prediction module, and predicting output data at two ends of the gateway equipment for data exchange;
in step S3, performing relevance analysis on the data acquired in step S1 and step S2, and the process of predicting the output data specifically includes:
s3-1: for step S1 acquisitionThe user information data and the historical operation data of the gatekeeper system are arranged, and a transaction data set W corresponding to a user h is established h W is as described h Includes therein { w 1 ,w 2 ,...,w n In which w 1 ,w 2 ,...,w n Transaction data sets W each representing a user h h 1, 2, m transactions, wherein one transaction represents a historical usage data record of a user for the gatekeeper system;
s3-2: for transaction data set W h Mining to obtain a frequent item set L, wherein the L comprises { L 1 ,L 2 ,...,L z In which L is 1 ,L 2 ,...,L z Respectively representing the 1 st, 2 nd and z th frequent items in the frequent item set L;
the frequent item set in step S3-2 is obtained based on a FP tree construction method, and when the FP tree is constructed, a desire that does not satisfy the minimum support degree is deleted, so that the storage space and the calculation amount are reduced, and the method specifically includes the following steps:
p1: scanning the transaction data set, customizing the minimum support degree of the data items, and deleting the items smaller than the minimum support degree;
wherein the support is the frequency of occurrence of the data item in the transaction data set;
p2: sorting the items in the data set after the first screening based on the descending order of the support degree;
p3: performing second scanning, and constructing a tree structure according to the sequencing result of the P2, wherein the root node is null;
p4: searching a condition mode base from bottom to top from a leaf node of the tree, recursively calling a tree structure, and deleting items smaller than the minimum support degree;
p5: repeatedly executing the P4 until the tree structure only contains a single path, and enumerating all path combinations to obtain a frequent item set;
s3-3: analyzing and obtaining a corresponding association rule according to the frequent item set L of the user h obtained in the S3-2, wherein the method specifically comprises the following steps:
s3-3-1: calculating a currently transmitted data set A i And frequent item set LOther data set B q Support degree of (A) S i B q ) Wherein A is i ∈A,B q ∈L;
Degree of support S (A) i B q ) = contains A i And B q The number of aggregate records/total number of aggregate records of (1); namely:
S(A i B q )=P(A i ∪B q );
s3-3-2: calculating the current transmission data A i With other data sets B in the frequent item set L q Confidence of (A) i B q ) Wherein, the confidence coefficient C (A) i B q ) = comprises A i And comprises B q The number of the collection records/containing A i The number of collection records of; namely:
C(A i B q )=P(B q |A i );
s3-3-3: setting association rule parameters according to the calculation results in the two steps of S3-3-1 and S3-3-2, and establishing an association rule between the two data sets, namely the minimum support S min And minimum confidence C min
S3-3-4: calculating a currently transmitted data set A i With other data sets B in the frequent item set L q Degree of lift T (A) i B q ) Wherein the degree of lift T (A) i B q ) = transmission data a i With other data sets B in the frequent item set L q Other data sets B in the confidence/frequent item set L q The degree of support of (c); namely:
T(A i B q )=P(B q |A i )/P(B q );
obtaining a current transmission data set A by calculating the lifting degree i With other data sets B in the frequent item set L q According to the correlation analysis result, an operator sets a threshold t of the lifting degree in a self-defined way according to the actual situation, and when the lifting degree is reached>At t, consider A i And B q Having relevance, screening and adding the data item set meeting the relevance requirement into a candidate area;
s3-4: according to the association rule in S3-3, the data item sets in the candidate area are sorted through the queue management unit, and the data item sets are promotedThe degree value is sorted from high to low to obtain a queue D η η represents the number of sets of data items in the queue; then queue D η To be based on the currently transmitted data set A i And predicting a target data set in the database to be called by the user h.
Wherein for queue D η The queue length can be set by self-definition;
s4: and managing the corresponding area of the gatekeeper equipment through a data regulation and control module according to the prediction result. In step S4, according to the prediction result in step S3, the target queue D after the sorting processing is performed through the intelligent control unit η Outputting, and inputting the queue into a data buffer area of a corresponding network for queuing preparation; so as to reduce the processing time from the instruction receiving to the data transmission completion of the network gate equipment and improve the data transmission speed of the network gate equipment;
