Research On Application Of Heterogeneous Information Fusion Technology In CPS Environment

Cyber-physical system(CPS)is an intelligent system formed by a highly int egrated interaction of computing units and physical objects in a network environ ment.Security and security monitoring issues are the key to its normal operation.With the development of technology,long-term latency,good at camouflage,and mixed attacks represented by Stuxnet attacks have made it more and more diffi cult to conduct security monitoring in a single dimension.It is necessary to expa nd the material from different dimensions of time and space through multi-source information fusion,so as to better identify the attack event.The on-site environment of the physical information fusion system consists o f on-site personnel,physical equipment and information systems.CPS has unique characteristics such as heterogeneous heterogeneity,time and space constraints,an d domain correlation,which make it difficult to use information fusion methods for security monitoring.There is no set of models that can integrate and analyze all the security information associated with on-site personnel,physical equipmen t,and information systems.Therefore,this article hopes to build such a model t hat can make full use of all kinds of security-related information in the CPS en vironment,so that the security risks of the system can be monitored more compr ehensively and effectively.Because the abnormalities or security issues in the system cannot be general ized,it needs to be analyzed at different levels and categories.Therefore,this ar ticle first classified and modeled the multi-source heterogeneous security monitori ng equipment or software in the CPS environment.In addition,the application s cenarios of the Intrusion Detection Message Exchange Format(IDMEF)are expa nded to unify the format of heterogeneous alarm information.Then proposed the Multi-level abstract model of abnormal events(MLAMOAE).The model divides abnormal events at multiple levels and is used to guide the fusion analysis of he terogeneous alarm information.It is used to divide security monitoring problems into two types of problems: "Is there an exception?" and "What kind of anomal y?" Recognize and solve problems more clearly.Based on this set of models,a set of abnormal risk assessment process is d esigned to map the questions of "whether there is an abnormality" and "what ki nd of abnormality" to the recognition framework of D-S theory,forming two diff erent evaluation methods and output formats.It also stipulates how to convert be tween these two evaluation methods.In order to realize the abnormal risk assessment process in the CPS environ ment,a multi-level fusion model of heterogeneous information(MLFM)was prop osed and the effect of the model was verified through simulation experiments.T he model comprehensively analyzes information from different time and space di mensions through the method of multi-source heterogeneous information fusion,a nd realizes multi-dimensional and multi-level assessment and detection of system security risks.The decision-level fusion D-S evidence theory is adopted to realiz e the fusion judgment of heterogeneous information,which ensures the versatility and scalability of the model,and can easily add or remove new information so urces into the fusion model.