CN116112243B - Industrial control system intelligent computer physical intrusion detection defense system and method - Google Patents
Industrial control system intelligent computer physical intrusion detection defense system and method Download PDFInfo
- Publication number
- CN116112243B CN116112243B CN202310055792.1A CN202310055792A CN116112243B CN 116112243 B CN116112243 B CN 116112243B CN 202310055792 A CN202310055792 A CN 202310055792A CN 116112243 B CN116112243 B CN 116112243B
- Authority
- CN
- China
- Prior art keywords
- physical information
- subsystem
- physical
- information
- level
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
- Selective Calling Equipment (AREA)
Abstract
The invention provides an intelligent computer physical intrusion detection defense system and method of an industrial control system, comprising the following steps: physical information collecting subsystem: the system is used for collecting physical information according to requirements and analyzing and processing the collected information; physical intrusion detection subsystem: detecting the physical information after analysis; physical intrusion prevention subsystem: a computer network complete device for monitoring network or network equipment network data transmission behavior is capable of instantaneously interrupting, adjusting or isolating some abnormal or damaging network data transmission behavior.
Description
Technical Field
The invention relates to the technical field of industrial control intelligent computer physical intrusion detection defense, in particular to an intelligent computer physical intrusion detection defense system and method of an industrial control system.
Background
At present, there are a plurality of uncertain factors in the computer physical intrusion detection defense system, for example: how to collect the physical information according to the requirement, analyze the physical information, detect the physical information after analyzing, monitor the network or network equipment network data transmission behavior, interrupt immediately, adjust or isolate some abnormal or harmful network data transmission behavior; how to collect and acquire the physical information of the computer, the existing normal physical information, the existing intrusion physical information and the like is still to be further solved; accordingly, there is a need for an industrial control system intelligent computer physical intrusion detection defense system and method that at least partially addresses the problems of the prior art.
Disclosure of Invention
A series of concepts in simplified form are introduced in the summary section, which will be described in further detail in the detailed description section; the summary of the invention is not intended to define the key features and essential features of the claimed subject matter, nor is it intended to be used as an aid in determining the scope of the claimed subject matter.
To at least partially solve the above problems, the present invention provides an intelligent computer physical intrusion detection defense system of an industrial control system, comprising:
physical information collecting subsystem: the system is used for collecting physical information according to requirements and analyzing and processing the collected information;
physical intrusion detection subsystem: detecting the physical information after analysis;
physical intrusion prevention subsystem: a computer network complete device for monitoring network or network equipment network data transmission behavior is capable of instantaneously interrupting, adjusting or isolating some abnormal or damaging network data transmission behavior.
Preferably, the physical information collecting subsystem includes:
physical information acquisition subsystem: the method comprises the steps of acquiring physical information of a computer through big data collection; the computer physical information includes: existing normal physical information and existing intrusion physical information;
physical information analysis subsystem: and analyzing the received physical information, further decomposing and associating attribute relations, decomposing the complex physical information into simplified component information, determining information basic attributes and attribute interrelationships of the simplified component information, and performing deep identification analysis on the physical information.
Preferably, the physical intrusion detection subsystem comprises:
physical information storage subsystem: the data analyzed by the physical information analysis subsystem is stored, so that the subsequent extraction or application is facilitated;
and the physical information calculation and judgment subsystem is as follows: the information processed by the physical information analysis subsystem is subjected to formula calculation to judge whether the information is invasive physical information;
physical information transmission subsystem: when the physical information calculation judging subsystem judges that the physical information is invasive physical information, the physical information transmission subsystem transmits the physical information to the defending system, and prompts the defending system to intercept or destroy the physical information in advance.
Preferably, the physical intrusion prevention subsystem includes:
primary defense subsystem: when the intrusion type physical information enters the system, the primary defense subsystem firstly intercepts the physical information simply, intercepts some simple intrusion information, issues instructions to the secondary defense subsystem and intercepts the physical information secondarily;
medium-level defense subsystem: performing secondary interception on the intrusion type physical information which is not intercepted by the primary defense subsystem, and simplifying more complex information;
defending the final subsystem: and the method is responsible for finally intercepting and destroying the invasion type physical information which is not intercepted by the first two defense systems.
Preferably, the physical information calculation judgment subsystem includes:
control parameter input subsystem: and the physical information calculation and judgment subsystem control subsystem: the whole physical information calculation and judgment subsystem is controlled, and the physical information is calculated by issuing an instruction from the physical information calculation and judgment subsystem;
and a control parameter output subsystem: and calculating through an equation set, and further judging whether the physical information is invasive physical information.
Preferably, the physical information storage subsystem includes:
paging multi-level memory module: managing all physical information storage hierarchical data in the physical information storage subsystem in units of pages;
system multi-level partition module: an index node area and a multi-level storage area are arranged in a physical information storage subsystem; the multi-level memory area includes a directory page and a multi-level memory page
Storing physical addresses of a next-stage directory page or a multi-stage storage page in a multi-stage page table structure, wherein the multi-stage storage page is used for storing physical information storage sub-data; the multi-level storage pages and the directory pages are arranged in a mixed way in the multi-level storage area; the index node stored in the index node area comprises an index node information field, a page table progression field N and a root directory address field; the page table series field N is used for identifying the page table series adopted by the data stored in the physical information storage sub-unit, and the root directory page address field is used for storing the initial physical address of the N-th directory page of the physical information storage sub-unit;
storage management space mapping module: taking the page number of an N-level directory page corresponding to the physical information storage sub as a root directory, taking the page number of an N-1-level directory page as a 1-level sub-directory, and so on, forming an N-level page table directory structure to store and manage the physical information storage hierarchical data, wherein the 1-level directory page is a multi-level storage page; the root directory stores the physical address of the directory page corresponding to the level 1 directory; the 1 st level subdirectory stores the physical address of the directory page corresponding to the 2 nd level subdirectory; similarly, the N-2 level subdirectory stores the physical address of the directory page corresponding to the N-1 level subdirectory; taking the logic sequence of the multi-level memory pages as the traversing sequence of the multi-level page table directory structure; opening the accessed physical information storage subsystem based on the request of the application process; based on page table series field adopted by the accessed physical information storage sub, calculating maximum capacity of multi-stage storage which can be stored by a single physical information storage sub corresponding to the page table series; determining an application process catalog item corresponding to the mounting physical information storage sub-page table based on the maximum capacity; in the address space of the application process, according to the determined alignment mode of the directory entries of the application process, a virtual address space with the same capacity as the maximum capacity is allocated for the accessed physical information storage sub at one time; and mounting the accessed physical information storage sub page table to the determined corresponding directory entry of the application process, and establishing a mapping relation between the physical information storage hierarchical data and the address space of the application process so as to realize the random access of the application process to the physical information storage hierarchical data.