the actual output result of the prediction output is tracked through the data updating unit, the transaction data set W corresponding to each user is updated according to the actual output result, and the historical use data record of the user on the gatekeeper system is increased, so that the accuracy of prediction is improved.
The first embodiment is as follows:
s1: monitoring the current security operation gateway equipment, monitoring the real-time state data of the gateway equipment through a data monitoring module, sorting the acquired user information data and the historical operation data of the gateway system, and establishing a transaction data set W corresponding to a user h h
S2: monitoring the production network and carrying out data transmission with an external network through the transmission monitoring unit, carrying out related data acquisition on the monitored transmission data through the data acquisition unit, and acquiring a data set A of the current transmission data, wherein the A comprises { A } 1 ,A 2 ,...,A 7 That is, seven transmission data are included in the current transmission data set a;
s3: performing relevance analysis on the acquired current transmission data set and other data sets in the database, wherein the process of predicting the output data specifically comprises the following steps:
s3-1: for the purpose obtained in step S1Arranging the user information data and the historical operation data of the gatekeeper system, and establishing a transaction data set W corresponding to the user h h W is as described h Includes therein { w 1 ,w 2 ,...,w n In which w 1 ,w 2 ,...,w n Transaction data sets W each representing a user h h 1, 2, m transactions, wherein one transaction represents a historical usage data record of a user for the gatekeeper system;
s3-2: for transaction data set W h Mining to obtain a frequent item set L, wherein the L comprises { L 1 ,L 2 ,...,L 9 In which L is 1 ,L 2 ,...,L 9 Respectively representing the 1 st, 2 nd, 9 th frequent items in the frequent item set L;
s3-3: analyzing and obtaining a corresponding association rule according to the frequent item set L of the user h obtained in the S3-2, wherein the method specifically comprises the following steps:
s3-3-1: calculating a currently transmitted data set A i With other data sets B in the frequent item set L q Degree of support of (A) i B q ) Wherein A is i ∈A,B q E is L; degree of support S (A) i B q ) = contains A i And B q The number of aggregate records/total number of aggregate records of (1);
e.g. calculating the current transmission data set a i With other data sets B in the frequent item set L 6 Degree of support of (A) i B 6 ):
S(A i B 6 )=P(A i ∪B 6 )=0.4;
S3-3-2: calculating the current transmission data A i With other data sets B in the frequent item set L q Confidence of (A) i B q ) Wherein, the confidence coefficient C (A) i B q ) = contains A i And comprises B q The number of the collection records/containing A i The number of collection records of;
e.g. calculating the currently transmitted data set A i With other data sets B in the frequent item set L 6 Confidence of (A) i B 6 ):
C(A i B 6 )=P(B 6 |A i )=0.7;
S3-3-3: setting an association rule parameter, namely a minimum support degree S according to the calculation results in the two steps of S3-3-1 and S3-3-2 min And minimum confidence C min (ii) a E.g. minimum support S min =0.3; minimum confidence C min =0.6;
S3-3-4: calculating a currently transmitted data set A i With other data sets B in the frequent item set L q Degree of lift T (A) i B q ) Wherein the degree of lift T (A) i B q ) = transmission data a i With other data sets B in the frequent item set L q Other data sets B in the confidence/frequent item set L of q The degree of support of (c); e.g. calculating the current transmission data set a i With other data sets B in the frequent item set L 6 Degree of lift T (A) i B 6 ):
T(A i B 6 )=P(B 6 |A i )/P(B 6 )=0.7/0.4=1.75;
Obtaining a current transmission data set A by calculating the lifting degree i With other data sets B in the frequent item set L q According to the correlation analysis result, according to the actual condition, the operator sets the threshold value of the lifting degree to be 1.5 in a self-defined way, and the current transmission data set A i With other data sets B in the frequent item set L 6 Has a lift of 1.75>1.5, consider A i And B 6 The method has relevance, and by analogy, a data item set meeting the relevance requirement in the frequent item set L is screened and added into a candidate area;
s3-4: according to the association rule in S3-3, the data item sets in the candidate area are sorted through the queue management unit, and the queue D is obtained according to the sorting of the lifting degree values of the data item sets from high to low η η represents the number of sets of data items in the queue; then queue D η To be based on the currently transmitted data set A i And predicting a target data set in the database to be called by the user h. Wherein for queue D η The queue length can be set by self-definition; the queue length is set to be 5, and the first five target data in the queue are reserved so as to reduce the occupation of resources.
S4: based on the prediction result, through intelligent regulationThe control unit processes the sorted target queue D 5 Outputting, and inputting the queue into a data buffer area of a corresponding network for queuing preparation; so as to reduce the processing time from the instruction receiving to the data transmission completion of the network gate equipment and improve the data transmission speed of the network gate equipment;
