20250173433. Anomal (New H3C Security Technologies ., .)
ANOMALY DETECTION METHOD AND ELECTRONIC DEVICE
Abstract: provided are an anomaly detection method and electronic device, applied to a network security device. an instruction parsing process is performed on industrial network traffic generated by executing a configured production procedure in an ot network, to obtain control instructions sequentially issued by each industrial device to perform a corresponding abstract-behavior-switching during executing the production procedure. a target control instruction set constituted for each industrial device based on obtained control instructions is matched with a pre-established control instruction feature library. the control instruction feature library includes control instruction feature sets constituted by control instructions issued by each industrial device for various abstract-behavior-switching. if the matching succeeds, it is determined that no anomaly exists in the abstract-behavior-switching performed by the industrial device during executing the production procedure. if the matching fails, it is determined that there is anomaly in the abstract-behavior-switching performed by the industrial device during executing the production procedure.
Inventor(s): Jian WANG, Zhiqiang FU, Qiyong WANG, Songer SUN
CPC Classification: G06F21/554 ({involving event detection and direct action})
Search for rejections for patent application number 20250173433