Preferably, the primary defense subsystem comprises:
a firewall: the system is connected with the physical information transmission subsystem, detects the physical information and filters the data information with potential safety hazards;
CSU device: the router is connected with the physical information transmission subsystem and is used for acquiring the physical information of the physical information transmission subsystem and sending the physical information to the router;
routing equipment: is connected with CSU equipment and firewall for storing physical information and forwarding packets to the firewall.
Preferably, the intermediate defense subsystem comprises:
gateway secondary detection unit: the device is connected with the firewall and is used for receiving the physical information filtered by the firewall and detecting the physical information filtered by the firewall;
an information filter: filtering data information with potential safety hazards and outputting the data information to a defense terminal subsystem;
gateway secondary detection unit controller: and the physical information re-detection unit is used for controlling the gateway secondary detection unit.
Preferably, the defending terminal subsystem includes:
and (3) a recoverer: the system is used for filtering the physical information filtered by the medium-level defense subsystem;
an information processor: and recycling and destroying the remaining physical information which cannot be filtered.
The intelligent computer physical intrusion detection defense method of the industrial control system comprises the following steps:
s001, the physical information acquisition subsystem acquires the physical information of the computer through big data collection;
s002, the physical information analysis subsystem analyzes the received physical information, further analyzes and associates attribute relations, decomposes complex physical information into simplified composition information, determines information basic attributes and attribute interrelationships of the simplified composition information, and performs deep identification analysis on the physical information;
s003, the physical information storage subsystem stores the data analyzed by the physical information analysis subsystem;
s004, the physical information calculation judging subsystem calculates a formula of the information processed by the physical information analysis subsystem, and judges whether the information is invasive physical information;
s005, the control subsystem of the physical information calculation judgment subsystem controls the whole physical information calculation judgment subsystem, and calculates physical information by issuing an instruction from the physical information calculation judgment subsystem;
s006, the control parameter output subsystem calculates through an equation set and further judges whether the physical information is invasive physical information or not;
s007, when the intrusion type physical information enters the system, the primary defense subsystem firstly intercepts the physical information simply, intercepts some simple intrusion information, issues instructions to the secondary defense subsystem and intercepts the physical information secondarily;
s008, the secondary interception is carried out on the intrusion type physical information which is not intercepted by the primary defense subsystem by the intermediate defense subsystem, and more complex information is simplified;
s009, the defense terminal subsystem finally intercepts the intrusion type physical information which is not intercepted by the defense system in the previous two times and destroys the intrusion type physical information.
Compared with the prior art, the invention at least comprises the following beneficial effects:
the invention provides an intelligent computer physical intrusion detection defense system and method of an industrial control system, which comprises the following steps of: after the physical information is collected according to the requirements, analyzing and processing the collected information; physical intrusion detection subsystem: detecting the physical information after analysis; physical intrusion prevention subsystem: computer network complete equipment for monitoring network or network equipment network data transmission behavior can interrupt, adjust or isolate some abnormal or harmful network data transmission behavior in real time; the physical information collecting subsystem comprises: physical information acquisition subsystem: the method comprises the steps of acquiring physical information of a computer through big data collection; the computer physical information includes: existing normal physical information and existing intrusion physical information; physical information analysis subsystem: analyzing the received physical information, further decomposing and associating attribute relations, decomposing complex physical information into simplified composition information, determining information basic attributes and attribute interrelationships of the simplified composition information, and performing deep identification analysis on the physical information; the physical information collecting subsystem further includes: physical information storage subsystem: the data analyzed by the physical information analysis subsystem is stored, so that the subsequent extraction or application is facilitated; and the physical information calculation and judgment subsystem is as follows: the information processed by the physical information analysis subsystem is subjected to formula calculation to judge whether the information is invasive physical information; physical information transmission subsystem: when the physical information calculation judging subsystem judges that the physical information is invasive physical information, the physical information transmission subsystem transmits the physical information to the defending system, and prompts the defending system to prepare to intercept or destroy the physical information in advance; the physical intrusion prevention subsystem comprises: primary defense subsystem: when the intrusion type physical information enters the system, the primary defense subsystem firstly intercepts the physical information simply, intercepts some simple intrusion information, issues instructions to the secondary defense subsystem and intercepts the physical information secondarily; medium-level defense subsystem: performing secondary interception on the intrusion type physical information which is not intercepted by the primary defense subsystem, and simplifying more complex information; defending the final subsystem: the method is in charge of finally intercepting and destroying the intrusion type physical information which is not intercepted by the first two defense systems; the physical information calculation and judgment subsystem comprises: control parameter input subsystem: and the physical information calculation and judgment subsystem control subsystem: the whole physical information calculation and judgment subsystem is controlled, and the physical information is calculated by issuing an instruction from the physical information calculation and judgment subsystem; and a control parameter output subsystem: calculating through an equation set, and further judging whether the physical information is invasive physical information; the accuracy of detection and judgment of the invasive physical information is further greatly improved; the hierarchical diversity and progressive security of the physical information storage are improved; and the system defense capability and the physical information processing safety are improved.
