A Study of Malicious Code Detection Technology Based on Large-scale Industrial Networks
The approaches to industrial control system(ICS)network security are mainly based on firewalls,data diodes and other intrusion prevention methods at present,and these may not be sufficient to address the growing network threats from ac-tive attackers.In order to improve the network security of ICS,a malicious code detection method based on behavior feature a-nalysis is proposed,which comprehensively utilizes network traffic data,host system data,and measured process parameters to achieve accurate detection of malicious code.This paper analyzes the service characteristics and network topology of ICS in de-tail,and analyzes the network attack technology against ICS.The proposed method extracts the original log information and traffic information of ICS,and uses the malicious code detection method based on the integration of spatial analysis and tempo-ral analysis to detect the anomaly of ICS behavior data.Practice shows that the method proposed in this paper can effectively find malicious code attacks hidden in the network.
industrial control systemmalicious code detectionspatial analysistime analysis
万方数据
维普
