KNOWLEDGE GRAPH FOR REAL TIME INDUSTRIAL CONTROL SYSTEM SECURITY EVENT MONITORING AND MANAGEMENT

KNOWLEDGE GRAPH FOR REAL TIME INDUSTRIAL CONTROL SYSTEM SECURITY EVENT MONITORING AND MANAGEMENT

Methods and systems are disclosed for security management in an industrial control system (ICS). An event entity detection and linking module generates a model for a plurality of event entities extracted from a plurality of different data sources including one ICS data source and one IT data source....

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: WEI, Dong, PI, Jiaxing, PFLEGER DE AGUIAR, Leandro, WU, Yinghui
Format: Patent
Sprache:eng ; fre ; ger
Schlagworte:
CALCULATING
COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Methods and systems are disclosed for security management in an industrial control system (ICS). An event entity detection and linking module generates a model for a plurality of event entities extracted from a plurality of different data sources including one ICS data source and one IT data source. The model encodes a set of linked event entities and their relationships, each event entity associated with a vector of attribute value pairs. A data standardization of domain knowledge includes translating, by a machine learning application, extracted knowledge base information to rules for the constraints and using the rules to validate the constraints and to add new constraints. A fusion module performs temporal correlation detection across data streams of the different data sources for establishing causality between triplets of association models within a defined time span.