US 12,259,717 B2
Industrial control system device classification
Brian Michael Kelley, Livermore, CA (US); Indrasis Chakraborty, Lafayette, CA (US); Brian James Gallagher, Livermore, CA (US); and Daniel Matthew Merl, Livermore, CA (US)
Assigned to LAWRENCE LIVERMORE NATIONAL SECURITY, LLC, Livermore, CA (US)
Filed by Lawrence Livermore National Security, LLC, Livermore, CA (US)
Filed on Jul. 8, 2022, as Appl. No. 17/860,852.
Claims priority of provisional application 63/219,591, filed on Jul. 8, 2021.
Prior Publication US 2023/0028553 A1, Jan. 26, 2023
Int. Cl. G05B 19/418 (2006.01); G06N 3/045 (2023.01)
CPC G05B 19/4185 (2013.01) [G06N 3/045 (2023.01)] 20 Claims
OG exemplary drawing
 
1. A method performed by one or more computing systems, the method comprising:
capturing, by the one or more computing systems, a communication transmitted by a host device coupled to an industrial control system (ICS), the communication transmitted according to an ICS communication protocol that specifies a packet structure including a plurality of fields;
extracting, by the one or more computing systems, a set of values from one or more corresponding fields in the captured communication; and
generating, by the one or more computer systems, a latent vector at a hidden layer in a neural network by applying values of a first set of fields within the communication to an input layer of the neural network and applying values of a second set of fields within the communication to an output layer of the neural network.