TY  - EJOU
AU  - Wang, Yuhao 
AU  - Li, Yuying 
AU  - Sun, Yanbin 
AU  - Jiang, Yu 

TI  - Identifying Industrial Control Equipment Based on Rule Matching and Machine Learning
T2  - Computer Modeling in Engineering \& Sciences

PY  - 2023
VL  - 137
IS  - 1
SN  - 1526-1506

AB  - To identify industrial control equipment is often a key step in network mapping, categorizing network resources, and attack defense. For example, if vulnerable equipment or devices can be discovered in advance and the attack path can be cut off, security threats can be effectively avoided and the stable operation of the Internet can be ensured. The existing rule-matching method for equipment identification has limitations such as relying on experience and low scalability. This paper proposes an industrial control device identification method based on PCA-Adaboost, which integrates rule matching and machine learning. We first build a rule base from network data collection and then use single and multi-protocol rule-matching methods to identify the type of industrial control devices. Finally, we utilize PCA-Adaboost to identify unlabeled data. The experimental results show that the recognition rate of this method is better than that of the traditional Nmap device recognition method and the device recognition accuracy rate reaches 99%. The evaluation effect of the test data set is significantly enhanced.
KW  - Network mapping; network resource; industrial control equipment; identification

DO  - 10.32604/cmes.2023.026791