Invention Grant
- Patent Title: Anomaly detection to implement security protection of a control system
- Patent Title (中): 异常检测实现控制系统的安全保护
-
Application No.: US13365594Application Date: 2012-02-03
-
Publication No.: US08726085B2Publication Date: 2014-05-13
- Inventor: Kazuhito Akiyama , Akira Ohkado , Yukihiko Sohda , Masami Tada , Tadashi Tsumura
- Applicant: Kazuhito Akiyama , Akira Ohkado , Yukihiko Sohda , Masami Tada , Tadashi Tsumura
- Applicant Address: US NY Armonk
- Assignee: International Business Machines Corporation
- Current Assignee: International Business Machines Corporation
- Current Assignee Address: US NY Armonk
- Agent Francis Lammes; Stephen J. Walder, Jr.; Jeffrey S. LaBaw
- Priority: JP2011-028341 20110214
- Main IPC: G06F11/00
- IPC: G06F11/00
Abstract:
An anomaly detection mechanism is provided that detects an anomaly in a control network, and includes an identifying unit to receive event information on an event that occurs, and to identify a group including a resource related to the event information by referring to a configuration management database for retaining dependence relationships between processes and resources including a control system; a policy storing unit to store one or more policies each of which associates one or more actions with a condition defining a situation suspected to have an anomaly; an adding unit to acquire group-related information needed for application to the one or more policies, and to add the acquired information to the event information; and a determining unit to apply the event information to the one or more policies and to determine the one or more actions associated with the matched condition as one or more actions to be taken.
Public/Granted literature
- US20120210158A1 Anomaly Detection to Implement Security Protection of a Control System Public/Granted day:2012-08-16
Information query
