CN115801441A - Safety protection system and method of train communication network - Google Patents
Safety protection system and method of train communication network Download PDFInfo
- Publication number
- CN115801441A CN115801441A CN202211559740.XA CN202211559740A CN115801441A CN 115801441 A CN115801441 A CN 115801441A CN 202211559740 A CN202211559740 A CN 202211559740A CN 115801441 A CN115801441 A CN 115801441A
- Authority
- CN
- China
- Prior art keywords
- safety
- train
- network
- awareness
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a safety protection system and a safety protection method for a train communication network. The system comprises a safety operation management center arranged on the ground side, and a safety gateway and a situation awareness host which are arranged in each train marshalling network on the vehicle-mounted side, wherein the ground side is connected with the vehicle-mounted side through a wireless communication network; the situation awareness host is respectively connected with a train communication network control system and a security gateway in a train marshalling network; the security gateway is connected to a passenger information system and a maintenance interface within the train marshalling network. The train network safety protection based on situation awareness has the capabilities of identifying known network threats and perceiving unknown threats, integrates active/passive defense, emphasizes overall linkage cooperation, finds potential safety hazards possibly existing in the network by extracting information such as whole network attack behavior information, abnormal flow information and threat information in real time, comprehensively analyzes and studies on the basis, and provides decision support for continuous improvement of train network safety.
Description
Technical Field
The invention relates to the field of train communication network safety protection, in particular to a safety protection system and a safety protection method for a train communication network.
Background
The communication system is a necessary constitution of an advanced train, and potential network security threats always exist for the train communication system, particularly the train communication network control system TCMS and the passenger information system PIS. Once the train network control system is attacked by intrusion, a light person can cause that the train can not be started and the train is broken; the serious person may cause train driving safety accidents and even harm national safety.
Aiming at train-mounted network safety protection, a firewall technology is generally adopted at present, but the firewall technology belongs to a passive protection technology and cannot actively process potential hidden dangers. Meanwhile, due to the lack of effective cooperation among communication systems of the train, a passive protection technology cannot perform combined type depth analysis and multi-angle panoramic presentation, cannot deal with novel network security threats represented by advanced sustainable threat attack APT, cannot realize detection, response and traceability of the security threats, and is difficult to adapt to the complex security environment nowadays.
Disclosure of Invention
The invention provides a safety protection system and a safety protection method for a train communication network. The passive protection technology applied to the train communication network can not effectively sense potential network safety hazards, and the technical problems of lack of linkage strategies and deep analysis capability are solved. The invention protects the train network security based on situation awareness, has the capability of identifying known network threats and perceiving unknown threats, integrates active/passive defense, emphasizes integral linkage cooperation, finds potential safety hazards possibly existing in the network by extracting information such as whole network attack behavior information, abnormal flow information, threat information and the like in real time, comprehensively analyzes and studies on the basis, and provides decision support for continuous promotion of train network security.
The technical means adopted by the invention are as follows:
a safety protection system of a train communication network comprises a safety operation management center deployed on the ground side, and a safety gateway and a situation awareness host deployed in each train marshalling network on the vehicle-mounted side, wherein the ground side is connected with the vehicle-mounted side through a wireless communication network;
the situation awareness host is respectively connected with a train communication network control system and a security gateway in a train marshalling network; the security gateway is connected with a passenger information system and a maintenance interface in the train marshalling network.
Further, the system also comprises a ground communication gateway deployed on the ground side and a wireless mobile communication gateway deployed on the vehicle-mounted side;
the ground communication gateway is connected with the safe operation management center and is used for realizing data interaction between the safe operation management center and the vehicle-mounted wireless mobile communication gateway;
the wireless mobile communication gateway is connected with the safety gateway and used for realizing data interaction between the train grouping network and the ground communication gateway.
Further, the security gateway analyzes the received message, performs parallel security protection processing sequentially through a network layer and an application layer, recombines the processed message and transmits the recombined message to the outside;
the network layer carries out ACL, NAT, VPN, route forwarding and session control in a parallel processing mode;
the application layer performs IPS, DPI, content audit and TRDP application control in a parallel processing mode.