and tracking the actual output result of the prediction output through the data updating unit, updating the transaction data set W corresponding to each user according to the actual output result, and increasing the historical use data record of the user on the gatekeeper system so as to improve the accuracy of prediction.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. The utility model provides a gatekeeper equipment intelligent management system based on industry agreement which characterized in that: the system comprises: the system comprises a gatekeeper equipment monitoring module, a data acquisition module, an analysis and prediction module, a data regulation and control module and a database;
the gatekeeper equipment monitoring module is used for monitoring the real-time running state of the gatekeeper equipment and monitoring to obtain gatekeeper state related data;
the data acquisition module is used for acquiring transmission data of the gatekeeper equipment;
the analysis and prediction module is used for analyzing the acquired transmission data, performing relevance analysis on other data in the database according to the current transmission data and predicting the output data in the database through a big data technology;
the data regulation and control module is used for intelligently managing related data in the database according to the analysis and prediction result, sequencing queues according to the association degree and performing reading and buffering in advance;
the database comprises a production network database and an external network database.
2. The intelligent gatekeeper management system based on industrial protocol according to claim 1, characterized in that: the gatekeeper equipment monitoring module comprises a gatekeeper switch monitoring unit, a database monitoring unit, a user authority monitoring unit and a gatekeeper system monitoring unit;
the network brake switch monitoring unit is used for monitoring a network brake interface and an isolation switch; the database monitoring unit is used for monitoring a production network database and an external network database; the user authority monitoring unit is used for carrying out authentication detection on a user sending a data exchange request and judging the user authority; the gatekeeper system monitoring unit is used for monitoring the gatekeeper system and comprises a system log and system configuration.
3. The intelligent gatekeeper management system based on industrial protocol according to claim 1, characterized in that: the data acquisition module comprises a transmission monitoring unit and a data acquisition unit;
the transmission monitoring unit is used for monitoring real-time data transmitted through the gatekeeper;
the data acquisition unit is used for acquiring the related data of the monitored transmission data.
4. The intelligent gatekeeper management system based on industrial protocol according to claim 1, wherein: the analysis prediction module comprises a data analysis unit and a data prediction unit;
the data analysis unit is used for performing relevance analysis on other data in the database according to the related data acquired by the data acquisition unit; and the data prediction unit is used for performing output prediction on other data in the database according to the relevance analysis result of the data analysis unit.
5. The intelligent gatekeeper management system based on industrial protocol according to claim 1, characterized in that: the data regulation and control module comprises an intelligent regulation and control unit, a queue management unit and a data updating unit;
the intelligent control unit is used for controlling the gatekeeper equipment according to feedback results of the data monitoring module and the analysis and prediction module;
the queue management unit is used for sequencing the predicted output data according to the prediction result of the data prediction unit;
the data updating unit is used for tracking the actual output result of the prediction output and updating the related data in the analysis prediction module according to the actual output result.
6. An intelligent network gate equipment management method based on an industrial protocol is characterized in that: the method comprises the following steps:
s1: acquiring real-time state data of the gatekeeper equipment through a data monitoring module;
s2: monitoring transmission data of the gatekeeper equipment through a data acquisition module, and acquiring related data;
s3: analyzing the data obtained in the S1 and the S2 through an analysis and prediction module, and predicting output data at two ends of the gateway equipment for data exchange;
s4: and managing the corresponding area of the gatekeeper equipment through a data regulation and control module according to the prediction result.
7. The intelligent management method for the gatekeeper equipment based on the industrial protocol according to claim 6, wherein: in the step S1, monitoring the connection state of a network gate interface and an isolation exchange switch through a network gate switch monitoring unit to obtain the actual state of the network gate switch; when the network brake switch is monitored to be in an opening state, the system is operated;
