|Table of Contents|

Intrusion detection algorithm for industrial control networksbased on auto-encoder and extreme learning machine(PDF)

《南京理工大学学报》(自然科学版)[ISSN:1005-9830/CN:32-1397/N]

Issue:
2019年04期
Page:
408-413
Research Field:
Publishing date:

Info

Title:
Intrusion detection algorithm for industrial control networksbased on auto-encoder and extreme learning machine
Author(s):
Li YiLi Yongzhong
School of Computer,Jiangsu University of Science and Technology,Zhenjiang 212003,China
Keywords:
industrial control network intrusion detection auto-encoder extreme learning machine
PACS:
TP309
DOI:
10.14177/j.cnki.32-1397n.2019.43.04.005
Abstract:
Aiming at the problem that the existing unknown industrial control network attack detection method is in the initial stage and the low-layer selection feature classification leads to low detection accuracy,a sparse auto-encoder-extreme learning machine intrusion detection model is proposed. The proposed algorithm uses the deep learning auto-encoder to combine the penalty parameter and reconstruction error of the encode layer to extract the features of high-dimensional data during the training stage,and then uses the extreme learning machine to quickly and effectively classify the extracted features. The accuracy of the algorithm is verified by the industrial control intrusion detection standard data set. Comparing with different types of intrusion detection methods,the experiment verify that the method can effectively improve the performance of the intrusion detection system and reduce the false alarm rate. It meets the requirements of“high accuracy and low false positive rate”for industrial control intrusion detection.

References:

[1] 陶耀东,李宁,曾广圣. 工业控制系统安全综述[J]. 计算机工程与应用,2016,52(13):8-18.
Tao Yaodong,Li Ning,Zeng Guangsheng. Review of industrial control systems security[J]. Computer Engineering and Applications,2016,52(13):8-18.
[2]尚文利,安攀峰,万明,等. 工业控制系统入侵检测技术的研究及发展综述[J]. 计算机应用研究,2017,34(2):328-333,342.
Shang Wenli,An Panfeng,Wan Ming,et al. Research and development overview of intrusion detection technology in industrial control system[J]. Application Research of Computers,2017,34(2):328-333,342.
[3]尚文利,张盛山,万明,等. 基于PSO-SVM的Modbus TCP通讯的异常检测方法[J]. 电子学报,2014,42(11):2314-2320.
Shang Wenli,Zhang Shengshan,Wan Ming,et al. Modbus/TCP communication anomaly detection algorithm based on PSO-SVM[J]. Acta Electronica Sinica,2014,42(11):2314-2320.
[4]陈庄,黄勇,邹航. 基于离群点挖掘的工业控制系统异常检测[J]. 计算机科学,2014,41(5):178-181,203.
Chen Zhuang,Huang Yong,Zou Hang. Anomaly detection of industrial control system based on outlier mining[J]. Computer Science,2014,41(5):178-181,203.
[5]Beaver J M,Borges-Hink R C,Buckner M A. An evaluation of machine learning methods to detect malicious SCADA communications[C]//Proceedings of the 2013 12th International Conference on Machine Learning and Applications-Volume 02. New York,USA:IEEE,2013.
[6]张云贵,赵华,王丽娜. 基于工业控制模型的非参数CUSUM入侵检测方法[J]. 东南大学学报(自然科学版),2012,42(S1):55-59.
Zhang Yungui,Zhao Hua,Wang Lina. A non-parametric CUSUM intrusion detection method based on industrial control model[J]. Journal of Southeast University,2012,42(S1):55-59.
[7]高春梅. 基于工业控制网络的流量异常检测[D]. 北京:北京工业大学,2014.
[8]Hinton G E,Osindero S,Teh Y W. A fast learning algorithm for deep belief nets[J]. Neural Computation,2006,18(7):1527-1554.
[9]孙康,李千目,李德强. 基于级联卷积神经网络的人脸检测算法[J]. 南京理工大学学报,2018,42(1):40-47.
Sun Kang,Li Qianmu,Li Deqiang. Face detection algorithm based on cascaded convolutional neural network[J]. Journal of Nanjing University of Science and Technology. 2018,42(1):40-47.
[10]徐萍,吴超,胡峰俊,等. 基于迁移学习的个性化循环神经网络语言模型[J]. 南京理工大学学报,2018,42(4):401-408.
Xu Ping,Wu Chao,Hu Fengjun,et al. Personalized recurrent neural network language model based on transfer learning[J]. Journal of Nanjing University of Science and Technology,2018,42(1):40-47.
[11]Hinton G E,Salakhutdinov R. Reducing the dimensionality of data with neural networks[J]. Science,2006(313):504-507.
[12]袁非牛,章琳,史劲亭,等. 自编码神经网络理论及应用综述[J]. 计算机学报,2019,42(1):203-230.
Yuan Feiniu,Zhang Lin,Shi Jinting,et al. Theories and applications of auto-encoder neural networks:a literature survey[J]. Chinese Journal of Computers,2019,42(1):203-230.
[13]王声柱,李永忠. 基于深度学习和半监督学习的入侵检测算法[J]. 信息技术,2017(1):101-104,108.
Wang Shengzhu,Li Yongzhong. Intrusion detection algorithm based on deep learning and semi-supervised learning[J]. Information Technology,2017(1):101-104,108.
[14]Huang G B,Zhu Q Y,Siew C K. Extreme learning machine:Theory and applications[J]. Neu-rocomputing,2006,70(1-3):489-501.
[15]Morris T,Gao W. Industrial control system traffic data sets for intrusion detection research[C]//International Conference on Critical Infrastructure Protection. Berlin,Germany:Springer,2014.
[16]谢中华. Matlab统计分析与应用:40个案例分析[M]. 北京:北京航空航天大学出版社,2010.
[17]安琪. 基于深度置信网络的入侵检测研究[D]. 兰州:兰州大学,2016.
[18]于海宁. 基于MLP和Elman混合神经网络的入侵检测系统[D]. 哈尔滨:哈尔滨工业大学,2008.
[19]王华忠,杨智慧,颜秉勇,等. 融合PCA和PSO-SVM方法在工控入侵检测中的应用[J]. 科技通报,2017,33(1):80-85.
Wang Huazhong,Yang Zhihui,Yan Bingyong,et al. Application of fusion PCA and PSO-SVM method in industrial control intrusion detection[J]. Bulletin of Science and Technology,2017,33(1):80-85.

Memo

Memo:
-
Last Update: 2019-09-30