Furthermore, a layered train network security situation perception model is embedded in the situation perception host, intrusion detection, flow monitoring, security audit and log audit are carried out on the train communication network, and the network security situation perception of the train is completed;
the layered train network security situation awareness model comprises:
the acquisition part is used for acquiring key data of the train;
the analysis part is used for monitoring and correlating the flow of the vehicle-mounted end;
the evaluation part is used for intrusion detection, flow monitoring, safety audit and log audit;
and the prediction part is used for situation awareness including asset awareness, attack awareness, risk awareness, threat awareness and operation awareness.
Furthermore, the security operation management center acquires security information for comprehensive security situation presentation by collecting data of each situation awareness host, and realizes functions of information monitoring, security object management, vulnerability management, threat analysis, event tracing, early warning notification, response handling and visualization.
The invention also discloses a safety protection method of the train communication network, which comprises the following steps:
acquiring key data of a train communication network control system by using a situation awareness host;
analyzing the train key data so as to realize monitoring of the flow of the vehicle-mounted end;
carrying out intrusion detection, flow monitoring, safety audit and log audit based on the monitoring result of the vehicle-mounted end flow;
and performing situation awareness including asset awareness, attack awareness, risk awareness, threat awareness and operation awareness based on the intrusion detection result, the flow monitoring result, the security audit and the log audit result.
The invention also discloses a safety protection method of the train communication network, which comprises the following steps:
analyzing the received message through a security gateway;
sending the analyzed message into a network layer for parallel security protection processing, wherein the network layer carries out ACL, NAT, VPN, route forwarding and session control in a parallel processing mode;
sending messages output by a network layer into an application layer for parallel security protection processing, wherein the application layer performs IPS, DPI, content audit and TRDP application control in a parallel processing mode;
and the application layer detects and recombines the messages in parallel and sends the messages to the outside.
The invention also discloses a safety protection method of the train communication network, which comprises the following steps:
collecting data sent by each situation awareness host through a safety operation management center, and acquiring safety information according to the data;
and performing comprehensive security situation presentation on the security information, wherein the comprehensive security situation presentation comprises information monitoring, security object management, vulnerability management, threat analysis, event tracing, early warning notification, response handling and visualization processing.
Compared with the prior art, the invention has the following advantages:
the invention provides a safety protection system and a method for realizing a train communication network, which apply a situation awareness technology to the train network for safety protection, solve the problems that the passive protection of the train network is lack of a linkage strategy and deep analysis, can not identify unknown threats and can not deal with APT threats, and simultaneously improve the threat monitoring capability and the risk early warning capability of the TCMS communication network by using a big data analysis technology. The technical scheme of the invention has the following beneficial effects: (1) implementing boundary isolation and protection against known threats; (2) realizing detection, tracing and protection of unknown threats; (3) And evaluating and predicting the safety of the train communication network, and sensing the safety situation of the train communication network in an all-round way.
Drawings
To more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the following embodiments will be made to
The drawings that are needed to describe the embodiments or prior art are included to provide a simplified description and it should be apparent that the drawings in the following description 5 are examples of some embodiments of the invention and will be apparent to those skilled in the art that
Other drawings can be obtained according to the drawings without creative labor.
FIG. 1 is a schematic diagram of train-to-train wireless communication.
Fig. 2 is an overall architecture of the safety protection system of the train communication network according to the present invention.
Fig. 3 is a single train configuration architecture of the safety protection system of the train communication network of the present invention.
Fig. 4 is a functional block diagram of the security gateway of the present invention.
FIG. 5 is a block diagram of a situation aware host function module according to the present invention.
Fig. 6 is a functional block diagram of the security operations management center of the present invention.
Detailed Description
5 to better understand the solution of the invention for those skilled in the art, the following will be incorporated with the invention
The drawings in the embodiments clearly and completely describe the technical solutions in the embodiments of the present invention, and obviously, the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention provides a safety protection system of a train communication network, which comprises a safety protection system arranged on the ground side
The system comprises a safety operation management center, a safety gateway and a situation awareness host, wherein the safety gateway and the situation awareness host are deployed in each train marshalling network on a vehicle-mounted side, and the ground side is connected with the vehicle-mounted side through a wireless communication network; the situation awareness host is respectively connected with a train communication network control system and a security gateway in a train marshalling network; the security gateway and
passenger information systems and maintenance interfaces within a train marshalling network. The system also comprises a ground communication gateway deployed on the ground side 5 and a wireless mobile communication gateway deployed on the vehicle-mounted side; the ground communication gateway and the security
The full operation management center is connected and used for realizing data interaction between the safe operation management center and the vehicle-mounted wireless mobile communication gateway; the wireless mobile communication gateway is connected with the safety gateway and used for realizing data interaction between the train grouping network and the ground communication gateway.
