Modbus/TCP Communication Anomaly Detection Based on PSO-SVM
文献类型:会议论文
| 作者 | Shang WL(尚文利) ; Zhang SS(张盛山); Wan M(万明)
|
| 出版日期 | 2013 |
| 会议名称 | 2013 the 3rd International Conference on Communication and Network Security (ICCNS 2013) |
| 会议日期 | November 16-17, 2013 |
| 会议地点 | London, UK |
| 关键词 | PSO SVM Modbus function code Sequence anomaly detection Industrial security gateway |
| 页码 | 1-10 |
| 中文摘要 | Industrial firewall and intrusion detection system based on Modbus TCP protocol analysis and "whitelist" policy cannot effectively identify attacks on Modbus controller which exactly take advantage of the configured rules. An Industrial control systems simulation environment is established and a data preprocessing method for Modbus TCP traffic captured is designed to meet the need of anomaly detection module. Furthermore a Modbus function code sequence anomaly detection model based on SVM optimized by PSO method is designed. And the model can effectively identify abnormal Modbus TCP traffic, according to frequency of different short mode sequences in a Modbus code sequence. |
| 产权排序 | 1 |
| 会议录 | 2013 the 3rd International Conference on Communication and Network Security (ICCNS 2013)
 |
| 语种 | 英语 |
| 源URL | [http://ir.sia.cn/handle/173321/13875]  |
| 专题 | 沈阳自动化研究所_工业控制网络与系统研究室 |
| 推荐引用方式 GB/T 7714 | Shang WL,Zhang SS,Wan M. Modbus/TCP Communication Anomaly Detection Based on PSO-SVM[C]. 见:2013 the 3rd International Conference on Communication and Network Security (ICCNS 2013). London, UK. November 16-17, 2013. |
入库方式: OAI收割
来源:沈阳自动化研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。