基于SDN和集成学习的工业控制网络安全防护系统

Industrial control network security protection system based on SDN and integrated learning

针对工业控制网络通信信息安全与稳定问题,设计一种基于SDN和集成学习的工业控制网络安全防护系统。该系统采用SDN技术,分为物理层、现场层、转发层、控制层和应用层等5个层次。物理层包含现场终端设备;现场层通过控制模块与操作员站实现对现场终端的控制;转发层使用SDN交换机进行通信数据传输,并将数据镜像传输至应用层进行安全分析;控制层中的SDN控制器管理和控制SDN交换机,并执行应用层下发的安全防护策略;应用层利用集成学习算法对工业控制网络进行入侵行为检测,通过安全响应模块分析入侵信息并选择相应的防御机制。实验结果表明,所设计系统满足工业控制网络通信的实时性要求,能准确地实施入侵检测,从而保障工业控制网络的安全性和正常通信。

In allusion to the problem of communication information security and stability in industrial control networks,an industrial control network security protection system based on SDN and ensemble learning is designed.The SDN technology is applied in the system,and the system is divided into physical layer,field layer,forwarding layer,control layer,and application layer.The physical layer includes on-site terminal devices.The on-site layer can control the on-site terminal by means of control modules and operator stations.In the forwarding layer,the SDN switch is used for the communication data transmission and to mirror the data to the application layer for the security analysis.The SDN controller in the control layer is used to manage and control the SDN switch,and execute the security protection policies issued by the application layer.In the application layer,the integrated learning algorithm is used to detect intrusion behavior in industrial control networks,and the security response module is used to analyze intrusion information and select corresponding defense mechanisms.The experimental results demonstrate that the designed system can meet the real-time requirements of industrial control network communication and can accurately implement intrusion detection,thereby ensuring the security and normal communication of the industrial control network.