In the invention, a vehicle is connected with a vehicle-mounted communication network and a ground communication system through a vehicle-mounted equipment wireless mobile communication gateway MCG, and the vehicle-ground wireless communication is schematically shown in figure 1. The scheme of the invention is that a security gateway and a situation perception host are used at a vehicle-mounted end, a security operation management center is adopted at a ground end, and the security state of the whole network is controlled from the global perspective, so that the security protection and the security situation perception of a vehicle-mounted network are realized.
The overall architecture of the present invention is shown in fig. 2. The method comprises the steps that a Security Gateway device SG (Security Gateway) and a Situation Awareness host device SA (situational Awareness) are deployed at a vehicle-mounted end, so that protection against known threats and detection of unknown threats are achieved; a Security Operation Management Center (SOMC) is deployed at the ground end and is used for collecting real-time data and sensing results of each vehicle-mounted device, and therefore omnibearing situation sensing of train communication network Security is achieved.
The situation awareness-based train network security protection method integrates active/passive defense into a whole by combining the characteristics of a train communication network, identifies known security threats, perceives unknown security threats, finds potential safety hazards and safety situation prediction which may exist in the network, and realizes the omnibearing systematic protection of the train communication network. As shown in fig. 3, with the security gateway SG: implementing boundary isolation and protection against known threats. And the detection, tracing, security situation analysis and evaluation of unknown threats are realized through the situation awareness host SA. Through a Secure Operations Management Center (SOMC): and (3) deploying a server on the ground, adopting a B/S (browser/Server) architecture, collecting real-time data of each train, and globally realizing the situation analysis, evaluation and prediction of the train network security.
As a preferred embodiment of the present invention, the security gateway parses the received message, and sequentially performs parallel security protection processing through the network layer and the application layer, and then reassembles the message and sends it to the outside. And the network layer carries out ACL, NAT, VPN, route forwarding and session control in a parallel processing mode. And the application layer performs IPS, DPI, content audit and TRDP application control in a parallel processing mode.
Specifically, the security gateway SG, which is used for boundary passive protection (including a vehicle-to-ground communication boundary, a PIS, and a TCMS boundary), contains all functions of an underlying firewall, and integrates an IPS (intrusion prevention) function. Considering the protection strategy from the network layer and the application layer, adopting a software flow of one-time message analysis and parallel processing can reduce the load of the processor and improve the efficiency, and applying the technology of black and white list and intelligent learning to carry out deep message analysis on the train communication network protocol, and the implementation method is shown in fig. 4. The network layer protection comprises ACL, NAT, VPN, route forwarding and session control; the application layer protection comprises IPS, DPI, content audit and TRDP application control.
Further, the black and white list is to forbid network access (requiring manual configuration) for the black list user, and only allow the white list user to access the train communication network; the intelligent learning is to extract the content of the Ethernet data packet by intelligently analyzing the train communication network protocol, and a white list is formed by the MAC address and the IP address without manual configuration. ACL, NAT, VPN, routing control and session control belong to firewall basic functions: an ACL (access control list) detects quintuple information and filters packets according to configuration contents. NAT (network Address translation) performs security protection on a train communication network by hiding an IP (Internet protocol) of a vehicle-mounted network device. VPN (virtual private network) is to encrypt data packets when communicating between vehicles and ground. The routing control is to set the access authority of the external network according to the vehicle-mounted network IP, such as access time and the like. Session control is the number of sessions that limit access to the intranet by the extranet. The IPS (intrusion prevention system) detects and intercepts the boundary traffic of the train communication network. DPI (deep packet inspection) identifies data messages of the boundary characteristics of the train communication network. TRDP application control is to detect abnormal TRDP data processing to deal with application layer attack threats (such as door opening abnormal processing in operation). The content audit is to identify key contents (such as vehicle door state information) of TRDP data of the vehicle-mounted network.