Additional advantages, objects, and features of the invention will be set forth in part in the description which follows and in part will become apparent to those having ordinary skill in the art upon examination of the following or may be learned from practice of the invention.
Drawings
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate the invention and together with the embodiments of the invention, serve to explain the invention. In the drawings:
FIG. 1 is a diagram of an intelligent computer physical intrusion detection and prevention system for an industrial control system according to the present invention.
FIG. 2 is a diagram of an intelligent computer physical intrusion detection and prevention system for an industrial control system according to an embodiment of the present invention.
FIG. 3 is a diagram of another embodiment of the intelligent computer physical intrusion detection defenses for an industrial control system of the present invention.
Detailed Description
The present invention is described in further detail below with reference to the drawings and examples to enable those skilled in the art to practice the same and to refer to the description; as shown in fig. 1-3, the present invention provides an intelligent computer physical intrusion detection and prevention system for an industrial control system, comprising:
physical information collecting subsystem: the system is used for collecting physical information according to requirements and analyzing and processing the collected information;
physical intrusion detection subsystem: detecting the physical information after analysis;
physical intrusion prevention subsystem: a computer network complete device for monitoring network or network equipment network data transmission behavior is capable of instantaneously interrupting, adjusting or isolating some abnormal or damaging network data transmission behavior.
The principle effect of the technical scheme is as follows: the invention provides an intelligent computer physical intrusion detection defense system of an industrial control system, which comprises a physical information collection subsystem: the system is used for collecting physical information according to requirements and analyzing and processing the collected information; physical intrusion detection subsystem: detecting the physical information after analysis; physical intrusion prevention subsystem: computer network complete equipment for monitoring network or network equipment network data transmission behavior, which can interrupt, adjust or isolate some abnormal or harmful network data transmission behavior in real time; the physical information collecting subsystem comprises: physical information acquisition subsystem: the method comprises the steps of acquiring physical information of a computer through big data collection; the computer physical information includes: existing normal physical information and existing intrusion physical information; physical information analysis subsystem: analyzing the received physical information, further decomposing and associating attribute relations, decomposing complex physical information into simplified composition information, determining information basic attributes and attribute interrelationships of the simplified composition information, and performing deep identification analysis on the physical information; the physical information collecting subsystem further includes: physical information storage subsystem: the data analyzed by the physical information analysis subsystem is stored, so that the subsequent extraction or application is facilitated; and the physical information calculation and judgment subsystem is as follows: the information processed by the physical information analysis subsystem is subjected to formula calculation to judge whether the information is invasive physical information; physical information transmission subsystem: when the physical information calculation judging subsystem judges that the physical information is invasive physical information, the physical information transmission subsystem transmits the physical information to the defending system, and prompts the defending system to prepare to intercept or destroy the physical information in advance; the physical intrusion prevention subsystem comprises: primary defense subsystem: when the intrusion type physical information enters the system, the primary defense subsystem firstly intercepts the physical information simply, intercepts some simple intrusion information, issues instructions to the secondary defense subsystem and intercepts the physical information secondarily; medium-level defense subsystem: performing secondary interception on the intrusion type physical information which is not intercepted by the primary defense subsystem, and simplifying more complex information; defending the final subsystem: the method is in charge of finally intercepting and destroying the intrusion type physical information which is not intercepted by the first two defense systems; the physical information calculation and judgment subsystem comprises: control parameter input subsystem: and the physical information calculation and judgment subsystem control subsystem: the whole physical information calculation and judgment subsystem is controlled, and the physical information is calculated by issuing an instruction from the physical information calculation and judgment subsystem; and a control parameter output subsystem: calculating through an equation set, and further judging whether the physical information is invasive physical information; the accuracy of detection and judgment of the invasive physical information is further greatly improved; the hierarchical diversity and progressive security of the physical information storage are improved; and the system defense capability and the physical information processing safety are improved.
In one embodiment, the physical information gathering subsystem includes:
physical information acquisition subsystem: the method comprises the steps of acquiring physical information of a computer through big data collection; the computer physical information includes: existing normal physical information and existing intrusion physical information;
physical information analysis subsystem: and analyzing the received physical information, further decomposing and associating attribute relations, decomposing the complex physical information into simplified component information, determining information basic attributes and attribute interrelationships of the simplified component information, and performing deep identification analysis on the physical information.
The principle effect of the technical scheme is as follows: the physical information collecting subsystem comprises: physical information acquisition subsystem: the method comprises the steps of acquiring physical information of a computer through big data collection; the computer physical information includes: existing normal physical information and existing intrusion physical information; physical information analysis subsystem: analyzing the received physical information, further decomposing and associating attribute relations, decomposing complex physical information into simplified composition information, determining information basic attributes and attribute interrelationships of the simplified composition information, and performing deep identification analysis on the physical information; the physical information collection is used for acquiring the existing normal physical information and the existing invasion physical information of the computer physical information through big data collection; the physical information analysis further analyzes and associates attribute relations by analyzing the received and collected physical information, decomposes complex physical information into simplified composition information, determines information basic attributes and attribute interrelationships of the simplified composition information, and performs deep identification analysis on the physical information; greatly improves the analysis efficiency and the analysis hierarchy depth of the physical information.
In one embodiment, a physical intrusion detection subsystem includes:
physical information storage subsystem: the data analyzed by the physical information analysis subsystem is stored, so that the subsequent extraction or application is facilitated;
and the physical information calculation and judgment subsystem is as follows: the information processed by the physical information analysis subsystem is subjected to formula calculation to judge whether the information is invasive physical information;
physical information transmission subsystem: when the physical information calculation judging subsystem judges that the physical information is invasive physical information, the physical information transmission subsystem transmits the physical information to the defending system, and prompts the defending system to intercept or destroy the physical information in advance.
