There are the characteristics of diverse types and forms of abnormal traffic,difficult feature extraction,and poor effec-tiveness of abnormal intrusion detection in train communication networks.Therefore,a train communication network abnormal intru-sion detection system based on bidirectional AC algorithm is designed.The collection layer utilizes a network data collector to collect train communication network information within the train communication network;The storage layer stores the collected information through the distributed storage,columnar storage,and structured storage methods;The analysis layer utilizes a protocol parsing module to parse the information and obtain the information that meets the specifications.Among them,the deep packet filtering mod-ule applies a whitelist technology to filter the compliant information and extract the key information;The intrusion feature pattern ex-traction module can extract abnormal intrusion feature patterns from the key information;The feature pattern matching module utili-zes the bidirectional AC algorithm to automatically match the extracted feature patterns with the feature patterns in the intrusion fea-ture pattern library;The intrusion response module completes abnormal intrusion detection in the train communication network by an-alyzing the automatic matching results.The visualization layer presents anomaly intrusion detection results in the form of visual re-ports.Experimental results show that the system can effectively collect train communication network information and extract abnor-mal intrusion feature patterns.The system can quickly and automatically match abnormal intrusion feature patterns,with a high accu-racy of abnormal intrusion detection.
bidirectional AC algorithmtrain communication networkabnormal intrusiondetection systemcollectorprotocol parsing
NETL
NSTL
万方数据
