-
公开(公告)号:US11456950B2
公开(公告)日:2022-09-27
申请号:US17041530
申请日:2019-12-19
IPC: H04L12/725 , H04L45/302 , H04L12/46 , H04L45/74
Abstract: The present invention discloses a data forwarding unit based on a Handle identifier, comprising a dynamic configuration module, a Handle identifier data identification module and a matching-forwarding module. The system of the present invention is applied to network devices such as switches and routers, and supports dynamic configuration of data packet analysis, matching and forwarding rules through data interaction with network systems such as SDN managers, so that the network devices can identify data packets based on the Handle identifier and perform the specified operation on the designated data packets with the Handle identifier according to the rules of dynamic configuration.
-
公开(公告)号:US11134064B2
公开(公告)日:2021-09-28
申请号:US16316290
申请日:2018-06-07
Inventor: Xianda Liu , Tianyu Wang , Jianming Zhao , Bowen Zhang , Peng Zeng , Haibin Yu
Abstract: The present invention relates to a network guard unit for an industrial embedded system and a guard method. The specific method is to form the network guard unit (NGU) through security technologies, such as integrated access control, identity authentication and communication data encryption, to provide active guard for a site control device. The NGU comprises an access control module, an identity authentication module, a data encryption module, a key negotiation module and a PCIE communication module, and supports the communication modes of dual network cards and PCIE bus. The present invention builds a secure and trusted operating environment for industrial control systems in combination with an active guard technical means in the field of information security on the basis of ensuring the correctness and the feasibility of security of various terminal devices in the industrial control systems.
-
3.发明授权公开(公告)号:US10261502B2
公开(公告)日:2019-04-16
申请号:US15527208
申请日:2014-12-30
Inventor: Wenli Shang , Jianming Zhao , Ming Wan , Peng Zeng , Haibin Yu
IPC: H04L29/06 , G05B19/418 , H04L12/40
Abstract: Proposed is an anomaly detection method for communication behaviors in an industrial control system based on an OCSVM algorithm. According to the present invention, a normal behavior profile model and an abnormal behavior profile model, i.e. a dual-outline model, of communication behaviors in an industrial control system are established, parameter optimization is performed by means of a particle swarm optimization (PSO) algorithm, an optimal intrusion detection model is obtained, and abnormal Modbus TCP communication traffic is identified. According to the present invention, the false alarm rate is reduced by means of cooperative discrimination of the dual-outline detection model, the efficiency and reliability of anomaly detection are improved, and the method is more applicable to practical applications.
-
4.发明授权公开(公告)号:US09838070B1
公开(公告)日:2017-12-05
申请号:US15527955
申请日:2014-12-22
Inventor: Wei Liang , Haibin Yu , Bo Yang , Xiaoling Zhang
CPC classification number: H04B1/713 , H04B1/405 , H04B1/7143 , H04B2001/1045 , H04W16/02 , H04W72/0426 , H04W72/12
Abstract: The present invention relates to wireless network technology and presents a permutation group-based channel rendezvous method for a multi-antenna cognitive radio network, allowing a cognitive user equipped with multiple antennas to achieve blind channel rendezvous without the need for clock synchronisation. The present invention defines channel hopping sequences whilst making full use of properties such as channel diversity, the closure nature of permutation groups, and multi-antenna concurrency; based on the permutation groups obtained by rotating a regular polyhedron or a regular polygon around different angles according to different types of axes of symmetry, cyclical splicing is implemented, and different antennas can, according to different rules, independently generate hopping sequences and switching channels; the sequence generating methods are various and flexible; the use of parallel search ensures that deterministic rendezvous with other cognitive users is achieved as quickly as possible and as much as possible in a limited time; and the present method is a highly efficient blind channel rendezvous method having wide applicability and suitable for use in large-scale wireless networks.
-
公开(公告)号:US11102226B2
公开(公告)日:2021-08-24
申请号:US16317493
申请日:2018-05-07
Inventor: Haibin Yu , Peng Zeng , Jianming Zhao , Xianda Liu , Chunyu Chen , Tianyu Wang
Abstract: The present invention relates to a dynamic security method and system based on multi-fusion linkage response. In the method, a site control device conducts active response and passive response through identity authentication and key management to give an alarm for abnormal behaviors. The system comprises an access authentication active response module, an access control active response module, an access control passive response module, an abnormal pretending passive response module, a key vulnerability passive response module and an abnormal state passive response mechanism module. On the basis of ensuring validity and feasibility for the security of a terminal device, the present invention can build a secure and trusted industrial control system operating environment.
