Title:
DISTRIBUTED TRAIN CONTROL NETWORK INTRUSION DETECTION METHOD, SYSTEM, AND STORAGE MEDIUM
Document Type and Number:
WIPO Patent Application WO/2023/065712
Kind Code:
A1
Abstract:
A distributed train control network intrusion detection method, a system, and a storage medium. The method comprises: capturing, in real time, all TRDP messages passing through a switch, and performing protocol identification and analysis on all the TRDP messages; performing compliance detection on fields of the analyzed messages according to a detection rule base to obtain compliance messages; performing feature extraction on a historical database composed of the compliance messages and then taking the historical database as input of a neural network, training the neural network, and obtaining an anomaly detection model; and for new train control network data, marking anomaly data flow of the train control network by using the anomaly detection model and generating corresponding alarm information. Known-type attacks and unknown-type attacks of the train control network can be detected, computing resource constraints of a vehicle-mounted network management switch and the real-time requirement for detection of the known-type attacks can be met, and the capacity of detecting the unknown-type attacks by means of message flow features and application data is also achieved; the detection real-time performance and accuracy are greatly improved.
Inventors:
LUO XIANGUANG (CN)
QIN YUANQING (CN)
LI WEI (CN)
TU HAO (CN)
ZENG JUN (CN)
ZHANG YANG (CN)
PENG SIWEI (CN)
YANG XIAOBO (CN)
QIN YUANQING (CN)
LI WEI (CN)
TU HAO (CN)
ZENG JUN (CN)
ZHANG YANG (CN)
PENG SIWEI (CN)
YANG XIAOBO (CN)
Application Number:
PCT/CN2022/102197
Publication Date:
April 27, 2023
Filing Date:
June 29, 2022
Export Citation:
Assignee:
CRRC ZHUZHOU LOCOMOTIVE CO LTD (CN)
International Classes:
H04L9/40; B61L15/00; H04L67/12; H04L69/22
Foreign References:
CN113904862A | 2022-01-07 | |||
CN111431864A | 2020-07-17 | |||
CN112887304A | 2021-06-01 | |||
CN112019478A | 2020-12-01 |
Other References:
"Master's Thesis", 22 May 2020, HUAZHONG UNIVERSITY OF SCIENCE AND TECHNOLOGY, CN, article XU, HAO: "Design and Implementation of Intrusion Detection System for Train Communication Network", pages: 1 - 68, XP009545135, DOI: 10.27157/d.cnki.ghzku.2020.001180
"Master's Thesis", 1 May 2019, HUAZHONG UNIVERSITY OF SCIENCE AND TECHNOLOGY, CN, article FEI, LI: "Design and Implementation of Train Communication Network Intrusion Detection System Based on Deep Packet Inspection", pages: 1 - 69, XP009545134
"Master's Thesis", 1 May 2019, HUAZHONG UNIVERSITY OF SCIENCE AND TECHNOLOGY, CN, article FEI, LI: "Design and Implementation of Train Communication Network Intrusion Detection System Based on Deep Packet Inspection", pages: 1 - 69, XP009545134
Attorney, Agent or Firm:
CHANGSHA ZONEKEY PATENT LAW FIRM (CN)
Download PDF:
Previous Patent: APPARATUS FOR REPAIRING NETTING OF DEEP-WATER NET CAGE
Next Patent: VERTICAL INDWELLING NEEDLE ASSEMBLY AND BASE STRUCTURE THEREOF
Next Patent: VERTICAL INDWELLING NEEDLE ASSEMBLY AND BASE STRUCTURE THEREOF