本文選題：工業(yè)控制網(wǎng)絡(luò) + 流量特性�。� 參考：《北京工業(yè)大學(xué)》2014年碩士論文

【摘要】：隨著工業(yè)化與信息化進(jìn)程的不斷交叉融合，越來越多的信息技術(shù)應(yīng)用到了工業(yè)領(lǐng)域，工業(yè)控制網(wǎng)絡(luò)開始由封閉轉(zhuǎn)向開放，隨之也帶來了很多安全問題�，F(xiàn)有的工業(yè)控制系統(tǒng)安全保障方案的研究主要集中在訪問控制、現(xiàn)場總線安全協(xié)議、組態(tài)軟件安全設(shè)計等方面，但由于工業(yè)控制網(wǎng)絡(luò)與普通IT網(wǎng)絡(luò)的差異性，使很多安全保障方案還遠(yuǎn)不能夠付之于實(shí)際生產(chǎn)過程中。對工業(yè)控制網(wǎng)絡(luò)流量進(jìn)行異常檢測是保障工業(yè)控制系統(tǒng)安全的有效方法之一。本文針對工業(yè)控制網(wǎng)絡(luò)的現(xiàn)狀，將安全監(jiān)測的重點(diǎn)放在工業(yè)控制網(wǎng)絡(luò)上，主要從網(wǎng)絡(luò)流量特性的角度出發(fā)，進(jìn)行相關(guān)研究。 自互聯(lián)網(wǎng)問世以來，對于普通IT網(wǎng)絡(luò)的研究從未間斷，也取得了一定的成果。直觀上來看，工業(yè)控制網(wǎng)絡(luò)的流量特性一定與普通IT網(wǎng)絡(luò)有所不同。目前針對工業(yè)控制網(wǎng)絡(luò)流量特性的研究很少，而且大部分對工業(yè)控制網(wǎng)絡(luò)的研究僅采用網(wǎng)絡(luò)仿真來獲取流量數(shù)據(jù)進(jìn)行分析，這使得結(jié)論和實(shí)際結(jié)果之間可能存在嚴(yán)重偏差。本文通過采集真實(shí)環(huán)境下的基于工業(yè)以太網(wǎng)的工業(yè)控制網(wǎng)絡(luò)流量，將其與普通IT網(wǎng)絡(luò)流量進(jìn)行對比，對其重要特性進(jìn)行詳細(xì)分析，并分析了其與普通IT網(wǎng)絡(luò)流量特性產(chǎn)生差異的原因及其對流量建模的影響，，然后本文提出一種基于乘積季節(jié)ARIMA模型的工業(yè)控制網(wǎng)絡(luò)流量建模方法，用于建立正常的工業(yè)網(wǎng)絡(luò)流量模型，最后本文模擬了Stuxnet攻擊流量，通過乘積季節(jié)ARIMA模型預(yù)測正常流量來對異常流量進(jìn)行檢測，實(shí)驗(yàn)結(jié)果表明，該方法具有較好的檢測效果。
[Abstract]:With the continuous integration of industrialization and information technology, more and more information technology has been applied to the field of industry, and the industrial control network has begun to change from closed to open, which brings a lot of security problems. The current research on the security scheme of industrial control system mainly focuses on access control, fieldbus security protocol, configuration software security design and so on. However, due to the difference between industrial control network and general IT network, So that many safety and security programs can not be paid in the actual production process. Abnormal detection of industrial control network flow is one of the effective methods to ensure the safety of industrial control system. In view of the present situation of industrial control network, this paper focuses on the industrial control network, mainly from the point of view of network traffic characteristics, carries on the related research. Since the advent of the Internet, the study of ordinary IT networks has never been interrupted, and has also achieved certain results. Intuitively, the traffic characteristics of industrial control networks must be different from those of normal IT networks. At present, there are few researches on the traffic characteristics of industrial control networks, and most of the researches on industrial control networks only use network simulation to obtain traffic data for analysis, which may lead to a serious deviation between the conclusions and the actual results. In this paper, the industrial control network traffic based on industrial Ethernet in real environment is collected and compared with that of common IT network, and its important characteristics are analyzed in detail. The reason of the difference between the traffic characteristics of IT network and that of common IT network is analyzed, and the influence on traffic modeling is analyzed. Then, a method of industrial control network traffic modeling based on product seasonal ARIMA model is proposed in this paper. It is used to establish the normal industrial network traffic model. Finally, the Stuxnet attack traffic is simulated in this paper, and the abnormal traffic is detected by the product seasonal ARIMA model. The experimental results show that the method has good detection effect.
【學(xué)位授予單位】：北京工業(yè)大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號】：TP393.06

【共引文獻(xiàn)】

相關(guān)期刊論文 前8條

1 闞津;江偉;;綜合運(yùn)輸體系的短時交通流預(yù)測方法[J];交通建設(shè)與管理;2014年06期

2 麻常輝;馮江霞;蔣哲;武乃虎;呂曉祿;;基于時間序列和神經(jīng)網(wǎng)絡(luò)法的風(fēng)電功率預(yù)測[J];山東大學(xué)學(xué)報(工學(xué)版);2014年01期

3 穆桂脂;;基于AR模型及MLR模型的汽車行駛姿態(tài)預(yù)測[J];山東農(nóng)業(yè)大學(xué)學(xué)報(自然科學(xué)版);2014年02期

4 王曉暉;張粒子;程世軍;劉蘇云;;基于關(guān)聯(lián)節(jié)點(diǎn)的含風(fēng)電系統(tǒng)改進(jìn)多場景隨機(jī)機(jī)組組合模型[J];現(xiàn)代電力;2014年03期

5 楊偉新;王平;;EMD-ICA與SVM在滾動軸承故障診斷中的應(yīng)用[J];噪聲與振動控制;2014年03期

6 王儼剴;馬進(jìn)銳;廖明夫;程勇;;發(fā)動機(jī)振動趨勢預(yù)測模型研究[J];振動.測試與診斷;2014年03期

7 魯曉帆;;基于ARMA模型的校園網(wǎng)網(wǎng)絡(luò)流量預(yù)測模型的分析與研究[J];網(wǎng)絡(luò)安全技術(shù)與應(yīng)用;2014年08期

8 宋筱軒;馮天恒;黃平捷;侯迪波;張光新;;基于動態(tài)數(shù)據(jù)驅(qū)動的突發(fā)水污染事故仿真方法[J];浙江大學(xué)學(xué)報(工學(xué)版);2015年01期

相關(guān)會議論文 前2條

1 楊偉新;王平;;基于EMD-AR與SVM的故障診斷中方法的應(yīng)用研究[A];第11屆全國轉(zhuǎn)子動力學(xué)學(xué)術(shù)討論會（ROTDYN2014）論文集（下冊）[C];2014年

2 劉軍;何國國;岳興蓮;吳碩開;;基于AR模型及MLR模型的汽車姿態(tài)運(yùn)動預(yù)測[A];2009中國汽車工程學(xué)會年會論文集[C];2009年

本文編號：1854677