The principle effect of the technical scheme is as follows: the physical intrusion detection subsystem comprises: physical information storage subsystem: the data analyzed by the physical information analysis subsystem is stored, so that the subsequent extraction or application is facilitated; and the physical information calculation and judgment subsystem is as follows: the information processed by the physical information analysis subsystem is subjected to formula calculation to judge whether the information is invasive physical information; physical information transmission subsystem: when the physical information calculation judging subsystem judges that the physical information is invasive physical information, the physical information transmission subsystem transmits the physical information to the defending system, and prompts the defending system to prepare to intercept or destroy the physical information in advance; and the physical intrusion detection accuracy and the interception and destruction efficiency are improved.
In one embodiment, the physical intrusion prevention subsystem comprises:
primary defense subsystem: when the intrusion type physical information enters the system, the primary defense subsystem firstly intercepts the physical information simply, intercepts some simple intrusion information, issues instructions to the secondary defense subsystem and intercepts the physical information secondarily;
medium-level defense subsystem: performing secondary interception on the intrusion type physical information which is not intercepted by the primary defense subsystem, and simplifying more complex information;
defending the final subsystem: and the method is responsible for finally intercepting and destroying the invasion type physical information which is not intercepted by the first two defense systems.
The principle effect of the technical scheme is as follows: the physical intrusion prevention subsystem comprises: primary defense subsystem: when the intrusion type physical information enters the system, the primary defense subsystem firstly intercepts the physical information simply, intercepts some simple intrusion information, issues instructions to the secondary defense subsystem and intercepts the physical information secondarily; medium-level defense subsystem: performing secondary interception on the intrusion type physical information which is not intercepted by the primary defense subsystem, and simplifying more complex information; defending the final subsystem: the method is in charge of finally intercepting and destroying the intrusion type physical information which is not intercepted by the first two defense systems; the two defenses and the final interception further increase the reliability of defensive interception.
In one embodiment, the physical information calculation judgment subsystem includes:
control parameter input subsystem: and the physical information calculation and judgment subsystem control subsystem: the whole physical information calculation and judgment subsystem is controlled, and the physical information is calculated by issuing an instruction from the physical information calculation and judgment subsystem;
and a control parameter output subsystem: and calculating through an equation set, and further judging whether the physical information is invasive physical information.
The principle effect of the technical scheme is as follows: the physical information calculation and judgment subsystem comprises: control parameter input subsystem: and the physical information calculation and judgment subsystem control subsystem: the whole physical information calculation and judgment subsystem is controlled, and the physical information is calculated by issuing an instruction from the physical information calculation and judgment subsystem;
and a control parameter output subsystem: calculating through an equation set, and further judging whether the physical information is invasive physical information;
calculating and further judging whether the physical information is invasive physical information through the following equation:
DKDEx represents a re-detection characteristic value obtained by re-detection of physical information after firewall filtering, qsc represents an initial characteristic value of the physical information after firewall filtering, ex represents a re-detection transformation constant factor, GS (e, f) D represents a D-dimensional Gaussian random variable with mathematical expectation of e and variance of f, log sig represents a logarithmic S-shaped transfer function formula, M represents the maximum number of times of re-detection cycle calculation, M represents the current number of times of re-detection cycle calculation, lx represents the slope of the logarithmic S-shaped transfer function, and RAND represents a random real number selected in a [0,1] interval; calculating a re-detection characteristic value obtained by re-detecting the physical information filtered by the firewall according to the equation set, further judging whether the re-detection characteristic value belongs to the characteristic value range of the invasive physical information, and judging the physical information as the invasive physical information if the re-detection characteristic value belongs to the characteristic value range of the invasive physical information; further greatly improving the accuracy of detection and judgment of the invasive physical information.
In one embodiment, the physical information storage subsystem includes:
paging multi-level memory module: managing all physical information storage hierarchical data in the physical information storage subsystem in units of pages;
system multi-level partition module: an index node area and a multi-level storage area are arranged in a physical information storage subsystem; the multi-level storage area comprises a directory page and a multi-level storage page, the directory page is used for storing the physical address of the next-level directory page or the multi-level storage page in the multi-level page table structure, and the multi-level storage page is used for storing the physical information storage sub-data; the multi-level storage pages and the directory pages are arranged in a mixed way in the multi-level storage area; the index node stored in the index node area comprises an index node information field, a page table progression field N and a root directory address field; the page table series field N is used for identifying the page table series adopted by the data stored in the physical information storage sub-unit, and the root directory page address field is used for storing the initial physical address of the N-th directory page of the physical information storage sub-unit;
storage management space mapping module: taking the page number of an N-level directory page corresponding to the physical information storage sub as a root directory, taking the page number of an N-1-level directory page as a 1-level sub-directory, and so on, forming an N-level page table directory structure to store and manage the physical information storage hierarchical data, wherein the 1-level directory page is a multi-level storage page; the root directory stores the physical address of the directory page corresponding to the level 1 directory; the 1 st level subdirectory stores the physical address of the directory page corresponding to the 2 nd level subdirectory; similarly, the N-2 level subdirectory stores the physical address of the directory page corresponding to the N-1 level subdirectory; taking the logic sequence of the multi-level memory pages as the traversing sequence of the multi-level page table directory structure; opening the accessed physical information storage subsystem based on the request of the application process; based on page table series field adopted by the accessed physical information storage sub, calculating maximum capacity of multi-stage storage which can be stored by a single physical information storage sub corresponding to the page table series; determining an application process catalog item corresponding to the mounting physical information storage sub-page table based on the maximum capacity; in the address space of the application process, according to the determined alignment mode of the directory entries of the application process, a virtual address space with the same capacity as the maximum capacity is allocated for the accessed physical information storage sub at one time; and mounting the accessed physical information storage sub page table to the determined corresponding directory entry of the application process, and establishing a mapping relation between the physical information storage hierarchical data and the address space of the application process so as to realize the random access of the application process to the physical information storage hierarchical data.
