• 中国精品科技期刊
  • CCF推荐A类中文期刊
  • 计算领域高质量科技期刊T1类
Advanced Search
Yang An, Hu Yan, Zhou Liang, Zheng Weimin, Shi Zhiqiang, Sun Limin. An Industrial Control System Anomaly Detection Algorithm Fusion by Information Flow and State Flow[J]. Journal of Computer Research and Development, 2018, 55(11): 2532-2542. DOI: 10.7544/issn1000-1239.2018.20170671
Citation: Yang An, Hu Yan, Zhou Liang, Zheng Weimin, Shi Zhiqiang, Sun Limin. An Industrial Control System Anomaly Detection Algorithm Fusion by Information Flow and State Flow[J]. Journal of Computer Research and Development, 2018, 55(11): 2532-2542. DOI: 10.7544/issn1000-1239.2018.20170671
shu

An Industrial Control System Anomaly Detection Algorithm Fusion by Information Flow and State Flow

  • 1(物联网信息安全技术北京市重点实验室(中国科学院信息工程研究所) 北京 100093)

  • 2(中国科学院大学网络空间安全学院 北京 100049)

  • 3(北京科技大学计算机与通信工程学院 北京 100083)

  • 4(中国电力科学研究院 北京 100192)

More Information
  • Published Date: October 31, 2018
    Graphical Abstract
    • Abstract
  • Industrial control system (ICS) has highly correlation with physical environment. As a unique type of ICS attack, sequence attack injects the normal operations into the wrong sequence positions, which disturbs the process or even destroys the equipment. At present, most anomaly detection methods for sequence attack just detect the operation sequence acquiring from information flow. However, ICS is weak in protecting itself from cyber-attacks, which means that the data of information flow can be faked by attackers. The fake data is one of the main issues that can severely affect the detection accuracy. To remedy this problem, a fusion ICS anomaly detection algorithm is proposed in this paper. This algorithm utilizes the state information of equipment to establish the state flow. Via fusing state flow with information flow, the anomaly of operation sequence can be detected from the aspects of time and order. Meanwhile, to extend the detection range and reduce the detection latency, we use the data of state flow to recognize the anomaly state of equipment between two operations, which is caused by the sequence attack or other attacks. The experimental results in an ICS testbed demonstrate that our detection algorithm can detect sequence attack efficiently and recognize part of anomaly state of ICS equipment.
    • FullText(HTML)
    • References (0)
    • Related Articles

  • Related Articles

    [1]Yue Guangxue, Chen Guanglu, Lu Min, Yang Xiaohui, Liu Jianhua, Huang Chunlan, Yang Zhongming. A Computation Offloading Algorithm with Path Selection Based on K-shell Influence Maximization[J]. Journal of Computer Research and Development, 2021, 58(9): 2025-2039. DOI: 10.7544/issn1000-1239.2021.20200338
    [2]Cao Jiuxin, Gao Qingqing, Xia Rongqing, Liu Weijia, Zhu Xuelin, Liu Bo. Information Propagation Prediction and Specific Information Suppression in Social Networks[J]. Journal of Computer Research and Development, 2021, 58(7): 1490-1503. DOI: 10.7544/issn1000-1239.2021.20200809
    [3]Zhang Liqing, Guo Dong, Wu Shaoling, Cui Haibo, Wang Wei. An Ultra Lightweight Container that Maximizes Memory Sharing and Minimizes the Runtime Environment[J]. Journal of Computer Research and Development, 2019, 56(7): 1545-1555. DOI: 10.7544/issn1000-1239.2019.20180511
    [4]Yan Xiaoqiang, Ye Yangdong. Cross-Media Clustering by Share and Private Information Maximization[J]. Journal of Computer Research and Development, 2019, 56(7): 1370-1382. DOI: 10.7544/issn1000-1239.2019.20180470
    [5]Zhang Fenxiang, Chen Huahui, Qian Jiangbo, Dong Yihong. HSSM: A Hierarchical Method for Streaming Submodular Maximization[J]. Journal of Computer Research and Development, 2016, 53(8): 1792-1805. DOI: 10.7544/issn1000-1239.2016.20160140
    [6]Li Xiaokang, Zhang Xi, Sun Hao, Sun Guangzhong. Influence Maximization Across Multi-Channels in Social Network[J]. Journal of Computer Research and Development, 2016, 53(8): 1709-1718. DOI: 10.7544/issn1000-1239.2016.20160211
    [7]Guo Jingfeng, Lü Jiaguo. Influence Maximization Based on Information Preference[J]. Journal of Computer Research and Development, 2015, 52(2): 533-541. DOI: 10.7544/issn1000-1239.2015.20131311
    [8]Zhu Xiang, Jia Yan, Nie Yuanping, Qu Ming. Event Propagation Analysis on Microblog[J]. Journal of Computer Research and Development, 2015, 52(2): 437-444. DOI: 10.7544/issn1000-1239.2015.20140187
    [9]Chen Hao and Wang Yitong. Threshold-Based Heuristic Algorithm for Influence Maximization[J]. Journal of Computer Research and Development, 2012, 49(10): 2181-2188.
    [10]Qi Yingjian, Luo Siwei, Huang Yaping, Li Aijun, Liu Yunhui. An Annealing Expectation Maximization Algorithm[J]. Journal of Computer Research and Development, 2006, 43(4): 654-660.

