Anomaly Detection Approach based on Function Code Traffic by Using CUSUM Algorithm

机译：基于CUSUM算法的功能码流量的异常检测方法

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

There is an increasing consensus that it is necessary to resolve the security issues in today's industrial control system. From this point, this paper proposes an anomaly detection approach based on function code traffic to detect abnormal Modbus/TCP communication behaviors efficiently. Furthermore, this approach analyzes the Modbus/TCP communication packets in depth, and obtains the function code in each packet. According to the function code traffic change, this approach uses the Cumulative Sum (CUSUM) algorithm for change point detection, and generates an alarm. Our simulation results show that, the proposed approach is very available and effective to provide the security for industrial control system. Besides, we also discuss some advantages and drawbacks when using this approach.

机译：越来越多的共识是，有必要解决当今工业控制系统中的安全问题。从这一点来看，本文提出了一种基于功能码流量的异常检测方法，以有效地检测异常的Modbus / TCP通信行为。此外，该方法深入地分析了Modbus / TCP通信分组，并在每个分组中获得功能代码。根据功能代码流量更改，此方法使用累积和算法来改变点检测，并产生警报。我们的仿真结果表明，该方法非常可用，有效地为工业控制系统提供安全性。此外，我们还讨论了使用这种方法时的一些优点和缺点。

著录项

来源
《National Conference on Electrical, Electronics and Computer Engineering》|2015年|846-1688p|共6页
会议地点
作者
Ming Wan; Wenli Shang; Peng Zeng;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP3-53;
关键词
Anomaly detection; Modbus/TCP; Function code traffic; Cumulative sum;

机译：异常检测;Modbus / TCP;功能代码流量;累积总和;

相似文献

外文文献
中文文献
专利

1. C-NSA: a hybrid approach based on artificial immune algorithms for anomaly detection in web traffic [J] . Dandil Emre Information Security, IET . 2020,第6期

机译：C-NSA：一种基于人工免疫算法的混合方法，用于Web流量中的异常检测
2. Anomaly Detection Based on a Multi-class CUSUM Algorithm for WSN [J] . Zhenghong Xiao1, 2, Zhigang Chen1, Journal of Computers . 2010,第2期

机译：基于多级CUSUM算法的异常检测WSN
3. An autonomous labeling approach to support vector machines algorithms for network traffic anomaly detection [J] . Carlos A. Catania, Facundo Brom erg, Carlos Garcia Garino Expert Systems with Application . 2012,第2期

机译：一种支持向量机算法的自主标记方法，用于网络流量异常检测
4. Anomaly Detection Approach based on Function Code Traffic by Using CUSUM Algorithm [C] . Ming Wan, Wenli Shang, Peng Zeng National Conference on Electrical, Electronics and Computer Engineering . 2015

机译：基于CUSUM算法的功能码流量的异常检测方法
5. A new approach to network traffic anomaly detection. [D] . Petsuwan, Wanchalearm. 2010

机译：一种用于网络流量异常检测的新方法。
6. Data-driven approach of CUSUM algorithm in temporal aberrant event detection using interactive web applications [O] . Ye Li, Michael Whelan, Leigh Hobbs, 2016

机译：使用交互式Web应用程序的时态异常事件检测中CUSUM算法的数据驱动方法
7. Anomaly Detection Approach based on Function Code Traffic by Using CUSUM Algorithm [O] . Ming Wan, Wenli Shang, Peng Zeng 2016

机译：基于CUSUM算法的功能码流量的异常检测方法
8. Development of Algorithms for Travel Time-Based Traffic Signal Timing, Phase I: A Hybrid Extended Kalman Filtering Approach for Traffic Density Estimation along Signalized Arterials [R] . Liu, H. X., Di, X. 2010

机译：基于行程时间的交通信号配时算法的发展，第一阶段：基于信号干线的交通密度估计的混合扩展卡尔曼滤波方法

Anomaly Detection Approach based on Function Code Traffic by Using CUSUM Algorithm

摘要

著录项

相似文献

相关主题

期刊订阅