基于数字孪生的工业互联网安全检测与响应研究OA北大核心CSTPCD

Considering that traditional network security defense methods cannot meet the strict requirements of industrial Internet for reliability and stability,a method for anomaly detection and response in digital space was studied based on the idea of digital twins by collecting on-site data and using twin model security cognition.Firstly,four types of model-ing methods were summarized and integrated into the multi module digital twin(DT)architecture by analyzing the digi-tal twin modeling solutions.Secondly,the cognition of different twin models was transformed into a standard signal tem-poral logic(STL)specification set by introducing signal temporal logic technology,and anomaly detection was achieved by monitoring system behavior based on the specification set,by the reliability of detection results was increased.Fi-nally,anomaly localization was achieved through the analysis of violations of the STL specification set,and correspond-ing STL weak specifications were designed through the analysis of known device faults to achieve anomaly classifica-tion.Two aspects of response to anomalies were beneficial for helping the system restore normal operation.The case study demonstrates that the effectiveness of the proposed method in anomaly detection and response.Comparing the pro-posed method with the intrusion detection system based on deep learning,the experimental results show that the detec-tion rate of the proposed method increases by 25%～40.9%in detecting anomalies.