The principle effect of the technical scheme is as follows: the physical information storage subsystem includes: paging multi-level memory module: managing all physical information storage hierarchical data in the physical information storage subsystem in units of pages; system multi-level partition module: an index node area and a multi-level storage area are arranged in a physical information storage subsystem; the multi-level storage area comprises a directory page and a multi-level storage page, the directory page is used for storing the physical address of the next-level directory page or the multi-level storage page in the multi-level page table structure, and the multi-level storage page is used for storing the physical information storage sub-data; the multi-level storage pages and the directory pages are arranged in a mixed way in the multi-level storage area; the index node stored in the index node area comprises an index node information field, a page table progression field N and a root directory address field; the page table series field N is used for identifying the page table series adopted by the data stored in the physical information storage sub-unit, and the root directory page address field is used for storing the initial physical address of the N-th directory page of the physical information storage sub-unit; storage management space mapping module: taking the page number of an N-level directory page corresponding to the physical information storage sub as a root directory, taking the page number of an N-1-level directory page as a 1-level sub-directory, and so on, forming an N-level page table directory structure to store and manage the physical information storage hierarchical data, wherein the 1-level directory page is a multi-level storage page; the root directory stores the physical address of the directory page corresponding to the level 1 directory; the 1 st level subdirectory stores the physical address of the directory page corresponding to the 2 nd level subdirectory; similarly, the N-2 level subdirectory stores the physical address of the directory page corresponding to the N-1 level subdirectory; taking the logic sequence of the multi-level memory pages as the traversing sequence of the multi-level page table directory structure; opening the accessed physical information storage subsystem based on the request of the application process; based on page table series field adopted by the accessed physical information storage sub, calculating maximum capacity of multi-stage storage which can be stored by a single physical information storage sub corresponding to the page table series; determining an application process catalog item corresponding to the mounting physical information storage sub-page table based on the maximum capacity; in the address space of the application process, according to the determined alignment mode of the directory entries of the application process, a virtual address space with the same capacity as the maximum capacity is allocated for the accessed physical information storage sub at one time; the accessed physical information storage sub page table is mounted to the corresponding directory entry of the determined application process, and a mapping relation between the physical information storage hierarchical data and the address space of the application process is established so as to realize the random access of the application process to the physical information storage hierarchical data; and the hierarchical diversity and progressive security of the physical information storage are improved.
In one embodiment, the primary defense subsystem includes:
a firewall: the system is connected with the physical information transmission subsystem, detects the physical information and filters the data information with potential safety hazards;
CSU device: the router is connected with the physical information transmission subsystem and is used for acquiring the physical information of the physical information transmission subsystem and sending the physical information to the router;
routing equipment: is connected with CSU equipment and firewall for storing physical information and forwarding packets to the firewall.
The principle effect of the technical scheme is as follows: the primary defense subsystem includes: a firewall: the system is connected with the physical information transmission subsystem, detects the physical information and filters the data information with potential safety hazards; CSU device: the router is connected with the physical information transmission subsystem and is used for acquiring the physical information of the physical information transmission subsystem and sending the physical information to the router; routing equipment: the system is connected with CSU equipment and a firewall and is used for storing physical information and forwarding packets to the firewall; the CSU equipment comprises channel service equipment; and acquiring the physical information of the physical information transmission subsystem, improving the storage and forwarding of the packets to the firewall, and reducing the potential safety hazard.
In one embodiment, the mid-level defense subsystem includes:
gateway secondary detection unit: the device is connected with the firewall and is used for receiving the physical information filtered by the firewall and detecting the physical information filtered by the firewall;
an information filter: filtering data information with potential safety hazards and outputting the data information to a defense terminal subsystem;
gateway secondary detection unit controller: and the physical information re-detection unit is used for controlling the gateway secondary detection unit.
The principle effect of the technical scheme is as follows: the intermediate defense subsystem comprises: gateway secondary detection unit: the device is connected with the firewall and is used for receiving the physical information filtered by the firewall and detecting the physical information filtered by the firewall; an information filter: filtering data information with potential safety hazards and outputting the data information to a defense terminal subsystem; gateway secondary detection unit controller: the physical information re-detection unit is used for controlling the gateway secondary detection unit; and multi-level detection and accurate control can be performed.
In one embodiment, the defending terminal subsystem includes:
and (3) a recoverer: the system is used for filtering the physical information filtered by the medium-level defense subsystem;
an information processor: and recycling and destroying the remaining physical information which cannot be filtered.
The principle effect of the technical scheme is as follows: the defending terminal subsystem includes: and (3) a recoverer: the system is used for filtering the physical information filtered by the medium-level defense subsystem; an information processor: recycling and destroying the rest physical information which cannot be filtered; the filtered physical information can be filtered again; recycling and destroying the rest physical information which cannot be filtered; and the system defense capability and the physical information processing safety are improved.
