| With the rapid advancement of technology,the ongoing development of industrial informatization is driving the transformation of industrial control systems by integrating cutting-edge technologies such as industrial internet,artificial intelligence,and cloud computing into various industrial processes,opening the doors of interconnected in production environments that were relatively closed-off in industrial control network.As a result,the industrial control network with relatively blocked production environment opens up the interconnected door,which brings great changes and power to the entire industrial production system,and also makes the industrial control network face the risk of external invasion.Due to the vulnerability and closeness of the industrial control system itself,the software and hardware platforms related to industrial control on the market are difficult to find,which poses challenges in conducting safety research on industrial control system.Because the research on industrial control safety in our country starts late,the relevant technical personnel are scarce.In order to promote the research and development of industrial control safety in China,the main research work of this paper contains two parts as follows:The intrusion sensing range framework of industrial control network: by means of conducting research and analysis of the current industrial control network framework and potential security threats,design an industrial control network topology that can be applied to intrusion and perception;by studying the mechanism of Snort intrusion detection,a range awareness module based on Snort intrusion detection system is designed;utilizing the Openstack open-source cloud platform and Ceph distributed storage system to establish the platform foundation of the range architecture,integrating industrial control simulation software such as Siemens,Scada BR,Open PLC as the industrial control network simulation component of the shooting range perception module,providing technical support for industrial control security research.Verify the feasibility of applying this platform to industrial control safety research through a series of functional and performance tests targeting the shooting range architecture.Snort intrusion perception model based on neural network,which is the main research part of this paper:By conducting relevant research on intrusion detection technology,the Snort open-source intrusion detection system is adopted as the design core of network attack and defense in this shooting range.Through the research of Snort detection mechanism and packet analysis of industrial control network protocol,the expansion of Snort packet detection module is carried out;introducing machine learning related knowledge,the learning rate and network dimensions of the CNN-BiLSTM neural network model were optimized,and the network traffic dataset was used to compare the model with neural network models such as CNN and LSTM,which verified that the model has improved the detection performance,and the detection rate for new network attacks is nearly 63%,improving the ability to respond to unknown network risks.The original pattern matching algorithm of Snort is compared and analyzed with other algorithms,and a novel optimization algorithm is proposed according to its shortcomings,aiming to improve the detection quality of the original method by increasing the moving step size and reducing the number of matching times.Through string matching-related comparison experiments,it is found that the matching efficiency of the new algorithm is improved by about 60% compared with the original algorithm.After that,the optimization algorithm and neural network model are integrated into Snort system to form the intrusion perception model of industrial control network range,and intrusion-aware tests were conducted on the perception model in the network range to verify that the new model has the intrusion perception analysis function of data packets in the industrial control scenarios. |
PDF Full Text Request