CN-122001770-A - Industrial Internet asset detection and network topology generation method

Abstract

The invention relates to the field of industrial Internet network asset detection and network topology drawing, in particular to an industrial Internet network asset detection and network topology generation method, which comprises the steps of reading a three-layer equipment routing table, a forwarding table and an ARP table based on an SNMP protocol, and constructing the three-layer equipment network topology by route information; the method comprises the steps of reading a forwarding table and an ARP table of two layers of equipment based on an SNMP protocol, determining leaf nodes according to the quantity of port forwarding information, constructing a leaf node topology, constructing an uplink port forwarding set and a downlink port forwarding set of the equipment according to detected information, improving the network topology through matching of the uplink port forwarding information and the downlink port forwarding information, detecting specific network ports in a random mode by using TCP and UDP probes, and judging the industrial control protocol type or service type of the leaf equipment. The invention provides a high-efficiency accurate network topology construction and asset detection method, which can avoid the influence on the normal operation of equipment by simultaneously sending a large number of detection messages to a certain network equipment.

Inventors

• LIU JINYUAN
• ZHOU YUANXIN
• GE JIKE
• CHEN ZONGCHENG
• LIU YANG

Assignees

• 重庆科技大学
• 亚凡(重庆)科技股份有限公司
• 秀山土家族苗族自治县人民医院
• 刘金源

Dates

Publication Date

20260508

Application Date

20241107

Claims (5)

1. 1. An industrial internet asset detection and network topology generation method, comprising: Detecting network assets and constructing a network topology by using a layered idea, firstly detecting routing information of three layers of network equipment to construct a network topology of three layers of equipment, and then detecting two layers of network equipment to construct a network topology of two layers of equipment by forwarding information; Constructing a network topology of the intermediate equipment by uplink ports and downlink forwarding information; and constructing TCP and UDP data packets, detecting network equipment in a random mode, and judging the equipment industrial control protocol type or service type.
2. 2. The method for detecting and generating network topology according to claim 1, wherein the hierarchical detection topology and the topology constructed by the uplink port and the downlink forwarding information are combined to obtain a complete network topology.
3. 3. The method for detecting and generating network topology of industrial internet assets according to claim 1, wherein the upstream port of the device is determined by the detected forwarding information, and the downstream forwarding information set of the device is calculated to quickly construct the topology relationship between different devices.
4. 4. The method for detecting and generating network topology in accordance with claim 1, wherein leaf devices are discovered in layers, reducing the workload of subsequent detection.
5. 5. The method for detecting the industrial internet assets and generating the network topology according to claim 1, wherein a detection port set is constructed, object detection in the set is randomly selected, the influence on continuous detection of a certain device is reduced, and network performance and device performance are not interfered; and a plurality of UDP data packets are used for detection in sequence, so that the packet loss interference is eliminated, and the detection accuracy is improved.

Description

Industrial Internet asset detection and network topology generation method Technical Field The invention relates to the field of industrial Internet network asset detection and network topology drawing, in particular to an industrial Internet network asset detection and network topology generation method. Background With the wide use of industrial internet in the fields of production, etc., the complexity and scale of network systems are continuously expanding. These network systems include a large number of network switching devices, servers, controllers, and the like. However, as the scale of networks increases, how to effectively manage and monitor these network assets, and discover potential safety hazards and failure points in time, becomes a problem to be solved urgently. The manner in which network assets are manually probed and the topology mapped is not only inefficient, but is also prone to error. Especially in the face of large-scale, highly dynamic industrial internet, the manual method is very attractive. Specifically, industrial internet asset detection and topology generation face several challenges: first is asset diversity. Industrial internets include many types of devices and systems that vary in their communication protocols, data formats, and modes of operation, which add significant complexity to asset detection. And secondly, dynamic property. The device status and network topology of the industrial internet are often dynamically adjusted with changes in production requirements, and detection methods are required to be able to respond to these changes in real time. Thirdly, safety. The industrial internet is directly related to production safety, and any detection activity cannot cause interference to network operation or bring potential safety hazard. It is difficult to comprehensively detect different types of equipment in the industrial Internet by adopting a single mode, so that the accuracy and the integrity of detection results are insufficient, and management personnel are difficult to effectively master the overall condition of the network. Disclosure of Invention The invention provides an asset detection and network topology generation method oriented to the industrial Internet, which aims to accurately detect assets in a network and accurately generate asset topology relations. The invention provides an asset detection and network topology generation method oriented to the industrial Internet, which provides the following technical scheme: Setting an initial network node, and reading a routing table, a forwarding table and an ARP table of the three-layer network equipment by using SNMP. And acquiring all next hop addresses of the equipment by a routing table of the starting node, acquiring network equipment information and port forwarding information from a forwarding table and an ARP table, and respectively adding the acquired information into a routing queue, an equipment set and a forwarding set. Detecting the next hop address, obtaining a routing queue, a device set and a forwarding set of the device, and adding newly detected contents into the routing queue, the device set and the forwarding set. Repeating the previous step until all the next hop devices are read. And sequentially reading forwarding information of the devices in the routing queue, and generating a topological relation set and an uplink device set through next hop information. And determining leaf node equipment according to the port forwarding set, and generating a leaf node topological relation set. And reading forwarding tables and ARP tables of non-leaf devices and non-three-layer devices through SNMP, and updating the device set and the forwarding set. Repeating the previous step until all the devices are read. And traversing the newly added port forwarding information, determining leaf node equipment, and updating the leaf node topological relation set. And traversing the forwarding set to search forwarding information of non-leaf equipment and non-three-layer equipment, and determining an uplink port and a downlink forwarding set. For the equipment which does not generate the topological relation, the port forwarding information generates the topological relation. Updating the set of connected devices. Updating the leaf device set and constructing a port detection queue. And randomly taking out the detection rule from the port detection queue, detecting the opening and closing of the port, and judging the type of the equipment. Repeating the previous step until the detection is completed. Drawings For more visual description of the technical scheme of the application, the technical flow of the scheme is clearly shown, and the drawings involved in the technical scheme description are briefly introduced below. The drawings are only for illustrating a brief flow of the technical solution and are not intended to limit the present application. FIG. 1 is an example of a basic flow for implementing indus