CN115776415B - Intelligent management system and method for gateway equipment based on industrial protocol - Google Patents
Intelligent management system and method for gateway equipment based on industrial protocol Download PDFInfo
- Publication number
- CN115776415B CN115776415B CN202310105860.0A CN202310105860A CN115776415B CN 115776415 B CN115776415 B CN 115776415B CN 202310105860 A CN202310105860 A CN 202310105860A CN 115776415 B CN115776415 B CN 115776415B
- Authority
- CN
- China
- Prior art keywords
- data
- unit
- monitoring
- database
- prediction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 25
- 238000012544 monitoring process Methods 0.000 claims abstract description 94
- 230000005540 biological transmission Effects 0.000 claims abstract description 72
- 238000007726 management method Methods 0.000 claims abstract description 33
- 238000004458 analytical method Methods 0.000 claims abstract description 26
- 238000012545 processing Methods 0.000 claims abstract description 7
- 238000004519 manufacturing process Methods 0.000 claims description 15
- 238000010219 correlation analysis Methods 0.000 claims description 11
- 238000002955 isolation Methods 0.000 claims description 11
- 238000007405 data analysis Methods 0.000 claims description 9
- 239000000872 buffer Substances 0.000 claims description 8
- 238000012163 sequencing technique Methods 0.000 claims description 7
- 238000004364 calculation method Methods 0.000 claims description 6
- 238000012216 screening Methods 0.000 claims description 6
- 230000001360 synchronised effect Effects 0.000 claims description 6
- 238000001514 detection method Methods 0.000 claims description 5
- 238000005516 engineering process Methods 0.000 claims description 5
- 238000013480 data collection Methods 0.000 claims description 4
- 238000005065 mining Methods 0.000 claims description 4
- 238000002360 preparation method Methods 0.000 claims description 4
- 230000003139 buffering effect Effects 0.000 claims description 3
- 238000009776 industrial production Methods 0.000 description 4
- 238000013524 data verification Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000003860 storage Methods 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000012098 association analyses Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 239000000969 carrier Substances 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses an intelligent management system and method for network gate equipment based on an industrial protocol, wherein the management method comprises the following steps: s1: acquiring real-time state data of the gatekeeper equipment through a data monitoring module; s2: the method comprises the steps of monitoring transmission data of the network gate equipment through a data acquisition module, and collecting related data; s3: analyzing the data acquired by the S1 and the S2 through an analysis and prediction module, and predicting output data at two ends of data exchange through the gateway equipment; s4: according to the prediction result, managing the corresponding area of the network gate equipment through a data regulation and control module; by monitoring the real-time running state of the network gate equipment, the synchronism of the data of the two parties is ensured, and the safe running of the network gate equipment is ensured; output data at two ends of data exchange are predicted through the gateway equipment, so that the processing time from receiving an instruction to finishing data transmission of the gateway equipment is shortened, and the data transmission speed of the gateway equipment is improved.
Description
Technical Field
The invention relates to the technical field of intelligent management of network gate equipment, in particular to an intelligent management system and method of network gate equipment based on an industrial protocol.
Background
The gateway is also called an information exchange and safety isolation system, is used for realizing safety isolation between networks with different safety levels, is enterprise-level information safety protection equipment with high safety, ensures that attacks lose carriers by blocking communication connection, provides a software and hardware system with moderate safety for data exchange, provides higher-level safety protection capability for the information network, isolates network safety threats with harm, ensures that data information can be safely interacted in a trusted network, realizes safety isolation between networks with different safety levels while completing data exchange, greatly enhances the anti-attack capability of the information network, and effectively prevents occurrence of information leakage events.
With the development of the age, the connection of the industrial production network and the Internet makes the industrial production network face to the potential threat from the vast Internet, and realizes the data exchange between the industrial production network and the Internet while carrying out physical isolation through a gatekeeper technology; however, when the data in the industrial production network is complex, the data is transmitted unidirectionally through the ferry switch when the network gate exchanges the data through the transmission file, the process of sequentially connecting the data buffers of the two networks to read the data and writing the data into the buffer corresponding to the target network is performed, the prior art cannot perform intelligent management on the network gate equipment in real time according to the actual running condition of the network gate equipment, and the risk of delay of data transmission and untimely synchronization of the database exists.
Therefore, there is a need for a gateway device intelligent management system and method based on industrial protocol to solve the above problems.
Disclosure of Invention
The invention aims to provide an intelligent management system and method for network gate equipment based on an industrial protocol, which are used for solving the problems in the background technology.
In order to solve the technical problems, the invention provides the following technical scheme: an intelligent management system for gatekeeper devices based on an industrial protocol, said system comprising: the system comprises a network gate equipment monitoring module, a data acquisition module, an analysis and prediction module, a data regulation and control module and a database;
the monitoring module of the network gate equipment is used for monitoring the real-time running state of the network gate equipment and obtaining the related data of the network gate state; the working state information of the production network and the external network equipment is included; judging the safe operation condition of the gatekeeper equipment; safety detection of the gatekeeper equipment improves the protection of the industrial network;
the data acquisition module is used for acquiring transmission data of the gateway equipment;
the analysis and prediction module is used for analyzing the acquired transmission data, performing relevance analysis on other data in the database according to the current transmission data, and predicting output data in the database through a big data technology;
the data regulation and control module is used for intelligently managing related data in the database according to analysis and prediction results, sequencing the queues according to the association degree and carrying out reading buffering in advance;
the database comprises a production network database and an external network database.
