In recent years,attacks on industrial networks have become more frequent,and the importance of industrial network security research is increasing.The focus of industrial network security is on industrial protocols.The core of industrial protocol research is to analyze a wide variety of protocols and obtain a large number of parameters generated during industrial production.In order to analyze the commonly used common protocols and private protocols with protocol format documents,this paper designs and implements the IPAS(Industrial Protocol Analysis System).This article first introduces the relevant background,development status and safety overview of industrial systems,and briefly introduces and classifies industrial protocols.Next,this paper studies and analyzes related software products at home and abroad,and analyzes the application prospects of IPAS.Secondly,it introduces the intrusion detection engine Suricata,which is responsible for the detection,analysis and output of network messages.It lists the system development environment and related web development technologies to prepare for the specific implementation.In addition,this article conducted a demand analysis for IPAS.Aiming at the goal of system design,the system users,functional requirements and non-functional requirements are analyzed.The overall design of the system,the overall architecture of the system,the system function modules are divided into protocol analysis module and data management module,and the system database,interface display and background interface are designed.In the end,this paper made detailed design and implementation of each functional module.Different configurations are made for the technical environment of different modules of the system,and the Suricata environment and SSM framework are respectively configured.After completing the system development work,functional tests were carried out for each module.The test results show that the system can parse common industrial protocols and have data maintenance capabilities. |