As a better implementation mode of the invention, the situation awareness host embeds a layered train network security situation awareness model to carry out intrusion detection, flow monitoring, security audit and log audit on a train communication network so as to complete the network security situation awareness of the vehicle; the layered train network security situation awareness model comprises: the acquisition part is used for acquiring key data of the train; the analysis part is used for carrying out flow monitoring and correlation analysis on the vehicle-mounted end; the evaluation part is used for carrying out intrusion detection, flow monitoring, safety audit and log audit; and the prediction part is used for carrying out situation awareness including asset awareness, attack awareness, risk awareness, threat awareness and operation awareness.
Specifically, in the invention, the situation awareness host SA is used as a vehicle-mounted probe, and a layered train network security situation awareness model is established to perform intrusion detection, flow monitoring, security audit and log audit on a train communication network so as to complete the network security situation awareness of the vehicle, and the implementation method is shown in FIG. 5. The method comprises four stages of collection, analysis, evaluation and prediction. The acquisition stage is to acquire key data of the train communication network (such as the safety logs of each terminal device, the safety logs of network devices, the safety gateway logs, the traffic data and the like) and perform data screening; in the analysis stage, risk detection is completed by monitoring the flow of the vehicle-mounted end; and further, the safety situation assessment and prediction (asset perception, attack perception, risk perception, threat perception and operation perception) of the train communication network of the vehicle is completed.
Further, intrusion detection is active detection, sniffing vehicle-mounted network and vehicle-ground network data packets and recording an intrusion process by establishing intrusion rules (based on characteristics and behaviors), and supporting protocols include TCP, UDP, TRDP and the like. The traffic monitoring is to monitor the traffic of the vehicle-mounted network and the vehicle-ground network, statistical information in the network, ports used for transmission and the like, and mark abnormal traffic. The safety audit is to perform network management on the TCMS maintenance interface, including recording and abnormal alarming for actions such as equipment account login, logout and maintenance. The log audit is to collect device logs and system operation logs, check the total amount of a device CPU, a hard disk and a memory in a vehicle-mounted network and the current use condition information, manage and classify SNMP data of network devices and abnormal information found by safety devices, write logs and give an alarm.
In the acquisition stage, retrieval is carried out after the logs of each safety and non-safety device are acquired, all flow data, maintenance interface data, SNMP data of train communication network equipment and other key data are collected, and data screening is carried out through data conversion, data merging and data labels, so that the data quality is ensured.
The analysis part monitors the acquired data including the source IP, the target IP, the transmission protocol, the transmission time, the network statistical information, the transmission port information and the flow size of the vehicle-mounted end data, and analyzes abnormal flow, abnormal behavior, abnormal information and abnormal logs.
The evaluation part carries out risk classification (red risk, orange risk, yellow risk, blue risk and unknown risk) on abnormal flow, abnormal intrusion behavior, abnormal information and abnormal logs, and alarms and logs on the occurring security threats.
The forecasting part is used for mastering the safety state and the trend of the network by sensing the safety state of a protected object, sensing the starting time, the duration, the attack quantity, the attack source and identifying the attack law, so as to realize asset sensing, attack sensing, risk sensing, threat sensing and operation sensing of the train communication network.
As a better implementation mode of the invention, the security operation management center acquires security information for comprehensive security situation presentation by acquiring data of each situation awareness host, and realizes the functions of information monitoring, security object management, vulnerability management, threat analysis, event tracing, early warning notification, response handling and visualization.
Specifically, the safety operation management center SOMC acquires safety information by collecting data of each vehicle situation sensing host to perform comprehensive safety situation presentation, realizes functions of safety object management, information monitoring, vulnerability management, threat analysis, event tracing, early warning notification, response handling and visualization, provides safety operation support services by using components such as a big data analysis platform and a basic knowledge base, and the implementation method is shown in fig. 6. Threat data of different trains are reported to a safety operation management center layer by layer for centralized analysis and linkage disposal, and maintenance work such as safety strategy issuing is carried out on each related train node according to needs, so that the real-time and accurate prediction of the global network safety situation is realized.