the database monitoring unit is used for monitoring the synchronization condition of the production network database and the external network database, and when the data of the databases of the production network database and the external network database are not synchronized, the system sends a corresponding instruction through the intelligent control unit to synchronously update the databases;
judging a user side which sends a data exchange request through a user authority monitoring unit, checking user authority, and acquiring user information; and monitoring the configuration and the log record of the gatekeeper system by the gatekeeper system monitoring unit to obtain the historical operating data of the gatekeeper system.
8. The intelligent management method for the gatekeeper equipment based on the industrial protocol according to claim 6, wherein: in step S2, the transmission monitoring unit monitors transmission data of the gatekeeper device, the data acquisition unit performs related data acquisition on the monitored transmission data, and acquires a data set a of current transmission data, where a includes { a } a 1 ,A 2 ,...,A n In which A 1 ,A 2 ,...,A n The data sets a respectively represent the 1 st, 2 nd, and n th data items of the currently transmitted data.
9. The intelligent management method for the gatekeeper equipment based on the industrial protocol according to claim 6, wherein: in step S3, performing relevance analysis on the data acquired in step S1 and step S2, and the process of predicting the output data specifically includes:
s3-1: the user information data and the historical operation data of the gatekeeper system acquired in the step S1 are sorted, and a transaction data set W corresponding to a user h is established h W is as described h Includes therein { w 1 ,w 2 ,...,w n In which w 1 ,w 2 ,...,w n Transaction data sets W each representing a user h h To middle1. 2, m transactions, wherein one transaction represents a historical usage data record of a user for the gatekeeper system;
s3-2: for transaction data set W h Mining to obtain a frequent item set L, wherein the L comprises { L 1 ,L 2 ,...,L z In which L is 1 ,L 2 ,...,L z Respectively representing the 1 st, 2 nd and z th frequent items in the frequent item set L;
s3-3: analyzing and obtaining a corresponding association rule according to the frequent item set L of the user h obtained in the S3-2, wherein the method specifically comprises the following steps:
s3-3-1: the current transmission data set a is calculated according to the following formula i With other data sets B in the frequent item set L q Degree of support of (A) i B q ):
S(A i B q )=P(A i ∪B q );
Wherein A is i ∈A,B q ∈L;
S3-3-2: the current transmission data A is calculated according to the following formula i With other data sets B in the frequent item set L q Confidence of (A) i B q ):
C(A i B q )=P(B q |A i );
S3-3-3: setting an association rule parameter, namely a minimum support degree S according to the calculation results in the two steps of S3-3-1 and S3-3-2 min And minimum confidence C min
S3-3-4: the current transmission data set a is calculated according to the following formula i With other data sets B in the frequent item set L q Degree of lift T (A) i B q ):
T(A i B q )=P(B q |A i )/P(B q );
Obtaining a current transmission data set A by calculating the lifting degree i With other data sets B in the frequent item set L q According to the correlation analysis result, an operator sets a threshold t of the lifting degree in a self-defined way according to the actual situation, and when the lifting degree is reached>At t, consider A i And B q Has relevance, will meet the relevance requirementScreening the set of data items into candidate regions;
s3-4: according to the association rule in S3-3, the data item sets in the candidate area are sorted through the queue management unit, and a queue D is obtained according to the ascending degree value of each data item set from high to low η η represents the number of sets of data items in the queue; then queue D η To be based on the currently transmitted data set A i And predicting a target data set in the database to be called by the user h.
10. The intelligent management method for the gatekeeper equipment based on the industrial protocol according to claim 6, wherein: in step S4, according to the prediction result in step S3, the target queue D after the sorting processing is performed through the intelligent control unit η Outputting, and inputting the queue into a data buffer area of a corresponding network for queuing preparation; and tracking the actual output result of the prediction output through a data updating unit, updating the transaction data set W corresponding to each user according to the actual output result, and increasing the historical use data record of the user on the gatekeeper system.
CN202310105860.0A 2023-02-13 2023-02-13 Intelligent management system and method for gateway equipment based on industrial protocol Active CN115776415B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310105860.0A CN115776415B (en) 2023-02-13 2023-02-13 Intelligent management system and method for gateway equipment based on industrial protocol