  • Cited by

    Periodical cited type(10)

    1. 王娟,努尔买买提·黑力力. 基于字典分级和属性加权的密文排序检索方案. 新疆大学学报(自然科学版)(中英文). 2024(02): 246-256 .
    2. 刘佩恒,张劼,张华,张欣,王梦迪. 支持语义扩展的多关键词密文检索方案. 中国电子科学研究院学报. 2024(01): 42-52 .
    3. 於湘涛,温刚,刘冉,舒斐,刘威麟,赛峰. 电力调度自动化网络安全防护技术研究. 微型电脑应用. 2024(12): 187-190+198 .
    4. 刘宁,牛佳乐,郑剑,李思岑,王丹丹. 基于向量空间模型的信息资源关键词智能检索工具的研究. 自动化技术与应用. 2023(10): 105-107+161 .
    5. 管小明,李宏俊. 基于支持可验证的物联网感知层信息加密仿真. 计算机仿真. 2023(11): 357-360+441 .
    6. 黄健,铁治欣,宋滢锟. 云存储环境中多关键词加密排序搜索方法研究. 软件导刊. 2022(01): 226-232 .
    7. 牛淑芬,张美玲,周思玮,闫森. 面向移动终端的密文可验证属性基可搜索加密方案. 计算机工程与科学. 2022(11): 1941-1950 .
    8. 陈红鹏,樊增辉. 基于数据加密技术的海外数据中心拓扑架构设计. 微型电脑应用. 2022(12): 204-208 .
    9. 王娜,郑坤,付俊松,李剑. 基于分块的移动边缘计算密文检索方法. 通信学报. 2020(07): 95-102 .
    10. 霍颖瑜. 基于混沌算法的高端装备指令数据加密方法. 兵器装备工程学报. 2020(11): 190-193 .

    Other cited types(14)

Catalog

    Get Citation
    PDF
    XML
    Article views (1113) PDF downloads (484) Cited by(24)
    Turn off MathJax
    Article Contents
    Abstract
    Related Articles
    Email Alert RSS
    微信订阅号<br/>(实时资讯)

    微信订阅号
    (实时资讯)

    微信服务号<br/>(同步网站)

    微信服务号
    (同步网站)

    微信视频号<br/>(视频分享)

    微信视频号
    (视频分享)

    CCF<br/>(扫码入会)

    CCF
    (扫码入会)

    Copyright © Editorial Department of Computer Research and Development

    Supported by: Beijing Renhe Information Technology Co., Ltd. Baidu Analytics

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return