发明授权
- 专利标题: Anomaly detection to implement security protection of a control system
- 专利标题(中): 异常检测实现控制系统的安全保护
-
申请号: US13365594申请日: 2012-02-03
-
公开(公告)号: US08726085B2公开(公告)日: 2014-05-13
- 发明人: Kazuhito Akiyama , Akira Ohkado , Yukihiko Sohda , Masami Tada , Tadashi Tsumura
- 申请人: Kazuhito Akiyama , Akira Ohkado , Yukihiko Sohda , Masami Tada , Tadashi Tsumura
- 申请人地址: US NY Armonk
- 专利权人: International Business Machines Corporation
- 当前专利权人: International Business Machines Corporation
- 当前专利权人地址: US NY Armonk
- 代理商 Francis Lammes; Stephen J. Walder, Jr.; Jeffrey S. LaBaw
- 优先权: JP2011-028341 20110214
- 主分类号: G06F11/00
- IPC分类号: G06F11/00
摘要:
An anomaly detection mechanism is provided that detects an anomaly in a control network, and includes an identifying unit to receive event information on an event that occurs, and to identify a group including a resource related to the event information by referring to a configuration management database for retaining dependence relationships between processes and resources including a control system; a policy storing unit to store one or more policies each of which associates one or more actions with a condition defining a situation suspected to have an anomaly; an adding unit to acquire group-related information needed for application to the one or more policies, and to add the acquired information to the event information; and a determining unit to apply the event information to the one or more policies and to determine the one or more actions associated with the matched condition as one or more actions to be taken.
公开/授权文献
信息查询