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310105860.0A CN115776415B (en) 2023-02-13 2023-02-13 Intelligent management system and method for gateway equipment based on industrial protocol

Publications (2)

Publication Number Publication Date
CN115776415A true CN115776415A (en) 2023-03-10
CN115776415B CN115776415B (en) 2023-04-25

Family

ID=85393724

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310105860.0A Active CN115776415B (en) 2023-02-13 2023-02-13 Intelligent management system and method for gateway equipment based on industrial protocol

Country Status (1)

Country Link
CN (1) CN115776415B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104270344A (en) * 2014-09-12 2015-01-07 北京天行网安信息技术有限责任公司 Quintillion gatekeeper
US20150205658A1 (en) * 2014-01-20 2015-07-23 Canon Kabushiki Kaisha Network device and method of specifying data
CN108055244A (en) * 2017-11-27 2018-05-18 珠海市鸿瑞信息技术股份有限公司 A kind of dual processor system network security partition method based on SRIO interfacings
CN111614626A (en) * 2020-04-26 2020-09-01 中广核风电有限公司 Data acquisition system and data acquisition method
CN112152991A (en) * 2020-07-20 2020-12-29 南京邮电大学 Visual network brake system based on industrial control protocol
CN114640548A (en) * 2022-05-18 2022-06-17 宁波市镇海区大数据投资发展有限公司 Network security sensing and early warning method and system based on big data
CN114710562A (en) * 2022-03-31 2022-07-05 珠海市鸿瑞信息技术股份有限公司 Big data-based equipment application log correlation analysis system and method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150205658A1 (en) * 2014-01-20 2015-07-23 Canon Kabushiki Kaisha Network device and method of specifying data
CN104270344A (en) * 2014-09-12 2015-01-07 北京天行网安信息技术有限责任公司 Quintillion gatekeeper
CN108055244A (en) * 2017-11-27 2018-05-18 珠海市鸿瑞信息技术股份有限公司 A kind of dual processor system network security partition method based on SRIO interfacings
CN111614626A (en) * 2020-04-26 2020-09-01 中广核风电有限公司 Data acquisition system and data acquisition method
CN112152991A (en) * 2020-07-20 2020-12-29 南京邮电大学 Visual network brake system based on industrial control protocol
CN114710562A (en) * 2022-03-31 2022-07-05 珠海市鸿瑞信息技术股份有限公司 Big data-based equipment application log correlation analysis system and method
CN114640548A (en) * 2022-05-18 2022-06-17 宁波市镇海区大数据投资发展有限公司 Network security sensing and early warning method and system based on big data

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王婷;顾海霞;吴锵;: "网闸技术在核电厂实时信息监控系统中的应用与改进" *

Also Published As

Publication number Publication date
CN115776415B (en) 2023-04-25

Similar Documents

Publication Publication Date Title
US20220124108A1 (en) System and method for monitoring security attack chains
US20210042270A1 (en) Alarm log compression method, apparatus, and system, and storage medium
Hu et al. A simple and efficient hidden Markov model scheme for host-based anomaly intrusion detection
US11924231B2 (en) Malchain detection
CN110932899B (en) Intelligent fault compression research method and system applying AI
CN109639756A (en) A kind of terminal network incidence relation is shown and equipment accesses real-time monitoring system
CN114363091B (en) Method and system for realizing unified login of platform application based on APISIX
CN115776415A (en) Intelligent network gate equipment management system and method based on industrial protocol
CN114548769B (en) Intelligent power grid IT asset big data monitoring system and method
CN111221802A (en) Digital asset risk management and control system and method based on big data
CN112306689B (en) Edge calculation system and method
CN116614245A (en) Attack path modeling method and system based on multi-source alarm log compression
CN114417270A (en) Information safety protection method based on edge calculation
CN114363079A (en) Distributed intelligent data supervision system of cloud platform
RU2813469C1 (en) Control system for security policy of elements of corporate communication network
CN117176470B (en) Block chain data supervision method and system
AU2021105542A4 (en) A security system and method for cloud-iot interface
CN116112203B (en) Risk model-based network communication risk prediction method and device
CN114598474B (en) Hardware device proximity trusted management method, device, computer device and medium
CN111683057B (en) Threat information transmission and sharing method based on dynamic attack surface
CN116318961A (en) Virtual network boundary safety protection method and system based on terminal
US20220368709A1 (en) Detecting data exfiltration and compromised user accounts in a computing network
Wang et al. Real-Time Aggregation for Massive Alerts Based on Dynamic Attack Granularity Graph
CN115557340A (en) Edge control method, device, equipment and storage medium
CN116708030A (en) Industrial edge computing gateway and protocol flow monitoring method and device thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant