Method for intrusion detection in industrial automation and control system
A method and system for automatic signalling an alert when a possible intrusion occurs in an industrial automation and control system, based on security events which occur in the industrial automation and control system or are externally fed into the system. The method includes the steps of: (a) det...
Gespeichert in:
Hauptverfasser: | , , |
---|---|
Format: | Patent |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext bestellen |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
container_end_page | |
---|---|
container_issue | |
container_start_page | |
container_title | |
container_volume | |
creator | Obermeier, Sebastian Wahler, Michael Schlegel, Roman |
description | A method and system for automatic signalling an alert when a possible intrusion occurs in an industrial automation and control system, based on security events which occur in the industrial automation and control system or are externally fed into the system. The method includes the steps of: (a) determining a correlation of a first and second security event and storing the correlation in an event database, wherein the correlation includes a probability that the first security event is followed by the second security event within a normalized time period, (b) identifying a candidate event as the first security event, based on event information of the candidate event, upon occurrence of the candidate event, (c) classifying the candidate event as anomalous when the probability exceeds a predetermined threshold and no second security event follows the candidate event within the normalized time period, and (d) signalling the alert indicating the candidate event. |
format | Patent |
fullrecord | <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US10187411B2</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US10187411B2</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US10187411B23</originalsourceid><addsrcrecordid>eNrjZPDyTS3JyE9RSMsvUsjMKykqLc7Mz1NISS1JTS4BsTJBKKW0uKQoMzFHIbG0JD83ESyRmJeikJwP1JGfo1BcWVySmsvDwJqWmFOcyguluRkU3VxDnD10Uwvy41OLCxKTU_NSS-JDgw0NDC3MTQwNnYyMiVEDAH5oNfU</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>Method for intrusion detection in industrial automation and control system</title><source>esp@cenet</source><creator>Obermeier, Sebastian ; Wahler, Michael ; Schlegel, Roman</creator><creatorcontrib>Obermeier, Sebastian ; Wahler, Michael ; Schlegel, Roman</creatorcontrib><description>A method and system for automatic signalling an alert when a possible intrusion occurs in an industrial automation and control system, based on security events which occur in the industrial automation and control system or are externally fed into the system. The method includes the steps of: (a) determining a correlation of a first and second security event and storing the correlation in an event database, wherein the correlation includes a probability that the first security event is followed by the second security event within a normalized time period, (b) identifying a candidate event as the first security event, based on event information of the candidate event, upon occurrence of the candidate event, (c) classifying the candidate event as anomalous when the probability exceeds a predetermined threshold and no second security event follows the candidate event within the normalized time period, and (d) signalling the alert indicating the candidate event.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; CONTROL OR REGULATING SYSTEMS IN GENERAL ; CONTROLLING ; COUNTING ; ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRIC DIGITAL DATA PROCESSING ; ELECTRICITY ; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS ; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS ORELEMENTS ; PHYSICS ; REGULATING ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2019</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20190122&DB=EPODOC&CC=US&NR=10187411B2$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,780,885,25564,76547</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20190122&DB=EPODOC&CC=US&NR=10187411B2$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Obermeier, Sebastian</creatorcontrib><creatorcontrib>Wahler, Michael</creatorcontrib><creatorcontrib>Schlegel, Roman</creatorcontrib><title>Method for intrusion detection in industrial automation and control system</title><description>A method and system for automatic signalling an alert when a possible intrusion occurs in an industrial automation and control system, based on security events which occur in the industrial automation and control system or are externally fed into the system. The method includes the steps of: (a) determining a correlation of a first and second security event and storing the correlation in an event database, wherein the correlation includes a probability that the first security event is followed by the second security event within a normalized time period, (b) identifying a candidate event as the first security event, based on event information of the candidate event, upon occurrence of the candidate event, (c) classifying the candidate event as anomalous when the probability exceeds a predetermined threshold and no second security event follows the candidate event within the normalized time period, and (d) signalling the alert indicating the candidate event.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>CONTROL OR REGULATING SYSTEMS IN GENERAL</subject><subject>CONTROLLING</subject><subject>COUNTING</subject><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>ELECTRICITY</subject><subject>FUNCTIONAL ELEMENTS OF SUCH SYSTEMS</subject><subject>MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS ORELEMENTS</subject><subject>PHYSICS</subject><subject>REGULATING</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2019</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNrjZPDyTS3JyE9RSMsvUsjMKykqLc7Mz1NISS1JTS4BsTJBKKW0uKQoMzFHIbG0JD83ESyRmJeikJwP1JGfo1BcWVySmsvDwJqWmFOcyguluRkU3VxDnD10Uwvy41OLCxKTU_NSS-JDgw0NDC3MTQwNnYyMiVEDAH5oNfU</recordid><startdate>20190122</startdate><enddate>20190122</enddate><creator>Obermeier, Sebastian</creator><creator>Wahler, Michael</creator><creator>Schlegel, Roman</creator><scope>EVB</scope></search><sort><creationdate>20190122</creationdate><title>Method for intrusion detection in industrial automation and control system</title><author>Obermeier, Sebastian ; Wahler, Michael ; Schlegel, Roman</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US10187411B23</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2019</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>CONTROL OR REGULATING SYSTEMS IN GENERAL</topic><topic>CONTROLLING</topic><topic>COUNTING</topic><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>ELECTRICITY</topic><topic>FUNCTIONAL ELEMENTS OF SUCH SYSTEMS</topic><topic>MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS ORELEMENTS</topic><topic>PHYSICS</topic><topic>REGULATING</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>Obermeier, Sebastian</creatorcontrib><creatorcontrib>Wahler, Michael</creatorcontrib><creatorcontrib>Schlegel, Roman</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Obermeier, Sebastian</au><au>Wahler, Michael</au><au>Schlegel, Roman</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>Method for intrusion detection in industrial automation and control system</title><date>2019-01-22</date><risdate>2019</risdate><abstract>A method and system for automatic signalling an alert when a possible intrusion occurs in an industrial automation and control system, based on security events which occur in the industrial automation and control system or are externally fed into the system. The method includes the steps of: (a) determining a correlation of a first and second security event and storing the correlation in an event database, wherein the correlation includes a probability that the first security event is followed by the second security event within a normalized time period, (b) identifying a candidate event as the first security event, based on event information of the candidate event, upon occurrence of the candidate event, (c) classifying the candidate event as anomalous when the probability exceeds a predetermined threshold and no second security event follows the candidate event within the normalized time period, and (d) signalling the alert indicating the candidate event.</abstract><oa>free_for_read</oa></addata></record> |
fulltext | fulltext_linktorsrc |
identifier | |
ispartof | |
issn | |
language | eng |
recordid | cdi_epo_espacenet_US10187411B2 |
source | esp@cenet |
subjects | CALCULATING COMPUTING CONTROL OR REGULATING SYSTEMS IN GENERAL CONTROLLING COUNTING ELECTRIC COMMUNICATION TECHNIQUE ELECTRIC DIGITAL DATA PROCESSING ELECTRICITY FUNCTIONAL ELEMENTS OF SUCH SYSTEMS MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS ORELEMENTS PHYSICS REGULATING TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION |
title | Method for intrusion detection in industrial automation and control system |
url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-23T11%3A03%3A14IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Obermeier,%20Sebastian&rft.date=2019-01-22&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS10187411B2%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |