CN216792710U - Distributed industrial control intrusion detection system - Google Patents

Distributed industrial control intrusion detection system Download PDF

Info

Publication number
CN216792710U
CN216792710U CN202122649165.XU CN202122649165U CN216792710U CN 216792710 U CN216792710 U CN 216792710U CN 202122649165 U CN202122649165 U CN 202122649165U CN 216792710 U CN216792710 U CN 216792710U
Authority
CN
China
Prior art keywords
industrial control
intrusion detection
control system
unit
electrically connected
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202122649165.XU
Other languages
Chinese (zh)
Inventor
谢昕
李欣磊
徐磊
宁蔚烨
黄钰慧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
East China Jiaotong University
Original Assignee
East China Jiaotong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by East China Jiaotong University filed Critical East China Jiaotong University
Priority to CN202122649165.XU priority Critical patent/CN216792710U/en
Application granted granted Critical
Publication of CN216792710U publication Critical patent/CN216792710U/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Burglar Alarm Systems (AREA)

Abstract

The utility model discloses a distributed industrial control intrusion detection system which comprises an industrial control system, wherein an intrusion detection module is electrically connected to the output end of the industrial control system in a bidirectional mode, a terminal processor is electrically connected to the output end of the intrusion detection module in the bidirectional mode, a front-end protection system is electrically connected to the output end of the terminal processor in the bidirectional mode, and the output end of the front-end protection system is electrically connected to the input end of the industrial control system in the bidirectional mode. According to the utility model, the data flow or the connection terminal which is suddenly increased in the industrial control system is detected and tracked through the intrusion detection module, when the abnormal signal is confirmed to be the intrusion information, the front-end protection system intercepts the data and further repairs the industrial control system, and the problems that the existing intrusion detection system is single in structure and function and does not have the function of maintaining and repairing the industrial control system when the intrusion signal is detected are solved.

Description

Distributed industrial control intrusion detection system
Technical Field
The utility model relates to the technical field of industrial systems, in particular to a distributed industrial control intrusion detection system.
Background
The industrial control system is an electronic system for improving industrial production automation, and in order to ensure the operation safety of the industrial control system, the industrial control system needs to intercept intrusion data through an intrusion detection system, but the structure and the function of the existing intrusion detection system are single, and the industrial control system is not maintained and repaired when an intrusion signal is detected.
SUMMERY OF THE UTILITY MODEL
In order to solve the problems in the background art, the present invention aims to provide a distributed industrial control intrusion detection system, which has the advantage of repairing and protecting the system, and solves the problems that the existing intrusion detection system has a single structure and function and does not maintain and repair the industrial control system when an intrusion signal is detected.
In order to achieve the purpose, the utility model provides the following technical scheme: a distributed industrial control intrusion detection system comprises an industrial control system;
the two-way electricity of industrial control system's output is connected with the intrusion detection module, the two-way electricity of output of intrusion detection module is connected with the terminal treater, the two-way electricity of output of terminal treater is connected with front end protection system, front end protection system's the output is connected with the two-way electricity of industrial control system's input.
Preferably, the intrusion detection module includes a traffic monitoring unit, a dynamic monitoring unit, and a suspicious connection determination unit.
Preferably, the output end of the terminal processor is electrically connected with a 5G data transceiver module in a bidirectional mode, and the output end of the 5G data transceiver module is electrically connected with a manual monitoring platform in a remote bidirectional mode.
Preferably, the output end of the terminal processor is electrically connected with a storage terminal in a bidirectional manner, and the output end of the storage terminal is electrically connected with the input end of the 5G data transceiving module in a bidirectional manner.
Preferably, the front-end protection system comprises a port interception unit, an inbound rule modification unit and a firewall repair unit.
Preferably, the intrusion detection module includes a microprocessor and a data cache unit.
Compared with the prior art, the utility model has the following beneficial effects:
1. according to the utility model, the data flow or the connection terminal which is suddenly increased in the industrial control system is detected and tracked through the intrusion detection module, when the abnormal signal is confirmed to be the intrusion information, the front-end protection system intercepts the data and further repairs the industrial control system, and the problems that the existing intrusion detection system is single in structure and function and does not have the function of maintaining and repairing the industrial control system when the intrusion signal is detected are solved.
2. According to the utility model, the monitoring range of the intrusion detection module can be improved and the judgment accuracy of the intrusion signal can be improved by arranging the flow monitoring unit, the dynamic monitoring unit and the suspicious connection judgment unit.
3. According to the utility model, through the arrangement of the 5G data transceiver module and the manual monitoring platform, the abnormal data can be manually reviewed, and the condition of judgment errors is avoided.
4. According to the utility model, the storage terminal is arranged, so that the operation log of the intrusion detection module can be stored, and a monitor can conveniently extract data.
5. The utility model can repair and maintain the industrial control system and repair the invasion loopholes by arranging the port interception unit, the inbound rule changing unit and the firewall repairing unit.
6. The utility model can reduce the operation pressure of the terminal processor and improve the operation speed of the terminal processor by arranging the microprocessor and the data cache unit.
Drawings
FIG. 1 is a schematic diagram of the system of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, the distributed industrial control intrusion detection system provided by the present invention includes an industrial control system;
the bidirectional electric connection of output of industrial control system has the intrusion detection module, and the bidirectional electric connection of output of intrusion detection module has the terminal treater, and the bidirectional electric connection of output of terminal treater has front end protection system, and the output of front end protection system is connected with the bidirectional electric connection of industrial control system's input.
Referring to fig. 1, the intrusion detection module includes a traffic monitoring unit, a dynamic monitoring unit, and a suspicious connection determination unit.
As a technical optimization scheme of the utility model, the monitoring range of the intrusion detection module can be improved and the judgment accuracy of the intrusion signal can be improved by arranging the flow monitoring unit, the dynamic monitoring unit and the suspicious connection judgment unit.
Referring to fig. 1, the output end of the terminal processor is electrically connected with a 5G data transceiver module in a bidirectional manner, and the output end of the 5G data transceiver module is electrically connected with a manual monitoring platform in a remote bidirectional manner.
As a technical optimization scheme of the utility model, the 5G data transceiver module and the manual monitoring platform are arranged, so that abnormal data can be reviewed manually, and the condition of judgment errors is avoided.
Referring to fig. 1, the output terminal of the terminal processor is electrically connected with a storage terminal in both directions, and the output terminal of the storage terminal is electrically connected with the input terminal of the 5G data transceiver module in both directions.
As a technical optimization scheme of the utility model, the storage terminal is arranged, so that the operation log of the intrusion detection module can be stored, and a monitor can conveniently extract data.
Referring to fig. 1, the front-end protection system is composed of a port interception unit, an inbound rule modification unit, and a firewall repair unit.
As a technical optimization scheme of the utility model, the port interception unit, the inbound rule modification unit and the firewall repair unit are arranged, so that the industrial control system can be repaired and maintained, and the invasion loopholes can be repaired.
Referring to fig. 1, the intrusion detection module includes a microprocessor and a data cache unit.
As a technical optimization scheme of the utility model, the running pressure of the terminal processor can be reduced and the running speed of the terminal processor can be improved by arranging the microprocessor and the data cache unit.
The working principle and the using process of the utility model are as follows: during the use, detect the data flow or the connecting terminal that increase suddenly inside the industrial control system and track it through intrusion detection module, when unusual flow sent unusual instruction, the terminal processor passes through 5G data transceiver module with information transfer to artifical monitor platform, artifical monitor platform carries out artifical review to unusual operation, when unusual signal is confirmed as invasion information, front end protection system intercepts data and utilizes inbound rule change unit and prevent that hot wall repair unit carries out further restoration to the industrial control system.
In summary, the following steps: this distributed industrial control intrusion detection system detects the inside data flow or the connecting terminal that increases suddenly of industrial control system and tracks it through intrusion detection module, and when abnormal signal was confirmed as invasion information, the front end protection system was intercepted data and was further restoreed industrial control system, and it is comparatively single with the function to have solved current intrusion detection system structure, does not possess and maintains prosthetic problem to industrial control system when detecting the invasion signal.

Claims (6)

1. A distributed industrial control intrusion detection system comprises an industrial control system;
the method is characterized in that: the two-way electricity of industrial control system's output is connected with the intrusion detection module, the two-way electricity of output of intrusion detection module is connected with the terminal treater, the two-way electricity of output of terminal treater is connected with front end protection system, front end protection system's the output is connected with the two-way electricity of industrial control system's input.
2. The distributed industrial control intrusion detection system of claim 1, wherein: the intrusion detection module comprises a flow monitoring unit, a dynamic monitoring unit and a suspicious connection judging unit.
3. The distributed industrial control intrusion detection system of claim 1, wherein: the output end of the terminal processor is electrically connected with a 5G data transceiver module in a bidirectional mode, and the output end of the 5G data transceiver module is electrically connected with a manual monitoring platform in a remote bidirectional mode.
4. A distributed industrial control intrusion detection system according to claim 3 wherein: the output end of the terminal processor is electrically connected with a storage terminal in a bidirectional mode, and the output end of the storage terminal is electrically connected with the input end of the 5G data receiving and transmitting module in a bidirectional mode.
5. The distributed industrial control intrusion detection system of claim 1, wherein: the front-end protection system consists of a port interception unit, an inbound rule change unit and a firewall repair unit.
6. The distributed industrial control intrusion detection system of claim 1, wherein: the intrusion detection module comprises a microprocessor and a data cache unit.
CN202122649165.XU 2021-11-01 2021-11-01 Distributed industrial control intrusion detection system Active CN216792710U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202122649165.XU CN216792710U (en) 2021-11-01 2021-11-01 Distributed industrial control intrusion detection system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202122649165.XU CN216792710U (en) 2021-11-01 2021-11-01 Distributed industrial control intrusion detection system

Publications (1)

Publication Number Publication Date
CN216792710U true CN216792710U (en) 2022-06-21

Family

ID=82003209

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202122649165.XU Active CN216792710U (en) 2021-11-01 2021-11-01 Distributed industrial control intrusion detection system

Country Status (1)

Country Link
CN (1) CN216792710U (en)

Similar Documents

Publication Publication Date Title
CN110912652B (en) Mining anti-interference communication module and communication control method
CN202351153U (en) Multi-interface gas detection sensor
CN206645724U (en) A kind of crane girder deforms prior-warning device
CN101086513A (en) Transmission line real-time on-line monitoring method based on acoustic emission principle and the device
CN216792710U (en) Distributed industrial control intrusion detection system
CN102009690B (en) Crane as well as steering security control system and method thereof
CN202563002U (en) Lightning arrester remote on-line monitoring system
CN203299319U (en) Locomotive insulation detection device
CN202703308U (en) Vehicle-mounted super capacitor management system
CN210536655U (en) Mining anti-interference communication module
CN213987749U (en) Smoke alarm device for preventing cable from being broken outside
CN105863736A (en) Coal mine gas monitoring system
CN203237240U (en) Controller for dry vacuum pump of battery electric vehicle
CN202016844U (en) Safe limiting system with extent limitation and moment limitation redundancies
CN204652035U (en) A kind of Signal Detecting Circuit for Automatic Transfer Switching Equipment
CN102407778A (en) Real-time anti-interference complementation type vehicle-mounted leakage detection system
CN201750423U (en) Expert diagnostic database based transmitter alarm linking system
CN201355444Y (en) Engineering machinery remote monitoring device with communication cable detection function
CN201907503U (en) Crane and steering safety control system thereof
CN102145869A (en) Safety limit system for amplitude limit and torque limit redundancy
CN205160045U (en) Landfill gas body engine safety arrangement
CN2844988Y (en) A kind of based on control area net network technology coal mine safety monitoring system
CN202433728U (en) System for monitoring running state of mining ventilator on line
CN202421404U (en) On-line monitoring system for transformer
CN221076170U (en) Steam pipeline leakage joint detection device

Legal Events

Date Code Title Description
GR01 Patent grant
GR01 Patent grant