Further, the gateway equipment monitoring module comprises a gateway switch monitoring unit, a database monitoring unit, a user authority monitoring unit and a gateway system monitoring unit;
the grid switch monitoring unit is used for monitoring the grid interface and the isolation switch; the database monitoring unit is used for monitoring the production network database and the external network database, including database synchronization conditions, checking the database, and judging the database synchronization conditions; the user authority monitoring unit is used for carrying out authentication detection on a user sending out a data exchange request and judging the user authority; the gatekeeper system monitoring unit is used for monitoring the gatekeeper system and comprises a system log and system configuration.
Further, the data acquisition module comprises a transmission monitoring unit and a data acquisition unit;
the transmission monitoring unit is used for monitoring real-time data transmitted through the network gate;
the data acquisition unit is used for acquiring the monitored relevant data of the transmission data.
Further, the analysis and prediction module comprises a data analysis unit and a data prediction unit;
the data analysis unit is used for carrying out relevance analysis on other data in the database according to the related data acquired by the data acquisition unit; the data prediction unit is used for carrying out output prediction on other data in the database according to the correlation analysis result of the data analysis unit.
Further, the data regulation and control module comprises an intelligent regulation and control unit, a queue management unit and a data updating unit;
the intelligent regulation and control unit is used for controlling the network gate equipment according to the monitoring data of the data monitoring module;
the queue management unit is used for sequencing predicted output data according to the prediction result of the data prediction unit and inputting the queue into the data buffer area;
the data updating unit is used for tracking the actual output result of the prediction output, and updating the related data in the analysis prediction module according to the actual output result so as to improve the accuracy of the prediction.
An intelligent management method for network gate equipment based on an industrial protocol comprises the following steps:
s1: acquiring real-time state data of the gatekeeper equipment through a data monitoring module;
s2: the method comprises the steps of monitoring transmission data of the network gate equipment through a data acquisition module, and collecting related data;
s3: analyzing the data acquired by the S1 and the S2 through an analysis and prediction module, and predicting output data at two ends of data exchange through the gateway equipment;
s4: and managing the corresponding area of the network gate equipment through the data regulation and control module according to the prediction result.
Further, in step S1, the connection state of the gateway interface and the isolation switch is monitored by the gateway switch monitoring unit, so as to obtain the actual state of the gateway switch; when the switch of the net gate is monitored to be in an on state, the intelligent management system of the net gate equipment is operated; so as to confirm whether the network states of the two network gates are smooth or not and reduce the occupation of limited resources in idle time;
monitoring the synchronous condition of the production network database and the external network database by a database monitoring unit so as to prevent production loss caused by asynchronous databases; performing data verification on the database, and judging the synchronization condition of the database; when the data of the databases of the two parties are not synchronous, the system sends out corresponding instructions through the intelligent regulation and control unit to synchronously update the databases;
judging a user side sending a data exchange request through a user authority monitoring unit, checking user authority and obtaining user information; according to the acquired user tag, historical operation data of the user on the gatekeeper system can be checked; and monitoring the configuration and log record of the gatekeeper system through a gatekeeper system monitoring unit to acquire historical operation data of the gatekeeper system.
Further, in step S2, the transmission monitoring unit monitors the transmission data of the gatekeeper device, and the data acquisition unit performs related data acquisition on the monitored transmission data to acquire a data set a of the current transmission data, where the data set a includes { a } 1 ,A 2 ,...,A n (wherein A) 1 ,A 2 ,...,A n Respectively representing the 1 st, 2 nd, n data items in the data set a of the currently transmitted data.