The invention also discloses a safety protection method of the train communication network, which comprises the following steps:
collecting key data of a train communication network control system by using a situation awareness host;
analyzing the train key data so as to realize monitoring of the flow of the vehicle-mounted end;
carrying out intrusion detection, flow monitoring, safety audit and log audit based on the monitoring result of the vehicle-mounted end flow;
and performing situation awareness including asset awareness, attack awareness, risk awareness, threat awareness and operation awareness based on the intrusion detection result, the flow monitoring result, the security audit and the log audit result.
The invention also discloses a safety protection method of the train communication network, which comprises the following steps:
analyzing the received message through a security gateway;
sending the analyzed message into a network layer for parallel security protection processing, wherein the network layer carries out ACL, NAT, VPN, route forwarding and session control in a parallel processing mode;
sending messages output by a network layer into an application layer for parallel security protection processing, wherein the application layer performs IPS, DPI, content audit and TRDP application control in a parallel processing mode;
and the application layer detects and recombines the messages in parallel and sends the messages to the outside.
The invention also discloses a safety protection method of the train communication network, which comprises the following steps:
collecting data sent by each situation awareness host through a security operation management center, and acquiring security information according to the data;
and performing comprehensive security situation presentation on the security information, wherein the comprehensive security situation presentation comprises information monitoring, security object management, vulnerability management, threat analysis, event tracing, early warning notification, response handling and visualization processing.
For the method embodiment of the present invention, the description is simple because it corresponds to the system embodiment described above, and for the related similarities, please refer to the description of the above system embodiment, and the detailed description is omitted here.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and these modifications or substitutions do not depart from the spirit of the corresponding technical solutions of the embodiments of the present invention.
Claims (8)
1. The safety protection system of the train communication network is characterized by comprising a safety operation management center, a safety gateway and a situation awareness host, wherein the safety operation management center is deployed on the ground side, and the safety gateway and the situation awareness host are deployed in each train marshalling network on the vehicle-mounted side;
the situation awareness host is respectively connected with a train communication network control system and a security gateway in a train marshalling network; the security gateway is connected to a passenger information system and a maintenance interface within the train marshalling network.
2. The safety protection system of the train communication network according to claim 1, wherein the system further comprises a ground communication gateway deployed on the ground side and a wireless mobile communication gateway deployed on the vehicle side;
the ground communication gateway is connected with the safe operation management center and is used for realizing data interaction between the safe operation management center and the vehicle-mounted wireless mobile communication gateway;
the wireless mobile communication gateway is connected with the safety gateway and used for realizing data interaction between the train grouping network and the ground communication gateway.
3. The safety protection system of the train communication network according to claim 1, wherein the safety gateway analyzes the received message, performs parallel safety protection processing sequentially through a network layer and an application layer, reassembles the message and sends the message to the outside;
the network layer carries out ACL, NAT, VPN, route forwarding and session control in a parallel processing mode;
the application layer performs IPS, DPI, content audit and TRDP application control in a parallel processing mode.
4. The safety protection system of the train communication network according to claim 1, wherein the situation awareness host embeds a layered train network safety situation awareness model to perform intrusion detection, flow monitoring, safety audit and log audit on the train communication network, so as to complete the network safety situation awareness of the train;
the layered train network security situation awareness model comprises:
the acquisition part is used for acquiring key data of the train;
the analysis part is used for monitoring and correlating the flow of the vehicle-mounted end;
the evaluation part is used for intrusion detection, flow monitoring, safety audit and log audit;
and the prediction part is used for situation awareness, and the situation awareness comprises asset awareness, attack awareness, risk awareness, threat awareness and operation awareness.
5. The safety protection system of the train communication network according to claim 1, wherein the safety operation management center acquires safety information by collecting data of each situation awareness host to perform comprehensive safety situation presentation, and realizes functions of information monitoring, safety object management, vulnerability management, threat analysis, event tracing, early warning notification, response handling and visualization.
