Industrial control flow analysis system and equipment

Industrial control flow analysis system and equipment

The invention discloses an industrial control traffic analysis system and equipment, and the method comprises the steps: carrying out the package capturing analysis of industrial network traffic data through the equipment, and cleaning the industrial network traffic data to obtain clean protocol tra...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: WEN SHIHUA, LUO SHENGSI, HANG FEILU, ZOU HONG, ZHANG JIAN, HUANG SHICHAO, LIU XINLIN, FENG GUOCONG, LI LINCHENG, DENG WEI, QUAN XUEXIA
Format: Patent
Sprache:chi ; eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The invention discloses an industrial control traffic analysis system and equipment, and the method comprises the steps: carrying out the package capturing analysis of industrial network traffic data through the equipment, and cleaning the industrial network traffic data to obtain clean protocol traffic data and session traffic data; carrying out object identification and restoration on the protocol flow data, identifying the protocol type and type, and judging to know whether the protocol is known or unknown; analyzing the session flow data, and identifying the type of the session behavior; establishing a dynamic network flow white list according to the identification results of S2 and S3; according to the white list, flow analysis and attack detection based on a network attack model are carried out, abnormal data and attack behaviors are identified, and an alarm is given. Through the method and the system, the white list of the network traffic is established, traffic analysis and attack detection are compre