Further, in step S3, the correlation analysis is performed on the data acquired in step S1 and step S2, and the process of predicting the output data specifically includes:
s3-1: the user information data and the historical operation data of the gatekeeper system obtained in the step S1 are arranged, and a transaction data set W corresponding to the user h is established h The W is h Include { w } 1 ,w 2 ,...,w m W, where 1 ,w 2 ,...,w m Data sets W respectively representing users h h In 1, 2., m, wherein one transaction represents a historical usage data record of a user for the gatekeeper system;
s3-2: for transactional data collection W h Mining to obtain a frequent item set L, wherein the L comprises { L } 1 ,L 2 ,...,L z }, wherein L 1 ,L 2 ,...,L z Represents the 1 st, 2 nd, z th frequent items in the frequent item set L, respectively;
the frequent item set in step S3-2 is obtained by constructing the FP-tree, and when constructing the FP-tree, the frequent item set is deleted to reduce the storage space and the calculation amount, and the specific steps include:
p1: scanning the transaction data set, customizing the minimum support degree of data items, and deleting items smaller than the minimum support degree;
wherein the support is the frequency of occurrence of the data item in the transaction dataset;
p2: ordering items in the data set after the first screening based on the support descending order;
p3: performing secondary scanning, and constructing a tree structure according to the ordering result of P2, wherein the root node is null;
p4: searching a conditional mode base from bottom to top from a leaf node of the tree, recursively calling the tree structure, and deleting items smaller than the minimum support degree;
p5: repeatedly executing P4 until the tree structure only contains a single path, and enumerating all path combinations to obtain a frequent item set;
s3-3: according to the frequent item set L about the user h obtained in the step S3-2, analyzing to obtain a corresponding association rule, wherein the specific steps comprise:
s3-3-1: the current transmission data set A is calculated according to the following formula i With other data sets B in frequent item set L q Support degree S (A) i B q ):
Support degree S (A) i B q ) =contain a i And B q The total number of aggregate records/aggregate record count; namely:
S(A i B q )=P(A i ∪B q );
wherein A is i ∈A,A i Any data set composed of any data item in the data set A representing the current transmission data; b (B) q ∈L,B q Any data set representing any data item composition within frequent item set L; p () represents a proportional operation on the data in brackets;
s3-3-2: computing the currently transmitted data set A i With other data sets B in frequent item set L q Confidence C (A) i B q ) Wherein the confidence level C (A i B q ) =contain a i And comprises B q Aggregate record count/include a i Is a collection record number of (a); namely:
C(A i B q )=P(B q |A i );
s3-3-3: setting association rule parameters according to the calculation results in the two steps S3-3-1 and S3-3-2, and establishing association rules between two data sets, namely minimum support degree S min And minimum confidence C min ;
S3-3-4: computing the currently transmitted data set A i With other data sets B in frequent item set L q Degree of elevation T (A) i B q ) Wherein the degree of elevation T (A i B q ) Transmission data a i With other data sets B in frequent item set L q Confidence/frequency of other data sets B in the frequent item set L q Is a support degree of (2); namely:
T(A i B q )=P(B q |A i )/P(B q );
obtaining a current transmission data set A by calculating the lifting degree i With other data sets B in frequent item set L q According to the correlation analysis result of (1), the operator sets the lifting degree threshold t in a self-defined way according to the actual condition, and when the lifting degree is higher than the lifting degree>At t, consider A i And B q Screening and adding the data item sets meeting the association requirement into the candidate area with the association;
s3-4: according to the association rule in S3-3, sorting the data item sets in the candidate region by a queue management unit, and sorting from high to low according to the lifting degree value of each data item set to obtain a queue D η η represents the number of sets of data items in the queue; queue D η To transmit data set A according to the current i The predicted target data set in the database to be invoked by user h.
Wherein for queue D η The length of the queue can be set in a self-defined way;
further, in step S4, according to the prediction result of step S3, the target queue D after the sorting process is performed by the intelligent regulation unit η Outputting, namely inputting the queue into a data buffer area of a corresponding network for queuing preparation; so as to reduce the processing time from receiving the instruction to finishing the data transmission of the gateway equipment and improve the data transmission speed of the gateway equipment;
the actual output result of the prediction output is tracked through the data updating unit, the transaction data set W corresponding to each user is updated according to the actual output result, and the historical use data record of the user for the gatekeeper system is increased, so that the accuracy of the prediction is improved.
Wherein the data updating unit is used for transmitting the data set A currently according to the tracked calling operation of the user to the database i The updating is performed, i.e. the correlation analysis is performed on the new data set, and further the output queue is updated.
Compared with the prior art, the invention has the following beneficial effects:
the invention realizes the data exchange between the production network and the external network on the basis of ensuring the safety isolation, effectively prevents information leakage and malicious attack, supports various mainstream industrial protocols, can carry out safety detection on the industrial protocols, and improves the protection of the industrial network; by monitoring the real-time running state of the network gate equipment, when the network gate equipment is abnormal, a worker can receive early warning prompt in time, so that the safe and reliable running of the network gate equipment is ensured; predicting output data of two ends for data exchange through the gateway equipment according to the actual running state of the gateway equipment; and managing the corresponding area of the gateway equipment through the data regulation and control module according to the prediction result so as to reduce the processing time from receiving the data transmission instruction to finishing the data transmission of the gateway equipment and improve the data transmission speed of the gateway equipment.