6. A safety protection method of a train communication network is characterized by comprising the following steps:
acquiring key data of a train communication network control system by using a situation awareness host;
analyzing the train key data so as to realize monitoring of the flow of the vehicle-mounted end;
carrying out intrusion detection, flow monitoring, safety audit and log audit based on the monitoring result of the vehicle-mounted end flow;
and performing situation awareness including asset awareness, attack awareness, risk awareness, threat awareness and operation awareness based on the intrusion detection result, the flow monitoring result, the security audit and the log audit result.
7. A safety protection method of a train communication network is characterized by comprising the following steps:
analyzing the received message through a security gateway;
sending the analyzed message into a network layer for parallel security protection processing, wherein the network layer carries out ACL, NAT, VPN, route forwarding and session control in a parallel processing mode;
sending messages output by a network layer into an application layer for parallel security protection processing, wherein the application layer performs IPS, DPI, content audit and TRDP application control in a parallel processing mode;
and the application layer detects and recombines the messages in parallel and sends the messages to the outside.
8. A safety protection method of a train communication network is characterized by comprising the following steps:
collecting data sent by each situation awareness host through a safety operation management center to obtain safety information;
and performing comprehensive security situation presentation on the security information, wherein the comprehensive security situation presentation comprises information monitoring, security object management, vulnerability management, threat analysis, event tracing, early warning notification, response handling and visualization processing.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211559740.XA CN115801441A (en) | 2022-12-06 | 2022-12-06 | Safety protection system and method of train communication network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211559740.XA CN115801441A (en) | 2022-12-06 | 2022-12-06 | Safety protection system and method of train communication network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115801441A true CN115801441A (en) | 2023-03-14 |
Family
ID=85417478
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211559740.XA Pending CN115801441A (en) | 2022-12-06 | 2022-12-06 | Safety protection system and method of train communication network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115801441A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117834306A (en) * | 2024-03-05 | 2024-04-05 | 深圳市永达电子信息股份有限公司 | Construction method of network security controllable gateway of station hotel clothes equipment |
-
2022
- 2022-12-06 CN CN202211559740.XA patent/CN115801441A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117834306A (en) * | 2024-03-05 | 2024-04-05 | 深圳市永达电子信息股份有限公司 | Construction method of network security controllable gateway of station hotel clothes equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Baykara et al. | A novel honeypot based security approach for real-time intrusion detection and prevention systems | |
| CN110958262A (en) | Ubiquitous Internet of things safety protection gateway system, method and deployment architecture in power industry | |
| CN104937886B (en) | Log analysis device, information processing method | |
| Pilli et al. | Network forensic frameworks: Survey and research challenges | |
| CN108848067B (en) | OPC protocol safety protection method for intelligently learning and presetting read-only white list rule | |
| CN102882884B (en) | Honeynet-based risk prewarning system and method in information production environment | |
| CN111277587A (en) | Malicious encrypted traffic detection method and system based on behavior analysis | |
| CN100435513C (en) | Method of linking network equipment and invading detection system | |
| CN110401624A (en) | The detection method and system of source net G system mutual message exception | |
| CN106131023A (en) | A kind of Information Security Risk strength identifies system | |
| CN102857486A (en) | Next-generation application firewall system and defense method | |
| CN107295010A (en) | A kind of enterprise network security management cloud service platform system and its implementation | |
| CN214306527U (en) | Gas pipe network scheduling monitoring network safety system | |
| Bidou | Security operation center concepts & implementation | |
| WO2021145144A1 (en) | Intrusion-path analyzing device and intrusion-path analyzing method | |
| CN113783880A (en) | Network security detection system and network security detection method thereof | |
| CN108600166A (en) | A kind of network security detection method and system | |
| CN115801441A (en) | Safety protection system and method of train communication network | |
| CN115941317A (en) | Network security comprehensive analysis and situation awareness platform | |
| CN113794590B (en) | Method, device and system for processing network security situation awareness information | |
| CN114006722B (en) | Situation awareness verification method, device and system for detecting threat | |
| Kaushik et al. | Network forensic system for ICMP attacks | |
| CN113489703A (en) | Safety protection system | |
| CN117560196A (en) | Intelligent substation secondary system testing system and method | |
| CN112565202A (en) | Internet of things access gateway for video network system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |