首页>
外国专利>
INTRUSION DETECTION VIA SEMANTIC FUZZING AND MESSAGE PROVENANCE
INTRUSION DETECTION VIA SEMANTIC FUZZING AND MESSAGE PROVENANCE
展开▼
机译:通过语义模糊和消息来源进行入侵检测
展开▼
页面导航
摘要
著录项
相似文献
摘要
Intrusion detection systems and methods monitor legal control messages in an operational control system to detect subtly malicious sequences of control messages with undesirable emergent effects on devices in the operational control system. A message provenance component may investigate system-level correlations between messages rather than detecting if individual messages are anomalous. A semantic fuzzing component may search, based on the operational effect of candidate message sequences, the space of legal messages for sequences that cause actual harm. Behavior oracles may be used to test message sequences to identify sequences that induce drift towards a failure state. The intrusion detection system is able to prevent harm and disruption arising from control messages that individually appear legitimate and benign but that, in combination with other messages, can cause undesirable outcomes.
展开▼