Drawings
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate the invention and together with the embodiments of the invention, serve to explain the invention. In the drawings:
FIG. 1 is a schematic block diagram of a system and method for intelligent management of gatekeeper devices based on an industrial protocol according to the present invention;
fig. 2 is a flow chart of a method of the intelligent management system and method of the gateway device based on the industrial protocol of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1 and 2, the present invention provides the following technical solutions: an intelligent management system for gatekeeper devices based on an industrial protocol, said system comprising: the system comprises a network gate equipment monitoring module, a data acquisition module, an analysis and prediction module, a data regulation and control module and a database;
the network gate equipment monitoring module is used for monitoring the real-time running state of the network gate equipment and obtaining the related data of the network gate state through monitoring; the working state information of the production network and the external network equipment is included; judging the safe operation condition of the gatekeeper equipment; the gateway equipment monitoring module comprises a gateway switch monitoring unit, a database monitoring unit, a user authority monitoring unit and a gateway system monitoring unit;
the network gate switch monitoring unit is used for monitoring the network gate interface and the isolation switch; the database monitoring unit is used for monitoring the production network database and the external network database, including database synchronization conditions, and judging database synchronization conditions by performing data verification on the database, such as correlation field value verification and the like; the user authority monitoring unit is used for carrying out authentication detection on a user sending out a data exchange request and judging the user authority; the gatekeeper system monitoring unit is used for monitoring the gatekeeper system and comprises a system log and system configuration.
The data acquisition module is used for acquiring transmission data of the gateway equipment; the data acquisition module comprises a transmission monitoring unit and a data acquisition unit; the transmission monitoring unit is used for monitoring real-time data transmitted through the network gate; the data acquisition unit is used for acquiring the monitored relevant data of the transmission data.
The analysis and prediction module is used for analyzing the acquired transmission data, performing relevance analysis on other data in the database according to the current transmission data, and predicting output data in the database through a big data technology; the analysis and prediction module comprises a data analysis unit and a data prediction unit;
the data analysis unit is used for carrying out relevance analysis on other data in the database according to the related data acquired by the data acquisition unit; the data prediction unit is used for carrying out output prediction on other data in the database according to the correlation analysis result of the data analysis unit.
The data regulation and control module is used for intelligently managing related data in the database according to analysis and prediction results, sequencing the queues according to the association degree and reading and buffering in advance; the data regulation and control module comprises an intelligent regulation and control unit, a queue management unit and a data updating unit;
the intelligent regulation and control unit is used for controlling the network gate equipment according to the monitoring data of the data monitoring module; the queue management unit is used for sequencing the predicted output data according to the predicted result of the data prediction unit and inputting the queue into the data buffer area; the data updating unit is used for tracking the actual output result of the prediction output, and updating the related data in the analysis prediction module according to the actual output result so as to improve the accuracy of the prediction.
The database comprises a production network database and an external network database.
An intelligent management method for network gate equipment based on an industrial protocol comprises the following steps:
s1: acquiring real-time state data of the gatekeeper equipment through a data monitoring module;
in step S1, the connection state of a gateway interface and an isolation switch is monitored by a gateway switch monitoring unit, and the actual state of the gateway switch is obtained; when the switch of the net gate is monitored to be in an on state, the intelligent management system of the net gate equipment is operated; so as to confirm whether the network states of the two network gates are smooth or not and reduce the occupation of limited resources in idle time;
monitoring the synchronous condition of the production network database and the external network database by a database monitoring unit so as to prevent production loss caused by asynchronous databases; when the data of the databases of the two parties are not synchronous, the system sends out corresponding instructions through the intelligent regulation and control unit to synchronously update the databases;
judging a user side sending a data exchange request through a user authority monitoring unit, checking user authority and obtaining user information; according to the acquired user tag, historical operation data of the user on the gatekeeper system can be checked; and monitoring the configuration and log record of the gatekeeper system through a gatekeeper system monitoring unit to acquire historical operation data of the gatekeeper system.
S2: the method comprises the steps of monitoring transmission data of the network gate equipment through a data acquisition module, and collecting related data;
in step S2, the transmission monitoring unit monitors the transmission data of the gatekeeper device, and the data acquisition unit performs related data acquisition on the monitored transmission data to acquire a data set a of the current transmission data, where the a includes { a } 1 ,A 2 ,...,A n (wherein A) 1 ,A 2 ,...,A n Respectively representing the 1 st, 2 nd, n data items in the data set a of the currently transmitted data.
