Search International and National Patent Collections
|1. (WO2018107631) AUTOMATIC ESTABLISHING METHOD AND APPARATUS FOR INTRUSION DETECTION MODEL BASED ON INDUSTRIAL CONTROL NETWORK|
|Applicants:||SHENYANG INSTITUTE OF AUTOMATION,THE CHINESE ACADEMY OF SCIENCES
|Title:||AUTOMATIC ESTABLISHING METHOD AND APPARATUS FOR INTRUSION DETECTION MODEL BASED ON INDUSTRIAL CONTROL NETWORK|
Disclosed is an automatic establishing method of an intrusion detection model based on an industrial control network, comprising: determining whether a first intrusion detection model meets a preset detection requirement, and if not, extracting communication behavior flow data in real time; setting a training data set and a test data set according to the communication behavior flow data; creating an initial intrusion detection model according to the training data set; and testing the initial intrusion detection model using the test data set, and creating a second intrusion detection model meeting a preset detection requirement according to the test result. The detection precision of the second intrusion detection model is high so that an intrusion detection rate of abnormal behaviors is increased, and a false alarm rate and a missing report rate are reduced.