ANOMALY DETECTION SYSTEM USING DISTRUBUTED STORAGE OF TRAFFIC OF POWER PLANT CONTRL NETWROK ASSETS

摘要

An anomaly detection system using distributed storage of traffic of power plant control network assets is disclosed. a power plant control network asset traffic collection module that collects real-time traffic data between power plant control network assets performing network communication within the power plant control network; A traffic analysis module for real-time analysis of traffic data collected in real-time by the power plant control network asset traffic collection module is configured. According to the above-described anomaly detection system using distributed storage of the traffic of the power plant control network asset, the traffic data in the power plant control network is collected and analyzed by network port mirroring, so that the traffic in the power plant control network can be collected and analyzed without an agent. there is an effect In addition, by giving the UD code of each power plant control network asset, storing it in multiple distributed databases, and preparing each distributed database in real time, an intruder in the power plant directly accesses a specific distributed database to infect malicious code or data. It has the effect of being able to detect changes in real-time.