S3: analyzing the data acquired by the S1 and the S2 through an analysis and prediction module, and predicting output data at two ends of data exchange through the gateway equipment;
in step S3, the correlation analysis is performed on the data acquired in step S1 and step S2, and the process of predicting the output data specifically includes:
s3-1: the user information data and the historical operation data of the gatekeeper system obtained in the step S1 are arranged, and a transaction data set W corresponding to the user h is established h The W is h Include { w } 1 ,w 2 ,...,w m W, where 1 ,w 2 ,...,w m Data sets W respectively representing users h h In number 1, 2., m transactions, wherein,, a transaction represents a user to the gatekeeperHistorical usage data records of the system;
s3-2: for transactional data collection W h Mining to obtain a frequent item set L, wherein the L comprises { L } 1 ,L 2 ,...,L z }, wherein L 1 ,L 2 ,...,L z Represents the 1 st, 2 nd, z th frequent items in the frequent item set L, respectively;
the frequent item set in step S3-2 is obtained by constructing the FP-tree, and when constructing the FP-tree, the frequent item set is deleted to reduce the storage space and the calculation amount, and the specific steps include:
p1: scanning the transaction data set, customizing the minimum support degree of data items, and deleting items smaller than the minimum support degree;
wherein the support is the frequency of occurrence of the data item in the transaction dataset;
p2: ordering items in the data set after the first screening based on the support descending order;
p3: performing secondary scanning, and constructing a tree structure according to the ordering result of P2, wherein the root node is null;
p4: searching a conditional mode base from bottom to top from a leaf node of the tree, recursively calling the tree structure, and deleting items smaller than the minimum support degree;
p5: repeatedly executing P4 until the tree structure only contains a single path, and enumerating all path combinations to obtain a frequent item set;
s3-3: according to the frequent item set L about the user h obtained in the step S3-2, analyzing to obtain a corresponding association rule, wherein the specific steps comprise:
s3-3-1: computing the currently transmitted data set A i With other data sets B in frequent item set L q Support degree S (A) i B q ) Support degree S (A i B q ) =contain a i And B q The total number of aggregate records/aggregate record count; namely:
S(A i B q )=P(A i ∪B q );
wherein A is i ∈A,A i Any data set composed of any data item in the data set A representing the current transmission data; b (B) q ∈L,B q Any data set representing any data item composition within frequent item set L; p () represents a proportional operation on the data in brackets;
s3-3-2: computing the currently transmitted data set A i With other data sets B in frequent item set L q Confidence C (A) i B q ) Wherein the confidence level C (A i B q ) =contain a i And comprises B q Aggregate record count/include a i Is a collection record number of (a); namely:
C(A i B q )=P(B q |A i );
s3-3-3: setting association rule parameters according to the calculation results in the two steps S3-3-1 and S3-3-2, and establishing association rules between two data sets, namely minimum support degree S min And minimum confidence C min ;
S3-3-4: computing the currently transmitted data set A i With other data sets B in frequent item set L q Degree of elevation T (A) i B q ) Wherein the degree of elevation T (A i B q ) Transmission data a i With other data sets B in frequent item set L q Confidence/frequency of other data sets B in the frequent item set L q Is a support degree of (2); namely:
T(A i B q )=P(B q |A i )/P(B q );
obtaining a current transmission data set A by calculating the lifting degree i With other data sets B in frequent item set L q According to the correlation analysis result of (1), the operator sets the lifting degree threshold t in a self-defined way according to the actual condition, and when the lifting degree is higher than the lifting degree>At t, consider A i And B q Screening and adding the data item sets meeting the association requirement into the candidate area with the association;
s3-4: according to the association rule in S3-3, sorting the data item sets in the candidate region by a queue management unit, and sorting from high to low according to the lifting degree value of each data item set to obtain a queue D η Eta represents the set of data items in the queueNumber of; queue D η To transmit data set A according to the current i The predicted target data set in the database to be invoked by user h.
Wherein for queue D η The length of the queue can be set in a self-defined way;
s4: and managing the corresponding area of the network gate equipment through the data regulation and control module according to the prediction result. In step S4, according to the prediction result of step S3, the target queue D after the sorting processing is processed by the intelligent regulation and control unit η Outputting, namely inputting the queue into a data buffer area of a corresponding network for queuing preparation; so as to reduce the processing time from receiving the instruction to finishing the data transmission of the gateway equipment and improve the data transmission speed of the gateway equipment;
the actual output result of the prediction output is tracked through the data updating unit, the transaction data set W corresponding to each user is updated according to the actual output result, and the historical use data record of the user for the gatekeeper system is increased, so that the accuracy of the prediction is improved.
Embodiment one:
s1: monitoring the currently safe running gatekeeper equipment, monitoring real-time state data of the gatekeeper equipment through a data monitoring module, sorting the acquired user information data and historical running data of the gatekeeper system, and establishing a transaction data set W corresponding to a user h h ;
S2: the production network and the external network are monitored to carry out data transmission through the transmission monitoring unit, the monitored transmission data is subjected to related data acquisition through the data acquisition unit, a data set A of the current transmission data is acquired, and the A comprises { A } 1 ,A 2 ,...,A 7 I.e., seven transmission data are included in the current transmission data set a;
s3: the process of carrying out association analysis on the obtained current transmission data set and other data sets in the database and predicting output data specifically comprises the following steps:
s3-1: the user information data and the historical operating data of the gatekeeper system obtained in the step S1 are arranged,establishing a transaction data set W corresponding to a user h h The W is h Include { w } 1 ,w 2 ,...,w m W, where 1 ,w 2 ,...,w m Data sets W respectively representing users h h In 1, 2., m, wherein one transaction represents a historical usage data record of a user for the gatekeeper system;
s3-2: for transactional data collection W h Mining to obtain a frequent item set L, wherein the L comprises { L } 1 ,L 2 ,...,L 9 }, wherein L 1 ,L 2 ,...,L 9 Respectively representing the 1 st, 2 nd, 9 th frequent items in the frequent item set L;
s3-3: according to the frequent item set L about the user h obtained in the step S3-2, analyzing to obtain a corresponding association rule, wherein the specific steps comprise:
s3-3-1: computing the currently transmitted data set A i With other data sets B in frequent item set L q Support degree S (A) i B q ) Wherein A is i ∈A,A i Any data set composed of any data item in the data set A representing the current transmission data; b (B) q ∈L,B q Any data set representing any data item composition within frequent item set L; p () represents a proportional operation on the data in brackets;
support degree S (A) i B q ) =contain a i And B q The total number of aggregate records/aggregate record count;
for example, the current transmission data set A is calculated i With other data sets B in frequent item set L 6 Support degree S (A) i B 6 ):
S(A i B 6 )=P(A i ∪B 6 )=0.4;
S3-3-2: computing the currently transmitted data set A i With other data sets B in frequent item set L q Confidence C (A) i B q ) Wherein the confidence level C (A i B q ) =contain a i And comprises B q Aggregate record count/include a i Is a collection record number of (a);
for example, the current transmission data set A is calculated i With other data sets B in frequent item set L 6 Confidence C (A) i B 6 ):
C(A i B 6 )=P(B 6 |A i )=0.7;
S3-3-3: setting association rule parameters, namely minimum support degree S, according to calculation results in the two steps S3-3-1 and S3-3-2 min And minimum confidence C min The method comprises the steps of carrying out a first treatment on the surface of the E.g. minimum support S min =0.3; minimum confidence C min =0.6;
S3-3-4: computing the currently transmitted data set A i With other data sets B in frequent item set L q Degree of elevation T (A) i B q ) Wherein the degree of elevation T (A i B q ) Transmission data a i With other data sets B in frequent item set L q Confidence/frequency of other data sets B in the frequent item set L q Is a support degree of (2); for example, the current transmission data set A is calculated i With other data sets B in frequent item set L 6 Degree of elevation T (A) i B 6 ):
T(A i B 6 )=P(B 6 |A i )/P(B 6 )=0.7/0.4=1.75;
Obtaining a current transmission data set A by calculating the lifting degree i With other data sets B in frequent item set L q According to the correlation analysis result of (1) and the actual, the operator sets the lifting degree threshold value to be 1.5 in a self-defining way, and the data set A is transmitted currently i With other data sets B in frequent item set L 6 Has a degree of elevation of 1.75>1.5, consider A i And B 6 Screening and adding the data item sets meeting the relevance requirement in the frequent item set L into the candidate area by analogy with relevance;
s3-4: according to the association rule in S3-3, sorting the data item sets in the candidate region by a queue management unit, and sorting from high to low according to the lifting degree value of each data item set to obtain a queue D η η represents the number of sets of data items in the queue; queue D η To transmit data set A according to the current i Predicting the target number in the database to be called by the user hA data set. Wherein for queue D η The length of the queue can be set in a self-defined way; setting the length of the queue to be 5, and reserving the first five target data in the queue so as to reduce the occupation of resources.
S4: according to the prediction result, the target queue D after sequencing is processed by the intelligent regulation and control unit 5 Outputting, namely inputting the queue into a data buffer area of a corresponding network for queuing preparation; so as to reduce the processing time from receiving the instruction to finishing the data transmission of the gateway equipment and improve the data transmission speed of the gateway equipment;
the actual output result of the prediction output is tracked through the data updating unit, the transaction data set W corresponding to each user is updated according to the actual output result, and the historical use data record of the user for the gatekeeper system is increased, so that the accuracy of the prediction is improved.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Finally, it should be noted that: the foregoing description is only a preferred embodiment of the present invention, and the present invention is not limited thereto, but it is to be understood that modifications and equivalents of some of the technical features described in the foregoing embodiments may be made by those skilled in the art, although the present invention has been described in detail with reference to the foregoing embodiments. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (6)
1. An intelligent management system of network gate equipment based on an industrial protocol is characterized in that: the system comprises: the system comprises a network gate equipment monitoring module, a data acquisition module, an analysis and prediction module, a data regulation and control module and a database;
the monitoring module of the network gate equipment is used for monitoring the real-time running state of the network gate equipment and obtaining the related data of the network gate state;
the data acquisition module is used for acquiring transmission data of the gateway equipment;
the analysis and prediction module is used for analyzing the acquired transmission data, performing relevance analysis on other data in the database according to the current transmission data, and predicting output data in the database through a big data technology;
the data regulation and control module is used for intelligently managing related data in the database according to analysis and prediction results, sequencing the queues according to the association degree and carrying out reading buffering in advance;
the database comprises a production network database and an external network database;
the gateway equipment monitoring module comprises a gateway switch monitoring unit, a database monitoring unit, a user authority monitoring unit and a gateway system monitoring unit;
the grid switch monitoring unit is used for monitoring the grid interface and the isolation switch; the database monitoring unit is used for monitoring the production network database and the external network database; the user authority monitoring unit is used for carrying out authentication detection on a user sending out a data exchange request and judging the user authority; the gateway system monitoring unit is used for monitoring the gateway system and comprises a system log and system configuration;
the data acquisition module comprises a transmission monitoring unit and a data acquisition unit;
the transmission monitoring unit is used for monitoring real-time data transmitted through the network gate;
the data acquisition unit is used for acquiring the monitored related data of the transmission data; the analysis and prediction module comprises a data analysis unit and a data prediction unit;
the data analysis unit is used for carrying out relevance analysis on other data in the database according to the related data acquired by the data acquisition unit; the data prediction unit is used for carrying out output prediction on other data in the database according to the correlation analysis result of the data analysis unit.
2. The intelligent management system for a gatekeeper device based on an industrial protocol according to claim 1, wherein: the data regulation and control module comprises an intelligent regulation and control unit, a queue management unit and a data updating unit;
the intelligent regulation and control unit is used for controlling the network gate equipment according to the feedback results of the data monitoring module and the analysis and prediction module;
the queue management unit is used for sequencing predicted output data according to the prediction result of the data prediction unit;
the data updating unit is used for tracking the actual output result of the prediction output and updating the related data in the analysis prediction module according to the actual output result.
3. An intelligent management method for a gatekeeper device based on an industrial protocol is characterized by comprising the following steps: the method comprises the following steps:
s1: acquiring real-time state data of the gatekeeper equipment through a data monitoring module;
s2: the method comprises the steps of monitoring transmission data of the network gate equipment through a data acquisition module, and collecting related data;
s3: analyzing the data acquired by the S1 and the S2 through an analysis and prediction module, and predicting output data at two ends of data exchange through the gateway equipment;
s4: according to the prediction result, managing the corresponding area of the network gate equipment through a data regulation and control module;
in step S3, the correlation analysis is performed on the data acquired in step S1 and step S2, and the process of predicting the output data specifically includes:
s3-1: the user information data and the historical operation data of the gatekeeper system obtained in the step S1 are arranged, and a transaction data set W corresponding to the user h is established h The W is h Include { w } 1 ,w 2 ,...,w m W, where 1 ,w 2 ,...,w m Data sets W respectively representing users h h In 1, 2., m, wherein one transaction represents a historical usage data record of a user for the gatekeeper system;
s3-2: for transactional data collection W h Mining to obtain a frequent item set L, wherein the L comprises { L } 1 ,L 2 ,...,L z }, wherein L 1 ,L 2 ,...,L z Represents the 1 st, 2 nd, z th frequent items in the frequent item set L, respectively;
s3-3: according to the frequent item set L about the user h obtained in the step S3-2, analyzing to obtain a corresponding association rule, wherein the specific steps comprise:
s3-3-1: the current transmission data set A is calculated according to the following formula i With other data sets B in frequent item set L q Support degree S (A) i B q ):
S(A i B q )=P(A i ∪B q );
Wherein A is i ∈A,A i Any data set composed of any data item in the data set A representing the current transmission data; b (B) q ∈L,B q Any data set representing any data item composition within frequent item set L; p () represents a proportional operation on the data in brackets;
s3-3-2: the current transmission data set A is calculated according to the following formula i With other data sets B in frequent item set L q Confidence C (A) i B q ):
C(A i B q )=P(B q |A i );
S3-3-3: setting association rule parameters, namely minimum support degree S, according to calculation results in the two steps S3-3-1 and S3-3-2 min And minimum confidence C min ;
S3-3-4: the current transmission data set A is calculated according to the following formula i With other data sets B in frequent item set L q Degree of elevation T (A) i B q ):
T(A i B q )=P(B q |A i )/P(B q );
Obtaining a current transmission data set A by calculating the lifting degree i With other data sets B in frequent item set L q According to the correlation analysis result of (1), the operator sets the lifting degree threshold t in a self-defined way according to the actual condition, and when the lifting degree is higher than the lifting degree>At t, consider A i And B q Screening and adding the data item sets meeting the association requirement into the candidate area with the association;
s3-4: according to the association rule in S3-3, sorting the data item sets in the candidate region by a queue management unit, and sorting from high to low according to the lifting degree value of each data item set to obtain a queue D η η represents the number of sets of data items in the queue; queue D η To transmit data set A according to the current i The predicted target data set in the database to be invoked by user h.
4. The intelligent management method for the gatekeeper device based on the industrial protocol according to claim 3, wherein: in step S1, the connection state of a gateway interface and an isolation switch is monitored by a gateway switch monitoring unit, and the actual state of the gateway switch is obtained; when the switch of the net gate is monitored to be in an on state, the intelligent management system of the net gate equipment is operated;
the synchronous condition of the production network database and the external network database is monitored through the database monitoring unit, and when the fact that the data of the databases of the two parties are not synchronous is monitored, the system sends out corresponding instructions through the intelligent regulation and control unit to update the databases synchronously;
judging a user side sending a data exchange request through a user authority monitoring unit, checking user authority and obtaining user information; and monitoring the configuration and log record of the gatekeeper system through a gatekeeper system monitoring unit to acquire historical operation data of the gatekeeper system.