The intelligent computer physical intrusion detection defense method of the industrial control system comprises the following steps:
s001, the physical information acquisition subsystem acquires the physical information of the computer through big data collection;
s002, the physical information analysis subsystem analyzes the received physical information, further analyzes and associates attribute relations, decomposes complex physical information into simplified composition information, determines information basic attributes and attribute interrelationships of the simplified composition information, and performs deep identification analysis on the physical information;
s003, the physical information storage subsystem stores the data analyzed by the physical information analysis subsystem;
s004, the physical information calculation judging subsystem calculates a formula of the information processed by the physical information analysis subsystem, and judges whether the information is invasive physical information;
s005, the control subsystem of the physical information calculation judgment subsystem controls the whole physical information calculation judgment subsystem, and calculates physical information by issuing an instruction from the physical information calculation judgment subsystem;
s006, the control parameter output subsystem calculates through an equation set and further judges whether the physical information is invasive physical information or not;
s007, when the intrusion type physical information enters the system, the primary defense subsystem firstly intercepts the physical information simply, intercepts some simple intrusion information, issues instructions to the secondary defense subsystem and intercepts the physical information secondarily;
s008, the secondary interception is carried out on the intrusion type physical information which is not intercepted by the primary defense subsystem by the intermediate defense subsystem, and more complex information is simplified;
s009, the defense terminal subsystem finally intercepts the intrusion type physical information which is not intercepted by the defense system in the previous two times and destroys the intrusion type physical information.
The principle effect of the technical scheme is as follows: the intelligent computer physical intrusion detection defense method of the industrial control system can acquire the computer physical information through the physical information acquisition subsystem through big data collection; analyzing the received and collected physical information, further decomposing and associating attribute relations, decomposing complex physical information into simplified component information, determining information basic attributes and attribute interrelationships of the simplified component information, and performing deep identification analysis on the physical information; the physical information storage subsystem stores the data analyzed by the physical information analysis subsystem; the physical information calculation judging subsystem calculates a formula of the information processed by the physical information analysis subsystem and judges whether the information is invasive physical information; the physical information calculation and judgment subsystem control subsystem controls the whole physical information calculation and judgment subsystem, and calculates physical information by issuing an instruction from the physical information calculation and judgment subsystem; the control parameter output subsystem calculates through an equation set and further judges whether the physical information is invasive physical information or not; when the intrusion type physical information enters the system, the primary defense subsystem firstly intercepts the physical information simply, intercepts some simple intrusion information, issues instructions to the secondary defense subsystem and intercepts the physical information secondarily; the intermediate-level defense subsystem performs secondary interception on the intrusion type physical information which is not intercepted by the primary defense subsystem, and simplifies more complex information; the defending terminal subsystem finally intercepts the non-intercepted invasive physical information of the first two defending systems and destroys the non-intercepted invasive physical information; the accuracy of detection and judgment of the invasive physical information is further greatly improved; the hierarchical diversity and progressive security of the physical information storage are improved; and the system defense capability and the physical information processing safety are improved.
Although embodiments of the present invention have been disclosed above, it is not limited to the details and embodiments shown and described, it is well suited to various fields of use for which the invention would be readily apparent to those skilled in the art, and accordingly, the invention is not limited to the specific details and illustrations shown and described herein, without departing from the general concepts defined in the claims and their equivalents.
Claims (8)
1. The intelligent computer physical intrusion detection defense system of the industrial control system is characterized in that: comprising the following steps:
physical information collecting subsystem: the system is used for collecting physical information according to requirements and analyzing and processing the collected information;
physical intrusion detection subsystem: detecting the physical information after analysis;
physical intrusion prevention subsystem: computer network complete equipment for monitoring network or network equipment network data transmission behavior, which can interrupt, adjust or isolate some abnormal or harmful network data transmission behavior in real time;
the physical information collecting subsystem comprises:
physical information acquisition subsystem: the method comprises the steps of acquiring physical information of a computer through big data collection; the computer physical information includes: existing normal physical information and existing intrusion physical information;
physical information analysis subsystem: analyzing the received physical information, further decomposing and associating attribute relations, decomposing complex physical information into simplified composition information, determining information basic attributes and attribute interrelationships of the simplified composition information, and performing deep identification analysis on the physical information;
the physical intrusion detection subsystem comprises a physical information storage subsystem; the physical information storage subsystem comprises:
paging multi-level memory module: managing all physical information storage hierarchical data in the physical information storage subsystem in units of pages;
system multi-level partition module: an index node area and a multi-level storage area are arranged in a physical information storage subsystem; the multi-level storage area comprises a directory page and a multi-level storage page, the directory page is used for storing the physical address of the next-level directory page or the multi-level storage page in the multi-level page table structure, and the multi-level storage page is used for storing the physical information storage sub-data; the multi-level storage pages and the directory pages are arranged in a mixed way in the multi-level storage area; the index node stored in the index node area comprises an index node information field, a page table progression field N and a root directory address field; the page table series field N is used for identifying the page table series adopted by the data stored in the physical information storage sub-unit, and the root directory page address field is used for storing the initial physical address of the N-th directory page of the physical information storage sub-unit;
storage management space mapping module: taking the page number of an N-level directory page corresponding to the physical information storage sub as a root directory, taking the page number of an N-1-level directory page as a 1-level sub-directory, and so on, forming an N-level page table directory structure to store and manage the physical information storage hierarchical data, wherein the 1-level directory page is a multi-level storage page; the root directory stores the physical address of the directory page corresponding to the level 1 directory; the 1 st level subdirectory stores the physical address of the directory page corresponding to the 2 nd level subdirectory; similarly, the N-2 level subdirectory stores the physical address of the directory page corresponding to the N-1 level subdirectory; taking the logic sequence of the multi-level memory pages as the traversing sequence of the multi-level page table directory structure; opening the accessed physical information storage subsystem based on the request of the application process; based on page table series field adopted by the accessed physical information storage sub, calculating maximum capacity of multi-stage storage which can be stored by a single physical information storage sub corresponding to the page table series; determining an application process catalog item corresponding to the mounting physical information storage sub-page table based on the maximum capacity; in the address space of the application process, according to the determined alignment mode of the directory entries of the application process, a virtual address space with the same capacity as the maximum capacity is allocated for the accessed physical information storage sub at one time; and mounting the accessed physical information storage sub page table to the determined corresponding directory entry of the application process, and establishing a mapping relation between the physical information storage hierarchical data and the address space of the application process so as to realize the random access of the application process to the physical information storage hierarchical data.
2. The industrial control system intelligent computer physical intrusion detection defense system of claim 1, wherein: the physical intrusion detection subsystem comprises:
physical information storage subsystem: the data analyzed by the physical information analysis subsystem is stored, so that the subsequent extraction or application is facilitated;
and the physical information calculation and judgment subsystem is as follows: the information processed by the physical information analysis subsystem is subjected to formula calculation to judge whether the information is invasive physical information;
physical information transmission subsystem: when the physical information calculation judging subsystem judges that the physical information is invasive physical information, the physical information transmission subsystem transmits the physical information to the defending system, and prompts the defending system to intercept or destroy the physical information in advance.
3. The industrial control system intelligent computer physical intrusion detection defense system of claim 1, wherein: the physical intrusion prevention subsystem comprises:
primary defense subsystem: when the intrusion type physical information enters the system, the primary defense subsystem firstly intercepts the physical information simply, intercepts some simple intrusion information, issues instructions to the secondary defense subsystem and intercepts the physical information secondarily;
medium-level defense subsystem: performing secondary interception on the intrusion type physical information which is not intercepted by the primary defense subsystem, and simplifying more complex information;
defending the final subsystem: and the method is responsible for finally intercepting and destroying the invasion type physical information which is not intercepted by the first two defense systems.
4. The industrial control system intelligent computer physical intrusion detection defense system of claim 1, wherein: the physical information calculation and judgment subsystem comprises:
control parameter input subsystem: the whole physical information calculation and judgment subsystem is controlled, and the physical information is calculated by issuing an instruction from the physical information calculation and judgment subsystem;
and a control parameter output subsystem: and calculating through an equation set, and further judging whether the physical information is invasive physical information.
5. The industrial control system intelligent computer physical intrusion detection defense system of claim 2, wherein: the primary defense subsystem includes:
a firewall: the system is connected with the physical information transmission subsystem, detects the physical information and filters the data information with potential safety hazards;
CSU device: the router is connected with the physical information transmission subsystem and is used for acquiring the physical information of the physical information transmission subsystem and sending the physical information to the router;
routing equipment: is connected with CSU equipment and firewall for storing physical information and forwarding packets to the firewall.
6. The industrial control system intelligent computer physical intrusion detection defense system of claim 2, wherein: the intermediate defense subsystem comprises:
gateway secondary detection unit: the device is connected with the firewall and is used for receiving the physical information filtered by the firewall and detecting the physical information filtered by the firewall;
an information filter: filtering data information with potential safety hazards and outputting the data information to a defense terminal subsystem;
gateway secondary detection unit controller: and the physical information re-detection unit is used for controlling the gateway secondary detection unit.
7. The industrial control system intelligent computer physical intrusion detection defense system of claim 2, wherein: the defending terminal subsystem includes:
and (3) a recoverer: the system is used for filtering the physical information filtered by the medium-level defense subsystem;
an information processor: and recycling and destroying the remaining physical information which cannot be filtered.
8. An intelligent computer physical intrusion detection defending method of an industrial control system, which is characterized by comprising the following steps based on the intrusion detection defending system of any one of claims 1 to 7:
s001, the physical information acquisition subsystem acquires the physical information of the computer through big data collection;
s002, the physical information analysis subsystem analyzes the received physical information, further analyzes and associates attribute relations, decomposes complex physical information into simplified composition information, determines information basic attributes and attribute interrelationships of the simplified composition information, and performs deep identification analysis on the physical information;
s003, the physical information storage subsystem stores the data analyzed by the physical information analysis subsystem;
s004, the physical information calculation judging subsystem calculates a formula of the information processed by the physical information analysis subsystem, and judges whether the information is invasive physical information;
s005, the control subsystem of the physical information calculation judgment subsystem controls the whole physical information calculation judgment subsystem, and calculates physical information by issuing an instruction from the physical information calculation judgment subsystem;
s006, the control parameter output subsystem calculates through an equation set and further judges whether the physical information is invasive physical information or not;
s007, when the intrusion type physical information enters the system, the primary defense subsystem firstly intercepts the physical information simply, intercepts some simple intrusion information, issues instructions to the secondary defense subsystem and intercepts the physical information secondarily;
s008, the secondary interception is carried out on the intrusion type physical information which is not intercepted by the primary defense subsystem by the intermediate defense subsystem, and more complex information is simplified;
s009, the defense terminal subsystem finally intercepts the intrusion type physical information which is not intercepted by the defense system in the previous two times and destroys the intrusion type physical information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310055792.1A CN116112243B (en) | 2023-01-17 | 2023-01-17 | Industrial control system intelligent computer physical intrusion detection defense system and method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310055792.1A CN116112243B (en) | 2023-01-17 | 2023-01-17 | Industrial control system intelligent computer physical intrusion detection defense system and method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN116112243A CN116112243A (en) | 2023-05-12 |
CN116112243B true CN116112243B (en) | 2023-09-05 |
Family
ID=86255692
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310055792.1A Active CN116112243B (en) | 2023-01-17 | 2023-01-17 | Industrial control system intelligent computer physical intrusion detection defense system and method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116112243B (en) |
Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0596144A1 (en) * | 1992-10-07 | 1994-05-11 | International Business Machines Corporation | Hierarchical memory system for microcode and means for correcting errors in the microcode |
CN1241774A (en) * | 1998-07-14 | 2000-01-19 | 李虹 | Intelligent document recording and copying instrument |
WO2004097584A2 (en) * | 2003-04-28 | 2004-11-11 | P.G.I. Solutions Llc | Method and system for remote network security management |
CN101227254A (en) * | 2008-01-23 | 2008-07-23 | 中兴通讯股份有限公司 | Method for detecting V-BLAST in MIMO system |
CN102446139A (en) * | 2011-11-14 | 2012-05-09 | 奇智软件(北京)有限公司 | Method and device for data storage |
CN103905459A (en) * | 2014-04-14 | 2014-07-02 | 上海电机学院 | Cloud-based intelligent security defense system and defense method |
WO2015103849A1 (en) * | 2014-01-08 | 2015-07-16 | 中兴通讯股份有限公司 | Method, device and system for protecting text information in web page and computer storage medium |
CN105357187A (en) * | 2015-10-12 | 2016-02-24 | 成都玩者天下网络技术有限公司 | Defense system for e-commerce transaction platform |
CN108052541A (en) * | 2017-11-22 | 2018-05-18 | 中国科学院上海微系统与信息技术研究所 | The realization of file system based on multi-level page-table bibliographic structure, access method, terminal |
CN109714344A (en) * | 2018-12-28 | 2019-05-03 | 国汽(北京)智能网联汽车研究院有限公司 | Intelligent network based on " end-pipe-cloud " joins automobile information security platform |
CN111581636A (en) * | 2020-03-26 | 2020-08-25 | 大连交通大学 | Network security monitoring equipment |
KR20220073103A (en) * | 2020-11-26 | 2022-06-03 | 목포대학교산학협력단 | Malware response method to ensure high availability of cyber physical system |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
MA34415B1 (en) * | 2011-12-22 | 2013-08-01 | Univ Mohammed V Agdal | A three-tier security-based intrusion prevention system |
US9401932B2 (en) * | 2012-12-04 | 2016-07-26 | Cyber Adapt, Inc. | Device and method for detection of anomalous behavior in a computer network |
-
2023
- 2023-01-17 CN CN202310055792.1A patent/CN116112243B/en active Active
Patent Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0596144A1 (en) * | 1992-10-07 | 1994-05-11 | International Business Machines Corporation | Hierarchical memory system for microcode and means for correcting errors in the microcode |
CN1241774A (en) * | 1998-07-14 | 2000-01-19 | 李虹 | Intelligent document recording and copying instrument |
WO2004097584A2 (en) * | 2003-04-28 | 2004-11-11 | P.G.I. Solutions Llc | Method and system for remote network security management |
CN101227254A (en) * | 2008-01-23 | 2008-07-23 | 中兴通讯股份有限公司 | Method for detecting V-BLAST in MIMO system |
CN102446139A (en) * | 2011-11-14 | 2012-05-09 | 奇智软件(北京)有限公司 | Method and device for data storage |
WO2015103849A1 (en) * | 2014-01-08 | 2015-07-16 | 中兴通讯股份有限公司 | Method, device and system for protecting text information in web page and computer storage medium |
CN103905459A (en) * | 2014-04-14 | 2014-07-02 | 上海电机学院 | Cloud-based intelligent security defense system and defense method |
CN105357187A (en) * | 2015-10-12 | 2016-02-24 | 成都玩者天下网络技术有限公司 | Defense system for e-commerce transaction platform |
CN108052541A (en) * | 2017-11-22 | 2018-05-18 | 中国科学院上海微系统与信息技术研究所 | The realization of file system based on multi-level page-table bibliographic structure, access method, terminal |
CN109714344A (en) * | 2018-12-28 | 2019-05-03 | 国汽(北京)智能网联汽车研究院有限公司 | Intelligent network based on " end-pipe-cloud " joins automobile information security platform |
CN111581636A (en) * | 2020-03-26 | 2020-08-25 | 大连交通大学 | Network security monitoring equipment |
KR20220073103A (en) * | 2020-11-26 | 2022-06-03 | 목포대학교산학협력단 | Malware response method to ensure high availability of cyber physical system |
Also Published As
Publication number | Publication date |
---|---|
CN116112243A (en) | 2023-05-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111935170B (en) | Network abnormal flow detection method, device and equipment | |
CN107241226B (en) | Fuzzy test method based on industrial control private protocol | |
CN107666490B (en) | A kind of suspicious domain name detection method and device | |
CN107819783A (en) | A kind of network security detection method and system based on threat information | |
CN103428189B (en) | A kind of methods, devices and systems identifying malicious network device | |
CN108289088A (en) | Abnormal traffic detection system and method based on business model | |
CN108696543B (en) | Distributed reflection denial of service attack detection and defense method based on deep forest | |
CN105554016A (en) | Network attack processing method and device | |
CN111614627A (en) | SDN-oriented cross-plane cooperation DDOS detection and defense method and system | |
CN112202759B (en) | APT attack identification and attribution method, system and storage medium based on homology analysis | |
CN113206860B (en) | DRDoS attack detection method based on machine learning and feature selection | |
CN107070930B (en) | Host-oriented suspicious network connection identification method | |
CN103297433A (en) | HTTP botnet detection method and system based on net data stream | |
CN111885106A (en) | Internet of things safety management and control method and system based on terminal equipment characteristic information | |
CN112351018A (en) | DNS hidden channel detection method, device and equipment | |
CN112434304A (en) | Method, server and computer readable storage medium for defending network attack | |
CN112272175A (en) | Trojan horse virus detection method based on DNS | |
CN114301700B (en) | Method, device, system and storage medium for adjusting network security defense scheme | |
CN116112243B (en) | Industrial control system intelligent computer physical intrusion detection defense system and method | |
CN113839925A (en) | IPv6 network intrusion detection method and system based on data mining technology | |
CN115208690A (en) | Screening processing system based on data classification and classification | |
CN117834311B (en) | Malicious behavior identification system for network security | |
CN116527378B (en) | Cloud mobile phone monitoring management method and system | |
Belej et al. | Development of a network attack detection system based on hybrid neuro-fuzzy algorithms. | |
CN109327441A (en) | Attack data integration method, integrating apparatus and the electronic equipment of distributed DDoS system of defense |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |