Industrial control network active defense system based on honeynet and method thereof
The invention discloses an industrial control network active defense system based on a honeynet and a method thereof. The system comprises an information collection assembly, a flow analysis assemblyand a knowledge management assembly. The information collection assembly comprises an industrial cont...
Gespeichert in:
| Hauptverfasser: | , , , , , |
|---|---|
| Format: | Patent |
| Sprache: | chi ; eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | The invention discloses an industrial control network active defense system based on a honeynet and a method thereof. The system comprises an information collection assembly, a flow analysis assemblyand a knowledge management assembly. The information collection assembly comprises an industrial control system honeynet, a web crawler and a flow mirror image; the flow analysis assembly comprises aflow processing module, a flow modeling module and a flow evaluation module; the knowledge management component manages all information of an industrial control system network through a knowledge graph, and is divided into an internal network knowledge graph and an external network knowledge graph which are stored in a graph database. The honeynet-based industrial control network active defense system and the method thereof provided by the invention not only can accurately detect the abnormal condition in the network flow of the industrial control system, but also can evaluate the threat degree of the industrial contro |
|---|