5. The intelligent management method for the gatekeeper device based on the industrial protocol according to claim 3, wherein: in step S2, the transmission monitoring unit monitors the transmission data of the gateway equipment, and the data acquisition unit acquires the dataThe element performs related data acquisition on the monitored transmission data to acquire a data set A of the current transmission data, wherein the A comprises { A } 1 ,A 2 ,...,A n (wherein A) 1 ,A 2 ,...,A n Respectively representing the 1 st, 2 nd, n data items in the data set a of the currently transmitted data.
6. The intelligent management method for the gatekeeper device based on the industrial protocol according to claim 3, wherein: in step S4, according to the prediction result of step S3, the target queue D after the sorting processing is processed by the intelligent regulation and control unit η Outputting, namely inputting the queue into a data buffer area of a corresponding network for queuing preparation; the actual output result of the prediction output is tracked through the data updating unit, the transaction data set W corresponding to each user is updated according to the actual output result, and the historical use data record of the user for the gatekeeper system is increased.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310105860.0A CN115776415B (en) | 2023-02-13 | 2023-02-13 | Intelligent management system and method for gateway equipment based on industrial protocol |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310105860.0A CN115776415B (en) | 2023-02-13 | 2023-02-13 | Intelligent management system and method for gateway equipment based on industrial protocol |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115776415A CN115776415A (en) | 2023-03-10 |
| CN115776415B true CN115776415B (en) | 2023-04-25 |
Family
ID=85393724
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310105860.0A Active CN115776415B (en) | 2023-02-13 | 2023-02-13 | Intelligent management system and method for gateway equipment based on industrial protocol |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115776415B (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114640548A (en) * | 2022-05-18 | 2022-06-17 | 宁波市镇海区大数据投资发展有限公司 | Network security sensing and early warning method and system based on big data |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP6298302B2 (en) * | 2014-01-20 | 2018-03-20 | キヤノン株式会社 | Network device and data identification method |
| CN104270344B (en) * | 2014-09-12 | 2018-05-11 | 北京天行网安信息技术有限责任公司 | 10000000000 gateways |
| CN108055244B (en) * | 2017-11-27 | 2020-09-08 | 珠海市鸿瑞信息技术股份有限公司 | SRIO interface technology-based network security isolation method for dual-processing system |
| CN111614626B (en) * | 2020-04-26 | 2022-09-23 | 中广核风电有限公司 | Data acquisition system and data acquisition method |
| CN112152991A (en) * | 2020-07-20 | 2020-12-29 | 南京邮电大学 | Visual network brake system based on industrial control protocol |
| CN114710562B (en) * | 2022-03-31 | 2022-11-08 | 珠海市鸿瑞信息技术股份有限公司 | Big data-based equipment application log correlation analysis system and method |
-
2023
- 2023-02-13 CN CN202310105860.0A patent/CN115776415B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114640548A (en) * | 2022-05-18 | 2022-06-17 | 宁波市镇海区大数据投资发展有限公司 | Network security sensing and early warning method and system based on big data |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115776415A (en) | 2023-03-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12047396B2 (en) | System and method for monitoring security attack chains | |
| US8800037B2 (en) | System for an engine for forecasting cyber threats and method for forecasting cyber threats using the system | |
| US11606378B1 (en) | Lateral movement detection using a mixture of online anomaly scoring models | |
| CN109842628A (en) | A kind of anomaly detection method and device | |
| CN105556552A (en) | Fraud detection and analysis | |
| Ferscha et al. | Estimating rollback overhead for optimism control in Time Warp | |
| EP3850513A1 (en) | Malchain detection | |
| CN108924086A (en) | A kind of host information acquisition method based on TSM Security Agent | |
| US7698417B2 (en) | Optimized performance counter monitoring | |
| CN113225337A (en) | Multi-step attack alarm correlation method, system and storage medium | |
| CN115002025B (en) | Data security transmission method and system and cloud platform | |
| CN114363091B (en) | Method and system for realizing unified login of platform application based on APISIX | |
| CN115776415B (en) | Intelligent management system and method for gateway equipment based on industrial protocol | |
| Diao et al. | Generic on-line discovery of quantitative models for service level management | |
| CN113282920B (en) | Log abnormality detection method, device, computer equipment and storage medium | |
| JP6616045B2 (en) | Graph-based combination of heterogeneous alerts | |
| CN117762632B (en) | Calculation management method based on calculation operation system | |
| Ogino | Evaluation of machine learning method for intrusion detection system on Jubatus | |
| Marcus et al. | Securing mobile device-based machine interactions with user location histories | |
| US11973779B2 (en) | Detecting data exfiltration and compromised user accounts in a computing network | |
| CN115941295A (en) | Network behavior anomaly detection method and device | |
| CN102282824A (en) | A method, device and computer program product for service balancing in an electronic communications system | |
| Li et al. | Advances in APPFL: A Comprehensive and Extensible Federated Learning Framework | |
| Valerio et al. | Optimising cost vs accuracy of decentralised analytics in Fog computing environments | |
| RU2813469C1 (en) | Control system for security policy of elements of corporate communication network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |