SIA OpenIR  > 工业控制网络与系统研究室
Modbus/TCP Communication Anomaly Detection Based on PSO-SVM
Shang WL(尚文利); Zhang SS(张盛山); Wan M(万明)
作者部门工业控制网络与系统研究室
会议名称2013 the 3rd International Conference on Communication and Network Security (ICCNS 2013)
会议日期November 16-17, 2013
会议地点London, UK
会议录名称2013 the 3rd International Conference on Communication and Network Security (ICCNS 2013)
2013
页码1-10
产权排序1
关键词Pso Svm Modbus Function Code Sequence Anomaly Detection Industrial Security Gateway
摘要

Industrial firewall and intrusion detection system based on Modbus TCP protocol analysis and "whitelist" policy cannot effectively identify attacks on Modbus controller which exactly take advantage of the configured rules. An Industrial control systems simulation environment is established and a data preprocessing method for Modbus TCP traffic captured is designed to meet the need of anomaly detection module. Furthermore a Modbus function code sequence anomaly detection model based on SVM optimized by PSO method is designed. And the model can effectively identify abnormal Modbus TCP traffic, according to frequency of different short mode sequences in a Modbus code sequence.

语种英语
文献类型会议论文
条目标识符http://ir.sia.cn/handle/173321/13875
专题工业控制网络与系统研究室
作者单位Shenyang Institute of Automation, Chinese Academy of Science, Shenyang 110016, China
推荐引用方式
GB/T 7714
Shang WL,Zhang SS,Wan M. Modbus/TCP Communication Anomaly Detection Based on PSO-SVM[C],2013:1-10.
条目包含的文件 下载所有文件
文件名称/大小 文献类型 版本类型 开放类型 使用许可
Modbus TCP Communica(3536KB)会议论文 开放获取CC BY-NC-SA浏览 下载
个性服务
推荐该条目
保存到收藏夹
查看访问统计
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Shang WL(尚文利)]的文章
[Zhang SS(张盛山)]的文章
[Wan M(万明)]的文章
百度学术
百度学术中相似的文章
[Shang WL(尚文利)]的文章
[Zhang SS(张盛山)]的文章
[Wan M(万明)]的文章
必应学术
必应学术中相似的文章
[Shang WL(尚文利)]的文章
[Zhang SS(张盛山)]的文章
[Wan M(万明)]的文章
相关权益政策
暂无数据
收藏/分享
文件名: Modbus TCP Communication Anomaly Detection Based on PSO-SVM.pdf
格式: Adobe PDF
所有评论 (0)
暂无评论
 

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。