中国科学院沈阳自动化研究所机构知识库
Advanced  
SIA OpenIR  > 工业控制网络与系统研究室  > 专利
专利名称: 基于SVM的Modbus TCP通讯的异常检测方法
其他题名: Method for detecting anomaly of Modbus TCP (transmission control protocol) communication on basis of SVM (support vector machine)
作者: 尚文利; 万明; 曾鹏; 赵剑明; 刘贤达; 张华良
所属部门: 工业控制网络与系统研究室
专利权人: 中国科学院沈阳自动化研究所
专利代理: 沈阳科苑专利商标代理有限公司 21002
专利国别: 中国
专利类型: 发明
专利状态: 公开
摘要: 本发明基于SVM提出了的工业控制系统Modbus?TCP通讯的异常检测方法。该方法设计了Modbus?TCP通讯序列的特征选择处理方法,及转换为SVM异常检测模型所需数据格式的预处理方法,设计了一种利用粒子群算法PSO进行参数寻优的PSO-SVM异常检测方法,能提升方法分类识别的精度。该方法基于Modbus功能码序列中的模式短序列出现的频率,识别出工业控制系统中异常的Modbus?TCP通讯流量,具有识别未知攻击行为的能力。
英文摘要: The invention provides a method for detecting anomaly of Modbus TCP (transmission control protocol) communication of industrial control systems on the basis of a SVM (support vector machine). The method has the advantages that processes for selecting and processing features of Modbus TCP communication sequences, preprocessing processes for obtaining data formats required by an SVM anomaly detection model by means of conversion and PSO (particle swarm optimization)-SVM anomaly detection processes for optimizing parameters by the aid of particle swarm optimization (PSO) are designed, so that the classification and identification precision of the method can be improved; abnormal Modbus TCP communication flow in the industrial control systems can be identified by the aid of the method on the basis of frequencies of occurrence of mode short sequences in Modbus function code sequences, and accordingly unknown attack behavior can be identified.
是否PCT专利:
申请日期: 2013-12-10
公开日期: 2015-06-10
专利申请号: CN201310667742.5
公布/公告号: CN104702460A
语种: 中文
产权排序: 1
内容类型: 专利
URI标识: http://ir.sia.cn/handle/173321/15925
Appears in Collections:工业控制网络与系统研究室_专利

Files in This Item: Download All
File Name/ File Size Content Type Version Access License
CN201310667742.5.pdf(786KB)专利--开放获取View Download

Recommended Citation:
尚文利,万明,曾鹏,等. 基于SVM的Modbus TCP通讯的异常检测方法. CN104702460A. 2015.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[尚文利]'s Articles
[万明]'s Articles
[曾鹏]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[尚文利]‘s Articles
[万明]‘s Articles
[曾鹏]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
文件名: CN201310667742.5.pdf
格式: Adobe PDF
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2016  中国科学院沈阳自动化研究所 - Feedback
Powered by CSpace