| Industrial control networks,while enjoying the progress,efficiency and benefits brought about by open and interconnected technologies,are also facing increasingly serious security threats.The existing industrial control system in the past in the design,research and development did not fully consider the issue of information security,resulting in many industrial control system,there are many problems.Therefore,the study of intrusion detection system for industrial control network security is of great significance.This article first studied Snort intrusion detection system,analysis of its workflow,plug-in mechanism,rule base.Combined with the special application scenario of industrial control network,the disadvantages of Snort intrusion detection system are analyzed.In this paper,data mining technology K-means algorithm to improve the Snort system.Due to the fact that the traditional K-means algorithm can not fully satisfy the research area,this paper improves the K-means algorithm based on the actual application scenario so that it has better clustering effect,so that the intrusion detection system has lower false positives Rate and false negative rate.Finally,the improved Snort intrusion detection system is applied to the intelligent substation network,and the monitoring,statistics,strategy,report,probe and log module of the intelligent substation network platform are displayed.The intelligent substation safety protection platform realized in this paper realizes the real-time monitoring of the internal flow of the industrial control system based on the requirements of the industrial control system for business continuity and high real-time performance,and alerts and elevates the monitored abnormal events Industrial safety control and incident response capabilities. |
PDF Full Text Request