基于大模型技术的商烟物流工控安全优化研究
网络安全与数据治理
廖东阳,周建钧,周翔明
湖南省烟草公司永州市公司
摘要: 针对商烟物流中心传统工控安全防护体系误报率高、策略僵化、运维不足及缺乏闭环等问题,以该中心工控系统为研究对象,融合大模型技术构建“感知-分析-决策-响应-优化”五层闭环防护体系,集成多源数据融合分析、智能策略动态配置等核心技术,设计四大功能模块。研究结果显示,优化后体系误报率降至48%,异常识别准确率达962%,安全事件响应时间缩短75%,业务中断时长与运维工作量显著减少,可有效抵御各类常见工控安全攻击。该体系适配商烟物流业务特性,具备可复制扩展性,为烟草行业工控安全防护升级提供切实可行的实践模板。
中图分类号:TP3092文献标志码:ADOI:10.19358/j.issn.2097-1788.2026.05.003
中文引用格式:廖东阳,周建钧,周翔明. 基于大模型技术的商烟物流工控安全优化研究[J].网络安全与数据治理,2026,45(5):18-23.
英文引用格式:Liao Dongyang,Zhou Jianjun,Zhou Xiangming. Research on industrial control security optimization of commercial tobacco logistics based on large model technology[J].Cyber Security and Data Governance,2026,45(5):18-23.
Research on industrial control security optimization of commercial tobacco logistics based on large model technology
Liao Dongyang,Zhou Jianjun,Zhou Xiangming
Hunan Tobacco Company Yongzhou Company
Abstract: Aiming at the problems of high false alarm rate, rigid strategy, insufficient operation and maintenance, and lack of closed-loop in the traditional industrial control security protection system of the commercial tobacco logistics center, this article takes the industrial control system of the center as the research object, integrates large language model technology to construct a five layer closed-loop protection system of "perception-analysis-decision-response-optimization", integrates core technologies such as multi-source data fusion analysis and intelligent strategy dynamic configuration, and designs four functional modules. The research results show that after optimization, the false alarm rate of the system has been reduced to 4.8%, the accuracy of anomaly recognition has reached 96.2%, the response time to security incidents has been shortened by 75%, the duration of business interruption and the workload of operation and maintenance have been significantly reduced, which can effectively resist various common industrial control security attacks. The system is adapted to the characteristics of commercial tobacco logistics business, has replicability and scalability, and provides a practical template for upgrading the industrial control security protection in the tobacco industry.
Key words : large language model; commercial tobacco logistics center; industrial control security; closed-loop protection system; multi-source data fusion; intelligent strategy configuration
引言
烟草行业作为国民经济支柱产业,商烟物流中心经自动化、智能化转型后关键业务效率显著提升,但工控系统与外部网络边界模糊,安全事件逐年增多[1]。传统防护体系难以应对复杂攻击与动态业务[2],而大模型凭借多源数据处理、自主学习等优势,可精准识别未知威胁。本文将大模型与工控安全深度融合,构建“感知-分析-决策-响应-优化”闭环防护体系,破解传统防护缺陷,为行业防护升级提供支撑。
国外工控安全研究起步较早,已形成较为成熟的技术体系与标准规范,但早期基于传统机器学习的方法对未知攻击识别率不足70%[3-4]。国内烟草行业高度重视工控安全,国家烟草专卖局“十四五”信息化规划明确要求构建全方位保障体系,但当前研究主要聚焦硬件防护与传统算法优化,存在防护逻辑固化、缺乏适配商烟物流特性的整体体系等短板[5-6]。
目前,大模型在工控安全中的应用呈单点突破、体系化不足等特征,未形成全生命周期防护方案[7-8],且未适配商烟物流中心业务及工控特性,无法破解传统防护核心问题。
本文构建大模型融合的智能闭环防护体系,旨在降低安全事件误报率、优化安全策略、降低运维门槛,同时丰富行业理论体系、提供技术参考,为烟草行业工控安全升级提供可复制的实践模板。
本文详细内容请下载:
https://www.chinaaet.com/resource/share/2000007087
作者信息:
廖东阳,周建钧,周翔明
(湖南省烟草公司永州市公司,湖南永州425000)