-
Patent Agency Ranking
公开(公告)号:US11093258B2
公开(公告)日:2021-08-17
申请号:US15572624
申请日:2017-03-14
Inventor: Jianming Zhao , Xianda Liu , Tianyu Wang , Bowen Zhang , Chunyu Chen , Peng Zeng , Haibin Yu
IPC: G06F9/4401 , G06F8/61 , G05B19/042 , G06F9/445 , G06F21/57 , G05B19/05
Abstract: The present invention discloses a method for trusted booting of PLC based on a measurement mechanism, comprising the following steps: a step of initializing self firmware verification; a step of reading and computing firmware information about a PLC; a step of checking and storing one by one; and a step of verifying at the operation start stage. In the method of the present invention, a chip with a trusted function is used as a core of hardware computation. The PLC extends a Flash bus for loading by hardware of the method of the present invention. The hardware of the method of the present invention recognizes necessary boot information, verifies the integrity of the boot loader necessary for the PLC system through the integrity check method and ensures that the booted PLC system is in a trusted state. On the basis of ensuring validity and feasibility for the safety of a terminal device, the present invention can build a safe and trusted industrial control system operating environment.
-
公开(公告)号:US10694388B2
公开(公告)日:2020-06-23
申请号:US16073023
申请日:2017-05-18
Inventor: Wei Liang , Haibin Yu , Bo Yang , Meng Zheng , Shiwei Peng , Shiming Li
IPC: H04W16/10 , H04B1/713 , H04W16/14 , H04B1/7156
Abstract: The present invention relates to a Torus-Quorum based channel rendezvous method for directional antennas. A pair of directional antennas facing any side initially points to the other party mutually in one Torus-Quorum system cycle through a rotation closure attribute of a Torus-Quorum system; and a receiver and a sender switch to a same available channel according to frequency hopping sequences to realize channel rendezvous. In the Torus-Quorum based channel rendezvous method for directional antennas proposed in the present invention, the directional antennas are rotated based on the Torus-Quorum, and elements are ensured to coincide with each other within limited time through the rotation closure attribute of the Torus-Quorum system, i.e., directions are opposite, thereby effectively shortening channel rendezvous time of the directional antennas.
-
8.发明授权公开(公告)号:US12035380B2
公开(公告)日:2024-07-09
申请号:US17296509
申请日:2020-12-25
Inventor: Haibin Yu , Xiaoyu Liu , Chi Xu , Peng Zeng , Xi Jin , Changqing Xia
CPC classification number: H04W74/0875 , G06N3/045 , H04L5/003 , H04W74/002
Abstract: An industrial 5G dynamic multi-priority multi-access method based on deep reinforcement learning includes the following steps: establishing an industrial 5G network model; establishing a dynamic multi-priority multi-channel access neural network model based on deep reinforcement learning; collecting state, action and reward information of multiple time slots of all industrial 5G terminals in the industrial 5G network as training data; training the neural network model by using the collected data until the packet loss ratio and end-to-end latency meet industrial communication requirements; collecting the state information of all the industrial 5G terminals in the industrial 5G network at the current time slot as the input of the neural network model; conducting multi-priority channel allocation; and conducting multi-access by the industrial 5G terminals according to a channel allocation result. The method allocates multiple channels to the industrial 5G terminals of different priorities in the industrial 5G network in real time to ensure large-scale concurrent access.
-
公开(公告)号:US11132468B2
公开(公告)日:2021-09-28
申请号:US16316205
申请日:2018-06-07
Inventor: Haibin Yu , Peng Zeng , Xianda Liu , Jianming Zhao , Tianyu Wang , Bowen Zhang
Abstract: The present invention relates to a security processing unit of PLC and a bus arbitration method thereof, to provide PLC with an active defense means to build a PLC hardware and software security layer. On a hardware security layer, a part of hardware processing mechanism is added to support trusted measurement, encryption algorithms and signature algorithms, and a virtual isolation technology is used; and on a software security layer, transparent encryption and decryption, integrity verification, backup recovery and virtual isolation security mechanism are provided. The security processing aspect is improved to achieve the purpose of security and reliability. The present invention can correctly establish a trusted environment of PLC to ensure that PLC is guided by a strictly verified path. A new star type trusted structure is designed to reduce loss during information transmission and increase information transmission efficiency.
-
10.发明申请公开(公告)号:US20170339572A1
公开(公告)日:2017-11-23
申请号:US15527244
申请日:2014-12-11
Inventor: Wei LIANG , Haibin Yu , Chaofan MA , Xiaoling ZHANG
CPC classification number: H04W16/20 , G01S5/0252 , G01S5/0278 , H04W16/18
Abstract: The present invention relates to a robust coverage method for relay nodes in a double-layer structure wireless sensor network. The present invention is a local search based relay node 2-coverage deployment algorithm which, by means of reducing the global deployment problem to a local deployment problem, achieves optimal deployment whilst ensuring robustness. The method specifically comprises two steps: first 1-coverage and second 1-coverage, wherein the first 1-coverage comprises the three steps of construction of relay node candidate deployment locations, grouping of sensor nodes and local deployment of relay nodes, wherein the sensor nodes are grouped by means of a novel grouping method, and the complexity of the algorithm is reduced whilst ensuring optimal deployment. The second 1-coverage adjusts a threshold, selects from every group the sensor nodes covered by just one relay node, and uses a 1-coverage method to re-implement 1-coverage of the sensor nodes, thereby ensuring robustness, reducing the number of relay nodes deployed, and shortening the problem-saving time.
-
-
-
-
-
-
-
-
-
Search Results
11
records
(took 0.018 seconds)
